Class: Aws::SecurityLake::Types::CreateCustomLogSourceRequest

Inherits:

Struct

• Object
• Struct
• Aws::SecurityLake::Types::CreateCustomLogSourceRequest

Defined in:

gems/aws-sdk-securitylake/lib/aws-sdk-securitylake/types.rb

Overview

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #configuration ⇒ Types::CustomLogSourceConfiguration

  The configuration used for the third-party custom source.

• #event_classes ⇒ Array<String>

  The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake.

• #source_name ⇒ String

  Specify the name for a third-party custom source.

• #source_version ⇒ String

  Specify the source version for the third-party custom source, to limit log collection to a specific version of custom data source.

Instance Attribute Details

#configuration ⇒ Types::CustomLogSourceConfiguration

The configuration used for the third-party custom source.

Returns:

• (Types::CustomLogSourceConfiguration)

# File 'gems/aws-sdk-securitylake/lib/aws-sdk-securitylake/types.rb', line 264

class CreateCustomLogSourceRequest < Struct.new(
  :configuration,
  :event_classes,
  :source_name,
  :source_version)
  SENSITIVE = []
  include Aws::Structure
end

#event_classes ⇒ Array<String>

The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake. The supported event classes are:

• ACCESS_ACTIVITY

• FILE_ACTIVITY

• KERNEL_ACTIVITY

• KERNEL_EXTENSION

• MEMORY_ACTIVITY

• MODULE_ACTIVITY

• PROCESS_ACTIVITY

• REGISTRY_KEY_ACTIVITY

• REGISTRY_VALUE_ACTIVITY

• RESOURCE_ACTIVITY

• SCHEDULED_JOB_ACTIVITY

• SECURITY_FINDING

• ACCOUNT_CHANGE

• AUTHENTICATION

• AUTHORIZATION

• ENTITY_MANAGEMENT_AUDIT

• DHCP_ACTIVITY

• NETWORK_ACTIVITY

• DNS_ACTIVITY

• FTP_ACTIVITY

• HTTP_ACTIVITY

• RDP_ACTIVITY

• SMB_ACTIVITY

• SSH_ACTIVITY

• CONFIG_STATE

• INVENTORY_INFO

• EMAIL_ACTIVITY

• API_ACTIVITY

• CLOUD_API

Returns:

• (Array<String>)

# File 'gems/aws-sdk-securitylake/lib/aws-sdk-securitylake/types.rb', line 264

class CreateCustomLogSourceRequest < Struct.new(
  :configuration,
  :event_classes,
  :source_name,
  :source_version)
  SENSITIVE = []
  include Aws::Structure
end

#source_name ⇒ String

Specify the name for a third-party custom source. This must be a Regionally unique value. The sourceName you enter here, is used in the LogProviderRole name which follows the convention AmazonSecurityLake-Provider-{name of the custom source}-{region}. You must use a CustomLogSource name that is shorter than or equal to 20 characters. This ensures that the LogProviderRole name is below the 64 character limit.

Returns:

• (String)

# File 'gems/aws-sdk-securitylake/lib/aws-sdk-securitylake/types.rb', line 264

class CreateCustomLogSourceRequest < Struct.new(
  :configuration,
  :event_classes,
  :source_name,
  :source_version)
  SENSITIVE = []
  include Aws::Structure
end

#source_version ⇒ String

Specify the source version for the third-party custom source, to limit log collection to a specific version of custom data source.

Returns:

• (String)

# File 'gems/aws-sdk-securitylake/lib/aws-sdk-securitylake/types.rb', line 264

class CreateCustomLogSourceRequest < Struct.new(
  :configuration,
  :event_classes,
  :source_name,
  :source_version)
  SENSITIVE = []
  include Aws::Structure
end