Class LogsSchemaCategoryMapper

Use the Schema Category Mapper to categorize log event into enum fields. In the case of OCSF, they can be used to map sibling fields which are composed of an ID and a name.

Notes:

  • The syntax of the query is the one of Logs Explorer search bar. The query can be done on any log attribute or tag, whether it is a facet or not. Wildcards can also be used inside your query.
  • Categories are executed in order and processing stops at the first match. Make sure categories are properly ordered in case a log could match multiple queries.
  • Sibling fields always have a numerical ID field and a human-readable string name.
  • A fallback section handles cases where the name or ID value matches a specific value. If the name matches "Other" or the ID matches 99, the value of the sibling name field will be pulled from a source field from the original log.

Hierarchy

  • LogsSchemaCategoryMapper

Constructors

constructor

Properties

additionalProperties? categories fallback? name targets type

Constructors

constructor

Properties

Optional additionalProperties

additionalProperties?: {
    [key: string]: any;
}

A container for additional, undeclared properties. This is a holder for any undeclared properties as specified with the 'additionalProperties' keyword in the OAS document.

Type declaration

  • [key: string]: any

categories

categories: LogsSchemaCategoryMapperCategory[]

Array of filters to match or not a log and their corresponding name to assign a custom value to the log.

Optional fallback

fallback?: LogsSchemaCategoryMapperFallback

Used to override hardcoded category values with a value pulled from a source attribute on the log.

name

name: string

Name of the logs schema category mapper.

targets

targets: LogsSchemaCategoryMapperTargets

Name of the target attributes which value is defined by the matching category.

type

type: LogsSchemaCategoryMapperType

Type of logs schema category mapper.

Settings

Member Visibility

Theme

Generated using TypeDoc