Class ObservabilityPipelineOcsfMappingCustomFieldMapping

Defines a single field mapping rule for transforming a source field to an OCSF destination field.

Hierarchy

  • ObservabilityPipelineOcsfMappingCustomFieldMapping

Constructors

constructor

Properties

_default? additionalProperties? dest lookup? source? sources? value?

Constructors

constructor

Properties

Optional _default

_default?: any

The default value to use if the source field is missing or empty.

Optional additionalProperties

additionalProperties?: {
    [key: string]: any;
}

A container for additional, undeclared properties. This is a holder for any undeclared properties as specified with the 'additionalProperties' keyword in the OAS document.

Type declaration

  • [key: string]: any

dest

dest: string

The destination OCSF field path.

Optional lookup

lookup?: ObservabilityPipelineOcsfMappingCustomLookup

Lookup table configuration for mapping source values to destination values.

Optional source

source?: any

The source field path from the log event.

Optional sources

sources?: any

Multiple source field paths for combined mapping.

Optional value

value?: any

A static value to use for the destination field.

Settings

Member Visibility

Theme

Generated using TypeDoc