REST Resource: projects.locations.instances.logTypes

Resource: LogType
- JSON representation
ParserType
Methods

Resource: LogType

A Log type represents a data label for data customers send to Chronicle.

JSON representation

JSON representation
{ "name": string, "customLogTypeLabel": string, "displayName": string, "golden": boolean, "productSource": string, "isCustom": boolean, "hasCustomParser": boolean, "lastIngestedTime": string, "feedCount": integer, "parserType": enum (`ParserType`) }

{
  "name": string,
  "customLogTypeLabel": string,
  "displayName": string,
  "golden": boolean,
  "productSource": string,
  "isCustom": boolean,
  "hasCustomParser": boolean,
  "lastIngestedTime": string,
  "feedCount": integer,
  "parserType": enum (ParserType)
}

Fields
`name`	`string` Output only. The resource name of this log type. Format: projects/{project}/locations/{region}/instances/{instance}/logTypes/{logType}
`customLogTypeLabel`	`string` Output only. the custom log type label
`displayName`	`string` Required. The display name of this log type. This is the tag used in YARA-l rules and search queries.
`golden`	`boolean` Output only. Whether a LogType is a 'Golden' log type or not. LogTypes that support rapid customer onboarding are considered 'Golden' log types.
`productSource`	`string` Required. This is what users see in the UI to identify the logtype while creating feed.
`isCustom`	`boolean` Required. Whether the log type is custom or globally available.
`hasCustomParser`	`boolean` Required. The log type could be custom logtype but still be using prebuilt parser. If this is set to true that means that there is a custom parser for this log type. ( deprecated )
`lastIngestedTime`	`string (Timestamp format)` Required. The last time the log type was ingested. Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: `"2014-10-02T15:01:23Z"`, `"2014-10-02T15:01:23.045123456Z"` or `"2014-10-02T15:01:23+05:30"`.
`feedCount`	`integer` Required. The number of feeds that are ingested for this log type.
`parserType`	`enum (ParserType)` Required. The type of parser used for this log type. (custom/prebuilt/-)

ParserType

enum for getting a ParserType.

Enums
`PARSER_TYPE_UNSPECIFIED`	Unspecified parser type.
`CUSTOM_PARSER`	Custom parser.
`PREBUILT_PARSER`	Prebuilt parser.

Methods
`create`	Create LogType.
`generateEventTypesSuggestions`	GenerateEventTypesSuggestions generates event types suggestions that can be mapped by a lowcode parser.
`getLogTypeSetting`	Gets a LogTypeSetting.
`legacySubmitParserExtension`	LegacySubmitParserExtension creates validates and then makes the extension live.
`list`	Lists all LogTypes.
`runParser`	RunParser runs the parser against a log and returns normalized events or any error that occurred during the normalization.
`updateLogTypeSetting`	UpdateLogTypeSetting updates the log type setting for a log type.

REST Resource: projects.locations.instances.logTypes

Resource: LogType

ParserType

Methods

`create`

`generateEventTypesSuggestions`

`getLogTypeSetting`

`legacySubmitParserExtension`

`list`

`runParser`

`updateLogTypeSetting`

REST Resource: projects.locations.instances.logTypes Stay organized with collections Save and categorize content based on your preferences.

Resource: LogType

ParserType

Methods

create

generateEventTypesSuggestions

getLogTypeSetting

legacySubmitParserExtension

list

runParser

updateLogTypeSetting

REST Resource: projects.locations.instances.logTypes

`create`

`generateEventTypesSuggestions`

`getLogTypeSetting`

`legacySubmitParserExtension`

`list`

`runParser`

`updateLogTypeSetting`