Docs Home
coralogix 2.0.17 published on Tuesday, Apr 22, 2025 by coralogix
coralogix.RulesGroup
Explore with Pulumi AI
coralogix 2.0.17 published on Tuesday, Apr 22, 2025 by coralogix
Rule-group is list of rule-subgroups with ‘and’ (&&) operation between. For more info please review - https://coralogix.com/docs/log-parsing-rules/ .
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as coralogix from "@pulumi/coralogix";
const rulesGroupExample = new coralogix.RulesGroup("rulesGroupExample", {
applications: ["nginx"],
description: "rule_group creates by coralogix terraform provider",
order: 1,
ruleSubgroups: [
{
rules: [
{
extract: {
description: "Look for default severity text",
name: "Severity Rule",
regularExpression: "message\\s*:s*(?P<bytes>\\d+)\\s*.*?status\\sis\\s(?P<status>\\[^\"]+)",
sourceField: "text",
},
},
{
jsonExtract: {
description: "Extracts value from 'worker' and populates 'Category'",
destinationField: "Text",
destinationFieldText: "text.free_text",
jsonKey: "worker",
name: "Worker to category",
},
},
{
replace: {
description: "Deletes data before Json",
destinationField: "text",
name: "Delete prefix",
regularExpression: ".*{",
replacementString: "{",
sourceField: "text",
},
},
{
block: {
description: "Block 2800 pg error",
name: "Block 28000",
regularExpression: "sql_error_code\\s*=\\s*28000",
sourceField: "text",
},
},
],
},
{
rules: [
{
parse: {
description: "Parse the fields of the HTTP request",
destinationField: "text",
name: "HttpRequestParser1",
regularExpression: "(?P<remote_addr>\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3})\\s*-\\s*(?P<user>[^ ]+)\\s*\\[(?P<timestemp>\\d{4}-\\d{2}\\-\\d{2}T\\d{2}\\:\\d{2}\\:\\d{2}\\.\\d{1,6}Z)\\]\\s*\\\\\\\"(?P<method>[A-z]+)\\s[\\/\\\\]+(?P<request>[^\\s]+)\\s*(?P<protocol>[A-z0-9\\/\\.]+)\\\\\\\"\\s*(?P<status>\\d+)\\s*(?P<body_bytes_sent>\\d+)?\\s*?\\\\\\\"(?P<http_referer>[^\"]+)\\\"\\s*\\\\\\\"(?P<http_user_agent>[^\"]+)\\\"\\s(?P<request_time>\\d{1,6})\\s*(?P<response_time>\\d{1,6})",
sourceField: "text",
},
},
{
parse: {
description: "Parse the fields of the HTTP request - will be applied after HttpRequestParser1",
destinationField: "text",
name: "HttpRequestParser2",
regularExpression: "(?P<remote_addr>\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3})\\s*-\\s*(?P<user>[^ ]+)\\s*\\[(?P<timestemp>\\d{4}-\\d{2}\\-\\d{2}T\\d{2}\\:\\d{2}\\:\\d{2}\\.\\d{1,6}Z)\\]\\s*\\\\\\\"(?P<method>[A-z]+)\\s[\\/\\\\]+(?P<request>[^\\s]+)\\s*(?P<protocol>[A-z0-9\\/\\.]+)\\\\\\\"\\s*(?P<status>\\d+)\\s*(?P<body_bytes_sent>\\d+)?\\s*?\\\\\\\"(?P<http_referer>[^\"]+)\\\"\\s*\\\\\\\"(?P<http_user_agent>[^\"]+)\\\"\\s(?P<request_time>\\d{1,6})\\s*(?P<response_time>\\d{1,6})",
sourceField: "text",
},
},
{
jsonStringify: {
destinationField: "text",
keepSourceField: false,
name: "json_stringify rule",
sourceField: "text",
},
},
],
},
],
severities: ["Warning"],
subsystems: ["subsystem-name"],
});
//change here for existing subsystems from your account
const extractTimestampExample = new coralogix.RulesGroup("extractTimestampExample", {
applications: ["nginx"],
description: "rule_group created by coralogix terraform provider",
order: 4,
ruleSubgroups: [{
rules: [{
extractTimestamp: {
description: "rule created by coralogix terraform provider",
fieldFormatStandard: "Strftime",
name: "example extract-timestamp rule from terraform",
sourceField: "text",
timeFormat: "%Y-%m-%dT%H:%M:%S.%f%z",
},
}],
}],
severities: ["Warning"],
subsystems: ["subsystem-name"],
});
//change here for existing subsystems from your account
const removeFieldsExample = new coralogix.RulesGroup("removeFieldsExample", {
applications: ["nginx"],
description: "rule_group created by coralogix terraform provider",
order: 3,
ruleSubgroups: [{
rules: [{
removeFields: {
description: "rule created by coralogix terraform provider",
excludedFields: [
"coralogix.metadata.applicationName",
"coralogix.metadata.className",
],
name: "Example remove-fields rule from terraform",
},
}],
}],
severities: ["Warning"],
subsystems: ["subsystem-name"],
});
//change here for existing subsystems from your account
const parseJsonFieldExample = new coralogix.RulesGroup("parseJsonFieldExample", {
applications: ["nginx"],
description: "rule_group created by coralogix terraform provider",
order: 2,
ruleSubgroups: [{
rules: [{
parseJsonField: {
description: "rule created by coralogix terraform provider",
destinationField: "text",
keepDestinationField: true,
keepSourceField: true,
name: "Example parse-json-field rule from terraform",
sourceField: "text",
},
}],
}],
severities: ["Warning"],
subsystems: ["subsystem-name"],
});
//change here for existing subsystems from your account
import pulumi
import pulumi_coralogix as coralogix
rules_group_example = coralogix.RulesGroup("rulesGroupExample",
applications=["nginx"],
description="rule_group creates by coralogix terraform provider",
order=1,
rule_subgroups=[
{
"rules": [
{
"extract": {
"description": "Look for default severity text",
"name": "Severity Rule",
"regular_expression": "message\\s*:s*(?P<bytes>\\d+)\\s*.*?status\\sis\\s(?P<status>\\[^\"]+)",
"source_field": "text",
},
},
{
"json_extract": {
"description": "Extracts value from 'worker' and populates 'Category'",
"destination_field": "Text",
"destination_field_text": "text.free_text",
"json_key": "worker",
"name": "Worker to category",
},
},
{
"replace": {
"description": "Deletes data before Json",
"destination_field": "text",
"name": "Delete prefix",
"regular_expression": ".*{",
"replacement_string": "{",
"source_field": "text",
},
},
{
"block": {
"description": "Block 2800 pg error",
"name": "Block 28000",
"regular_expression": "sql_error_code\\s*=\\s*28000",
"source_field": "text",
},
},
],
},
{
"rules": [
{
"parse": {
"description": "Parse the fields of the HTTP request",
"destination_field": "text",
"name": "HttpRequestParser1",
"regular_expression": "(?P<remote_addr>\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3})\\s*-\\s*(?P<user>[^ ]+)\\s*\\[(?P<timestemp>\\d{4}-\\d{2}\\-\\d{2}T\\d{2}\\:\\d{2}\\:\\d{2}\\.\\d{1,6}Z)\\]\\s*\\\\\\\"(?P<method>[A-z]+)\\s[\\/\\\\]+(?P<request>[^\\s]+)\\s*(?P<protocol>[A-z0-9\\/\\.]+)\\\\\\\"\\s*(?P<status>\\d+)\\s*(?P<body_bytes_sent>\\d+)?\\s*?\\\\\\\"(?P<http_referer>[^\"]+)\\\"\\s*\\\\\\\"(?P<http_user_agent>[^\"]+)\\\"\\s(?P<request_time>\\d{1,6})\\s*(?P<response_time>\\d{1,6})",
"source_field": "text",
},
},
{
"parse": {
"description": "Parse the fields of the HTTP request - will be applied after HttpRequestParser1",
"destination_field": "text",
"name": "HttpRequestParser2",
"regular_expression": "(?P<remote_addr>\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3})\\s*-\\s*(?P<user>[^ ]+)\\s*\\[(?P<timestemp>\\d{4}-\\d{2}\\-\\d{2}T\\d{2}\\:\\d{2}\\:\\d{2}\\.\\d{1,6}Z)\\]\\s*\\\\\\\"(?P<method>[A-z]+)\\s[\\/\\\\]+(?P<request>[^\\s]+)\\s*(?P<protocol>[A-z0-9\\/\\.]+)\\\\\\\"\\s*(?P<status>\\d+)\\s*(?P<body_bytes_sent>\\d+)?\\s*?\\\\\\\"(?P<http_referer>[^\"]+)\\\"\\s*\\\\\\\"(?P<http_user_agent>[^\"]+)\\\"\\s(?P<request_time>\\d{1,6})\\s*(?P<response_time>\\d{1,6})",
"source_field": "text",
},
},
{
"json_stringify": {
"destination_field": "text",
"keep_source_field": False,
"name": "json_stringify rule",
"source_field": "text",
},
},
],
},
],
severities=["Warning"],
subsystems=["subsystem-name"])
#change here for existing subsystems from your account
extract_timestamp_example = coralogix.RulesGroup("extractTimestampExample",
applications=["nginx"],
description="rule_group created by coralogix terraform provider",
order=4,
rule_subgroups=[{
"rules": [{
"extract_timestamp": {
"description": "rule created by coralogix terraform provider",
"field_format_standard": "Strftime",
"name": "example extract-timestamp rule from terraform",
"source_field": "text",
"time_format": "%Y-%m-%dT%H:%M:%S.%f%z",
},
}],
}],
severities=["Warning"],
subsystems=["subsystem-name"])
#change here for existing subsystems from your account
remove_fields_example = coralogix.RulesGroup("removeFieldsExample",
applications=["nginx"],
description="rule_group created by coralogix terraform provider",
order=3,
rule_subgroups=[{
"rules": [{
"remove_fields": {
"description": "rule created by coralogix terraform provider",
"excluded_fields": [
"coralogix.metadata.applicationName",
"coralogix.metadata.className",
],
"name": "Example remove-fields rule from terraform",
},
}],
}],
severities=["Warning"],
subsystems=["subsystem-name"])
#change here for existing subsystems from your account
parse_json_field_example = coralogix.RulesGroup("parseJsonFieldExample",
applications=["nginx"],
description="rule_group created by coralogix terraform provider",
order=2,
rule_subgroups=[{
"rules": [{
"parse_json_field": {
"description": "rule created by coralogix terraform provider",
"destination_field": "text",
"keep_destination_field": True,
"keep_source_field": True,
"name": "Example parse-json-field rule from terraform",
"source_field": "text",
},
}],
}],
severities=["Warning"],
subsystems=["subsystem-name"])
#change here for existing subsystems from your account
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/coralogix/v2/coralogix"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := coralogix.NewRulesGroup(ctx, "rulesGroupExample", &coralogix.RulesGroupArgs{
Applications: pulumi.StringArray{
pulumi.String("nginx"),
},
Description: pulumi.String("rule_group creates by coralogix terraform provider"),
Order: pulumi.Float64(1),
RuleSubgroups: coralogix.RulesGroupRuleSubgroupArray{
&coralogix.RulesGroupRuleSubgroupArgs{
Rules: coralogix.RulesGroupRuleSubgroupRuleArray{
&coralogix.RulesGroupRuleSubgroupRuleArgs{
Extract: &coralogix.RulesGroupRuleSubgroupRuleExtractArgs{
Description: pulumi.String("Look for default severity text"),
Name: pulumi.String("Severity Rule"),
RegularExpression: pulumi.String("message\\s*:s*(?P<bytes>\\d+)\\s*.*?status\\sis\\s(?P<status>\\[^\"]+)"),
SourceField: pulumi.String("text"),
},
},
&coralogix.RulesGroupRuleSubgroupRuleArgs{
JsonExtract: &coralogix.RulesGroupRuleSubgroupRuleJsonExtractArgs{
Description: pulumi.String("Extracts value from 'worker' and populates 'Category'"),
DestinationField: pulumi.String("Text"),
DestinationFieldText: pulumi.String("text.free_text"),
JsonKey: pulumi.String("worker"),
Name: pulumi.String("Worker to category"),
},
},
&coralogix.RulesGroupRuleSubgroupRuleArgs{
Replace: &coralogix.RulesGroupRuleSubgroupRuleReplaceArgs{
Description: pulumi.String("Deletes data before Json"),
DestinationField: pulumi.String("text"),
Name: pulumi.String("Delete prefix"),
RegularExpression: pulumi.String(".*{"),
ReplacementString: pulumi.String("{"),
SourceField: pulumi.String("text"),
},
},
&coralogix.RulesGroupRuleSubgroupRuleArgs{
Block: &coralogix.RulesGroupRuleSubgroupRuleBlockArgs{
Description: pulumi.String("Block 2800 pg error"),
Name: pulumi.String("Block 28000"),
RegularExpression: pulumi.String("sql_error_code\\s*=\\s*28000"),
SourceField: pulumi.String("text"),
},
},
},
},
&coralogix.RulesGroupRuleSubgroupArgs{
Rules: coralogix.RulesGroupRuleSubgroupRuleArray{
&coralogix.RulesGroupRuleSubgroupRuleArgs{
Parse: &coralogix.RulesGroupRuleSubgroupRuleParseArgs{
Description: pulumi.String("Parse the fields of the HTTP request"),
DestinationField: pulumi.String("text"),
Name: pulumi.String("HttpRequestParser1"),
RegularExpression: pulumi.String("(?P<remote_addr>\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3})\\s*-\\s*(?P<user>[^ ]+)\\s*\\[(?P<timestemp>\\d{4}-\\d{2}\\-\\d{2}T\\d{2}\\:\\d{2}\\:\\d{2}\\.\\d{1,6}Z)\\]\\s*\\\\\\\"(?P<method>[A-z]+)\\s[\\/\\\\]+(?P<request>[^\\s]+)\\s*(?P<protocol>[A-z0-9\\/\\.]+)\\\\\\\"\\s*(?P<status>\\d+)\\s*(?P<body_bytes_sent>\\d+)?\\s*?\\\\\\\"(?P<http_referer>[^\"]+)\\\"\\s*\\\\\\\"(?P<http_user_agent>[^\"]+)\\\"\\s(?P<request_time>\\d{1,6})\\s*(?P<response_time>\\d{1,6})"),
SourceField: pulumi.String("text"),
},
},
&coralogix.RulesGroupRuleSubgroupRuleArgs{
Parse: &coralogix.RulesGroupRuleSubgroupRuleParseArgs{
Description: pulumi.String("Parse the fields of the HTTP request - will be applied after HttpRequestParser1"),
DestinationField: pulumi.String("text"),
Name: pulumi.String("HttpRequestParser2"),
RegularExpression: pulumi.String("(?P<remote_addr>\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3})\\s*-\\s*(?P<user>[^ ]+)\\s*\\[(?P<timestemp>\\d{4}-\\d{2}\\-\\d{2}T\\d{2}\\:\\d{2}\\:\\d{2}\\.\\d{1,6}Z)\\]\\s*\\\\\\\"(?P<method>[A-z]+)\\s[\\/\\\\]+(?P<request>[^\\s]+)\\s*(?P<protocol>[A-z0-9\\/\\.]+)\\\\\\\"\\s*(?P<status>\\d+)\\s*(?P<body_bytes_sent>\\d+)?\\s*?\\\\\\\"(?P<http_referer>[^\"]+)\\\"\\s*\\\\\\\"(?P<http_user_agent>[^\"]+)\\\"\\s(?P<request_time>\\d{1,6})\\s*(?P<response_time>\\d{1,6})"),
SourceField: pulumi.String("text"),
},
},
&coralogix.RulesGroupRuleSubgroupRuleArgs{
JsonStringify: &coralogix.RulesGroupRuleSubgroupRuleJsonStringifyArgs{
DestinationField: pulumi.String("text"),
KeepSourceField: pulumi.Bool(false),
Name: pulumi.String("json_stringify rule"),
SourceField: pulumi.String("text"),
},
},
},
},
},
Severities: pulumi.StringArray{
pulumi.String("Warning"),
},
Subsystems: pulumi.StringArray{
pulumi.String("subsystem-name"),
},
})
if err != nil {
return err
}
_, err = coralogix.NewRulesGroup(ctx, "extractTimestampExample", &coralogix.RulesGroupArgs{
Applications: pulumi.StringArray{
pulumi.String("nginx"),
},
Description: pulumi.String("rule_group created by coralogix terraform provider"),
Order: pulumi.Float64(4),
RuleSubgroups: coralogix.RulesGroupRuleSubgroupArray{
&coralogix.RulesGroupRuleSubgroupArgs{
Rules: coralogix.RulesGroupRuleSubgroupRuleArray{
&coralogix.RulesGroupRuleSubgroupRuleArgs{
ExtractTimestamp: &coralogix.RulesGroupRuleSubgroupRuleExtractTimestampArgs{
Description: pulumi.String("rule created by coralogix terraform provider"),
FieldFormatStandard: pulumi.String("Strftime"),
Name: pulumi.String("example extract-timestamp rule from terraform"),
SourceField: pulumi.String("text"),
TimeFormat: pulumi.String("%Y-%m-%dT%H:%M:%S.%f%z"),
},
},
},
},
},
Severities: pulumi.StringArray{
pulumi.String("Warning"),
},
Subsystems: pulumi.StringArray{
pulumi.String("subsystem-name"),
},
})
if err != nil {
return err
}
_, err = coralogix.NewRulesGroup(ctx, "removeFieldsExample", &coralogix.RulesGroupArgs{
Applications: pulumi.StringArray{
pulumi.String("nginx"),
},
Description: pulumi.String("rule_group created by coralogix terraform provider"),
Order: pulumi.Float64(3),
RuleSubgroups: coralogix.RulesGroupRuleSubgroupArray{
&coralogix.RulesGroupRuleSubgroupArgs{
Rules: coralogix.RulesGroupRuleSubgroupRuleArray{
&coralogix.RulesGroupRuleSubgroupRuleArgs{
RemoveFields: &coralogix.RulesGroupRuleSubgroupRuleRemoveFieldsArgs{
Description: pulumi.String("rule created by coralogix terraform provider"),
ExcludedFields: pulumi.StringArray{
pulumi.String("coralogix.metadata.applicationName"),
pulumi.String("coralogix.metadata.className"),
},
Name: pulumi.String("Example remove-fields rule from terraform"),
},
},
},
},
},
Severities: pulumi.StringArray{
pulumi.String("Warning"),
},
Subsystems: pulumi.StringArray{
pulumi.String("subsystem-name"),
},
})
if err != nil {
return err
}
_, err = coralogix.NewRulesGroup(ctx, "parseJsonFieldExample", &coralogix.RulesGroupArgs{
Applications: pulumi.StringArray{
pulumi.String("nginx"),
},
Description: pulumi.String("rule_group created by coralogix terraform provider"),
Order: pulumi.Float64(2),
RuleSubgroups: coralogix.RulesGroupRuleSubgroupArray{
&coralogix.RulesGroupRuleSubgroupArgs{
Rules: coralogix.RulesGroupRuleSubgroupRuleArray{
&coralogix.RulesGroupRuleSubgroupRuleArgs{
ParseJsonField: &coralogix.RulesGroupRuleSubgroupRuleParseJsonFieldArgs{
Description: pulumi.String("rule created by coralogix terraform provider"),
DestinationField: pulumi.String("text"),
KeepDestinationField: pulumi.Bool(true),
KeepSourceField: pulumi.Bool(true),
Name: pulumi.String("Example parse-json-field rule from terraform"),
SourceField: pulumi.String("text"),
},
},
},
},
},
Severities: pulumi.StringArray{
pulumi.String("Warning"),
},
Subsystems: pulumi.StringArray{
pulumi.String("subsystem-name"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Coralogix = Pulumi.Coralogix;
return await Deployment.RunAsync(() =>
{
var rulesGroupExample = new Coralogix.RulesGroup("rulesGroupExample", new()
{
Applications = new[]
{
"nginx",
},
Description = "rule_group creates by coralogix terraform provider",
Order = 1,
RuleSubgroups = new[]
{
new Coralogix.Inputs.RulesGroupRuleSubgroupArgs
{
Rules = new[]
{
new Coralogix.Inputs.RulesGroupRuleSubgroupRuleArgs
{
Extract = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleExtractArgs
{
Description = "Look for default severity text",
Name = "Severity Rule",
RegularExpression = "message\\s*:s*(?P<bytes>\\d+)\\s*.*?status\\sis\\s(?P<status>\\[^\"]+)",
SourceField = "text",
},
},
new Coralogix.Inputs.RulesGroupRuleSubgroupRuleArgs
{
JsonExtract = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleJsonExtractArgs
{
Description = "Extracts value from 'worker' and populates 'Category'",
DestinationField = "Text",
DestinationFieldText = "text.free_text",
JsonKey = "worker",
Name = "Worker to category",
},
},
new Coralogix.Inputs.RulesGroupRuleSubgroupRuleArgs
{
Replace = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleReplaceArgs
{
Description = "Deletes data before Json",
DestinationField = "text",
Name = "Delete prefix",
RegularExpression = ".*{",
ReplacementString = "{",
SourceField = "text",
},
},
new Coralogix.Inputs.RulesGroupRuleSubgroupRuleArgs
{
Block = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleBlockArgs
{
Description = "Block 2800 pg error",
Name = "Block 28000",
RegularExpression = "sql_error_code\\s*=\\s*28000",
SourceField = "text",
},
},
},
},
new Coralogix.Inputs.RulesGroupRuleSubgroupArgs
{
Rules = new[]
{
new Coralogix.Inputs.RulesGroupRuleSubgroupRuleArgs
{
Parse = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleParseArgs
{
Description = "Parse the fields of the HTTP request",
DestinationField = "text",
Name = "HttpRequestParser1",
RegularExpression = "(?P<remote_addr>\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3})\\s*-\\s*(?P<user>[^ ]+)\\s*\\[(?P<timestemp>\\d{4}-\\d{2}\\-\\d{2}T\\d{2}\\:\\d{2}\\:\\d{2}\\.\\d{1,6}Z)\\]\\s*\\\\\\\"(?P<method>[A-z]+)\\s[\\/\\\\]+(?P<request>[^\\s]+)\\s*(?P<protocol>[A-z0-9\\/\\.]+)\\\\\\\"\\s*(?P<status>\\d+)\\s*(?P<body_bytes_sent>\\d+)?\\s*?\\\\\\\"(?P<http_referer>[^\"]+)\\\"\\s*\\\\\\\"(?P<http_user_agent>[^\"]+)\\\"\\s(?P<request_time>\\d{1,6})\\s*(?P<response_time>\\d{1,6})",
SourceField = "text",
},
},
new Coralogix.Inputs.RulesGroupRuleSubgroupRuleArgs
{
Parse = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleParseArgs
{
Description = "Parse the fields of the HTTP request - will be applied after HttpRequestParser1",
DestinationField = "text",
Name = "HttpRequestParser2",
RegularExpression = "(?P<remote_addr>\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3})\\s*-\\s*(?P<user>[^ ]+)\\s*\\[(?P<timestemp>\\d{4}-\\d{2}\\-\\d{2}T\\d{2}\\:\\d{2}\\:\\d{2}\\.\\d{1,6}Z)\\]\\s*\\\\\\\"(?P<method>[A-z]+)\\s[\\/\\\\]+(?P<request>[^\\s]+)\\s*(?P<protocol>[A-z0-9\\/\\.]+)\\\\\\\"\\s*(?P<status>\\d+)\\s*(?P<body_bytes_sent>\\d+)?\\s*?\\\\\\\"(?P<http_referer>[^\"]+)\\\"\\s*\\\\\\\"(?P<http_user_agent>[^\"]+)\\\"\\s(?P<request_time>\\d{1,6})\\s*(?P<response_time>\\d{1,6})",
SourceField = "text",
},
},
new Coralogix.Inputs.RulesGroupRuleSubgroupRuleArgs
{
JsonStringify = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleJsonStringifyArgs
{
DestinationField = "text",
KeepSourceField = false,
Name = "json_stringify rule",
SourceField = "text",
},
},
},
},
},
Severities = new[]
{
"Warning",
},
Subsystems = new[]
{
"subsystem-name",
},
});
//change here for existing subsystems from your account
var extractTimestampExample = new Coralogix.RulesGroup("extractTimestampExample", new()
{
Applications = new[]
{
"nginx",
},
Description = "rule_group created by coralogix terraform provider",
Order = 4,
RuleSubgroups = new[]
{
new Coralogix.Inputs.RulesGroupRuleSubgroupArgs
{
Rules = new[]
{
new Coralogix.Inputs.RulesGroupRuleSubgroupRuleArgs
{
ExtractTimestamp = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleExtractTimestampArgs
{
Description = "rule created by coralogix terraform provider",
FieldFormatStandard = "Strftime",
Name = "example extract-timestamp rule from terraform",
SourceField = "text",
TimeFormat = "%Y-%m-%dT%H:%M:%S.%f%z",
},
},
},
},
},
Severities = new[]
{
"Warning",
},
Subsystems = new[]
{
"subsystem-name",
},
});
//change here for existing subsystems from your account
var removeFieldsExample = new Coralogix.RulesGroup("removeFieldsExample", new()
{
Applications = new[]
{
"nginx",
},
Description = "rule_group created by coralogix terraform provider",
Order = 3,
RuleSubgroups = new[]
{
new Coralogix.Inputs.RulesGroupRuleSubgroupArgs
{
Rules = new[]
{
new Coralogix.Inputs.RulesGroupRuleSubgroupRuleArgs
{
RemoveFields = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleRemoveFieldsArgs
{
Description = "rule created by coralogix terraform provider",
ExcludedFields = new[]
{
"coralogix.metadata.applicationName",
"coralogix.metadata.className",
},
Name = "Example remove-fields rule from terraform",
},
},
},
},
},
Severities = new[]
{
"Warning",
},
Subsystems = new[]
{
"subsystem-name",
},
});
//change here for existing subsystems from your account
var parseJsonFieldExample = new Coralogix.RulesGroup("parseJsonFieldExample", new()
{
Applications = new[]
{
"nginx",
},
Description = "rule_group created by coralogix terraform provider",
Order = 2,
RuleSubgroups = new[]
{
new Coralogix.Inputs.RulesGroupRuleSubgroupArgs
{
Rules = new[]
{
new Coralogix.Inputs.RulesGroupRuleSubgroupRuleArgs
{
ParseJsonField = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleParseJsonFieldArgs
{
Description = "rule created by coralogix terraform provider",
DestinationField = "text",
KeepDestinationField = true,
KeepSourceField = true,
Name = "Example parse-json-field rule from terraform",
SourceField = "text",
},
},
},
},
},
Severities = new[]
{
"Warning",
},
Subsystems = new[]
{
"subsystem-name",
},
});
//change here for existing subsystems from your account
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.coralogix.RulesGroup;
import com.pulumi.coralogix.RulesGroupArgs;
import com.pulumi.coralogix.inputs.RulesGroupRuleSubgroupArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var rulesGroupExample = new RulesGroup("rulesGroupExample", RulesGroupArgs.builder()
.applications("nginx")
.description("rule_group creates by coralogix terraform provider")
.order(1)
.ruleSubgroups(
RulesGroupRuleSubgroupArgs.builder()
.rules(
RulesGroupRuleSubgroupRuleArgs.builder()
.extract(RulesGroupRuleSubgroupRuleExtractArgs.builder()
.description("Look for default severity text")
.name("Severity Rule")
.regularExpression("message\\s*:s*(?P<bytes>\\d+)\\s*.*?status\\sis\\s(?P<status>\\[^\"]+)")
.sourceField("text")
.build())
.build(),
RulesGroupRuleSubgroupRuleArgs.builder()
.jsonExtract(RulesGroupRuleSubgroupRuleJsonExtractArgs.builder()
.description("Extracts value from 'worker' and populates 'Category'")
.destinationField("Text")
.destinationFieldText("text.free_text")
.jsonKey("worker")
.name("Worker to category")
.build())
.build(),
RulesGroupRuleSubgroupRuleArgs.builder()
.replace(RulesGroupRuleSubgroupRuleReplaceArgs.builder()
.description("Deletes data before Json")
.destinationField("text")
.name("Delete prefix")
.regularExpression(".*{")
.replacementString("{")
.sourceField("text")
.build())
.build(),
RulesGroupRuleSubgroupRuleArgs.builder()
.block(RulesGroupRuleSubgroupRuleBlockArgs.builder()
.description("Block 2800 pg error")
.name("Block 28000")
.regularExpression("sql_error_code\\s*=\\s*28000")
.sourceField("text")
.build())
.build())
.build(),
RulesGroupRuleSubgroupArgs.builder()
.rules(
RulesGroupRuleSubgroupRuleArgs.builder()
.parse(RulesGroupRuleSubgroupRuleParseArgs.builder()
.description("Parse the fields of the HTTP request")
.destinationField("text")
.name("HttpRequestParser1")
.regularExpression("(?P<remote_addr>\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3})\\s*-\\s*(?P<user>[^ ]+)\\s*\\[(?P<timestemp>\\d{4}-\\d{2}\\-\\d{2}T\\d{2}\\:\\d{2}\\:\\d{2}\\.\\d{1,6}Z)\\]\\s*\\\\\\\"(?P<method>[A-z]+)\\s[\\/\\\\]+(?P<request>[^\\s]+)\\s*(?P<protocol>[A-z0-9\\/\\.]+)\\\\\\\"\\s*(?P<status>\\d+)\\s*(?P<body_bytes_sent>\\d+)?\\s*?\\\\\\\"(?P<http_referer>[^\"]+)\\\"\\s*\\\\\\\"(?P<http_user_agent>[^\"]+)\\\"\\s(?P<request_time>\\d{1,6})\\s*(?P<response_time>\\d{1,6})")
.sourceField("text")
.build())
.build(),
RulesGroupRuleSubgroupRuleArgs.builder()
.parse(RulesGroupRuleSubgroupRuleParseArgs.builder()
.description("Parse the fields of the HTTP request - will be applied after HttpRequestParser1")
.destinationField("text")
.name("HttpRequestParser2")
.regularExpression("(?P<remote_addr>\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3})\\s*-\\s*(?P<user>[^ ]+)\\s*\\[(?P<timestemp>\\d{4}-\\d{2}\\-\\d{2}T\\d{2}\\:\\d{2}\\:\\d{2}\\.\\d{1,6}Z)\\]\\s*\\\\\\\"(?P<method>[A-z]+)\\s[\\/\\\\]+(?P<request>[^\\s]+)\\s*(?P<protocol>[A-z0-9\\/\\.]+)\\\\\\\"\\s*(?P<status>\\d+)\\s*(?P<body_bytes_sent>\\d+)?\\s*?\\\\\\\"(?P<http_referer>[^\"]+)\\\"\\s*\\\\\\\"(?P<http_user_agent>[^\"]+)\\\"\\s(?P<request_time>\\d{1,6})\\s*(?P<response_time>\\d{1,6})")
.sourceField("text")
.build())
.build(),
RulesGroupRuleSubgroupRuleArgs.builder()
.jsonStringify(RulesGroupRuleSubgroupRuleJsonStringifyArgs.builder()
.destinationField("text")
.keepSourceField("false")
.name("json_stringify rule")
.sourceField("text")
.build())
.build())
.build())
.severities("Warning")
.subsystems("subsystem-name")
.build());
//change here for existing subsystems from your account
var extractTimestampExample = new RulesGroup("extractTimestampExample", RulesGroupArgs.builder()
.applications("nginx")
.description("rule_group created by coralogix terraform provider")
.order(4)
.ruleSubgroups(RulesGroupRuleSubgroupArgs.builder()
.rules(RulesGroupRuleSubgroupRuleArgs.builder()
.extractTimestamp(RulesGroupRuleSubgroupRuleExtractTimestampArgs.builder()
.description("rule created by coralogix terraform provider")
.fieldFormatStandard("Strftime")
.name("example extract-timestamp rule from terraform")
.sourceField("text")
.timeFormat("%Y-%m-%dT%H:%M:%S.%f%z")
.build())
.build())
.build())
.severities("Warning")
.subsystems("subsystem-name")
.build());
//change here for existing subsystems from your account
var removeFieldsExample = new RulesGroup("removeFieldsExample", RulesGroupArgs.builder()
.applications("nginx")
.description("rule_group created by coralogix terraform provider")
.order(3)
.ruleSubgroups(RulesGroupRuleSubgroupArgs.builder()
.rules(RulesGroupRuleSubgroupRuleArgs.builder()
.removeFields(RulesGroupRuleSubgroupRuleRemoveFieldsArgs.builder()
.description("rule created by coralogix terraform provider")
.excludedFields(
"coralogix.metadata.applicationName",
"coralogix.metadata.className")
.name("Example remove-fields rule from terraform")
.build())
.build())
.build())
.severities("Warning")
.subsystems("subsystem-name")
.build());
//change here for existing subsystems from your account
var parseJsonFieldExample = new RulesGroup("parseJsonFieldExample", RulesGroupArgs.builder()
.applications("nginx")
.description("rule_group created by coralogix terraform provider")
.order(2)
.ruleSubgroups(RulesGroupRuleSubgroupArgs.builder()
.rules(RulesGroupRuleSubgroupRuleArgs.builder()
.parseJsonField(RulesGroupRuleSubgroupRuleParseJsonFieldArgs.builder()
.description("rule created by coralogix terraform provider")
.destinationField("text")
.keepDestinationField("true")
.keepSourceField("true")
.name("Example parse-json-field rule from terraform")
.sourceField("text")
.build())
.build())
.build())
.severities("Warning")
.subsystems("subsystem-name")
.build());
//change here for existing subsystems from your account
}
}
resources:
rulesGroupExample:
type: coralogix:RulesGroup
properties:
applications:
- nginx
# change here for existing applications from your account
description: rule_group creates by coralogix terraform provider
order: 1
ruleSubgroups:
- rules:
- extract:
description: Look for default severity text
name: Severity Rule
regularExpression: message\s*:s*(?P<bytes>\d+)\s*.*?status\sis\s(?P<status>\[^"]+)
sourceField: text
- jsonExtract:
description: Extracts value from 'worker' and populates 'Category'
destinationField: Text
destinationFieldText: text.free_text
jsonKey: worker
name: Worker to category
- replace:
description: Deletes data before Json
destinationField: text
name: Delete prefix
regularExpression: .*{
replacementString: '{'
sourceField: text
- block:
description: Block 2800 pg error
name: Block 28000
regularExpression: sql_error_code\s*=\s*28000
sourceField: text
- rules:
- parse:
description: Parse the fields of the HTTP request
destinationField: text
name: HttpRequestParser1
regularExpression: (?P<remote_addr>\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3})\s*-\s*(?P<user>[^ ]+)\s*\[(?P<timestemp>\d{4}-\d{2}\-\d{2}T\d{2}\:\d{2}\:\d{2}\.\d{1,6}Z)\]\s*\\\"(?P<method>[A-z]+)\s[\/\\]+(?P<request>[^\s]+)\s*(?P<protocol>[A-z0-9\/\.]+)\\\"\s*(?P<status>\d+)\s*(?P<body_bytes_sent>\d+)?\s*?\\\"(?P<http_referer>[^"]+)\"\s*\\\"(?P<http_user_agent>[^"]+)\"\s(?P<request_time>\d{1,6})\s*(?P<response_time>\d{1,6})
sourceField: text
- parse:
description: Parse the fields of the HTTP request - will be applied after HttpRequestParser1
destinationField: text
name: HttpRequestParser2
regularExpression: (?P<remote_addr>\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3})\s*-\s*(?P<user>[^ ]+)\s*\[(?P<timestemp>\d{4}-\d{2}\-\d{2}T\d{2}\:\d{2}\:\d{2}\.\d{1,6}Z)\]\s*\\\"(?P<method>[A-z]+)\s[\/\\]+(?P<request>[^\s]+)\s*(?P<protocol>[A-z0-9\/\.]+)\\\"\s*(?P<status>\d+)\s*(?P<body_bytes_sent>\d+)?\s*?\\\"(?P<http_referer>[^"]+)\"\s*\\\"(?P<http_user_agent>[^"]+)\"\s(?P<request_time>\d{1,6})\s*(?P<response_time>\d{1,6})
sourceField: text
- jsonStringify:
destinationField: text
keepSourceField: 'false'
name: json_stringify rule
sourceField: text
severities:
- Warning
subsystems:
- subsystem-name
extractTimestampExample:
type: coralogix:RulesGroup
properties:
applications:
- nginx
# change here for existing applications from your account
description: rule_group created by coralogix terraform provider
order: 4
ruleSubgroups:
- rules:
- extractTimestamp:
description: rule created by coralogix terraform provider
fieldFormatStandard: Strftime
name: example extract-timestamp rule from terraform
sourceField: text
timeFormat: '%Y-%m-%dT%H:%M:%S.%f%z'
severities:
- Warning
subsystems:
- subsystem-name
removeFieldsExample:
type: coralogix:RulesGroup
properties:
applications:
- nginx
# change here for existing applications from your account
description: rule_group created by coralogix terraform provider
order: 3
ruleSubgroups:
- rules:
- removeFields:
description: rule created by coralogix terraform provider
excludedFields:
- coralogix.metadata.applicationName
- coralogix.metadata.className
name: Example remove-fields rule from terraform
severities:
- Warning
subsystems:
- subsystem-name
parseJsonFieldExample:
type: coralogix:RulesGroup
properties:
applications:
- nginx
# change here for existing applications from your account
description: rule_group created by coralogix terraform provider
order: 2
ruleSubgroups:
- rules:
- parseJsonField:
description: rule created by coralogix terraform provider
destinationField: text
keepDestinationField: 'true'
keepSourceField: 'true'
name: Example parse-json-field rule from terraform
sourceField: text
severities:
- Warning
subsystems:
- subsystem-name
Create RulesGroup Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new RulesGroup(name: string, args?: RulesGroupArgs, opts?: CustomResourceOptions);@overload
def RulesGroup(resource_name: str,
args: Optional[RulesGroupArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def RulesGroup(resource_name: str,
opts: Optional[ResourceOptions] = None,
active: Optional[bool] = None,
applications: Optional[Sequence[str]] = None,
creator: Optional[str] = None,
description: Optional[str] = None,
hidden: Optional[bool] = None,
name: Optional[str] = None,
order: Optional[float] = None,
rule_subgroups: Optional[Sequence[RulesGroupRuleSubgroupArgs]] = None,
rules_group_id: Optional[str] = None,
severities: Optional[Sequence[str]] = None,
subsystems: Optional[Sequence[str]] = None,
timeouts: Optional[RulesGroupTimeoutsArgs] = None)func NewRulesGroup(ctx *Context, name string, args *RulesGroupArgs, opts ...ResourceOption) (*RulesGroup, error)public RulesGroup(string name, RulesGroupArgs? args = null, CustomResourceOptions? opts = null)
public RulesGroup(String name, RulesGroupArgs args)
public RulesGroup(String name, RulesGroupArgs args, CustomResourceOptions options)
type: coralogix:RulesGroup
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RulesGroupArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RulesGroupArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RulesGroupArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RulesGroupArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RulesGroupArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var rulesGroupResource = new Coralogix.RulesGroup("rulesGroupResource", new()
{
Active = false,
Applications = new[]
{
"string",
},
Creator = "string",
Description = "string",
Hidden = false,
Name = "string",
Order = 0,
RuleSubgroups = new[]
{
new Coralogix.Inputs.RulesGroupRuleSubgroupArgs
{
Rules = new[]
{
new Coralogix.Inputs.RulesGroupRuleSubgroupRuleArgs
{
Block = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleBlockArgs
{
Name = "string",
RegularExpression = "string",
SourceField = "string",
Active = false,
BlockingAllMatchingBlocks = false,
Description = "string",
Id = "string",
KeepBlockedLogs = false,
Order = 0,
},
Extract = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleExtractArgs
{
Name = "string",
RegularExpression = "string",
SourceField = "string",
Active = false,
Description = "string",
Id = "string",
Order = 0,
},
ExtractTimestamp = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleExtractTimestampArgs
{
FieldFormatStandard = "string",
Name = "string",
SourceField = "string",
TimeFormat = "string",
Active = false,
Description = "string",
Id = "string",
Order = 0,
},
JsonExtract = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleJsonExtractArgs
{
DestinationField = "string",
JsonKey = "string",
Name = "string",
Active = false,
Description = "string",
DestinationFieldText = "string",
Id = "string",
Order = 0,
},
JsonStringify = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleJsonStringifyArgs
{
DestinationField = "string",
Name = "string",
SourceField = "string",
Active = false,
Description = "string",
Id = "string",
KeepSourceField = false,
Order = 0,
},
Parse = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleParseArgs
{
DestinationField = "string",
Name = "string",
RegularExpression = "string",
SourceField = "string",
Active = false,
Description = "string",
Id = "string",
Order = 0,
},
ParseJsonField = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleParseJsonFieldArgs
{
DestinationField = "string",
Name = "string",
SourceField = "string",
Active = false,
Description = "string",
Id = "string",
KeepDestinationField = false,
KeepSourceField = false,
Order = 0,
},
RemoveFields = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleRemoveFieldsArgs
{
ExcludedFields = new[]
{
"string",
},
Name = "string",
Active = false,
Description = "string",
Id = "string",
Order = 0,
},
Replace = new Coralogix.Inputs.RulesGroupRuleSubgroupRuleReplaceArgs
{
DestinationField = "string",
Name = "string",
RegularExpression = "string",
SourceField = "string",
Active = false,
Description = "string",
Id = "string",
Order = 0,
ReplacementString = "string",
},
},
},
Active = false,
Id = "string",
Order = 0,
},
},
RulesGroupId = "string",
Severities = new[]
{
"string",
},
Subsystems = new[]
{
"string",
},
Timeouts = new Coralogix.Inputs.RulesGroupTimeoutsArgs
{
Create = "string",
Delete = "string",
Read = "string",
Update = "string",
},
});
example, err := coralogix.NewRulesGroup(ctx, "rulesGroupResource", &coralogix.RulesGroupArgs{
Active: pulumi.Bool(false),
Applications: pulumi.StringArray{
pulumi.String("string"),
},
Creator: pulumi.String("string"),
Description: pulumi.String("string"),
Hidden: pulumi.Bool(false),
Name: pulumi.String("string"),
Order: pulumi.Float64(0),
RuleSubgroups: coralogix.RulesGroupRuleSubgroupArray{
&coralogix.RulesGroupRuleSubgroupArgs{
Rules: coralogix.RulesGroupRuleSubgroupRuleArray{
&coralogix.RulesGroupRuleSubgroupRuleArgs{
Block: &coralogix.RulesGroupRuleSubgroupRuleBlockArgs{
Name: pulumi.String("string"),
RegularExpression: pulumi.String("string"),
SourceField: pulumi.String("string"),
Active: pulumi.Bool(false),
BlockingAllMatchingBlocks: pulumi.Bool(false),
Description: pulumi.String("string"),
Id: pulumi.String("string"),
KeepBlockedLogs: pulumi.Bool(false),
Order: pulumi.Float64(0),
},
Extract: &coralogix.RulesGroupRuleSubgroupRuleExtractArgs{
Name: pulumi.String("string"),
RegularExpression: pulumi.String("string"),
SourceField: pulumi.String("string"),
Active: pulumi.Bool(false),
Description: pulumi.String("string"),
Id: pulumi.String("string"),
Order: pulumi.Float64(0),
},
ExtractTimestamp: &coralogix.RulesGroupRuleSubgroupRuleExtractTimestampArgs{
FieldFormatStandard: pulumi.String("string"),
Name: pulumi.String("string"),
SourceField: pulumi.String("string"),
TimeFormat: pulumi.String("string"),
Active: pulumi.Bool(false),
Description: pulumi.String("string"),
Id: pulumi.String("string"),
Order: pulumi.Float64(0),
},
JsonExtract: &coralogix.RulesGroupRuleSubgroupRuleJsonExtractArgs{
DestinationField: pulumi.String("string"),
JsonKey: pulumi.String("string"),
Name: pulumi.String("string"),
Active: pulumi.Bool(false),
Description: pulumi.String("string"),
DestinationFieldText: pulumi.String("string"),
Id: pulumi.String("string"),
Order: pulumi.Float64(0),
},
JsonStringify: &coralogix.RulesGroupRuleSubgroupRuleJsonStringifyArgs{
DestinationField: pulumi.String("string"),
Name: pulumi.String("string"),
SourceField: pulumi.String("string"),
Active: pulumi.Bool(false),
Description: pulumi.String("string"),
Id: pulumi.String("string"),
KeepSourceField: pulumi.Bool(false),
Order: pulumi.Float64(0),
},
Parse: &coralogix.RulesGroupRuleSubgroupRuleParseArgs{
DestinationField: pulumi.String("string"),
Name: pulumi.String("string"),
RegularExpression: pulumi.String("string"),
SourceField: pulumi.String("string"),
Active: pulumi.Bool(false),
Description: pulumi.String("string"),
Id: pulumi.String("string"),
Order: pulumi.Float64(0),
},
ParseJsonField: &coralogix.RulesGroupRuleSubgroupRuleParseJsonFieldArgs{
DestinationField: pulumi.String("string"),
Name: pulumi.String("string"),
SourceField: pulumi.String("string"),
Active: pulumi.Bool(false),
Description: pulumi.String("string"),
Id: pulumi.String("string"),
KeepDestinationField: pulumi.Bool(false),
KeepSourceField: pulumi.Bool(false),
Order: pulumi.Float64(0),
},
RemoveFields: &coralogix.RulesGroupRuleSubgroupRuleRemoveFieldsArgs{
ExcludedFields: pulumi.StringArray{
pulumi.String("string"),
},
Name: pulumi.String("string"),
Active: pulumi.Bool(false),
Description: pulumi.String("string"),
Id: pulumi.String("string"),
Order: pulumi.Float64(0),
},
Replace: &coralogix.RulesGroupRuleSubgroupRuleReplaceArgs{
DestinationField: pulumi.String("string"),
Name: pulumi.String("string"),
RegularExpression: pulumi.String("string"),
SourceField: pulumi.String("string"),
Active: pulumi.Bool(false),
Description: pulumi.String("string"),
Id: pulumi.String("string"),
Order: pulumi.Float64(0),
ReplacementString: pulumi.String("string"),
},
},
},
Active: pulumi.Bool(false),
Id: pulumi.String("string"),
Order: pulumi.Float64(0),
},
},
RulesGroupId: pulumi.String("string"),
Severities: pulumi.StringArray{
pulumi.String("string"),
},
Subsystems: pulumi.StringArray{
pulumi.String("string"),
},
Timeouts: &coralogix.RulesGroupTimeoutsArgs{
Create: pulumi.String("string"),
Delete: pulumi.String("string"),
Read: pulumi.String("string"),
Update: pulumi.String("string"),
},
})
var rulesGroupResource = new RulesGroup("rulesGroupResource", RulesGroupArgs.builder()
.active(false)
.applications("string")
.creator("string")
.description("string")
.hidden(false)
.name("string")
.order(0)
.ruleSubgroups(RulesGroupRuleSubgroupArgs.builder()
.rules(RulesGroupRuleSubgroupRuleArgs.builder()
.block(RulesGroupRuleSubgroupRuleBlockArgs.builder()
.name("string")
.regularExpression("string")
.sourceField("string")
.active(false)
.blockingAllMatchingBlocks(false)
.description("string")
.id("string")
.keepBlockedLogs(false)
.order(0)
.build())
.extract(RulesGroupRuleSubgroupRuleExtractArgs.builder()
.name("string")
.regularExpression("string")
.sourceField("string")
.active(false)
.description("string")
.id("string")
.order(0)
.build())
.extractTimestamp(RulesGroupRuleSubgroupRuleExtractTimestampArgs.builder()
.fieldFormatStandard("string")
.name("string")
.sourceField("string")
.timeFormat("string")
.active(false)
.description("string")
.id("string")
.order(0)
.build())
.jsonExtract(RulesGroupRuleSubgroupRuleJsonExtractArgs.builder()
.destinationField("string")
.jsonKey("string")
.name("string")
.active(false)
.description("string")
.destinationFieldText("string")
.id("string")
.order(0)
.build())
.jsonStringify(RulesGroupRuleSubgroupRuleJsonStringifyArgs.builder()
.destinationField("string")
.name("string")
.sourceField("string")
.active(false)
.description("string")
.id("string")
.keepSourceField(false)
.order(0)
.build())
.parse(RulesGroupRuleSubgroupRuleParseArgs.builder()
.destinationField("string")
.name("string")
.regularExpression("string")
.sourceField("string")
.active(false)
.description("string")
.id("string")
.order(0)
.build())
.parseJsonField(RulesGroupRuleSubgroupRuleParseJsonFieldArgs.builder()
.destinationField("string")
.name("string")
.sourceField("string")
.active(false)
.description("string")
.id("string")
.keepDestinationField(false)
.keepSourceField(false)
.order(0)
.build())
.removeFields(RulesGroupRuleSubgroupRuleRemoveFieldsArgs.builder()
.excludedFields("string")
.name("string")
.active(false)
.description("string")
.id("string")
.order(0)
.build())
.replace(RulesGroupRuleSubgroupRuleReplaceArgs.builder()
.destinationField("string")
.name("string")
.regularExpression("string")
.sourceField("string")
.active(false)
.description("string")
.id("string")
.order(0)
.replacementString("string")
.build())
.build())
.active(false)
.id("string")
.order(0)
.build())
.rulesGroupId("string")
.severities("string")
.subsystems("string")
.timeouts(RulesGroupTimeoutsArgs.builder()
.create("string")
.delete("string")
.read("string")
.update("string")
.build())
.build());
rules_group_resource = coralogix.RulesGroup("rulesGroupResource",
active=False,
applications=["string"],
creator="string",
description="string",
hidden=False,
name="string",
order=0,
rule_subgroups=[{
"rules": [{
"block": {
"name": "string",
"regular_expression": "string",
"source_field": "string",
"active": False,
"blocking_all_matching_blocks": False,
"description": "string",
"id": "string",
"keep_blocked_logs": False,
"order": 0,
},
"extract": {
"name": "string",
"regular_expression": "string",
"source_field": "string",
"active": False,
"description": "string",
"id": "string",
"order": 0,
},
"extract_timestamp": {
"field_format_standard": "string",
"name": "string",
"source_field": "string",
"time_format": "string",
"active": False,
"description": "string",
"id": "string",
"order": 0,
},
"json_extract": {
"destination_field": "string",
"json_key": "string",
"name": "string",
"active": False,
"description": "string",
"destination_field_text": "string",
"id": "string",
"order": 0,
},
"json_stringify": {
"destination_field": "string",
"name": "string",
"source_field": "string",
"active": False,
"description": "string",
"id": "string",
"keep_source_field": False,
"order": 0,
},
"parse": {
"destination_field": "string",
"name": "string",
"regular_expression": "string",
"source_field": "string",
"active": False,
"description": "string",
"id": "string",
"order": 0,
},
"parse_json_field": {
"destination_field": "string",
"name": "string",
"source_field": "string",
"active": False,
"description": "string",
"id": "string",
"keep_destination_field": False,
"keep_source_field": False,
"order": 0,
},
"remove_fields": {
"excluded_fields": ["string"],
"name": "string",
"active": False,
"description": "string",
"id": "string",
"order": 0,
},
"replace": {
"destination_field": "string",
"name": "string",
"regular_expression": "string",
"source_field": "string",
"active": False,
"description": "string",
"id": "string",
"order": 0,
"replacement_string": "string",
},
}],
"active": False,
"id": "string",
"order": 0,
}],
rules_group_id="string",
severities=["string"],
subsystems=["string"],
timeouts={
"create": "string",
"delete": "string",
"read": "string",
"update": "string",
})
const rulesGroupResource = new coralogix.RulesGroup("rulesGroupResource", {
active: false,
applications: ["string"],
creator: "string",
description: "string",
hidden: false,
name: "string",
order: 0,
ruleSubgroups: [{
rules: [{
block: {
name: "string",
regularExpression: "string",
sourceField: "string",
active: false,
blockingAllMatchingBlocks: false,
description: "string",
id: "string",
keepBlockedLogs: false,
order: 0,
},
extract: {
name: "string",
regularExpression: "string",
sourceField: "string",
active: false,
description: "string",
id: "string",
order: 0,
},
extractTimestamp: {
fieldFormatStandard: "string",
name: "string",
sourceField: "string",
timeFormat: "string",
active: false,
description: "string",
id: "string",
order: 0,
},
jsonExtract: {
destinationField: "string",
jsonKey: "string",
name: "string",
active: false,
description: "string",
destinationFieldText: "string",
id: "string",
order: 0,
},
jsonStringify: {
destinationField: "string",
name: "string",
sourceField: "string",
active: false,
description: "string",
id: "string",
keepSourceField: false,
order: 0,
},
parse: {
destinationField: "string",
name: "string",
regularExpression: "string",
sourceField: "string",
active: false,
description: "string",
id: "string",
order: 0,
},
parseJsonField: {
destinationField: "string",
name: "string",
sourceField: "string",
active: false,
description: "string",
id: "string",
keepDestinationField: false,
keepSourceField: false,
order: 0,
},
removeFields: {
excludedFields: ["string"],
name: "string",
active: false,
description: "string",
id: "string",
order: 0,
},
replace: {
destinationField: "string",
name: "string",
regularExpression: "string",
sourceField: "string",
active: false,
description: "string",
id: "string",
order: 0,
replacementString: "string",
},
}],
active: false,
id: "string",
order: 0,
}],
rulesGroupId: "string",
severities: ["string"],
subsystems: ["string"],
timeouts: {
create: "string",
"delete": "string",
read: "string",
update: "string",
},
});
type: coralogix:RulesGroup
properties:
active: false
applications:
- string
creator: string
description: string
hidden: false
name: string
order: 0
ruleSubgroups:
- active: false
id: string
order: 0
rules:
- block:
active: false
blockingAllMatchingBlocks: false
description: string
id: string
keepBlockedLogs: false
name: string
order: 0
regularExpression: string
sourceField: string
extract:
active: false
description: string
id: string
name: string
order: 0
regularExpression: string
sourceField: string
extractTimestamp:
active: false
description: string
fieldFormatStandard: string
id: string
name: string
order: 0
sourceField: string
timeFormat: string
jsonExtract:
active: false
description: string
destinationField: string
destinationFieldText: string
id: string
jsonKey: string
name: string
order: 0
jsonStringify:
active: false
description: string
destinationField: string
id: string
keepSourceField: false
name: string
order: 0
sourceField: string
parse:
active: false
description: string
destinationField: string
id: string
name: string
order: 0
regularExpression: string
sourceField: string
parseJsonField:
active: false
description: string
destinationField: string
id: string
keepDestinationField: false
keepSourceField: false
name: string
order: 0
sourceField: string
removeFields:
active: false
description: string
excludedFields:
- string
id: string
name: string
order: 0
replace:
active: false
description: string
destinationField: string
id: string
name: string
order: 0
regularExpression: string
replacementString: string
sourceField: string
rulesGroupId: string
severities:
- string
subsystems:
- string
timeouts:
create: string
delete: string
read: string
update: string
RulesGroup Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The RulesGroup resource accepts the following input properties:
- Active bool
- Determines whether the rule-group will be active.
- Applications List<string>
- Rules will execute on logs that match the following applications.
- Creator string
- Rule-group creator.
- Description string
- Rule-group description
- bool
- Name string
- Rule-group name
- Order double
- Determines the index of the rule-group between the other rule-groups. By default, will be added last. (1 based indexing).
- Rule
Subgroups List<RulesGroup Rule Subgroup> - List of rule-subgroups. Every rule-subgroup is a list of rules linked with a logical 'OR' (||) operation.
- Rules
Group stringId - The ID of this resource.
- Severities List<string>
- Rules will execute on logs that match the these severities. Can be one of ["Critical" "Debug" "Error" "Info" "Verbose" "Warning"]
- Subsystems List<string>
- Rules will execute on logs that match the following subsystems.
- Timeouts
Rules
Group Timeouts
- Active bool
- Determines whether the rule-group will be active.
- Applications []string
- Rules will execute on logs that match the following applications.
- Creator string
- Rule-group creator.
- Description string
- Rule-group description
- bool
- Name string
- Rule-group name
- Order float64
- Determines the index of the rule-group between the other rule-groups. By default, will be added last. (1 based indexing).
- Rule
Subgroups []RulesGroup Rule Subgroup Args - List of rule-subgroups. Every rule-subgroup is a list of rules linked with a logical 'OR' (||) operation.
- Rules
Group stringId - The ID of this resource.
- Severities []string
- Rules will execute on logs that match the these severities. Can be one of ["Critical" "Debug" "Error" "Info" "Verbose" "Warning"]
- Subsystems []string
- Rules will execute on logs that match the following subsystems.
- Timeouts
Rules
Group Timeouts Args
- active Boolean
- Determines whether the rule-group will be active.
- applications List<String>
- Rules will execute on logs that match the following applications.
- creator String
- Rule-group creator.
- description String
- Rule-group description
- Boolean
- name String
- Rule-group name
- order Double
- Determines the index of the rule-group between the other rule-groups. By default, will be added last. (1 based indexing).
- rule
Subgroups List<RulesGroup Rule Subgroup> - List of rule-subgroups. Every rule-subgroup is a list of rules linked with a logical 'OR' (||) operation.
- rules
Group StringId - The ID of this resource.
- severities List<String>
- Rules will execute on logs that match the these severities. Can be one of ["Critical" "Debug" "Error" "Info" "Verbose" "Warning"]
- subsystems List<String>
- Rules will execute on logs that match the following subsystems.
- timeouts
Rules
Group Timeouts
- active boolean
- Determines whether the rule-group will be active.
- applications string[]
- Rules will execute on logs that match the following applications.
- creator string
- Rule-group creator.
- description string
- Rule-group description
- boolean
- name string
- Rule-group name
- order number
- Determines the index of the rule-group between the other rule-groups. By default, will be added last. (1 based indexing).
- rule
Subgroups RulesGroup Rule Subgroup[] - List of rule-subgroups. Every rule-subgroup is a list of rules linked with a logical 'OR' (||) operation.
- rules
Group stringId - The ID of this resource.
- severities string[]
- Rules will execute on logs that match the these severities. Can be one of ["Critical" "Debug" "Error" "Info" "Verbose" "Warning"]
- subsystems string[]
- Rules will execute on logs that match the following subsystems.
- timeouts
Rules
Group Timeouts
- active bool
- Determines whether the rule-group will be active.
- applications Sequence[str]
- Rules will execute on logs that match the following applications.
- creator str
- Rule-group creator.
- description str
- Rule-group description
- bool
- name str
- Rule-group name
- order float
- Determines the index of the rule-group between the other rule-groups. By default, will be added last. (1 based indexing).
- rule_
subgroups Sequence[RulesGroup Rule Subgroup Args] - List of rule-subgroups. Every rule-subgroup is a list of rules linked with a logical 'OR' (||) operation.
- rules_
group_ strid - The ID of this resource.
- severities Sequence[str]
- Rules will execute on logs that match the these severities. Can be one of ["Critical" "Debug" "Error" "Info" "Verbose" "Warning"]
- subsystems Sequence[str]
- Rules will execute on logs that match the following subsystems.
- timeouts
Rules
Group Timeouts Args
- active Boolean
- Determines whether the rule-group will be active.
- applications List<String>
- Rules will execute on logs that match the following applications.
- creator String
- Rule-group creator.
- description String
- Rule-group description
- Boolean
- name String
- Rule-group name
- order Number
- Determines the index of the rule-group between the other rule-groups. By default, will be added last. (1 based indexing).
- rule
Subgroups List<Property Map> - List of rule-subgroups. Every rule-subgroup is a list of rules linked with a logical 'OR' (||) operation.
- rules
Group StringId - The ID of this resource.
- severities List<String>
- Rules will execute on logs that match the these severities. Can be one of ["Critical" "Debug" "Error" "Info" "Verbose" "Warning"]
- subsystems List<String>
- Rules will execute on logs that match the following subsystems.
- timeouts Property Map
Outputs
All input properties are implicitly available as output properties. Additionally, the RulesGroup resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing RulesGroup Resource
Get an existing RulesGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RulesGroupState, opts?: CustomResourceOptions): RulesGroup@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
active: Optional[bool] = None,
applications: Optional[Sequence[str]] = None,
creator: Optional[str] = None,
description: Optional[str] = None,
hidden: Optional[bool] = None,
name: Optional[str] = None,
order: Optional[float] = None,
rule_subgroups: Optional[Sequence[RulesGroupRuleSubgroupArgs]] = None,
rules_group_id: Optional[str] = None,
severities: Optional[Sequence[str]] = None,
subsystems: Optional[Sequence[str]] = None,
timeouts: Optional[RulesGroupTimeoutsArgs] = None) -> RulesGroupfunc GetRulesGroup(ctx *Context, name string, id IDInput, state *RulesGroupState, opts ...ResourceOption) (*RulesGroup, error)public static RulesGroup Get(string name, Input<string> id, RulesGroupState? state, CustomResourceOptions? opts = null)public static RulesGroup get(String name, Output<String> id, RulesGroupState state, CustomResourceOptions options)resources: _: type: coralogix:RulesGroup get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Active bool
- Determines whether the rule-group will be active.
- Applications List<string>
- Rules will execute on logs that match the following applications.
- Creator string
- Rule-group creator.
- Description string
- Rule-group description
- bool
- Name string
- Rule-group name
- Order double
- Determines the index of the rule-group between the other rule-groups. By default, will be added last. (1 based indexing).
- Rule
Subgroups List<RulesGroup Rule Subgroup> - List of rule-subgroups. Every rule-subgroup is a list of rules linked with a logical 'OR' (||) operation.
- Rules
Group stringId - The ID of this resource.
- Severities List<string>
- Rules will execute on logs that match the these severities. Can be one of ["Critical" "Debug" "Error" "Info" "Verbose" "Warning"]
- Subsystems List<string>
- Rules will execute on logs that match the following subsystems.
- Timeouts
Rules
Group Timeouts
- Active bool
- Determines whether the rule-group will be active.
- Applications []string
- Rules will execute on logs that match the following applications.
- Creator string
- Rule-group creator.
- Description string
- Rule-group description
- bool
- Name string
- Rule-group name
- Order float64
- Determines the index of the rule-group between the other rule-groups. By default, will be added last. (1 based indexing).
- Rule
Subgroups []RulesGroup Rule Subgroup Args - List of rule-subgroups. Every rule-subgroup is a list of rules linked with a logical 'OR' (||) operation.
- Rules
Group stringId - The ID of this resource.
- Severities []string
- Rules will execute on logs that match the these severities. Can be one of ["Critical" "Debug" "Error" "Info" "Verbose" "Warning"]
- Subsystems []string
- Rules will execute on logs that match the following subsystems.
- Timeouts
Rules
Group Timeouts Args
- active Boolean
- Determines whether the rule-group will be active.
- applications List<String>
- Rules will execute on logs that match the following applications.
- creator String
- Rule-group creator.
- description String
- Rule-group description
- Boolean
- name String
- Rule-group name
- order Double
- Determines the index of the rule-group between the other rule-groups. By default, will be added last. (1 based indexing).
- rule
Subgroups List<RulesGroup Rule Subgroup> - List of rule-subgroups. Every rule-subgroup is a list of rules linked with a logical 'OR' (||) operation.
- rules
Group StringId - The ID of this resource.
- severities List<String>
- Rules will execute on logs that match the these severities. Can be one of ["Critical" "Debug" "Error" "Info" "Verbose" "Warning"]
- subsystems List<String>
- Rules will execute on logs that match the following subsystems.
- timeouts
Rules
Group Timeouts
- active boolean
- Determines whether the rule-group will be active.
- applications string[]
- Rules will execute on logs that match the following applications.
- creator string
- Rule-group creator.
- description string
- Rule-group description
- boolean
- name string
- Rule-group name
- order number
- Determines the index of the rule-group between the other rule-groups. By default, will be added last. (1 based indexing).
- rule
Subgroups RulesGroup Rule Subgroup[] - List of rule-subgroups. Every rule-subgroup is a list of rules linked with a logical 'OR' (||) operation.
- rules
Group stringId - The ID of this resource.
- severities string[]
- Rules will execute on logs that match the these severities. Can be one of ["Critical" "Debug" "Error" "Info" "Verbose" "Warning"]
- subsystems string[]
- Rules will execute on logs that match the following subsystems.
- timeouts
Rules
Group Timeouts
- active bool
- Determines whether the rule-group will be active.
- applications Sequence[str]
- Rules will execute on logs that match the following applications.
- creator str
- Rule-group creator.
- description str
- Rule-group description
- bool
- name str
- Rule-group name
- order float
- Determines the index of the rule-group between the other rule-groups. By default, will be added last. (1 based indexing).
- rule_
subgroups Sequence[RulesGroup Rule Subgroup Args] - List of rule-subgroups. Every rule-subgroup is a list of rules linked with a logical 'OR' (||) operation.
- rules_
group_ strid - The ID of this resource.
- severities Sequence[str]
- Rules will execute on logs that match the these severities. Can be one of ["Critical" "Debug" "Error" "Info" "Verbose" "Warning"]
- subsystems Sequence[str]
- Rules will execute on logs that match the following subsystems.
- timeouts
Rules
Group Timeouts Args
- active Boolean
- Determines whether the rule-group will be active.
- applications List<String>
- Rules will execute on logs that match the following applications.
- creator String
- Rule-group creator.
- description String
- Rule-group description
- Boolean
- name String
- Rule-group name
- order Number
- Determines the index of the rule-group between the other rule-groups. By default, will be added last. (1 based indexing).
- rule
Subgroups List<Property Map> - List of rule-subgroups. Every rule-subgroup is a list of rules linked with a logical 'OR' (||) operation.
- rules
Group StringId - The ID of this resource.
- severities List<String>
- Rules will execute on logs that match the these severities. Can be one of ["Critical" "Debug" "Error" "Info" "Verbose" "Warning"]
- subsystems List<String>
- Rules will execute on logs that match the following subsystems.
- timeouts Property Map
Supporting Types
RulesGroupRuleSubgroup, RulesGroupRuleSubgroupArgs
- Rules
List<Rules
Group Rule Subgroup Rule> - Active bool
- Determines whether the rule-subgroup will be active.
- Id string
- The ID of thr rule-subgroup. Will be computed by Coralogix endpoint.
- Order double
- Determines the index of the rule-subgroup inside the rule-group.When not set, will be computed by the order it was declared. (1 based indexing).
- Rules
[]Rules
Group Rule Subgroup Rule - Active bool
- Determines whether the rule-subgroup will be active.
- Id string
- The ID of thr rule-subgroup. Will be computed by Coralogix endpoint.
- Order float64
- Determines the index of the rule-subgroup inside the rule-group.When not set, will be computed by the order it was declared. (1 based indexing).
- rules
List<Rules
Group Rule Subgroup Rule> - active Boolean
- Determines whether the rule-subgroup will be active.
- id String
- The ID of thr rule-subgroup. Will be computed by Coralogix endpoint.
- order Double
- Determines the index of the rule-subgroup inside the rule-group.When not set, will be computed by the order it was declared. (1 based indexing).
- rules
Rules
Group Rule Subgroup Rule[] - active boolean
- Determines whether the rule-subgroup will be active.
- id string
- The ID of thr rule-subgroup. Will be computed by Coralogix endpoint.
- order number
- Determines the index of the rule-subgroup inside the rule-group.When not set, will be computed by the order it was declared. (1 based indexing).
- rules
Sequence[Rules
Group Rule Subgroup Rule] - active bool
- Determines whether the rule-subgroup will be active.
- id str
- The ID of thr rule-subgroup. Will be computed by Coralogix endpoint.
- order float
- Determines the index of the rule-subgroup inside the rule-group.When not set, will be computed by the order it was declared. (1 based indexing).
- rules List<Property Map>
- active Boolean
- Determines whether the rule-subgroup will be active.
- id String
- The ID of thr rule-subgroup. Will be computed by Coralogix endpoint.
- order Number
- Determines the index of the rule-subgroup inside the rule-group.When not set, will be computed by the order it was declared. (1 based indexing).
RulesGroupRuleSubgroupRule, RulesGroupRuleSubgroupRuleArgs
- Block
Rules
Group Rule Subgroup Rule Block - Block rules allow for refined filtering of incoming logs with a RegEx.
- Extract
Rules
Group Rule Subgroup Rule Extract - Use a named RegEx group to extract specific values you need as JSON getKeysStrings without having to parse the entire log.
- Extract
Timestamp RulesGroup Rule Subgroup Rule Extract Timestamp - Replace rules are used to replace logs timestamp with JSON field.
- Json
Extract RulesGroup Rule Subgroup Rule Json Extract - Name a JSON field to extract its value directly into a Coralogix metadata field
- Json
Stringify RulesGroup Rule Subgroup Rule Json Stringify - Convert a JSON object to JSON string.
- Parse
Rules
Group Rule Subgroup Rule Parse - Parse unstructured logs into JSON format using named Regex groups.
- Parse
Json RulesField Group Rule Subgroup Rule Parse Json Field - Convert a JSON string to JSON object.
- Remove
Fields RulesGroup Rule Subgroup Rule Remove Fields - Remove Fields allows to select fields that will not be indexed.
- Replace
Rules
Group Rule Subgroup Rule Replace - Replace rules are used to strings in order to fix log structure, change log severity, or obscure information.
- Block
Rules
Group Rule Subgroup Rule Block - Block rules allow for refined filtering of incoming logs with a RegEx.
- Extract
Rules
Group Rule Subgroup Rule Extract - Use a named RegEx group to extract specific values you need as JSON getKeysStrings without having to parse the entire log.
- Extract
Timestamp RulesGroup Rule Subgroup Rule Extract Timestamp - Replace rules are used to replace logs timestamp with JSON field.
- Json
Extract RulesGroup Rule Subgroup Rule Json Extract - Name a JSON field to extract its value directly into a Coralogix metadata field
- Json
Stringify RulesGroup Rule Subgroup Rule Json Stringify - Convert a JSON object to JSON string.
- Parse
Rules
Group Rule Subgroup Rule Parse - Parse unstructured logs into JSON format using named Regex groups.
- Parse
Json RulesField Group Rule Subgroup Rule Parse Json Field - Convert a JSON string to JSON object.
- Remove
Fields RulesGroup Rule Subgroup Rule Remove Fields - Remove Fields allows to select fields that will not be indexed.
- Replace
Rules
Group Rule Subgroup Rule Replace - Replace rules are used to strings in order to fix log structure, change log severity, or obscure information.
- block
Rules
Group Rule Subgroup Rule Block - Block rules allow for refined filtering of incoming logs with a RegEx.
- extract
Rules
Group Rule Subgroup Rule Extract - Use a named RegEx group to extract specific values you need as JSON getKeysStrings without having to parse the entire log.
- extract
Timestamp RulesGroup Rule Subgroup Rule Extract Timestamp - Replace rules are used to replace logs timestamp with JSON field.
- json
Extract RulesGroup Rule Subgroup Rule Json Extract - Name a JSON field to extract its value directly into a Coralogix metadata field
- json
Stringify RulesGroup Rule Subgroup Rule Json Stringify - Convert a JSON object to JSON string.
- parse
Rules
Group Rule Subgroup Rule Parse - Parse unstructured logs into JSON format using named Regex groups.
- parse
Json RulesField Group Rule Subgroup Rule Parse Json Field - Convert a JSON string to JSON object.
- remove
Fields RulesGroup Rule Subgroup Rule Remove Fields - Remove Fields allows to select fields that will not be indexed.
- replace
Rules
Group Rule Subgroup Rule Replace - Replace rules are used to strings in order to fix log structure, change log severity, or obscure information.
- block
Rules
Group Rule Subgroup Rule Block - Block rules allow for refined filtering of incoming logs with a RegEx.
- extract
Rules
Group Rule Subgroup Rule Extract - Use a named RegEx group to extract specific values you need as JSON getKeysStrings without having to parse the entire log.
- extract
Timestamp RulesGroup Rule Subgroup Rule Extract Timestamp - Replace rules are used to replace logs timestamp with JSON field.
- json
Extract RulesGroup Rule Subgroup Rule Json Extract - Name a JSON field to extract its value directly into a Coralogix metadata field
- json
Stringify RulesGroup Rule Subgroup Rule Json Stringify - Convert a JSON object to JSON string.
- parse
Rules
Group Rule Subgroup Rule Parse - Parse unstructured logs into JSON format using named Regex groups.
- parse
Json RulesField Group Rule Subgroup Rule Parse Json Field - Convert a JSON string to JSON object.
- remove
Fields RulesGroup Rule Subgroup Rule Remove Fields - Remove Fields allows to select fields that will not be indexed.
- replace
Rules
Group Rule Subgroup Rule Replace - Replace rules are used to strings in order to fix log structure, change log severity, or obscure information.
- block
Rules
Group Rule Subgroup Rule Block - Block rules allow for refined filtering of incoming logs with a RegEx.
- extract
Rules
Group Rule Subgroup Rule Extract - Use a named RegEx group to extract specific values you need as JSON getKeysStrings without having to parse the entire log.
- extract_
timestamp RulesGroup Rule Subgroup Rule Extract Timestamp - Replace rules are used to replace logs timestamp with JSON field.
- json_
extract RulesGroup Rule Subgroup Rule Json Extract - Name a JSON field to extract its value directly into a Coralogix metadata field
- json_
stringify RulesGroup Rule Subgroup Rule Json Stringify - Convert a JSON object to JSON string.
- parse
Rules
Group Rule Subgroup Rule Parse - Parse unstructured logs into JSON format using named Regex groups.
- parse_
json_ Rulesfield Group Rule Subgroup Rule Parse Json Field - Convert a JSON string to JSON object.
- remove_
fields RulesGroup Rule Subgroup Rule Remove Fields - Remove Fields allows to select fields that will not be indexed.
- replace
Rules
Group Rule Subgroup Rule Replace - Replace rules are used to strings in order to fix log structure, change log severity, or obscure information.
- block Property Map
- Block rules allow for refined filtering of incoming logs with a RegEx.
- extract Property Map
- Use a named RegEx group to extract specific values you need as JSON getKeysStrings without having to parse the entire log.
- extract
Timestamp Property Map - Replace rules are used to replace logs timestamp with JSON field.
- json
Extract Property Map - Name a JSON field to extract its value directly into a Coralogix metadata field
- json
Stringify Property Map - Convert a JSON object to JSON string.
- parse Property Map
- Parse unstructured logs into JSON format using named Regex groups.
- parse
Json Property MapField - Convert a JSON string to JSON object.
- remove
Fields Property Map - Remove Fields allows to select fields that will not be indexed.
- replace Property Map
- Replace rules are used to strings in order to fix log structure, change log severity, or obscure information.
RulesGroupRuleSubgroupRuleBlock, RulesGroupRuleSubgroupRuleBlockArgs
- Name string
- The rule name.
- Regular
Expression string - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Active bool
- Determines whether to rule will be active or not.
- Blocking
All boolMatching Blocks - Block Logic. If true or nor set - blocking all matching blocks, if false - blocking all non-matching blocks.
- Description string
- The rule description.
- Id string
- The rule id.
- Keep
Blocked boolLogs - Determines if to view blocked logs in LiveTail and archive to S3.
- Order double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- Name string
- The rule name.
- Regular
Expression string - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Active bool
- Determines whether to rule will be active or not.
- Blocking
All boolMatching Blocks - Block Logic. If true or nor set - blocking all matching blocks, if false - blocking all non-matching blocks.
- Description string
- The rule description.
- Id string
- The rule id.
- Keep
Blocked boolLogs - Determines if to view blocked logs in LiveTail and archive to S3.
- Order float64
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- name String
- The rule name.
- regular
Expression String - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- active Boolean
- Determines whether to rule will be active or not.
- blocking
All BooleanMatching Blocks - Block Logic. If true or nor set - blocking all matching blocks, if false - blocking all non-matching blocks.
- description String
- The rule description.
- id String
- The rule id.
- keep
Blocked BooleanLogs - Determines if to view blocked logs in LiveTail and archive to S3.
- order Double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- name string
- The rule name.
- regular
Expression string - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- active boolean
- Determines whether to rule will be active or not.
- blocking
All booleanMatching Blocks - Block Logic. If true or nor set - blocking all matching blocks, if false - blocking all non-matching blocks.
- description string
- The rule description.
- id string
- The rule id.
- keep
Blocked booleanLogs - Determines if to view blocked logs in LiveTail and archive to S3.
- order number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- name str
- The rule name.
- regular_
expression str - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source_
field str - The field on which the Regex will operate on. Accepts lowercase only.
- active bool
- Determines whether to rule will be active or not.
- blocking_
all_ boolmatching_ blocks - Block Logic. If true or nor set - blocking all matching blocks, if false - blocking all non-matching blocks.
- description str
- The rule description.
- id str
- The rule id.
- keep_
blocked_ boollogs - Determines if to view blocked logs in LiveTail and archive to S3.
- order float
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- name String
- The rule name.
- regular
Expression String - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- active Boolean
- Determines whether to rule will be active or not.
- blocking
All BooleanMatching Blocks - Block Logic. If true or nor set - blocking all matching blocks, if false - blocking all non-matching blocks.
- description String
- The rule description.
- id String
- The rule id.
- keep
Blocked BooleanLogs - Determines if to view blocked logs in LiveTail and archive to S3.
- order Number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
RulesGroupRuleSubgroupRuleExtract, RulesGroupRuleSubgroupRuleExtractArgs
- Name string
- The rule name.
- Regular
Expression string - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Order double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- Name string
- The rule name.
- Regular
Expression string - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Order float64
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- name String
- The rule name.
- regular
Expression String - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- order Double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- name string
- The rule name.
- regular
Expression string - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- active boolean
- Determines whether to rule will be active or not.
- description string
- The rule description.
- id string
- The rule id.
- order number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- name str
- The rule name.
- regular_
expression str - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source_
field str - The field on which the Regex will operate on. Accepts lowercase only.
- active bool
- Determines whether to rule will be active or not.
- description str
- The rule description.
- id str
- The rule id.
- order float
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- name String
- The rule name.
- regular
Expression String - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- order Number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
RulesGroupRuleSubgroupRuleExtractTimestamp, RulesGroupRuleSubgroupRuleExtractTimestampArgs
- Field
Format stringStandard - The format standard you want to use. Can be one of ["Golang" "JavaSDF" "MicroTS" "MilliTS" "NanoTS" "SecondTS" "Strftime"]
- Name string
- The rule name.
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Time
Format string - A time format that matches the field format standard
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Order double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- Field
Format stringStandard - The format standard you want to use. Can be one of ["Golang" "JavaSDF" "MicroTS" "MilliTS" "NanoTS" "SecondTS" "Strftime"]
- Name string
- The rule name.
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Time
Format string - A time format that matches the field format standard
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Order float64
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- field
Format StringStandard - The format standard you want to use. Can be one of ["Golang" "JavaSDF" "MicroTS" "MilliTS" "NanoTS" "SecondTS" "Strftime"]
- name String
- The rule name.
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- time
Format String - A time format that matches the field format standard
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- order Double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- field
Format stringStandard - The format standard you want to use. Can be one of ["Golang" "JavaSDF" "MicroTS" "MilliTS" "NanoTS" "SecondTS" "Strftime"]
- name string
- The rule name.
- source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- time
Format string - A time format that matches the field format standard
- active boolean
- Determines whether to rule will be active or not.
- description string
- The rule description.
- id string
- The rule id.
- order number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- field_
format_ strstandard - The format standard you want to use. Can be one of ["Golang" "JavaSDF" "MicroTS" "MilliTS" "NanoTS" "SecondTS" "Strftime"]
- name str
- The rule name.
- source_
field str - The field on which the Regex will operate on. Accepts lowercase only.
- time_
format str - A time format that matches the field format standard
- active bool
- Determines whether to rule will be active or not.
- description str
- The rule description.
- id str
- The rule id.
- order float
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- field
Format StringStandard - The format standard you want to use. Can be one of ["Golang" "JavaSDF" "MicroTS" "MilliTS" "NanoTS" "SecondTS" "Strftime"]
- name String
- The rule name.
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- time
Format String - A time format that matches the field format standard
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- order Number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
RulesGroupRuleSubgroupRuleJsonExtract, RulesGroupRuleSubgroupRuleJsonExtractArgs
- Destination
Field string - The field that will be populated by the results of RegEx operation.Can be one of [Category Class Method Severity Text ThreadID].
- Json
Key string - JSON key to extract its value directly into a Coralogix metadata field.
- Name string
- The rule name.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Destination
Field stringText - Required when destination_field is 'Text'. should be either 'text' or 'text.\n\n'
- Id string
- The rule id.
- Order double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- Destination
Field string - The field that will be populated by the results of RegEx operation.Can be one of [Category Class Method Severity Text ThreadID].
- Json
Key string - JSON key to extract its value directly into a Coralogix metadata field.
- Name string
- The rule name.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Destination
Field stringText - Required when destination_field is 'Text'. should be either 'text' or 'text.\n\n'
- Id string
- The rule id.
- Order float64
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination
Field String - The field that will be populated by the results of RegEx operation.Can be one of [Category Class Method Severity Text ThreadID].
- json
Key String - JSON key to extract its value directly into a Coralogix metadata field.
- name String
- The rule name.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- destination
Field StringText - Required when destination_field is 'Text'. should be either 'text' or 'text.\n\n'
- id String
- The rule id.
- order Double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination
Field string - The field that will be populated by the results of RegEx operation.Can be one of [Category Class Method Severity Text ThreadID].
- json
Key string - JSON key to extract its value directly into a Coralogix metadata field.
- name string
- The rule name.
- active boolean
- Determines whether to rule will be active or not.
- description string
- The rule description.
- destination
Field stringText - Required when destination_field is 'Text'. should be either 'text' or 'text.\n\n'
- id string
- The rule id.
- order number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination_
field str - The field that will be populated by the results of RegEx operation.Can be one of [Category Class Method Severity Text ThreadID].
- json_
key str - JSON key to extract its value directly into a Coralogix metadata field.
- name str
- The rule name.
- active bool
- Determines whether to rule will be active or not.
- description str
- The rule description.
- destination_
field_ strtext - Required when destination_field is 'Text'. should be either 'text' or 'text.\n\n'
- id str
- The rule id.
- order float
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination
Field String - The field that will be populated by the results of RegEx operation.Can be one of [Category Class Method Severity Text ThreadID].
- json
Key String - JSON key to extract its value directly into a Coralogix metadata field.
- name String
- The rule name.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- destination
Field StringText - Required when destination_field is 'Text'. should be either 'text' or 'text.\n\n'
- id String
- The rule id.
- order Number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
RulesGroupRuleSubgroupRuleJsonStringify, RulesGroupRuleSubgroupRuleJsonStringifyArgs
- Destination
Field string - The field that will be populated by the results of the RegEx operation.
- Name string
- The rule name.
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Keep
Source boolField - Determines whether to keep or to delete the source field.
- Order double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- Destination
Field string - The field that will be populated by the results of the RegEx operation.
- Name string
- The rule name.
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Keep
Source boolField - Determines whether to keep or to delete the source field.
- Order float64
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination
Field String - The field that will be populated by the results of the RegEx operation.
- name String
- The rule name.
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- keep
Source BooleanField - Determines whether to keep or to delete the source field.
- order Double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination
Field string - The field that will be populated by the results of the RegEx operation.
- name string
- The rule name.
- source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- active boolean
- Determines whether to rule will be active or not.
- description string
- The rule description.
- id string
- The rule id.
- keep
Source booleanField - Determines whether to keep or to delete the source field.
- order number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination_
field str - The field that will be populated by the results of the RegEx operation.
- name str
- The rule name.
- source_
field str - The field on which the Regex will operate on. Accepts lowercase only.
- active bool
- Determines whether to rule will be active or not.
- description str
- The rule description.
- id str
- The rule id.
- keep_
source_ boolfield - Determines whether to keep or to delete the source field.
- order float
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination
Field String - The field that will be populated by the results of the RegEx operation.
- name String
- The rule name.
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- keep
Source BooleanField - Determines whether to keep or to delete the source field.
- order Number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
RulesGroupRuleSubgroupRuleParse, RulesGroupRuleSubgroupRuleParseArgs
- Destination
Field string - The field that will be populated by the results of the RegEx operation.
- Name string
- The rule name.
- Regular
Expression string - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Order double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- Destination
Field string - The field that will be populated by the results of the RegEx operation.
- Name string
- The rule name.
- Regular
Expression string - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Order float64
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination
Field String - The field that will be populated by the results of the RegEx operation.
- name String
- The rule name.
- regular
Expression String - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- order Double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination
Field string - The field that will be populated by the results of the RegEx operation.
- name string
- The rule name.
- regular
Expression string - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- active boolean
- Determines whether to rule will be active or not.
- description string
- The rule description.
- id string
- The rule id.
- order number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination_
field str - The field that will be populated by the results of the RegEx operation.
- name str
- The rule name.
- regular_
expression str - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source_
field str - The field on which the Regex will operate on. Accepts lowercase only.
- active bool
- Determines whether to rule will be active or not.
- description str
- The rule description.
- id str
- The rule id.
- order float
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination
Field String - The field that will be populated by the results of the RegEx operation.
- name String
- The rule name.
- regular
Expression String - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- order Number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
RulesGroupRuleSubgroupRuleParseJsonField, RulesGroupRuleSubgroupRuleParseJsonFieldArgs
- Destination
Field string - The field that will be populated by the results of the RegEx operation.
- Name string
- The rule name.
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Keep
Destination boolField - Determines whether to keep or to delete the destination field.
- Keep
Source boolField - Determines whether to keep or to delete the source field.
- Order double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- Destination
Field string - The field that will be populated by the results of the RegEx operation.
- Name string
- The rule name.
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Keep
Destination boolField - Determines whether to keep or to delete the destination field.
- Keep
Source boolField - Determines whether to keep or to delete the source field.
- Order float64
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination
Field String - The field that will be populated by the results of the RegEx operation.
- name String
- The rule name.
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- keep
Destination BooleanField - Determines whether to keep or to delete the destination field.
- keep
Source BooleanField - Determines whether to keep or to delete the source field.
- order Double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination
Field string - The field that will be populated by the results of the RegEx operation.
- name string
- The rule name.
- source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- active boolean
- Determines whether to rule will be active or not.
- description string
- The rule description.
- id string
- The rule id.
- keep
Destination booleanField - Determines whether to keep or to delete the destination field.
- keep
Source booleanField - Determines whether to keep or to delete the source field.
- order number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination_
field str - The field that will be populated by the results of the RegEx operation.
- name str
- The rule name.
- source_
field str - The field on which the Regex will operate on. Accepts lowercase only.
- active bool
- Determines whether to rule will be active or not.
- description str
- The rule description.
- id str
- The rule id.
- keep_
destination_ boolfield - Determines whether to keep or to delete the destination field.
- keep_
source_ boolfield - Determines whether to keep or to delete the source field.
- order float
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- destination
Field String - The field that will be populated by the results of the RegEx operation.
- name String
- The rule name.
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- keep
Destination BooleanField - Determines whether to keep or to delete the destination field.
- keep
Source BooleanField - Determines whether to keep or to delete the source field.
- order Number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
RulesGroupRuleSubgroupRuleRemoveFields, RulesGroupRuleSubgroupRuleRemoveFieldsArgs
- Excluded
Fields List<string> - Excluded fields won't be indexed.
- Name string
- The rule name.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Order double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- Excluded
Fields []string - Excluded fields won't be indexed.
- Name string
- The rule name.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Order float64
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- excluded
Fields List<String> - Excluded fields won't be indexed.
- name String
- The rule name.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- order Double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- excluded
Fields string[] - Excluded fields won't be indexed.
- name string
- The rule name.
- active boolean
- Determines whether to rule will be active or not.
- description string
- The rule description.
- id string
- The rule id.
- order number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- excluded_
fields Sequence[str] - Excluded fields won't be indexed.
- name str
- The rule name.
- active bool
- Determines whether to rule will be active or not.
- description str
- The rule description.
- id str
- The rule id.
- order float
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- excluded
Fields List<String> - Excluded fields won't be indexed.
- name String
- The rule name.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- order Number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
RulesGroupRuleSubgroupRuleReplace, RulesGroupRuleSubgroupRuleReplaceArgs
- Destination
Field string - The field that will be populated by the results of the RegEx operation.
- Name string
- The rule name.
- Regular
Expression string - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Order double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- Replacement
String string - The string that will replace the matched RegEx
- Destination
Field string - The field that will be populated by the results of the RegEx operation.
- Name string
- The rule name.
- Regular
Expression string - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- Source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- Active bool
- Determines whether to rule will be active or not.
- Description string
- The rule description.
- Id string
- The rule id.
- Order float64
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- Replacement
String string - The string that will replace the matched RegEx
- destination
Field String - The field that will be populated by the results of the RegEx operation.
- name String
- The rule name.
- regular
Expression String - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- order Double
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- replacement
String String - The string that will replace the matched RegEx
- destination
Field string - The field that will be populated by the results of the RegEx operation.
- name string
- The rule name.
- regular
Expression string - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source
Field string - The field on which the Regex will operate on. Accepts lowercase only.
- active boolean
- Determines whether to rule will be active or not.
- description string
- The rule description.
- id string
- The rule id.
- order number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- replacement
String string - The string that will replace the matched RegEx
- destination_
field str - The field that will be populated by the results of the RegEx operation.
- name str
- The rule name.
- regular_
expression str - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source_
field str - The field on which the Regex will operate on. Accepts lowercase only.
- active bool
- Determines whether to rule will be active or not.
- description str
- The rule description.
- id str
- The rule id.
- order float
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- replacement_
string str - The string that will replace the matched RegEx
- destination
Field String - The field that will be populated by the results of the RegEx operation.
- name String
- The rule name.
- regular
Expression String - Regular expiration. More info: https://coralogix.com/blog/regex-101/
- source
Field String - The field on which the Regex will operate on. Accepts lowercase only.
- active Boolean
- Determines whether to rule will be active or not.
- description String
- The rule description.
- id String
- The rule id.
- order Number
- Determines the index of the rule inside the rule-subgroup.If not set, will be computed by the order it was declared. (1 based indexing).
- replacement
String String - The string that will replace the matched RegEx
RulesGroupTimeouts, RulesGroupTimeoutsArgs
Package Details
- Repository
- coralogix coralogix/terraform-provider-coralogix
- License
- Notes
- This Pulumi package is based on the
coralogixTerraform Provider.
coralogix 2.0.17 published on Tuesday, Apr 22, 2025 by coralogix