Class: Aws::CloudWatchLogs::Types::ParseToOCSF
- Inherits:
-
Struct
- Object
- Struct
- Aws::CloudWatchLogs::Types::ParseToOCSF
- Includes:
- Structure
- Defined in:
- lib/aws-sdk-cloudwatchlogs/types.rb
Overview
This processor converts logs into [Open Cybersecurity Schema Framework (OCSF)] events.
For more information about this processor including examples, see [ parseToOSCF] in the *CloudWatch Logs User Guide*.
[1]: ocsf.io [2]: docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parseToOCSF
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#event_source ⇒ String
Specify the service or process that produces the log events that will be converted with this processor.
-
#ocsf_version ⇒ String
Specify which version of the OCSF schema to use for the transformed log events.
-
#source ⇒ String
The path to the field in the log event that you want to parse.
Instance Attribute Details
#event_source ⇒ String
Specify the service or process that produces the log events that will be converted with this processor.
5566 5567 5568 5569 5570 5571 5572 |
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 5566 class ParseToOCSF < Struct.new( :source, :event_source, :ocsf_version) SENSITIVE = [] include Aws::Structure end |
#ocsf_version ⇒ String
Specify which version of the OCSF schema to use for the transformed log events.
5566 5567 5568 5569 5570 5571 5572 |
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 5566 class ParseToOCSF < Struct.new( :source, :event_source, :ocsf_version) SENSITIVE = [] include Aws::Structure end |
#source ⇒ String
The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed.
5566 5567 5568 5569 5570 5571 5572 |
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 5566 class ParseToOCSF < Struct.new( :source, :event_source, :ocsf_version) SENSITIVE = [] include Aws::Structure end |