Docs Home
Sumo Logic v0.23.7 published on Thursday, Oct 24, 2024 by Pulumi
sumologic.LogSearch
Explore with Pulumi AI
Provides a Sumologic Log Search.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as sumologic from "@pulumi/sumologic";
const personalFolder = sumologic.getPersonalFolder({});
const exampleLogSearch = new sumologic.LogSearch("example_log_search", {
name: "Demo Search",
description: "Demo search description",
parentId: personalFolder.then(personalFolder => personalFolder.id),
queryString: ` _sourceCategory=api
| parse "parameter1=*," as parameter1
| parse "parameter2=*," as parameter2
| where parameter1 matches {{param1}}
| where parameter2 matches {{param2}}
| count by _sourceHost
`,
parsingMode: "AutoParse",
runByReceiptTime: true,
timeRange: {
beginBoundedTimeRange: {
from: {
relativeTimeRange: {
relativeTime: "-30m",
},
},
},
},
queryParameters: [
{
name: "param1",
description: "Description for param1",
dataType: "STRING",
value: "*",
},
{
name: "param2",
description: "Description for param2",
dataType: "STRING",
value: "*",
},
],
schedule: {
cronExpression: "0 0 * * * ? *",
muteErrorEmails: false,
notification: {
emailSearchNotification: {
includeCsvAttachment: false,
includeHistogram: false,
includeQuery: true,
includeResultSet: true,
subjectTemplate: "Search Alert: {{TriggerCondition}} found for {{SearchName}}",
toLists: ["will@acme.com"],
},
},
parseableTimeRange: {
beginBoundedTimeRange: {
from: {
relativeTimeRange: {
relativeTime: "-15m",
},
},
},
},
scheduleType: "1Week",
threshold: {
count: 10,
operator: "gt",
thresholdType: "group",
},
timeZone: "America/Los_Angeles",
parameters: [
{
name: "param1",
value: "*",
},
{
name: "param2",
value: "*",
},
],
},
});
import pulumi
import pulumi_sumologic as sumologic
personal_folder = sumologic.get_personal_folder()
example_log_search = sumologic.LogSearch("example_log_search",
name="Demo Search",
description="Demo search description",
parent_id=personal_folder.id,
query_string=""" _sourceCategory=api
| parse "parameter1=*," as parameter1
| parse "parameter2=*," as parameter2
| where parameter1 matches {{param1}}
| where parameter2 matches {{param2}}
| count by _sourceHost
""",
parsing_mode="AutoParse",
run_by_receipt_time=True,
time_range={
"begin_bounded_time_range": {
"from_": {
"relative_time_range": {
"relative_time": "-30m",
},
},
},
},
query_parameters=[
{
"name": "param1",
"description": "Description for param1",
"data_type": "STRING",
"value": "*",
},
{
"name": "param2",
"description": "Description for param2",
"data_type": "STRING",
"value": "*",
},
],
schedule={
"cron_expression": "0 0 * * * ? *",
"mute_error_emails": False,
"notification": {
"email_search_notification": {
"include_csv_attachment": False,
"include_histogram": False,
"include_query": True,
"include_result_set": True,
"subject_template": "Search Alert: {{TriggerCondition}} found for {{SearchName}}",
"to_lists": ["will@acme.com"],
},
},
"parseable_time_range": {
"begin_bounded_time_range": {
"from_": {
"relative_time_range": {
"relative_time": "-15m",
},
},
},
},
"schedule_type": "1Week",
"threshold": {
"count": 10,
"operator": "gt",
"threshold_type": "group",
},
"time_zone": "America/Los_Angeles",
"parameters": [
{
"name": "param1",
"value": "*",
},
{
"name": "param2",
"value": "*",
},
],
})
package main
import (
"github.com/pulumi/pulumi-sumologic/sdk/go/sumologic"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
personalFolder, err := sumologic.GetPersonalFolder(ctx, &sumologic.GetPersonalFolderArgs{}, nil)
if err != nil {
return err
}
_, err = sumologic.NewLogSearch(ctx, "example_log_search", &sumologic.LogSearchArgs{
Name: pulumi.String("Demo Search"),
Description: pulumi.String("Demo search description"),
ParentId: pulumi.String(personalFolder.Id),
QueryString: pulumi.String(` _sourceCategory=api
| parse "parameter1=*," as parameter1
| parse "parameter2=*," as parameter2
| where parameter1 matches {{param1}}
| where parameter2 matches {{param2}}
| count by _sourceHost
`),
ParsingMode: pulumi.String("AutoParse"),
RunByReceiptTime: pulumi.Bool(true),
TimeRange: &sumologic.LogSearchTimeRangeArgs{
BeginBoundedTimeRange: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeArgs{
From: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeFromArgs{
RelativeTimeRange: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs{
RelativeTime: pulumi.String("-30m"),
},
},
},
},
QueryParameters: sumologic.LogSearchQueryParameterArray{
&sumologic.LogSearchQueryParameterArgs{
Name: pulumi.String("param1"),
Description: pulumi.String("Description for param1"),
DataType: pulumi.String("STRING"),
Value: pulumi.String("*"),
},
&sumologic.LogSearchQueryParameterArgs{
Name: pulumi.String("param2"),
Description: pulumi.String("Description for param2"),
DataType: pulumi.String("STRING"),
Value: pulumi.String("*"),
},
},
Schedule: &sumologic.LogSearchScheduleArgs{
CronExpression: pulumi.String("0 0 * * * ? *"),
MuteErrorEmails: pulumi.Bool(false),
Notification: &sumologic.LogSearchScheduleNotificationArgs{
EmailSearchNotification: &sumologic.LogSearchScheduleNotificationEmailSearchNotificationArgs{
IncludeCsvAttachment: pulumi.Bool(false),
IncludeHistogram: pulumi.Bool(false),
IncludeQuery: pulumi.Bool(true),
IncludeResultSet: pulumi.Bool(true),
SubjectTemplate: pulumi.String("Search Alert: {{TriggerCondition}} found for {{SearchName}}"),
ToLists: pulumi.StringArray{
pulumi.String("will@acme.com"),
},
},
},
ParseableTimeRange: &sumologic.LogSearchScheduleParseableTimeRangeArgs{
BeginBoundedTimeRange: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeArgs{
From: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromArgs{
RelativeTimeRange: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs{
RelativeTime: pulumi.String("-15m"),
},
},
},
},
ScheduleType: pulumi.String("1Week"),
Threshold: &sumologic.LogSearchScheduleThresholdArgs{
Count: pulumi.Int(10),
Operator: pulumi.String("gt"),
ThresholdType: pulumi.String("group"),
},
TimeZone: pulumi.String("America/Los_Angeles"),
Parameters: sumologic.LogSearchScheduleParameterArray{
&sumologic.LogSearchScheduleParameterArgs{
Name: pulumi.String("param1"),
Value: pulumi.String("*"),
},
&sumologic.LogSearchScheduleParameterArgs{
Name: pulumi.String("param2"),
Value: pulumi.String("*"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using SumoLogic = Pulumi.SumoLogic;
return await Deployment.RunAsync(() =>
{
var personalFolder = SumoLogic.GetPersonalFolder.Invoke();
var exampleLogSearch = new SumoLogic.LogSearch("example_log_search", new()
{
Name = "Demo Search",
Description = "Demo search description",
ParentId = personalFolder.Apply(getPersonalFolderResult => getPersonalFolderResult.Id),
QueryString = @" _sourceCategory=api
| parse ""parameter1=*,"" as parameter1
| parse ""parameter2=*,"" as parameter2
| where parameter1 matches {{param1}}
| where parameter2 matches {{param2}}
| count by _sourceHost
",
ParsingMode = "AutoParse",
RunByReceiptTime = true,
TimeRange = new SumoLogic.Inputs.LogSearchTimeRangeArgs
{
BeginBoundedTimeRange = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeArgs
{
From = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeFromArgs
{
RelativeTimeRange = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs
{
RelativeTime = "-30m",
},
},
},
},
QueryParameters = new[]
{
new SumoLogic.Inputs.LogSearchQueryParameterArgs
{
Name = "param1",
Description = "Description for param1",
DataType = "STRING",
Value = "*",
},
new SumoLogic.Inputs.LogSearchQueryParameterArgs
{
Name = "param2",
Description = "Description for param2",
DataType = "STRING",
Value = "*",
},
},
Schedule = new SumoLogic.Inputs.LogSearchScheduleArgs
{
CronExpression = "0 0 * * * ? *",
MuteErrorEmails = false,
Notification = new SumoLogic.Inputs.LogSearchScheduleNotificationArgs
{
EmailSearchNotification = new SumoLogic.Inputs.LogSearchScheduleNotificationEmailSearchNotificationArgs
{
IncludeCsvAttachment = false,
IncludeHistogram = false,
IncludeQuery = true,
IncludeResultSet = true,
SubjectTemplate = "Search Alert: {{TriggerCondition}} found for {{SearchName}}",
ToLists = new[]
{
"will@acme.com",
},
},
},
ParseableTimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeArgs
{
BeginBoundedTimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeArgs
{
From = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromArgs
{
RelativeTimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs
{
RelativeTime = "-15m",
},
},
},
},
ScheduleType = "1Week",
Threshold = new SumoLogic.Inputs.LogSearchScheduleThresholdArgs
{
Count = 10,
Operator = "gt",
ThresholdType = "group",
},
TimeZone = "America/Los_Angeles",
Parameters = new[]
{
new SumoLogic.Inputs.LogSearchScheduleParameterArgs
{
Name = "param1",
Value = "*",
},
new SumoLogic.Inputs.LogSearchScheduleParameterArgs
{
Name = "param2",
Value = "*",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sumologic.SumologicFunctions;
import com.pulumi.sumologic.inputs.GetPersonalFolderArgs;
import com.pulumi.sumologic.LogSearch;
import com.pulumi.sumologic.LogSearchArgs;
import com.pulumi.sumologic.inputs.LogSearchTimeRangeArgs;
import com.pulumi.sumologic.inputs.LogSearchTimeRangeBeginBoundedTimeRangeArgs;
import com.pulumi.sumologic.inputs.LogSearchTimeRangeBeginBoundedTimeRangeFromArgs;
import com.pulumi.sumologic.inputs.LogSearchTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs;
import com.pulumi.sumologic.inputs.LogSearchQueryParameterArgs;
import com.pulumi.sumologic.inputs.LogSearchScheduleArgs;
import com.pulumi.sumologic.inputs.LogSearchScheduleNotificationArgs;
import com.pulumi.sumologic.inputs.LogSearchScheduleNotificationEmailSearchNotificationArgs;
import com.pulumi.sumologic.inputs.LogSearchScheduleParseableTimeRangeArgs;
import com.pulumi.sumologic.inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeArgs;
import com.pulumi.sumologic.inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromArgs;
import com.pulumi.sumologic.inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs;
import com.pulumi.sumologic.inputs.LogSearchScheduleThresholdArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var personalFolder = SumologicFunctions.getPersonalFolder();
var exampleLogSearch = new LogSearch("exampleLogSearch", LogSearchArgs.builder()
.name("Demo Search")
.description("Demo search description")
.parentId(personalFolder.applyValue(getPersonalFolderResult -> getPersonalFolderResult.id()))
.queryString("""
_sourceCategory=api
| parse "parameter1=*," as parameter1
| parse "parameter2=*," as parameter2
| where parameter1 matches {{param1}}
| where parameter2 matches {{param2}}
| count by _sourceHost
""")
.parsingMode("AutoParse")
.runByReceiptTime(true)
.timeRange(LogSearchTimeRangeArgs.builder()
.beginBoundedTimeRange(LogSearchTimeRangeBeginBoundedTimeRangeArgs.builder()
.from(LogSearchTimeRangeBeginBoundedTimeRangeFromArgs.builder()
.relativeTimeRange(LogSearchTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs.builder()
.relativeTime("-30m")
.build())
.build())
.build())
.build())
.queryParameters(
LogSearchQueryParameterArgs.builder()
.name("param1")
.description("Description for param1")
.dataType("STRING")
.value("*")
.build(),
LogSearchQueryParameterArgs.builder()
.name("param2")
.description("Description for param2")
.dataType("STRING")
.value("*")
.build())
.schedule(LogSearchScheduleArgs.builder()
.cronExpression("0 0 * * * ? *")
.muteErrorEmails(false)
.notification(LogSearchScheduleNotificationArgs.builder()
.emailSearchNotification(LogSearchScheduleNotificationEmailSearchNotificationArgs.builder()
.includeCsvAttachment(false)
.includeHistogram(false)
.includeQuery(true)
.includeResultSet(true)
.subjectTemplate("Search Alert: {{TriggerCondition}} found for {{SearchName}}")
.toLists("will@acme.com")
.build())
.build())
.parseableTimeRange(LogSearchScheduleParseableTimeRangeArgs.builder()
.beginBoundedTimeRange(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeArgs.builder()
.from(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromArgs.builder()
.relativeTimeRange(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs.builder()
.relativeTime("-15m")
.build())
.build())
.build())
.build())
.scheduleType("1Week")
.threshold(LogSearchScheduleThresholdArgs.builder()
.count(10)
.operator("gt")
.thresholdType("group")
.build())
.timeZone("America/Los_Angeles")
.parameters(
LogSearchScheduleParameterArgs.builder()
.name("param1")
.value("*")
.build(),
LogSearchScheduleParameterArgs.builder()
.name("param2")
.value("*")
.build())
.build())
.build());
}
}
resources:
exampleLogSearch:
type: sumologic:LogSearch
name: example_log_search
properties:
name: Demo Search
description: Demo search description
parentId: ${personalFolder.id}
queryString: |2
_sourceCategory=api
| parse "parameter1=*," as parameter1
| parse "parameter2=*," as parameter2
| where parameter1 matches {{param1}}
| where parameter2 matches {{param2}}
| count by _sourceHost
parsingMode: AutoParse
runByReceiptTime: true
timeRange:
beginBoundedTimeRange:
from:
relativeTimeRange:
relativeTime: -30m
queryParameters:
- name: param1
description: Description for param1
dataType: STRING
value: '*'
- name: param2
description: Description for param2
dataType: STRING
value: '*'
schedule:
cronExpression: 0 0 * * * ? *
muteErrorEmails: false
notification:
emailSearchNotification:
includeCsvAttachment: false
includeHistogram: false
includeQuery: true
includeResultSet: true
subjectTemplate: 'Search Alert: {{TriggerCondition}} found for {{SearchName}}'
toLists:
- will@acme.com
parseableTimeRange:
beginBoundedTimeRange:
from:
relativeTimeRange:
relativeTime: -15m
scheduleType: 1Week
threshold:
count: 10
operator: gt
thresholdType: group
timeZone: America/Los_Angeles
parameters:
- name: param1
value: '*'
- name: param2
value: '*'
variables:
personalFolder:
fn::invoke:
Function: sumologic:getPersonalFolder
Arguments: {}
Attributes reference
In addition to all arguments above, the following attributes are exported:
id- The ID of the log search.
Create LogSearch Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new LogSearch(name: string, args: LogSearchArgs, opts?: CustomResourceOptions);@overload
def LogSearch(resource_name: str,
args: LogSearchArgs,
opts: Optional[ResourceOptions] = None)
@overload
def LogSearch(resource_name: str,
opts: Optional[ResourceOptions] = None,
parent_id: Optional[str] = None,
query_string: Optional[str] = None,
time_range: Optional[LogSearchTimeRangeArgs] = None,
description: Optional[str] = None,
name: Optional[str] = None,
parsing_mode: Optional[str] = None,
query_parameters: Optional[Sequence[LogSearchQueryParameterArgs]] = None,
run_by_receipt_time: Optional[bool] = None,
schedule: Optional[LogSearchScheduleArgs] = None)func NewLogSearch(ctx *Context, name string, args LogSearchArgs, opts ...ResourceOption) (*LogSearch, error)public LogSearch(string name, LogSearchArgs args, CustomResourceOptions? opts = null)
public LogSearch(String name, LogSearchArgs args)
public LogSearch(String name, LogSearchArgs args, CustomResourceOptions options)
type: sumologic:LogSearch
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args LogSearchArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args LogSearchArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args LogSearchArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args LogSearchArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args LogSearchArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var logSearchResource = new SumoLogic.LogSearch("logSearchResource", new()
{
ParentId = "string",
QueryString = "string",
TimeRange = new SumoLogic.Inputs.LogSearchTimeRangeArgs
{
BeginBoundedTimeRange = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeArgs
{
From = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeFromArgs
{
EpochTimeRange = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeFromEpochTimeRangeArgs
{
EpochMillis = 0,
},
Iso8601TimeRange = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeFromIso8601TimeRangeArgs
{
Iso8601Time = "string",
},
LiteralTimeRange = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeFromLiteralTimeRangeArgs
{
RangeName = "string",
},
RelativeTimeRange = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs
{
RelativeTime = "string",
},
},
To = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeToArgs
{
EpochTimeRange = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeToEpochTimeRangeArgs
{
EpochMillis = 0,
},
Iso8601TimeRange = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeToIso8601TimeRangeArgs
{
Iso8601Time = "string",
},
LiteralTimeRange = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeToLiteralTimeRangeArgs
{
RangeName = "string",
},
RelativeTimeRange = new SumoLogic.Inputs.LogSearchTimeRangeBeginBoundedTimeRangeToRelativeTimeRangeArgs
{
RelativeTime = "string",
},
},
},
CompleteLiteralTimeRange = new SumoLogic.Inputs.LogSearchTimeRangeCompleteLiteralTimeRangeArgs
{
RangeName = "string",
},
},
Description = "string",
Name = "string",
ParsingMode = "string",
QueryParameters = new[]
{
new SumoLogic.Inputs.LogSearchQueryParameterArgs
{
DataType = "string",
Name = "string",
Value = "string",
Description = "string",
},
},
RunByReceiptTime = false,
Schedule = new SumoLogic.Inputs.LogSearchScheduleArgs
{
Notification = new SumoLogic.Inputs.LogSearchScheduleNotificationArgs
{
AlertSearchNotification = new SumoLogic.Inputs.LogSearchScheduleNotificationAlertSearchNotificationArgs
{
SourceId = "string",
},
CseSignalNotification = new SumoLogic.Inputs.LogSearchScheduleNotificationCseSignalNotificationArgs
{
RecordType = "string",
},
EmailSearchNotification = new SumoLogic.Inputs.LogSearchScheduleNotificationEmailSearchNotificationArgs
{
ToLists = new[]
{
"string",
},
IncludeCsvAttachment = false,
IncludeHistogram = false,
IncludeQuery = false,
IncludeResultSet = false,
SubjectTemplate = "string",
},
SaveToLookupNotification = new SumoLogic.Inputs.LogSearchScheduleNotificationSaveToLookupNotificationArgs
{
IsLookupMergeOperation = false,
LookupFilePath = "string",
},
SaveToViewNotification = new SumoLogic.Inputs.LogSearchScheduleNotificationSaveToViewNotificationArgs
{
ViewName = "string",
},
ServiceNowSearchNotification = new SumoLogic.Inputs.LogSearchScheduleNotificationServiceNowSearchNotificationArgs
{
ExternalId = "string",
Fields = new SumoLogic.Inputs.LogSearchScheduleNotificationServiceNowSearchNotificationFieldsArgs
{
EventType = "string",
Node = "string",
Resource = "string",
Severity = 0,
},
},
WebhookSearchNotification = new SumoLogic.Inputs.LogSearchScheduleNotificationWebhookSearchNotificationArgs
{
WebhookId = "string",
ItemizeAlerts = false,
MaxItemizedAlerts = 0,
Payload = "string",
},
},
ParseableTimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeArgs
{
BeginBoundedTimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeArgs
{
From = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromArgs
{
EpochTimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromEpochTimeRangeArgs
{
EpochMillis = 0,
},
Iso8601TimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromIso8601TimeRangeArgs
{
Iso8601Time = "string",
},
LiteralTimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromLiteralTimeRangeArgs
{
RangeName = "string",
},
RelativeTimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs
{
RelativeTime = "string",
},
},
To = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToArgs
{
EpochTimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToEpochTimeRangeArgs
{
EpochMillis = 0,
},
Iso8601TimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToIso8601TimeRangeArgs
{
Iso8601Time = "string",
},
LiteralTimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToLiteralTimeRangeArgs
{
RangeName = "string",
},
RelativeTimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToRelativeTimeRangeArgs
{
RelativeTime = "string",
},
},
},
CompleteLiteralTimeRange = new SumoLogic.Inputs.LogSearchScheduleParseableTimeRangeCompleteLiteralTimeRangeArgs
{
RangeName = "string",
},
},
ScheduleType = "string",
TimeZone = "string",
CronExpression = "string",
MuteErrorEmails = false,
Parameters = new[]
{
new SumoLogic.Inputs.LogSearchScheduleParameterArgs
{
Name = "string",
Value = "string",
},
},
Threshold = new SumoLogic.Inputs.LogSearchScheduleThresholdArgs
{
Count = 0,
Operator = "string",
ThresholdType = "string",
},
},
});
example, err := sumologic.NewLogSearch(ctx, "logSearchResource", &sumologic.LogSearchArgs{
ParentId: pulumi.String("string"),
QueryString: pulumi.String("string"),
TimeRange: &sumologic.LogSearchTimeRangeArgs{
BeginBoundedTimeRange: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeArgs{
From: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeFromArgs{
EpochTimeRange: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeFromEpochTimeRangeArgs{
EpochMillis: pulumi.Int(0),
},
Iso8601TimeRange: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeFromIso8601TimeRangeArgs{
Iso8601Time: pulumi.String("string"),
},
LiteralTimeRange: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeFromLiteralTimeRangeArgs{
RangeName: pulumi.String("string"),
},
RelativeTimeRange: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs{
RelativeTime: pulumi.String("string"),
},
},
To: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeToArgs{
EpochTimeRange: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeToEpochTimeRangeArgs{
EpochMillis: pulumi.Int(0),
},
Iso8601TimeRange: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeToIso8601TimeRangeArgs{
Iso8601Time: pulumi.String("string"),
},
LiteralTimeRange: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeToLiteralTimeRangeArgs{
RangeName: pulumi.String("string"),
},
RelativeTimeRange: &sumologic.LogSearchTimeRangeBeginBoundedTimeRangeToRelativeTimeRangeArgs{
RelativeTime: pulumi.String("string"),
},
},
},
CompleteLiteralTimeRange: &sumologic.LogSearchTimeRangeCompleteLiteralTimeRangeArgs{
RangeName: pulumi.String("string"),
},
},
Description: pulumi.String("string"),
Name: pulumi.String("string"),
ParsingMode: pulumi.String("string"),
QueryParameters: sumologic.LogSearchQueryParameterArray{
&sumologic.LogSearchQueryParameterArgs{
DataType: pulumi.String("string"),
Name: pulumi.String("string"),
Value: pulumi.String("string"),
Description: pulumi.String("string"),
},
},
RunByReceiptTime: pulumi.Bool(false),
Schedule: &sumologic.LogSearchScheduleArgs{
Notification: &sumologic.LogSearchScheduleNotificationArgs{
AlertSearchNotification: &sumologic.LogSearchScheduleNotificationAlertSearchNotificationArgs{
SourceId: pulumi.String("string"),
},
CseSignalNotification: &sumologic.LogSearchScheduleNotificationCseSignalNotificationArgs{
RecordType: pulumi.String("string"),
},
EmailSearchNotification: &sumologic.LogSearchScheduleNotificationEmailSearchNotificationArgs{
ToLists: pulumi.StringArray{
pulumi.String("string"),
},
IncludeCsvAttachment: pulumi.Bool(false),
IncludeHistogram: pulumi.Bool(false),
IncludeQuery: pulumi.Bool(false),
IncludeResultSet: pulumi.Bool(false),
SubjectTemplate: pulumi.String("string"),
},
SaveToLookupNotification: &sumologic.LogSearchScheduleNotificationSaveToLookupNotificationArgs{
IsLookupMergeOperation: pulumi.Bool(false),
LookupFilePath: pulumi.String("string"),
},
SaveToViewNotification: &sumologic.LogSearchScheduleNotificationSaveToViewNotificationArgs{
ViewName: pulumi.String("string"),
},
ServiceNowSearchNotification: &sumologic.LogSearchScheduleNotificationServiceNowSearchNotificationArgs{
ExternalId: pulumi.String("string"),
Fields: &sumologic.LogSearchScheduleNotificationServiceNowSearchNotificationFieldsArgs{
EventType: pulumi.String("string"),
Node: pulumi.String("string"),
Resource: pulumi.String("string"),
Severity: pulumi.Int(0),
},
},
WebhookSearchNotification: &sumologic.LogSearchScheduleNotificationWebhookSearchNotificationArgs{
WebhookId: pulumi.String("string"),
ItemizeAlerts: pulumi.Bool(false),
MaxItemizedAlerts: pulumi.Int(0),
Payload: pulumi.String("string"),
},
},
ParseableTimeRange: &sumologic.LogSearchScheduleParseableTimeRangeArgs{
BeginBoundedTimeRange: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeArgs{
From: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromArgs{
EpochTimeRange: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromEpochTimeRangeArgs{
EpochMillis: pulumi.Int(0),
},
Iso8601TimeRange: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromIso8601TimeRangeArgs{
Iso8601Time: pulumi.String("string"),
},
LiteralTimeRange: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromLiteralTimeRangeArgs{
RangeName: pulumi.String("string"),
},
RelativeTimeRange: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs{
RelativeTime: pulumi.String("string"),
},
},
To: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToArgs{
EpochTimeRange: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToEpochTimeRangeArgs{
EpochMillis: pulumi.Int(0),
},
Iso8601TimeRange: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToIso8601TimeRangeArgs{
Iso8601Time: pulumi.String("string"),
},
LiteralTimeRange: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToLiteralTimeRangeArgs{
RangeName: pulumi.String("string"),
},
RelativeTimeRange: &sumologic.LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToRelativeTimeRangeArgs{
RelativeTime: pulumi.String("string"),
},
},
},
CompleteLiteralTimeRange: &sumologic.LogSearchScheduleParseableTimeRangeCompleteLiteralTimeRangeArgs{
RangeName: pulumi.String("string"),
},
},
ScheduleType: pulumi.String("string"),
TimeZone: pulumi.String("string"),
CronExpression: pulumi.String("string"),
MuteErrorEmails: pulumi.Bool(false),
Parameters: sumologic.LogSearchScheduleParameterArray{
&sumologic.LogSearchScheduleParameterArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
Threshold: &sumologic.LogSearchScheduleThresholdArgs{
Count: pulumi.Int(0),
Operator: pulumi.String("string"),
ThresholdType: pulumi.String("string"),
},
},
})
var logSearchResource = new LogSearch("logSearchResource", LogSearchArgs.builder()
.parentId("string")
.queryString("string")
.timeRange(LogSearchTimeRangeArgs.builder()
.beginBoundedTimeRange(LogSearchTimeRangeBeginBoundedTimeRangeArgs.builder()
.from(LogSearchTimeRangeBeginBoundedTimeRangeFromArgs.builder()
.epochTimeRange(LogSearchTimeRangeBeginBoundedTimeRangeFromEpochTimeRangeArgs.builder()
.epochMillis(0)
.build())
.iso8601TimeRange(LogSearchTimeRangeBeginBoundedTimeRangeFromIso8601TimeRangeArgs.builder()
.iso8601Time("string")
.build())
.literalTimeRange(LogSearchTimeRangeBeginBoundedTimeRangeFromLiteralTimeRangeArgs.builder()
.rangeName("string")
.build())
.relativeTimeRange(LogSearchTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs.builder()
.relativeTime("string")
.build())
.build())
.to(LogSearchTimeRangeBeginBoundedTimeRangeToArgs.builder()
.epochTimeRange(LogSearchTimeRangeBeginBoundedTimeRangeToEpochTimeRangeArgs.builder()
.epochMillis(0)
.build())
.iso8601TimeRange(LogSearchTimeRangeBeginBoundedTimeRangeToIso8601TimeRangeArgs.builder()
.iso8601Time("string")
.build())
.literalTimeRange(LogSearchTimeRangeBeginBoundedTimeRangeToLiteralTimeRangeArgs.builder()
.rangeName("string")
.build())
.relativeTimeRange(LogSearchTimeRangeBeginBoundedTimeRangeToRelativeTimeRangeArgs.builder()
.relativeTime("string")
.build())
.build())
.build())
.completeLiteralTimeRange(LogSearchTimeRangeCompleteLiteralTimeRangeArgs.builder()
.rangeName("string")
.build())
.build())
.description("string")
.name("string")
.parsingMode("string")
.queryParameters(LogSearchQueryParameterArgs.builder()
.dataType("string")
.name("string")
.value("string")
.description("string")
.build())
.runByReceiptTime(false)
.schedule(LogSearchScheduleArgs.builder()
.notification(LogSearchScheduleNotificationArgs.builder()
.alertSearchNotification(LogSearchScheduleNotificationAlertSearchNotificationArgs.builder()
.sourceId("string")
.build())
.cseSignalNotification(LogSearchScheduleNotificationCseSignalNotificationArgs.builder()
.recordType("string")
.build())
.emailSearchNotification(LogSearchScheduleNotificationEmailSearchNotificationArgs.builder()
.toLists("string")
.includeCsvAttachment(false)
.includeHistogram(false)
.includeQuery(false)
.includeResultSet(false)
.subjectTemplate("string")
.build())
.saveToLookupNotification(LogSearchScheduleNotificationSaveToLookupNotificationArgs.builder()
.isLookupMergeOperation(false)
.lookupFilePath("string")
.build())
.saveToViewNotification(LogSearchScheduleNotificationSaveToViewNotificationArgs.builder()
.viewName("string")
.build())
.serviceNowSearchNotification(LogSearchScheduleNotificationServiceNowSearchNotificationArgs.builder()
.externalId("string")
.fields(LogSearchScheduleNotificationServiceNowSearchNotificationFieldsArgs.builder()
.eventType("string")
.node("string")
.resource("string")
.severity(0)
.build())
.build())
.webhookSearchNotification(LogSearchScheduleNotificationWebhookSearchNotificationArgs.builder()
.webhookId("string")
.itemizeAlerts(false)
.maxItemizedAlerts(0)
.payload("string")
.build())
.build())
.parseableTimeRange(LogSearchScheduleParseableTimeRangeArgs.builder()
.beginBoundedTimeRange(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeArgs.builder()
.from(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromArgs.builder()
.epochTimeRange(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromEpochTimeRangeArgs.builder()
.epochMillis(0)
.build())
.iso8601TimeRange(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromIso8601TimeRangeArgs.builder()
.iso8601Time("string")
.build())
.literalTimeRange(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromLiteralTimeRangeArgs.builder()
.rangeName("string")
.build())
.relativeTimeRange(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs.builder()
.relativeTime("string")
.build())
.build())
.to(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToArgs.builder()
.epochTimeRange(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToEpochTimeRangeArgs.builder()
.epochMillis(0)
.build())
.iso8601TimeRange(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToIso8601TimeRangeArgs.builder()
.iso8601Time("string")
.build())
.literalTimeRange(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToLiteralTimeRangeArgs.builder()
.rangeName("string")
.build())
.relativeTimeRange(LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToRelativeTimeRangeArgs.builder()
.relativeTime("string")
.build())
.build())
.build())
.completeLiteralTimeRange(LogSearchScheduleParseableTimeRangeCompleteLiteralTimeRangeArgs.builder()
.rangeName("string")
.build())
.build())
.scheduleType("string")
.timeZone("string")
.cronExpression("string")
.muteErrorEmails(false)
.parameters(LogSearchScheduleParameterArgs.builder()
.name("string")
.value("string")
.build())
.threshold(LogSearchScheduleThresholdArgs.builder()
.count(0)
.operator("string")
.thresholdType("string")
.build())
.build())
.build());
log_search_resource = sumologic.LogSearch("logSearchResource",
parent_id="string",
query_string="string",
time_range={
"begin_bounded_time_range": {
"from_": {
"epoch_time_range": {
"epoch_millis": 0,
},
"iso8601_time_range": {
"iso8601_time": "string",
},
"literal_time_range": {
"range_name": "string",
},
"relative_time_range": {
"relative_time": "string",
},
},
"to": {
"epoch_time_range": {
"epoch_millis": 0,
},
"iso8601_time_range": {
"iso8601_time": "string",
},
"literal_time_range": {
"range_name": "string",
},
"relative_time_range": {
"relative_time": "string",
},
},
},
"complete_literal_time_range": {
"range_name": "string",
},
},
description="string",
name="string",
parsing_mode="string",
query_parameters=[{
"data_type": "string",
"name": "string",
"value": "string",
"description": "string",
}],
run_by_receipt_time=False,
schedule={
"notification": {
"alert_search_notification": {
"source_id": "string",
},
"cse_signal_notification": {
"record_type": "string",
},
"email_search_notification": {
"to_lists": ["string"],
"include_csv_attachment": False,
"include_histogram": False,
"include_query": False,
"include_result_set": False,
"subject_template": "string",
},
"save_to_lookup_notification": {
"is_lookup_merge_operation": False,
"lookup_file_path": "string",
},
"save_to_view_notification": {
"view_name": "string",
},
"service_now_search_notification": {
"external_id": "string",
"fields": {
"event_type": "string",
"node": "string",
"resource": "string",
"severity": 0,
},
},
"webhook_search_notification": {
"webhook_id": "string",
"itemize_alerts": False,
"max_itemized_alerts": 0,
"payload": "string",
},
},
"parseable_time_range": {
"begin_bounded_time_range": {
"from_": {
"epoch_time_range": {
"epoch_millis": 0,
},
"iso8601_time_range": {
"iso8601_time": "string",
},
"literal_time_range": {
"range_name": "string",
},
"relative_time_range": {
"relative_time": "string",
},
},
"to": {
"epoch_time_range": {
"epoch_millis": 0,
},
"iso8601_time_range": {
"iso8601_time": "string",
},
"literal_time_range": {
"range_name": "string",
},
"relative_time_range": {
"relative_time": "string",
},
},
},
"complete_literal_time_range": {
"range_name": "string",
},
},
"schedule_type": "string",
"time_zone": "string",
"cron_expression": "string",
"mute_error_emails": False,
"parameters": [{
"name": "string",
"value": "string",
}],
"threshold": {
"count": 0,
"operator": "string",
"threshold_type": "string",
},
})
const logSearchResource = new sumologic.LogSearch("logSearchResource", {
parentId: "string",
queryString: "string",
timeRange: {
beginBoundedTimeRange: {
from: {
epochTimeRange: {
epochMillis: 0,
},
iso8601TimeRange: {
iso8601Time: "string",
},
literalTimeRange: {
rangeName: "string",
},
relativeTimeRange: {
relativeTime: "string",
},
},
to: {
epochTimeRange: {
epochMillis: 0,
},
iso8601TimeRange: {
iso8601Time: "string",
},
literalTimeRange: {
rangeName: "string",
},
relativeTimeRange: {
relativeTime: "string",
},
},
},
completeLiteralTimeRange: {
rangeName: "string",
},
},
description: "string",
name: "string",
parsingMode: "string",
queryParameters: [{
dataType: "string",
name: "string",
value: "string",
description: "string",
}],
runByReceiptTime: false,
schedule: {
notification: {
alertSearchNotification: {
sourceId: "string",
},
cseSignalNotification: {
recordType: "string",
},
emailSearchNotification: {
toLists: ["string"],
includeCsvAttachment: false,
includeHistogram: false,
includeQuery: false,
includeResultSet: false,
subjectTemplate: "string",
},
saveToLookupNotification: {
isLookupMergeOperation: false,
lookupFilePath: "string",
},
saveToViewNotification: {
viewName: "string",
},
serviceNowSearchNotification: {
externalId: "string",
fields: {
eventType: "string",
node: "string",
resource: "string",
severity: 0,
},
},
webhookSearchNotification: {
webhookId: "string",
itemizeAlerts: false,
maxItemizedAlerts: 0,
payload: "string",
},
},
parseableTimeRange: {
beginBoundedTimeRange: {
from: {
epochTimeRange: {
epochMillis: 0,
},
iso8601TimeRange: {
iso8601Time: "string",
},
literalTimeRange: {
rangeName: "string",
},
relativeTimeRange: {
relativeTime: "string",
},
},
to: {
epochTimeRange: {
epochMillis: 0,
},
iso8601TimeRange: {
iso8601Time: "string",
},
literalTimeRange: {
rangeName: "string",
},
relativeTimeRange: {
relativeTime: "string",
},
},
},
completeLiteralTimeRange: {
rangeName: "string",
},
},
scheduleType: "string",
timeZone: "string",
cronExpression: "string",
muteErrorEmails: false,
parameters: [{
name: "string",
value: "string",
}],
threshold: {
count: 0,
operator: "string",
thresholdType: "string",
},
},
});
type: sumologic:LogSearch
properties:
description: string
name: string
parentId: string
parsingMode: string
queryParameters:
- dataType: string
description: string
name: string
value: string
queryString: string
runByReceiptTime: false
schedule:
cronExpression: string
muteErrorEmails: false
notification:
alertSearchNotification:
sourceId: string
cseSignalNotification:
recordType: string
emailSearchNotification:
includeCsvAttachment: false
includeHistogram: false
includeQuery: false
includeResultSet: false
subjectTemplate: string
toLists:
- string
saveToLookupNotification:
isLookupMergeOperation: false
lookupFilePath: string
saveToViewNotification:
viewName: string
serviceNowSearchNotification:
externalId: string
fields:
eventType: string
node: string
resource: string
severity: 0
webhookSearchNotification:
itemizeAlerts: false
maxItemizedAlerts: 0
payload: string
webhookId: string
parameters:
- name: string
value: string
parseableTimeRange:
beginBoundedTimeRange:
from:
epochTimeRange:
epochMillis: 0
iso8601TimeRange:
iso8601Time: string
literalTimeRange:
rangeName: string
relativeTimeRange:
relativeTime: string
to:
epochTimeRange:
epochMillis: 0
iso8601TimeRange:
iso8601Time: string
literalTimeRange:
rangeName: string
relativeTimeRange:
relativeTime: string
completeLiteralTimeRange:
rangeName: string
scheduleType: string
threshold:
count: 0
operator: string
thresholdType: string
timeZone: string
timeRange:
beginBoundedTimeRange:
from:
epochTimeRange:
epochMillis: 0
iso8601TimeRange:
iso8601Time: string
literalTimeRange:
rangeName: string
relativeTimeRange:
relativeTime: string
to:
epochTimeRange:
epochMillis: 0
iso8601TimeRange:
iso8601Time: string
literalTimeRange:
rangeName: string
relativeTimeRange:
relativeTime: string
completeLiteralTimeRange:
rangeName: string
LogSearch Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The LogSearch resource accepts the following input properties:
- Parent
Id string - The identifier of the folder to create the log search in.
- Query
String string - Log query to perform.
- Time
Range Pulumi.Sumo Logic. Inputs. Log Search Time Range - Time range of the log search. See time range schema
- Description string
- Description of the search.
- Name string
- Name of the search.
- Parsing
Mode string Define the parsing mode to scan the JSON format log messages. Possible values are:
AutoParseandManual. Default value isManual.In
AutoParsemode, the system automatically figures out fields to parse based on the search query. While in theManualmode, no fields are parsed out automatically. For more information see Dynamic Parsing.- Query
Parameters List<Pulumi.Sumo Logic. Inputs. Log Search Query Parameter> - Up to 10
query_parameterblocks can be added one for each parameter in thequery_string. See query parameter schema. - Run
By boolReceipt Time - This has the value
trueif the search is to be run by receipt time andfalseif it is to be run by message time. Default value isfalse. - Schedule
Pulumi.
Sumo Logic. Inputs. Log Search Schedule - Schedule of the log search. See schedule schema
- Parent
Id string - The identifier of the folder to create the log search in.
- Query
String string - Log query to perform.
- Time
Range LogSearch Time Range Args - Time range of the log search. See time range schema
- Description string
- Description of the search.
- Name string
- Name of the search.
- Parsing
Mode string Define the parsing mode to scan the JSON format log messages. Possible values are:
AutoParseandManual. Default value isManual.In
AutoParsemode, the system automatically figures out fields to parse based on the search query. While in theManualmode, no fields are parsed out automatically. For more information see Dynamic Parsing.- Query
Parameters []LogSearch Query Parameter Args - Up to 10
query_parameterblocks can be added one for each parameter in thequery_string. See query parameter schema. - Run
By boolReceipt Time - This has the value
trueif the search is to be run by receipt time andfalseif it is to be run by message time. Default value isfalse. - Schedule
Log
Search Schedule Args - Schedule of the log search. See schedule schema
- parent
Id String - The identifier of the folder to create the log search in.
- query
String String - Log query to perform.
- time
Range LogSearch Time Range - Time range of the log search. See time range schema
- description String
- Description of the search.
- name String
- Name of the search.
- parsing
Mode String Define the parsing mode to scan the JSON format log messages. Possible values are:
AutoParseandManual. Default value isManual.In
AutoParsemode, the system automatically figures out fields to parse based on the search query. While in theManualmode, no fields are parsed out automatically. For more information see Dynamic Parsing.- query
Parameters List<LogSearch Query Parameter> - Up to 10
query_parameterblocks can be added one for each parameter in thequery_string. See query parameter schema. - run
By BooleanReceipt Time - This has the value
trueif the search is to be run by receipt time andfalseif it is to be run by message time. Default value isfalse. - schedule
Log
Search Schedule - Schedule of the log search. See schedule schema
- parent
Id string - The identifier of the folder to create the log search in.
- query
String string - Log query to perform.
- time
Range LogSearch Time Range - Time range of the log search. See time range schema
- description string
- Description of the search.
- name string
- Name of the search.
- parsing
Mode string Define the parsing mode to scan the JSON format log messages. Possible values are:
AutoParseandManual. Default value isManual.In
AutoParsemode, the system automatically figures out fields to parse based on the search query. While in theManualmode, no fields are parsed out automatically. For more information see Dynamic Parsing.- query
Parameters LogSearch Query Parameter[] - Up to 10
query_parameterblocks can be added one for each parameter in thequery_string. See query parameter schema. - run
By booleanReceipt Time - This has the value
trueif the search is to be run by receipt time andfalseif it is to be run by message time. Default value isfalse. - schedule
Log
Search Schedule - Schedule of the log search. See schedule schema
- parent_
id str - The identifier of the folder to create the log search in.
- query_
string str - Log query to perform.
- time_
range LogSearch Time Range Args - Time range of the log search. See time range schema
- description str
- Description of the search.
- name str
- Name of the search.
- parsing_
mode str Define the parsing mode to scan the JSON format log messages. Possible values are:
AutoParseandManual. Default value isManual.In
AutoParsemode, the system automatically figures out fields to parse based on the search query. While in theManualmode, no fields are parsed out automatically. For more information see Dynamic Parsing.- query_
parameters Sequence[LogSearch Query Parameter Args] - Up to 10
query_parameterblocks can be added one for each parameter in thequery_string. See query parameter schema. - run_
by_ boolreceipt_ time - This has the value
trueif the search is to be run by receipt time andfalseif it is to be run by message time. Default value isfalse. - schedule
Log
Search Schedule Args - Schedule of the log search. See schedule schema
- parent
Id String - The identifier of the folder to create the log search in.
- query
String String - Log query to perform.
- time
Range Property Map - Time range of the log search. See time range schema
- description String
- Description of the search.
- name String
- Name of the search.
- parsing
Mode String Define the parsing mode to scan the JSON format log messages. Possible values are:
AutoParseandManual. Default value isManual.In
AutoParsemode, the system automatically figures out fields to parse based on the search query. While in theManualmode, no fields are parsed out automatically. For more information see Dynamic Parsing.- query
Parameters List<Property Map> - Up to 10
query_parameterblocks can be added one for each parameter in thequery_string. See query parameter schema. - run
By BooleanReceipt Time - This has the value
trueif the search is to be run by receipt time andfalseif it is to be run by message time. Default value isfalse. - schedule Property Map
- Schedule of the log search. See schedule schema
Outputs
All input properties are implicitly available as output properties. Additionally, the LogSearch resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing LogSearch Resource
Get an existing LogSearch resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: LogSearchState, opts?: CustomResourceOptions): LogSearch@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
name: Optional[str] = None,
parent_id: Optional[str] = None,
parsing_mode: Optional[str] = None,
query_parameters: Optional[Sequence[LogSearchQueryParameterArgs]] = None,
query_string: Optional[str] = None,
run_by_receipt_time: Optional[bool] = None,
schedule: Optional[LogSearchScheduleArgs] = None,
time_range: Optional[LogSearchTimeRangeArgs] = None) -> LogSearchfunc GetLogSearch(ctx *Context, name string, id IDInput, state *LogSearchState, opts ...ResourceOption) (*LogSearch, error)public static LogSearch Get(string name, Input<string> id, LogSearchState? state, CustomResourceOptions? opts = null)public static LogSearch get(String name, Output<String> id, LogSearchState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Description string
- Description of the search.
- Name string
- Name of the search.
- Parent
Id string - The identifier of the folder to create the log search in.
- Parsing
Mode string Define the parsing mode to scan the JSON format log messages. Possible values are:
AutoParseandManual. Default value isManual.In
AutoParsemode, the system automatically figures out fields to parse based on the search query. While in theManualmode, no fields are parsed out automatically. For more information see Dynamic Parsing.- Query
Parameters List<Pulumi.Sumo Logic. Inputs. Log Search Query Parameter> - Up to 10
query_parameterblocks can be added one for each parameter in thequery_string. See query parameter schema. - Query
String string - Log query to perform.
- Run
By boolReceipt Time - This has the value
trueif the search is to be run by receipt time andfalseif it is to be run by message time. Default value isfalse. - Schedule
Pulumi.
Sumo Logic. Inputs. Log Search Schedule - Schedule of the log search. See schedule schema
- Time
Range Pulumi.Sumo Logic. Inputs. Log Search Time Range - Time range of the log search. See time range schema
- Description string
- Description of the search.
- Name string
- Name of the search.
- Parent
Id string - The identifier of the folder to create the log search in.
- Parsing
Mode string Define the parsing mode to scan the JSON format log messages. Possible values are:
AutoParseandManual. Default value isManual.In
AutoParsemode, the system automatically figures out fields to parse based on the search query. While in theManualmode, no fields are parsed out automatically. For more information see Dynamic Parsing.- Query
Parameters []LogSearch Query Parameter Args - Up to 10
query_parameterblocks can be added one for each parameter in thequery_string. See query parameter schema. - Query
String string - Log query to perform.
- Run
By boolReceipt Time - This has the value
trueif the search is to be run by receipt time andfalseif it is to be run by message time. Default value isfalse. - Schedule
Log
Search Schedule Args - Schedule of the log search. See schedule schema
- Time
Range LogSearch Time Range Args - Time range of the log search. See time range schema
- description String
- Description of the search.
- name String
- Name of the search.
- parent
Id String - The identifier of the folder to create the log search in.
- parsing
Mode String Define the parsing mode to scan the JSON format log messages. Possible values are:
AutoParseandManual. Default value isManual.In
AutoParsemode, the system automatically figures out fields to parse based on the search query. While in theManualmode, no fields are parsed out automatically. For more information see Dynamic Parsing.- query
Parameters List<LogSearch Query Parameter> - Up to 10
query_parameterblocks can be added one for each parameter in thequery_string. See query parameter schema. - query
String String - Log query to perform.
- run
By BooleanReceipt Time - This has the value
trueif the search is to be run by receipt time andfalseif it is to be run by message time. Default value isfalse. - schedule
Log
Search Schedule - Schedule of the log search. See schedule schema
- time
Range LogSearch Time Range - Time range of the log search. See time range schema
- description string
- Description of the search.
- name string
- Name of the search.
- parent
Id string - The identifier of the folder to create the log search in.
- parsing
Mode string Define the parsing mode to scan the JSON format log messages. Possible values are:
AutoParseandManual. Default value isManual.In
AutoParsemode, the system automatically figures out fields to parse based on the search query. While in theManualmode, no fields are parsed out automatically. For more information see Dynamic Parsing.- query
Parameters LogSearch Query Parameter[] - Up to 10
query_parameterblocks can be added one for each parameter in thequery_string. See query parameter schema. - query
String string - Log query to perform.
- run
By booleanReceipt Time - This has the value
trueif the search is to be run by receipt time andfalseif it is to be run by message time. Default value isfalse. - schedule
Log
Search Schedule - Schedule of the log search. See schedule schema
- time
Range LogSearch Time Range - Time range of the log search. See time range schema
- description str
- Description of the search.
- name str
- Name of the search.
- parent_
id str - The identifier of the folder to create the log search in.
- parsing_
mode str Define the parsing mode to scan the JSON format log messages. Possible values are:
AutoParseandManual. Default value isManual.In
AutoParsemode, the system automatically figures out fields to parse based on the search query. While in theManualmode, no fields are parsed out automatically. For more information see Dynamic Parsing.- query_
parameters Sequence[LogSearch Query Parameter Args] - Up to 10
query_parameterblocks can be added one for each parameter in thequery_string. See query parameter schema. - query_
string str - Log query to perform.
- run_
by_ boolreceipt_ time - This has the value
trueif the search is to be run by receipt time andfalseif it is to be run by message time. Default value isfalse. - schedule
Log
Search Schedule Args - Schedule of the log search. See schedule schema
- time_
range LogSearch Time Range Args - Time range of the log search. See time range schema
- description String
- Description of the search.
- name String
- Name of the search.
- parent
Id String - The identifier of the folder to create the log search in.
- parsing
Mode String Define the parsing mode to scan the JSON format log messages. Possible values are:
AutoParseandManual. Default value isManual.In
AutoParsemode, the system automatically figures out fields to parse based on the search query. While in theManualmode, no fields are parsed out automatically. For more information see Dynamic Parsing.- query
Parameters List<Property Map> - Up to 10
query_parameterblocks can be added one for each parameter in thequery_string. See query parameter schema. - query
String String - Log query to perform.
- run
By BooleanReceipt Time - This has the value
trueif the search is to be run by receipt time andfalseif it is to be run by message time. Default value isfalse. - schedule Property Map
- Schedule of the log search. See schedule schema
- time
Range Property Map - Time range of the log search. See time range schema
Supporting Types
LogSearchQueryParameter, LogSearchQueryParameterArgs
- Data
Type string - The data type of the parameter. Supported values are:
NUMBERSTRINGANYKEYWORD
- Name string
- Name of the search.
- Value string
- Default value of scheduled search parameter.
- Description string
- Description of the search.
- Data
Type string - The data type of the parameter. Supported values are:
NUMBERSTRINGANYKEYWORD
- Name string
- Name of the search.
- Value string
- Default value of scheduled search parameter.
- Description string
- Description of the search.
- data
Type String - The data type of the parameter. Supported values are:
NUMBERSTRINGANYKEYWORD
- name String
- Name of the search.
- value String
- Default value of scheduled search parameter.
- description String
- Description of the search.
- data
Type string - The data type of the parameter. Supported values are:
NUMBERSTRINGANYKEYWORD
- name string
- Name of the search.
- value string
- Default value of scheduled search parameter.
- description string
- Description of the search.
- data_
type str - The data type of the parameter. Supported values are:
NUMBERSTRINGANYKEYWORD
- name str
- Name of the search.
- value str
- Default value of scheduled search parameter.
- description str
- Description of the search.
- data
Type String - The data type of the parameter. Supported values are:
NUMBERSTRINGANYKEYWORD
- name String
- Name of the search.
- value String
- Default value of scheduled search parameter.
- description String
- Description of the search.
LogSearchSchedule, LogSearchScheduleArgs
- Notification
Pulumi.
Sumo Logic. Inputs. Log Search Schedule Notification - Notification of the log search. See notification schema
- Parseable
Time Pulumi.Range Sumo Logic. Inputs. Log Search Schedule Parseable Time Range - Time range of the scheduled log search. See time range schema
- Schedule
Type string Run schedule of the scheduled search. Set to "Custom" to specify the schedule with a CRON expression. Possible schedule types are:
RealTime,15Minutes,1Hour,2Hours,4Hours,6Hours,8Hours,12Hours,1Day,1Week,Custom.With
Custom,1Dayand1Weekschedule types you need to provide the corresponding cron expression to determine when to actually run the search. E.g. valid cron for1Dayis0 0 16 ? * 2-6 *.- Time
Zone string - Time zone for the scheduled log search. Either an abbreviation such as "PST", a full name such as "America/Los_Angeles", or a custom ID such as "GMT-8:00". Note that the support of abbreviations is for JDK 1.1.x compatibility only and full names should be used.
- Cron
Expression string - Cron-like expression specifying the search's schedule.
schedule_typemust be set to "Custom", otherwise,schedule_typetakes precedence overcron_expression. - Mute
Error boolEmails - If enabled, emails are not sent out in case of errors with the search.
- Parameters
List<Pulumi.
Sumo Logic. Inputs. Log Search Schedule Parameter> - Threshold
Pulumi.
Sumo Logic. Inputs. Log Search Schedule Threshold - Threshold for when to send notification. See threshold schema
- Notification
Log
Search Schedule Notification - Notification of the log search. See notification schema
- Parseable
Time LogRange Search Schedule Parseable Time Range - Time range of the scheduled log search. See time range schema
- Schedule
Type string Run schedule of the scheduled search. Set to "Custom" to specify the schedule with a CRON expression. Possible schedule types are:
RealTime,15Minutes,1Hour,2Hours,4Hours,6Hours,8Hours,12Hours,1Day,1Week,Custom.With
Custom,1Dayand1Weekschedule types you need to provide the corresponding cron expression to determine when to actually run the search. E.g. valid cron for1Dayis0 0 16 ? * 2-6 *.- Time
Zone string - Time zone for the scheduled log search. Either an abbreviation such as "PST", a full name such as "America/Los_Angeles", or a custom ID such as "GMT-8:00". Note that the support of abbreviations is for JDK 1.1.x compatibility only and full names should be used.
- Cron
Expression string - Cron-like expression specifying the search's schedule.
schedule_typemust be set to "Custom", otherwise,schedule_typetakes precedence overcron_expression. - Mute
Error boolEmails - If enabled, emails are not sent out in case of errors with the search.
- Parameters
[]Log
Search Schedule Parameter - Threshold
Log
Search Schedule Threshold - Threshold for when to send notification. See threshold schema
- notification
Log
Search Schedule Notification - Notification of the log search. See notification schema
- parseable
Time LogRange Search Schedule Parseable Time Range - Time range of the scheduled log search. See time range schema
- schedule
Type String Run schedule of the scheduled search. Set to "Custom" to specify the schedule with a CRON expression. Possible schedule types are:
RealTime,15Minutes,1Hour,2Hours,4Hours,6Hours,8Hours,12Hours,1Day,1Week,Custom.With
Custom,1Dayand1Weekschedule types you need to provide the corresponding cron expression to determine when to actually run the search. E.g. valid cron for1Dayis0 0 16 ? * 2-6 *.- time
Zone String - Time zone for the scheduled log search. Either an abbreviation such as "PST", a full name such as "America/Los_Angeles", or a custom ID such as "GMT-8:00". Note that the support of abbreviations is for JDK 1.1.x compatibility only and full names should be used.
- cron
Expression String - Cron-like expression specifying the search's schedule.
schedule_typemust be set to "Custom", otherwise,schedule_typetakes precedence overcron_expression. - mute
Error BooleanEmails - If enabled, emails are not sent out in case of errors with the search.
- parameters
List<Log
Search Schedule Parameter> - threshold
Log
Search Schedule Threshold - Threshold for when to send notification. See threshold schema
- notification
Log
Search Schedule Notification - Notification of the log search. See notification schema
- parseable
Time LogRange Search Schedule Parseable Time Range - Time range of the scheduled log search. See time range schema
- schedule
Type string Run schedule of the scheduled search. Set to "Custom" to specify the schedule with a CRON expression. Possible schedule types are:
RealTime,15Minutes,1Hour,2Hours,4Hours,6Hours,8Hours,12Hours,1Day,1Week,Custom.With
Custom,1Dayand1Weekschedule types you need to provide the corresponding cron expression to determine when to actually run the search. E.g. valid cron for1Dayis0 0 16 ? * 2-6 *.- time
Zone string - Time zone for the scheduled log search. Either an abbreviation such as "PST", a full name such as "America/Los_Angeles", or a custom ID such as "GMT-8:00". Note that the support of abbreviations is for JDK 1.1.x compatibility only and full names should be used.
- cron
Expression string - Cron-like expression specifying the search's schedule.
schedule_typemust be set to "Custom", otherwise,schedule_typetakes precedence overcron_expression. - mute
Error booleanEmails - If enabled, emails are not sent out in case of errors with the search.
- parameters
Log
Search Schedule Parameter[] - threshold
Log
Search Schedule Threshold - Threshold for when to send notification. See threshold schema
- notification
Log
Search Schedule Notification - Notification of the log search. See notification schema
- parseable_
time_ Logrange Search Schedule Parseable Time Range - Time range of the scheduled log search. See time range schema
- schedule_
type str Run schedule of the scheduled search. Set to "Custom" to specify the schedule with a CRON expression. Possible schedule types are:
RealTime,15Minutes,1Hour,2Hours,4Hours,6Hours,8Hours,12Hours,1Day,1Week,Custom.With
Custom,1Dayand1Weekschedule types you need to provide the corresponding cron expression to determine when to actually run the search. E.g. valid cron for1Dayis0 0 16 ? * 2-6 *.- time_
zone str - Time zone for the scheduled log search. Either an abbreviation such as "PST", a full name such as "America/Los_Angeles", or a custom ID such as "GMT-8:00". Note that the support of abbreviations is for JDK 1.1.x compatibility only and full names should be used.
- cron_
expression str - Cron-like expression specifying the search's schedule.
schedule_typemust be set to "Custom", otherwise,schedule_typetakes precedence overcron_expression. - mute_
error_ boolemails - If enabled, emails are not sent out in case of errors with the search.
- parameters
Sequence[Log
Search Schedule Parameter] - threshold
Log
Search Schedule Threshold - Threshold for when to send notification. See threshold schema
- notification Property Map
- Notification of the log search. See notification schema
- parseable
Time Property MapRange - Time range of the scheduled log search. See time range schema
- schedule
Type String Run schedule of the scheduled search. Set to "Custom" to specify the schedule with a CRON expression. Possible schedule types are:
RealTime,15Minutes,1Hour,2Hours,4Hours,6Hours,8Hours,12Hours,1Day,1Week,Custom.With
Custom,1Dayand1Weekschedule types you need to provide the corresponding cron expression to determine when to actually run the search. E.g. valid cron for1Dayis0 0 16 ? * 2-6 *.- time
Zone String - Time zone for the scheduled log search. Either an abbreviation such as "PST", a full name such as "America/Los_Angeles", or a custom ID such as "GMT-8:00". Note that the support of abbreviations is for JDK 1.1.x compatibility only and full names should be used.
- cron
Expression String - Cron-like expression specifying the search's schedule.
schedule_typemust be set to "Custom", otherwise,schedule_typetakes precedence overcron_expression. - mute
Error BooleanEmails - If enabled, emails are not sent out in case of errors with the search.
- parameters List<Property Map>
- threshold Property Map
- Threshold for when to send notification. See threshold schema
LogSearchScheduleNotification, LogSearchScheduleNotificationArgs
- Alert
Search Pulumi.Notification Sumo Logic. Inputs. Log Search Schedule Notification Alert Search Notification - Run an script action. See alert_search_notification schema for details.
- Cse
Signal Pulumi.Notification Sumo Logic. Inputs. Log Search Schedule Notification Cse Signal Notification - Create a CSE signal with a scheduled search. See cse_signal_notification schema schema for details.
- Email
Search Pulumi.Notification Sumo Logic. Inputs. Log Search Schedule Notification Email Search Notification - Send an alert via email. See email_search_notification schema schema for details.
- Save
To Pulumi.Lookup Notification Sumo Logic. Inputs. Log Search Schedule Notification Save To Lookup Notification - Save results to a Lookup Table. See save_to_lookup_notification schema schema for details.
- Save
To Pulumi.View Notification Sumo Logic. Inputs. Log Search Schedule Notification Save To View Notification - Save results to an index. See save_to_view_notification schema schema for details.
- Service
Now Pulumi.Search Notification Sumo Logic. Inputs. Log Search Schedule Notification Service Now Search Notification - Send results to Service Now. See service_now_search_notification schema schema for details.
- Webhook
Search Pulumi.Notification Sumo Logic. Inputs. Log Search Schedule Notification Webhook Search Notification - Send an alert via Webhook. See webhook_search_notification schema schema for details.
- Alert
Search LogNotification Search Schedule Notification Alert Search Notification - Run an script action. See alert_search_notification schema for details.
- Cse
Signal LogNotification Search Schedule Notification Cse Signal Notification - Create a CSE signal with a scheduled search. See cse_signal_notification schema schema for details.
- Email
Search LogNotification Search Schedule Notification Email Search Notification - Send an alert via email. See email_search_notification schema schema for details.
- Save
To LogLookup Notification Search Schedule Notification Save To Lookup Notification - Save results to a Lookup Table. See save_to_lookup_notification schema schema for details.
- Save
To LogView Notification Search Schedule Notification Save To View Notification - Save results to an index. See save_to_view_notification schema schema for details.
- Service
Now LogSearch Notification Search Schedule Notification Service Now Search Notification - Send results to Service Now. See service_now_search_notification schema schema for details.
- Webhook
Search LogNotification Search Schedule Notification Webhook Search Notification - Send an alert via Webhook. See webhook_search_notification schema schema for details.
- alert
Search LogNotification Search Schedule Notification Alert Search Notification - Run an script action. See alert_search_notification schema for details.
- cse
Signal LogNotification Search Schedule Notification Cse Signal Notification - Create a CSE signal with a scheduled search. See cse_signal_notification schema schema for details.
- email
Search LogNotification Search Schedule Notification Email Search Notification - Send an alert via email. See email_search_notification schema schema for details.
- save
To LogLookup Notification Search Schedule Notification Save To Lookup Notification - Save results to a Lookup Table. See save_to_lookup_notification schema schema for details.
- save
To LogView Notification Search Schedule Notification Save To View Notification - Save results to an index. See save_to_view_notification schema schema for details.
- service
Now LogSearch Notification Search Schedule Notification Service Now Search Notification - Send results to Service Now. See service_now_search_notification schema schema for details.
- webhook
Search LogNotification Search Schedule Notification Webhook Search Notification - Send an alert via Webhook. See webhook_search_notification schema schema for details.
- alert
Search LogNotification Search Schedule Notification Alert Search Notification - Run an script action. See alert_search_notification schema for details.
- cse
Signal LogNotification Search Schedule Notification Cse Signal Notification - Create a CSE signal with a scheduled search. See cse_signal_notification schema schema for details.
- email
Search LogNotification Search Schedule Notification Email Search Notification - Send an alert via email. See email_search_notification schema schema for details.
- save
To LogLookup Notification Search Schedule Notification Save To Lookup Notification - Save results to a Lookup Table. See save_to_lookup_notification schema schema for details.
- save
To LogView Notification Search Schedule Notification Save To View Notification - Save results to an index. See save_to_view_notification schema schema for details.
- service
Now LogSearch Notification Search Schedule Notification Service Now Search Notification - Send results to Service Now. See service_now_search_notification schema schema for details.
- webhook
Search LogNotification Search Schedule Notification Webhook Search Notification - Send an alert via Webhook. See webhook_search_notification schema schema for details.
- alert_
search_ Lognotification Search Schedule Notification Alert Search Notification - Run an script action. See alert_search_notification schema for details.
- cse_
signal_ Lognotification Search Schedule Notification Cse Signal Notification - Create a CSE signal with a scheduled search. See cse_signal_notification schema schema for details.
- email_
search_ Lognotification Search Schedule Notification Email Search Notification - Send an alert via email. See email_search_notification schema schema for details.
- save_
to_ Loglookup_ notification Search Schedule Notification Save To Lookup Notification - Save results to a Lookup Table. See save_to_lookup_notification schema schema for details.
- save_
to_ Logview_ notification Search Schedule Notification Save To View Notification - Save results to an index. See save_to_view_notification schema schema for details.
- service_
now_ Logsearch_ notification Search Schedule Notification Service Now Search Notification - Send results to Service Now. See service_now_search_notification schema schema for details.
- webhook_
search_ Lognotification Search Schedule Notification Webhook Search Notification - Send an alert via Webhook. See webhook_search_notification schema schema for details.
- alert
Search Property MapNotification - Run an script action. See alert_search_notification schema for details.
- cse
Signal Property MapNotification - Create a CSE signal with a scheduled search. See cse_signal_notification schema schema for details.
- email
Search Property MapNotification - Send an alert via email. See email_search_notification schema schema for details.
- save
To Property MapLookup Notification - Save results to a Lookup Table. See save_to_lookup_notification schema schema for details.
- save
To Property MapView Notification - Save results to an index. See save_to_view_notification schema schema for details.
- service
Now Property MapSearch Notification - Send results to Service Now. See service_now_search_notification schema schema for details.
- webhook
Search Property MapNotification - Send an alert via Webhook. See webhook_search_notification schema schema for details.
LogSearchScheduleNotificationAlertSearchNotification, LogSearchScheduleNotificationAlertSearchNotificationArgs
- Source
Id string - Identifier of the collector's source.
- Source
Id string - Identifier of the collector's source.
- source
Id String - Identifier of the collector's source.
- source
Id string - Identifier of the collector's source.
- source_
id str - Identifier of the collector's source.
- source
Id String - Identifier of the collector's source.
LogSearchScheduleNotificationCseSignalNotification, LogSearchScheduleNotificationCseSignalNotificationArgs
- Record
Type string - Name of the Cloud SIEM Enterprise Record to be created.
- Record
Type string - Name of the Cloud SIEM Enterprise Record to be created.
- record
Type String - Name of the Cloud SIEM Enterprise Record to be created.
- record
Type string - Name of the Cloud SIEM Enterprise Record to be created.
- record_
type str - Name of the Cloud SIEM Enterprise Record to be created.
- record
Type String - Name of the Cloud SIEM Enterprise Record to be created.
LogSearchScheduleNotificationEmailSearchNotification, LogSearchScheduleNotificationEmailSearchNotificationArgs
- To
Lists List<string> - A list of email recipients.
- Include
Csv boolAttachment - If the search results should be included in the notification email as a CSV attachment.
- Include
Histogram bool - If the search result histogram should be included in the notification email.
- Include
Query bool - If the search query should be included in the notification email.
- Include
Result boolSet - If the search result set should be included in the notification email.
- Subject
Template string - Subject of the email. If the notification is scheduled with a threshold,
the default subject template will be
Search Alert: {{AlertCondition}} results found for {{SearchName}}. For email notifications without a threshold, the default subject template isSearch Results: {{SearchName}}.
- To
Lists []string - A list of email recipients.
- Include
Csv boolAttachment - If the search results should be included in the notification email as a CSV attachment.
- Include
Histogram bool - If the search result histogram should be included in the notification email.
- Include
Query bool - If the search query should be included in the notification email.
- Include
Result boolSet - If the search result set should be included in the notification email.
- Subject
Template string - Subject of the email. If the notification is scheduled with a threshold,
the default subject template will be
Search Alert: {{AlertCondition}} results found for {{SearchName}}. For email notifications without a threshold, the default subject template isSearch Results: {{SearchName}}.
- to
Lists List<String> - A list of email recipients.
- include
Csv BooleanAttachment - If the search results should be included in the notification email as a CSV attachment.
- include
Histogram Boolean - If the search result histogram should be included in the notification email.
- include
Query Boolean - If the search query should be included in the notification email.
- include
Result BooleanSet - If the search result set should be included in the notification email.
- subject
Template String - Subject of the email. If the notification is scheduled with a threshold,
the default subject template will be
Search Alert: {{AlertCondition}} results found for {{SearchName}}. For email notifications without a threshold, the default subject template isSearch Results: {{SearchName}}.
- to
Lists string[] - A list of email recipients.
- include
Csv booleanAttachment - If the search results should be included in the notification email as a CSV attachment.
- include
Histogram boolean - If the search result histogram should be included in the notification email.
- include
Query boolean - If the search query should be included in the notification email.
- include
Result booleanSet - If the search result set should be included in the notification email.
- subject
Template string - Subject of the email. If the notification is scheduled with a threshold,
the default subject template will be
Search Alert: {{AlertCondition}} results found for {{SearchName}}. For email notifications without a threshold, the default subject template isSearch Results: {{SearchName}}.
- to_
lists Sequence[str] - A list of email recipients.
- include_
csv_ boolattachment - If the search results should be included in the notification email as a CSV attachment.
- include_
histogram bool - If the search result histogram should be included in the notification email.
- include_
query bool - If the search query should be included in the notification email.
- include_
result_ boolset - If the search result set should be included in the notification email.
- subject_
template str - Subject of the email. If the notification is scheduled with a threshold,
the default subject template will be
Search Alert: {{AlertCondition}} results found for {{SearchName}}. For email notifications without a threshold, the default subject template isSearch Results: {{SearchName}}.
- to
Lists List<String> - A list of email recipients.
- include
Csv BooleanAttachment - If the search results should be included in the notification email as a CSV attachment.
- include
Histogram Boolean - If the search result histogram should be included in the notification email.
- include
Query Boolean - If the search query should be included in the notification email.
- include
Result BooleanSet - If the search result set should be included in the notification email.
- subject
Template String - Subject of the email. If the notification is scheduled with a threshold,
the default subject template will be
Search Alert: {{AlertCondition}} results found for {{SearchName}}. For email notifications without a threshold, the default subject template isSearch Results: {{SearchName}}.
LogSearchScheduleNotificationSaveToLookupNotification, LogSearchScheduleNotificationSaveToLookupNotificationArgs
- Is
Lookup boolMerge Operation - Whether to merge the file contents with existing data in the lookup table.
- Lookup
File stringPath - Path of the lookup table to save the results to.
- Is
Lookup boolMerge Operation - Whether to merge the file contents with existing data in the lookup table.
- Lookup
File stringPath - Path of the lookup table to save the results to.
- is
Lookup BooleanMerge Operation - Whether to merge the file contents with existing data in the lookup table.
- lookup
File StringPath - Path of the lookup table to save the results to.
- is
Lookup booleanMerge Operation - Whether to merge the file contents with existing data in the lookup table.
- lookup
File stringPath - Path of the lookup table to save the results to.
- is_
lookup_ boolmerge_ operation - Whether to merge the file contents with existing data in the lookup table.
- lookup_
file_ strpath - Path of the lookup table to save the results to.
- is
Lookup BooleanMerge Operation - Whether to merge the file contents with existing data in the lookup table.
- lookup
File StringPath - Path of the lookup table to save the results to.
LogSearchScheduleNotificationSaveToViewNotification, LogSearchScheduleNotificationSaveToViewNotificationArgs
- View
Name string - Name of the View(Index) to save the results to.
- View
Name string - Name of the View(Index) to save the results to.
- view
Name String - Name of the View(Index) to save the results to.
- view
Name string - Name of the View(Index) to save the results to.
- view_
name str - Name of the View(Index) to save the results to.
- view
Name String - Name of the View(Index) to save the results to.
LogSearchScheduleNotificationServiceNowSearchNotification, LogSearchScheduleNotificationServiceNowSearchNotificationArgs
- External
Id string - Service Now Identifier.
- Fields
Pulumi.
Sumo Logic. Inputs. Log Search Schedule Notification Service Now Search Notification Fields - Service Now fields.
- External
Id string - Service Now Identifier.
- Fields
Log
Search Schedule Notification Service Now Search Notification Fields - Service Now fields.
- external
Id String - Service Now Identifier.
- fields
Log
Search Schedule Notification Service Now Search Notification Fields - Service Now fields.
- external
Id string - Service Now Identifier.
- fields
Log
Search Schedule Notification Service Now Search Notification Fields - Service Now fields.
- external_
id str - Service Now Identifier.
- fields
Log
Search Schedule Notification Service Now Search Notification Fields - Service Now fields.
- external
Id String - Service Now Identifier.
- fields Property Map
- Service Now fields.
LogSearchScheduleNotificationServiceNowSearchNotificationFields, LogSearchScheduleNotificationServiceNowSearchNotificationFieldsArgs
- Event
Type string - The category that the event source uses to identify the event.
- Node string
- The physical or virtual device on which the event occurred.
- Resource string
- The component on the node to which the event applies.
- Severity int
- An integer value representing the severity of the alert. Supported values are:
- 0 for Clear
- 1 for Critical
- 2 for Major
- 3 for Minor
- 4 for Warning
- Event
Type string - The category that the event source uses to identify the event.
- Node string
- The physical or virtual device on which the event occurred.
- Resource string
- The component on the node to which the event applies.
- Severity int
- An integer value representing the severity of the alert. Supported values are:
- 0 for Clear
- 1 for Critical
- 2 for Major
- 3 for Minor
- 4 for Warning
- event
Type String - The category that the event source uses to identify the event.
- node String
- The physical or virtual device on which the event occurred.
- resource String
- The component on the node to which the event applies.
- severity Integer
- An integer value representing the severity of the alert. Supported values are:
- 0 for Clear
- 1 for Critical
- 2 for Major
- 3 for Minor
- 4 for Warning
- event
Type string - The category that the event source uses to identify the event.
- node string
- The physical or virtual device on which the event occurred.
- resource string
- The component on the node to which the event applies.
- severity number
- An integer value representing the severity of the alert. Supported values are:
- 0 for Clear
- 1 for Critical
- 2 for Major
- 3 for Minor
- 4 for Warning
- event_
type str - The category that the event source uses to identify the event.
- node str
- The physical or virtual device on which the event occurred.
- resource str
- The component on the node to which the event applies.
- severity int
- An integer value representing the severity of the alert. Supported values are:
- 0 for Clear
- 1 for Critical
- 2 for Major
- 3 for Minor
- 4 for Warning
- event
Type String - The category that the event source uses to identify the event.
- node String
- The physical or virtual device on which the event occurred.
- resource String
- The component on the node to which the event applies.
- severity Number
- An integer value representing the severity of the alert. Supported values are:
- 0 for Clear
- 1 for Critical
- 2 for Major
- 3 for Minor
- 4 for Warning
LogSearchScheduleNotificationWebhookSearchNotification, LogSearchScheduleNotificationWebhookSearchNotificationArgs
- Webhook
Id string - Identifier of the webhook connection.
- Itemize
Alerts bool - If set to true, one webhook per result will be sent when the trigger conditions are met.
- Max
Itemized intAlerts - The maximum number of results for which we send separate alerts.
- Payload string
- A JSON object in the format required by the target WebHook URL.
- Webhook
Id string - Identifier of the webhook connection.
- Itemize
Alerts bool - If set to true, one webhook per result will be sent when the trigger conditions are met.
- Max
Itemized intAlerts - The maximum number of results for which we send separate alerts.
- Payload string
- A JSON object in the format required by the target WebHook URL.
- webhook
Id String - Identifier of the webhook connection.
- itemize
Alerts Boolean - If set to true, one webhook per result will be sent when the trigger conditions are met.
- max
Itemized IntegerAlerts - The maximum number of results for which we send separate alerts.
- payload String
- A JSON object in the format required by the target WebHook URL.
- webhook
Id string - Identifier of the webhook connection.
- itemize
Alerts boolean - If set to true, one webhook per result will be sent when the trigger conditions are met.
- max
Itemized numberAlerts - The maximum number of results for which we send separate alerts.
- payload string
- A JSON object in the format required by the target WebHook URL.
- webhook_
id str - Identifier of the webhook connection.
- itemize_
alerts bool - If set to true, one webhook per result will be sent when the trigger conditions are met.
- max_
itemized_ intalerts - The maximum number of results for which we send separate alerts.
- payload str
- A JSON object in the format required by the target WebHook URL.
- webhook
Id String - Identifier of the webhook connection.
- itemize
Alerts Boolean - If set to true, one webhook per result will be sent when the trigger conditions are met.
- max
Itemized NumberAlerts - The maximum number of results for which we send separate alerts.
- payload String
- A JSON object in the format required by the target WebHook URL.
LogSearchScheduleParameter, LogSearchScheduleParameterArgs
LogSearchScheduleParseableTimeRange, LogSearchScheduleParseableTimeRangeArgs
- Begin
Bounded Pulumi.Time Range Sumo Logic. Inputs. Log Search Schedule Parseable Time Range Begin Bounded Time Range - Bounded time range. See begin_bounded_time_range schema schema for details.
- Complete
Literal Pulumi.Time Range Sumo Logic. Inputs. Log Search Schedule Parseable Time Range Complete Literal Time Range - Literal time range. See complete_literal_time_range schema for details.
- Begin
Bounded LogTime Range Search Schedule Parseable Time Range Begin Bounded Time Range - Bounded time range. See begin_bounded_time_range schema schema for details.
- Complete
Literal LogTime Range Search Schedule Parseable Time Range Complete Literal Time Range - Literal time range. See complete_literal_time_range schema for details.
- begin
Bounded LogTime Range Search Schedule Parseable Time Range Begin Bounded Time Range - Bounded time range. See begin_bounded_time_range schema schema for details.
- complete
Literal LogTime Range Search Schedule Parseable Time Range Complete Literal Time Range - Literal time range. See complete_literal_time_range schema for details.
- begin
Bounded LogTime Range Search Schedule Parseable Time Range Begin Bounded Time Range - Bounded time range. See begin_bounded_time_range schema schema for details.
- complete
Literal LogTime Range Search Schedule Parseable Time Range Complete Literal Time Range - Literal time range. See complete_literal_time_range schema for details.
- begin_
bounded_ Logtime_ range Search Schedule Parseable Time Range Begin Bounded Time Range - Bounded time range. See begin_bounded_time_range schema schema for details.
- complete_
literal_ Logtime_ range Search Schedule Parseable Time Range Complete Literal Time Range - Literal time range. See complete_literal_time_range schema for details.
- begin
Bounded Property MapTime Range - Bounded time range. See begin_bounded_time_range schema schema for details.
- complete
Literal Property MapTime Range - Literal time range. See complete_literal_time_range schema for details.
LogSearchScheduleParseableTimeRangeBeginBoundedTimeRange, LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeArgs
- From
Pulumi.
Sumo Logic. Inputs. Log Search Schedule Parseable Time Range Begin Bounded Time Range From - Start boundary of bounded time range. See time_range_boundary schema for details.
- To
Pulumi.
Sumo Logic. Inputs. Log Search Schedule Parseable Time Range Begin Bounded Time Range To - End boundary of bounded time range. See time_range_boundary schema for details.
- From
Log
Search Schedule Parseable Time Range Begin Bounded Time Range From - Start boundary of bounded time range. See time_range_boundary schema for details.
- To
Log
Search Schedule Parseable Time Range Begin Bounded Time Range To - End boundary of bounded time range. See time_range_boundary schema for details.
- from
Log
Search Schedule Parseable Time Range Begin Bounded Time Range From - Start boundary of bounded time range. See time_range_boundary schema for details.
- to
Log
Search Schedule Parseable Time Range Begin Bounded Time Range To - End boundary of bounded time range. See time_range_boundary schema for details.
- from
Log
Search Schedule Parseable Time Range Begin Bounded Time Range From - Start boundary of bounded time range. See time_range_boundary schema for details.
- to
Log
Search Schedule Parseable Time Range Begin Bounded Time Range To - End boundary of bounded time range. See time_range_boundary schema for details.
- from_
Log
Search Schedule Parseable Time Range Begin Bounded Time Range From - Start boundary of bounded time range. See time_range_boundary schema for details.
- to
Log
Search Schedule Parseable Time Range Begin Bounded Time Range To - End boundary of bounded time range. See time_range_boundary schema for details.
- from Property Map
- Start boundary of bounded time range. See time_range_boundary schema for details.
- to Property Map
- End boundary of bounded time range. See time_range_boundary schema for details.
LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFrom, LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromArgs
- Epoch
Time Pulumi.Range Sumo Logic. Inputs. Log Search Schedule Parseable Time Range Begin Bounded Time Range From Epoch Time Range - Time since the epoch.
- Iso8601Time
Range Pulumi.Sumo Logic. Inputs. Log Search Schedule Parseable Time Range Begin Bounded Time Range From Iso8601Time Range - Time in ISO 8601 format.
- Literal
Time Pulumi.Range Sumo Logic. Inputs. Log Search Schedule Parseable Time Range Begin Bounded Time Range From Literal Time Range - Time in literal format.
- Relative
Time Pulumi.Range Sumo Logic. Inputs. Log Search Schedule Parseable Time Range Begin Bounded Time Range From Relative Time Range - Time in relative format.
- Epoch
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range From Epoch Time Range - Time since the epoch.
- Iso8601Time
Range LogSearch Schedule Parseable Time Range Begin Bounded Time Range From Iso8601Time Range - Time in ISO 8601 format.
- Literal
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range From Literal Time Range - Time in literal format.
- Relative
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range From Relative Time Range - Time in relative format.
- epoch
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range From Epoch Time Range - Time since the epoch.
- iso8601Time
Range LogSearch Schedule Parseable Time Range Begin Bounded Time Range From Iso8601Time Range - Time in ISO 8601 format.
- literal
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range From Literal Time Range - Time in literal format.
- relative
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range From Relative Time Range - Time in relative format.
- epoch
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range From Epoch Time Range - Time since the epoch.
- iso8601Time
Range LogSearch Schedule Parseable Time Range Begin Bounded Time Range From Iso8601Time Range - Time in ISO 8601 format.
- literal
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range From Literal Time Range - Time in literal format.
- relative
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range From Relative Time Range - Time in relative format.
- epoch_
time_ Logrange Search Schedule Parseable Time Range Begin Bounded Time Range From Epoch Time Range - Time since the epoch.
- iso8601_
time_ Logrange Search Schedule Parseable Time Range Begin Bounded Time Range From Iso8601Time Range - Time in ISO 8601 format.
- literal_
time_ Logrange Search Schedule Parseable Time Range Begin Bounded Time Range From Literal Time Range - Time in literal format.
- relative_
time_ Logrange Search Schedule Parseable Time Range Begin Bounded Time Range From Relative Time Range - Time in relative format.
- epoch
Time Property MapRange - Time since the epoch.
- iso8601Time
Range Property Map - Time in ISO 8601 format.
- literal
Time Property MapRange - Time in literal format.
- relative
Time Property MapRange - Time in relative format.
LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromEpochTimeRange, LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromEpochTimeRangeArgs
- Epoch
Millis int - Time as a number of milliseconds since the epoch.
- Epoch
Millis int - Time as a number of milliseconds since the epoch.
- epoch
Millis Integer - Time as a number of milliseconds since the epoch.
- epoch
Millis number - Time as a number of milliseconds since the epoch.
- epoch_
millis int - Time as a number of milliseconds since the epoch.
- epoch
Millis Number - Time as a number of milliseconds since the epoch.
LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromIso8601TimeRange, LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromIso8601TimeRangeArgs
- Iso8601Time string
- Time as a string in ISO 8601 format.
- Iso8601Time string
- Time as a string in ISO 8601 format.
- iso8601Time String
- Time as a string in ISO 8601 format.
- iso8601Time string
- Time as a string in ISO 8601 format.
- iso8601_
time str - Time as a string in ISO 8601 format.
- iso8601Time String
- Time as a string in ISO 8601 format.
LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromLiteralTimeRange, LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromLiteralTimeRangeArgs
- Range
Name string
- Range
Name string
- range
Name String
- range
Name string
- range_
name str
- range
Name String
LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromRelativeTimeRange, LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs
- Relative
Time string Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- Relative
Time string Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative
Time String Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative
Time string Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative_
time str Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative
Time String Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeTo, LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToArgs
- Epoch
Time Pulumi.Range Sumo Logic. Inputs. Log Search Schedule Parseable Time Range Begin Bounded Time Range To Epoch Time Range - Time since the epoch.
- Iso8601Time
Range Pulumi.Sumo Logic. Inputs. Log Search Schedule Parseable Time Range Begin Bounded Time Range To Iso8601Time Range - Time in ISO 8601 format.
- Literal
Time Pulumi.Range Sumo Logic. Inputs. Log Search Schedule Parseable Time Range Begin Bounded Time Range To Literal Time Range - Time in literal format.
- Relative
Time Pulumi.Range Sumo Logic. Inputs. Log Search Schedule Parseable Time Range Begin Bounded Time Range To Relative Time Range - Time in relative format.
- Epoch
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range To Epoch Time Range - Time since the epoch.
- Iso8601Time
Range LogSearch Schedule Parseable Time Range Begin Bounded Time Range To Iso8601Time Range - Time in ISO 8601 format.
- Literal
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range To Literal Time Range - Time in literal format.
- Relative
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range To Relative Time Range - Time in relative format.
- epoch
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range To Epoch Time Range - Time since the epoch.
- iso8601Time
Range LogSearch Schedule Parseable Time Range Begin Bounded Time Range To Iso8601Time Range - Time in ISO 8601 format.
- literal
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range To Literal Time Range - Time in literal format.
- relative
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range To Relative Time Range - Time in relative format.
- epoch
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range To Epoch Time Range - Time since the epoch.
- iso8601Time
Range LogSearch Schedule Parseable Time Range Begin Bounded Time Range To Iso8601Time Range - Time in ISO 8601 format.
- literal
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range To Literal Time Range - Time in literal format.
- relative
Time LogRange Search Schedule Parseable Time Range Begin Bounded Time Range To Relative Time Range - Time in relative format.
- epoch_
time_ Logrange Search Schedule Parseable Time Range Begin Bounded Time Range To Epoch Time Range - Time since the epoch.
- iso8601_
time_ Logrange Search Schedule Parseable Time Range Begin Bounded Time Range To Iso8601Time Range - Time in ISO 8601 format.
- literal_
time_ Logrange Search Schedule Parseable Time Range Begin Bounded Time Range To Literal Time Range - Time in literal format.
- relative_
time_ Logrange Search Schedule Parseable Time Range Begin Bounded Time Range To Relative Time Range - Time in relative format.
- epoch
Time Property MapRange - Time since the epoch.
- iso8601Time
Range Property Map - Time in ISO 8601 format.
- literal
Time Property MapRange - Time in literal format.
- relative
Time Property MapRange - Time in relative format.
LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToEpochTimeRange, LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToEpochTimeRangeArgs
- Epoch
Millis int - Time as a number of milliseconds since the epoch.
- Epoch
Millis int - Time as a number of milliseconds since the epoch.
- epoch
Millis Integer - Time as a number of milliseconds since the epoch.
- epoch
Millis number - Time as a number of milliseconds since the epoch.
- epoch_
millis int - Time as a number of milliseconds since the epoch.
- epoch
Millis Number - Time as a number of milliseconds since the epoch.
LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToIso8601TimeRange, LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToIso8601TimeRangeArgs
- Iso8601Time string
- Time as a string in ISO 8601 format.
- Iso8601Time string
- Time as a string in ISO 8601 format.
- iso8601Time String
- Time as a string in ISO 8601 format.
- iso8601Time string
- Time as a string in ISO 8601 format.
- iso8601_
time str - Time as a string in ISO 8601 format.
- iso8601Time String
- Time as a string in ISO 8601 format.
LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToLiteralTimeRange, LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToLiteralTimeRangeArgs
- Range
Name string
- Range
Name string
- range
Name String
- range
Name string
- range_
name str
- range
Name String
LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToRelativeTimeRange, LogSearchScheduleParseableTimeRangeBeginBoundedTimeRangeToRelativeTimeRangeArgs
- Relative
Time string Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- Relative
Time string Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative
Time String Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative
Time string Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative_
time str Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative
Time String Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
LogSearchScheduleParseableTimeRangeCompleteLiteralTimeRange, LogSearchScheduleParseableTimeRangeCompleteLiteralTimeRangeArgs
- Range
Name string
- Range
Name string
- range
Name String
- range
Name string
- range_
name str
- range
Name String
LogSearchScheduleThreshold, LogSearchScheduleThresholdArgs
- Count int
- Expected result count.
- Operator string
- Criterion to be applied when comparing actual result count with expected count. Possible
values are:
eq,gt,ge,lt, andle. - Threshold
Type string - Threshold type for the scheduled log search. Possible values are:
messageandgroup. Usegroupas threshold type if the search query is of aggregate type. For non-aggregate queries, set it tomessage.
- Count int
- Expected result count.
- Operator string
- Criterion to be applied when comparing actual result count with expected count. Possible
values are:
eq,gt,ge,lt, andle. - Threshold
Type string - Threshold type for the scheduled log search. Possible values are:
messageandgroup. Usegroupas threshold type if the search query is of aggregate type. For non-aggregate queries, set it tomessage.
- count Integer
- Expected result count.
- operator String
- Criterion to be applied when comparing actual result count with expected count. Possible
values are:
eq,gt,ge,lt, andle. - threshold
Type String - Threshold type for the scheduled log search. Possible values are:
messageandgroup. Usegroupas threshold type if the search query is of aggregate type. For non-aggregate queries, set it tomessage.
- count number
- Expected result count.
- operator string
- Criterion to be applied when comparing actual result count with expected count. Possible
values are:
eq,gt,ge,lt, andle. - threshold
Type string - Threshold type for the scheduled log search. Possible values are:
messageandgroup. Usegroupas threshold type if the search query is of aggregate type. For non-aggregate queries, set it tomessage.
- count int
- Expected result count.
- operator str
- Criterion to be applied when comparing actual result count with expected count. Possible
values are:
eq,gt,ge,lt, andle. - threshold_
type str - Threshold type for the scheduled log search. Possible values are:
messageandgroup. Usegroupas threshold type if the search query is of aggregate type. For non-aggregate queries, set it tomessage.
- count Number
- Expected result count.
- operator String
- Criterion to be applied when comparing actual result count with expected count. Possible
values are:
eq,gt,ge,lt, andle. - threshold
Type String - Threshold type for the scheduled log search. Possible values are:
messageandgroup. Usegroupas threshold type if the search query is of aggregate type. For non-aggregate queries, set it tomessage.
LogSearchTimeRange, LogSearchTimeRangeArgs
- Begin
Bounded Pulumi.Time Range Sumo Logic. Inputs. Log Search Time Range Begin Bounded Time Range - Bounded time range. See begin_bounded_time_range schema schema for details.
- Complete
Literal Pulumi.Time Range Sumo Logic. Inputs. Log Search Time Range Complete Literal Time Range - Literal time range. See complete_literal_time_range schema for details.
- Begin
Bounded LogTime Range Search Time Range Begin Bounded Time Range - Bounded time range. See begin_bounded_time_range schema schema for details.
- Complete
Literal LogTime Range Search Time Range Complete Literal Time Range - Literal time range. See complete_literal_time_range schema for details.
- begin
Bounded LogTime Range Search Time Range Begin Bounded Time Range - Bounded time range. See begin_bounded_time_range schema schema for details.
- complete
Literal LogTime Range Search Time Range Complete Literal Time Range - Literal time range. See complete_literal_time_range schema for details.
- begin
Bounded LogTime Range Search Time Range Begin Bounded Time Range - Bounded time range. See begin_bounded_time_range schema schema for details.
- complete
Literal LogTime Range Search Time Range Complete Literal Time Range - Literal time range. See complete_literal_time_range schema for details.
- begin_
bounded_ Logtime_ range Search Time Range Begin Bounded Time Range - Bounded time range. See begin_bounded_time_range schema schema for details.
- complete_
literal_ Logtime_ range Search Time Range Complete Literal Time Range - Literal time range. See complete_literal_time_range schema for details.
- begin
Bounded Property MapTime Range - Bounded time range. See begin_bounded_time_range schema schema for details.
- complete
Literal Property MapTime Range - Literal time range. See complete_literal_time_range schema for details.
LogSearchTimeRangeBeginBoundedTimeRange, LogSearchTimeRangeBeginBoundedTimeRangeArgs
- From
Pulumi.
Sumo Logic. Inputs. Log Search Time Range Begin Bounded Time Range From - Start boundary of bounded time range. See time_range_boundary schema for details.
- To
Pulumi.
Sumo Logic. Inputs. Log Search Time Range Begin Bounded Time Range To - End boundary of bounded time range. See time_range_boundary schema for details.
- From
Log
Search Time Range Begin Bounded Time Range From - Start boundary of bounded time range. See time_range_boundary schema for details.
- To
Log
Search Time Range Begin Bounded Time Range To - End boundary of bounded time range. See time_range_boundary schema for details.
- from
Log
Search Time Range Begin Bounded Time Range From - Start boundary of bounded time range. See time_range_boundary schema for details.
- to
Log
Search Time Range Begin Bounded Time Range To - End boundary of bounded time range. See time_range_boundary schema for details.
- from
Log
Search Time Range Begin Bounded Time Range From - Start boundary of bounded time range. See time_range_boundary schema for details.
- to
Log
Search Time Range Begin Bounded Time Range To - End boundary of bounded time range. See time_range_boundary schema for details.
- from_
Log
Search Time Range Begin Bounded Time Range From - Start boundary of bounded time range. See time_range_boundary schema for details.
- to
Log
Search Time Range Begin Bounded Time Range To - End boundary of bounded time range. See time_range_boundary schema for details.
- from Property Map
- Start boundary of bounded time range. See time_range_boundary schema for details.
- to Property Map
- End boundary of bounded time range. See time_range_boundary schema for details.
LogSearchTimeRangeBeginBoundedTimeRangeFrom, LogSearchTimeRangeBeginBoundedTimeRangeFromArgs
- Epoch
Time Pulumi.Range Sumo Logic. Inputs. Log Search Time Range Begin Bounded Time Range From Epoch Time Range - Time since the epoch.
- Iso8601Time
Range Pulumi.Sumo Logic. Inputs. Log Search Time Range Begin Bounded Time Range From Iso8601Time Range - Time in ISO 8601 format.
- Literal
Time Pulumi.Range Sumo Logic. Inputs. Log Search Time Range Begin Bounded Time Range From Literal Time Range - Time in literal format.
- Relative
Time Pulumi.Range Sumo Logic. Inputs. Log Search Time Range Begin Bounded Time Range From Relative Time Range - Time in relative format.
- Epoch
Time LogRange Search Time Range Begin Bounded Time Range From Epoch Time Range - Time since the epoch.
- Iso8601Time
Range LogSearch Time Range Begin Bounded Time Range From Iso8601Time Range - Time in ISO 8601 format.
- Literal
Time LogRange Search Time Range Begin Bounded Time Range From Literal Time Range - Time in literal format.
- Relative
Time LogRange Search Time Range Begin Bounded Time Range From Relative Time Range - Time in relative format.
- epoch
Time LogRange Search Time Range Begin Bounded Time Range From Epoch Time Range - Time since the epoch.
- iso8601Time
Range LogSearch Time Range Begin Bounded Time Range From Iso8601Time Range - Time in ISO 8601 format.
- literal
Time LogRange Search Time Range Begin Bounded Time Range From Literal Time Range - Time in literal format.
- relative
Time LogRange Search Time Range Begin Bounded Time Range From Relative Time Range - Time in relative format.
- epoch
Time LogRange Search Time Range Begin Bounded Time Range From Epoch Time Range - Time since the epoch.
- iso8601Time
Range LogSearch Time Range Begin Bounded Time Range From Iso8601Time Range - Time in ISO 8601 format.
- literal
Time LogRange Search Time Range Begin Bounded Time Range From Literal Time Range - Time in literal format.
- relative
Time LogRange Search Time Range Begin Bounded Time Range From Relative Time Range - Time in relative format.
- epoch_
time_ Logrange Search Time Range Begin Bounded Time Range From Epoch Time Range - Time since the epoch.
- iso8601_
time_ Logrange Search Time Range Begin Bounded Time Range From Iso8601Time Range - Time in ISO 8601 format.
- literal_
time_ Logrange Search Time Range Begin Bounded Time Range From Literal Time Range - Time in literal format.
- relative_
time_ Logrange Search Time Range Begin Bounded Time Range From Relative Time Range - Time in relative format.
- epoch
Time Property MapRange - Time since the epoch.
- iso8601Time
Range Property Map - Time in ISO 8601 format.
- literal
Time Property MapRange - Time in literal format.
- relative
Time Property MapRange - Time in relative format.
LogSearchTimeRangeBeginBoundedTimeRangeFromEpochTimeRange, LogSearchTimeRangeBeginBoundedTimeRangeFromEpochTimeRangeArgs
- Epoch
Millis int - Time as a number of milliseconds since the epoch.
- Epoch
Millis int - Time as a number of milliseconds since the epoch.
- epoch
Millis Integer - Time as a number of milliseconds since the epoch.
- epoch
Millis number - Time as a number of milliseconds since the epoch.
- epoch_
millis int - Time as a number of milliseconds since the epoch.
- epoch
Millis Number - Time as a number of milliseconds since the epoch.
LogSearchTimeRangeBeginBoundedTimeRangeFromIso8601TimeRange, LogSearchTimeRangeBeginBoundedTimeRangeFromIso8601TimeRangeArgs
- Iso8601Time string
- Time as a string in ISO 8601 format.
- Iso8601Time string
- Time as a string in ISO 8601 format.
- iso8601Time String
- Time as a string in ISO 8601 format.
- iso8601Time string
- Time as a string in ISO 8601 format.
- iso8601_
time str - Time as a string in ISO 8601 format.
- iso8601Time String
- Time as a string in ISO 8601 format.
LogSearchTimeRangeBeginBoundedTimeRangeFromLiteralTimeRange, LogSearchTimeRangeBeginBoundedTimeRangeFromLiteralTimeRangeArgs
- Range
Name string
- Range
Name string
- range
Name String
- range
Name string
- range_
name str
- range
Name String
LogSearchTimeRangeBeginBoundedTimeRangeFromRelativeTimeRange, LogSearchTimeRangeBeginBoundedTimeRangeFromRelativeTimeRangeArgs
- Relative
Time string Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- Relative
Time string Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative
Time String Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative
Time string Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative_
time str Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative
Time String Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
LogSearchTimeRangeBeginBoundedTimeRangeTo, LogSearchTimeRangeBeginBoundedTimeRangeToArgs
- Epoch
Time Pulumi.Range Sumo Logic. Inputs. Log Search Time Range Begin Bounded Time Range To Epoch Time Range - Time since the epoch.
- Iso8601Time
Range Pulumi.Sumo Logic. Inputs. Log Search Time Range Begin Bounded Time Range To Iso8601Time Range - Time in ISO 8601 format.
- Literal
Time Pulumi.Range Sumo Logic. Inputs. Log Search Time Range Begin Bounded Time Range To Literal Time Range - Time in literal format.
- Relative
Time Pulumi.Range Sumo Logic. Inputs. Log Search Time Range Begin Bounded Time Range To Relative Time Range - Time in relative format.
- Epoch
Time LogRange Search Time Range Begin Bounded Time Range To Epoch Time Range - Time since the epoch.
- Iso8601Time
Range LogSearch Time Range Begin Bounded Time Range To Iso8601Time Range - Time in ISO 8601 format.
- Literal
Time LogRange Search Time Range Begin Bounded Time Range To Literal Time Range - Time in literal format.
- Relative
Time LogRange Search Time Range Begin Bounded Time Range To Relative Time Range - Time in relative format.
- epoch
Time LogRange Search Time Range Begin Bounded Time Range To Epoch Time Range - Time since the epoch.
- iso8601Time
Range LogSearch Time Range Begin Bounded Time Range To Iso8601Time Range - Time in ISO 8601 format.
- literal
Time LogRange Search Time Range Begin Bounded Time Range To Literal Time Range - Time in literal format.
- relative
Time LogRange Search Time Range Begin Bounded Time Range To Relative Time Range - Time in relative format.
- epoch
Time LogRange Search Time Range Begin Bounded Time Range To Epoch Time Range - Time since the epoch.
- iso8601Time
Range LogSearch Time Range Begin Bounded Time Range To Iso8601Time Range - Time in ISO 8601 format.
- literal
Time LogRange Search Time Range Begin Bounded Time Range To Literal Time Range - Time in literal format.
- relative
Time LogRange Search Time Range Begin Bounded Time Range To Relative Time Range - Time in relative format.
- epoch_
time_ Logrange Search Time Range Begin Bounded Time Range To Epoch Time Range - Time since the epoch.
- iso8601_
time_ Logrange Search Time Range Begin Bounded Time Range To Iso8601Time Range - Time in ISO 8601 format.
- literal_
time_ Logrange Search Time Range Begin Bounded Time Range To Literal Time Range - Time in literal format.
- relative_
time_ Logrange Search Time Range Begin Bounded Time Range To Relative Time Range - Time in relative format.
- epoch
Time Property MapRange - Time since the epoch.
- iso8601Time
Range Property Map - Time in ISO 8601 format.
- literal
Time Property MapRange - Time in literal format.
- relative
Time Property MapRange - Time in relative format.
LogSearchTimeRangeBeginBoundedTimeRangeToEpochTimeRange, LogSearchTimeRangeBeginBoundedTimeRangeToEpochTimeRangeArgs
- Epoch
Millis int - Time as a number of milliseconds since the epoch.
- Epoch
Millis int - Time as a number of milliseconds since the epoch.
- epoch
Millis Integer - Time as a number of milliseconds since the epoch.
- epoch
Millis number - Time as a number of milliseconds since the epoch.
- epoch_
millis int - Time as a number of milliseconds since the epoch.
- epoch
Millis Number - Time as a number of milliseconds since the epoch.
LogSearchTimeRangeBeginBoundedTimeRangeToIso8601TimeRange, LogSearchTimeRangeBeginBoundedTimeRangeToIso8601TimeRangeArgs
- Iso8601Time string
- Time as a string in ISO 8601 format.
- Iso8601Time string
- Time as a string in ISO 8601 format.
- iso8601Time String
- Time as a string in ISO 8601 format.
- iso8601Time string
- Time as a string in ISO 8601 format.
- iso8601_
time str - Time as a string in ISO 8601 format.
- iso8601Time String
- Time as a string in ISO 8601 format.
LogSearchTimeRangeBeginBoundedTimeRangeToLiteralTimeRange, LogSearchTimeRangeBeginBoundedTimeRangeToLiteralTimeRangeArgs
- Range
Name string
- Range
Name string
- range
Name String
- range
Name string
- range_
name str
- range
Name String
LogSearchTimeRangeBeginBoundedTimeRangeToRelativeTimeRange, LogSearchTimeRangeBeginBoundedTimeRangeToRelativeTimeRangeArgs
- Relative
Time string Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- Relative
Time string Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative
Time String Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative
Time string Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative_
time str Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
- relative
Time String Relative time as a string consisting of following elements:
-(optional): minus sign indicates time in the past,<number>: number of time units,<time_unit>: time unit; possible values are:w(week),d(day),h(hour),m(minute),s(second).
Multiple pairs of
<number><time_unit>may be provided, and they may be in any order. For example,-2w5d3hpoints to the moment in time 2 weeks, 5 days and 3 hours ago.
LogSearchTimeRangeCompleteLiteralTimeRange, LogSearchTimeRangeCompleteLiteralTimeRangeArgs
- Range
Name string
- Range
Name string
- range
Name String
- range
Name string
- range_
name str
- range
Name String
Import
A log search can be imported using it’s identifier, e.g.:
hcl
$ pulumi import sumologic:index/logSearch:LogSearch example_search 0000000007FFD79D
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Sumo Logic pulumi/pulumi-sumologic
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
sumologicTerraform Provider.