Struct aws_sdk_securitylake::operation::create_custom_log_source::builders::CreateCustomLogSourceFluentBuilder

source · 
pub struct CreateCustomLogSourceFluentBuilder { /* private fields */ }
Expand description

Fluent builder constructing a request to CreateCustomLogSource.

Adds a third-party custom source in Amazon Security Lake, from the Amazon Web Services Region where you want to create a custom source. Security Lake can collect logs and events from third-party custom sources. After creating the appropriate IAM role to invoke Glue crawler, use this API to add a custom source name in Security Lake. This operation creates a partition in the Amazon S3 bucket for Security Lake as the target location for log files from the custom source. In addition, this operation also creates an associated Glue table and an Glue crawler.

Implementations§

source§

impl CreateCustomLogSourceFluentBuilder

source

pub fn as_input(&self) -> &CreateCustomLogSourceInputBuilder

Access the CreateCustomLogSource as a reference.

source

pub async fn send( self ) -> Result<CreateCustomLogSourceOutput, SdkError<CreateCustomLogSourceError, HttpResponse>>

Sends the request and returns the response.

If an error occurs, an SdkError will be returned with additional details that can be matched against.

By default, any retryable failures will be retried twice. Retry behavior is configurable with the RetryConfig, which can be set when configuring the client.

source

pub fn customize( self ) -> CustomizableOperation<CreateCustomLogSourceOutput, CreateCustomLogSourceError, Self>

Consumes this builder, creating a customizable operation that can be modified before being sent.

source

pub fn source_name(self, input: impl Into<String>) -> Self

Specify the name for a third-party custom source. This must be a Regionally unique value.

source

pub fn set_source_name(self, input: Option<String>) -> Self

Specify the name for a third-party custom source. This must be a Regionally unique value.

source

pub fn get_source_name(&self) -> &Option<String>

Specify the name for a third-party custom source. This must be a Regionally unique value.

source

pub fn source_version(self, input: impl Into<String>) -> Self

Specify the source version for the third-party custom source, to limit log collection to a specific version of custom data source.

source

pub fn set_source_version(self, input: Option<String>) -> Self

Specify the source version for the third-party custom source, to limit log collection to a specific version of custom data source.

source

pub fn get_source_version(&self) -> &Option<String>

Specify the source version for the third-party custom source, to limit log collection to a specific version of custom data source.

source

pub fn event_classes(self, input: impl Into<String>) -> Self

Appends an item to eventClasses.

To override the contents of this collection use set_event_classes.

The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake. The supported event classes are:

  • ACCESS_ACTIVITY

  • FILE_ACTIVITY

  • KERNEL_ACTIVITY

  • KERNEL_EXTENSION

  • MEMORY_ACTIVITY

  • MODULE_ACTIVITY

  • PROCESS_ACTIVITY

  • REGISTRY_KEY_ACTIVITY

  • REGISTRY_VALUE_ACTIVITY

  • RESOURCE_ACTIVITY

  • SCHEDULED_JOB_ACTIVITY

  • SECURITY_FINDING

  • ACCOUNT_CHANGE

  • AUTHENTICATION

  • AUTHORIZATION

  • ENTITY_MANAGEMENT_AUDIT

  • DHCP_ACTIVITY

  • NETWORK_ACTIVITY

  • DNS_ACTIVITY

  • FTP_ACTIVITY

  • HTTP_ACTIVITY

  • RDP_ACTIVITY

  • SMB_ACTIVITY

  • SSH_ACTIVITY

  • CONFIG_STATE

  • INVENTORY_INFO

  • EMAIL_ACTIVITY

  • API_ACTIVITY

  • CLOUD_API

source

pub fn set_event_classes(self, input: Option<Vec<String>>) -> Self

The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake. The supported event classes are:

  • ACCESS_ACTIVITY

  • FILE_ACTIVITY

  • KERNEL_ACTIVITY

  • KERNEL_EXTENSION

  • MEMORY_ACTIVITY

  • MODULE_ACTIVITY

  • PROCESS_ACTIVITY

  • REGISTRY_KEY_ACTIVITY

  • REGISTRY_VALUE_ACTIVITY

  • RESOURCE_ACTIVITY

  • SCHEDULED_JOB_ACTIVITY

  • SECURITY_FINDING

  • ACCOUNT_CHANGE

  • AUTHENTICATION

  • AUTHORIZATION

  • ENTITY_MANAGEMENT_AUDIT

  • DHCP_ACTIVITY

  • NETWORK_ACTIVITY

  • DNS_ACTIVITY

  • FTP_ACTIVITY

  • HTTP_ACTIVITY

  • RDP_ACTIVITY

  • SMB_ACTIVITY

  • SSH_ACTIVITY

  • CONFIG_STATE

  • INVENTORY_INFO

  • EMAIL_ACTIVITY

  • API_ACTIVITY

  • CLOUD_API

source

pub fn get_event_classes(&self) -> &Option<Vec<String>>

The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake. The supported event classes are:

  • ACCESS_ACTIVITY

  • FILE_ACTIVITY

  • KERNEL_ACTIVITY

  • KERNEL_EXTENSION

  • MEMORY_ACTIVITY

  • MODULE_ACTIVITY

  • PROCESS_ACTIVITY

  • REGISTRY_KEY_ACTIVITY

  • REGISTRY_VALUE_ACTIVITY

  • RESOURCE_ACTIVITY

  • SCHEDULED_JOB_ACTIVITY

  • SECURITY_FINDING

  • ACCOUNT_CHANGE

  • AUTHENTICATION

  • AUTHORIZATION

  • ENTITY_MANAGEMENT_AUDIT

  • DHCP_ACTIVITY

  • NETWORK_ACTIVITY

  • DNS_ACTIVITY

  • FTP_ACTIVITY

  • HTTP_ACTIVITY

  • RDP_ACTIVITY

  • SMB_ACTIVITY

  • SSH_ACTIVITY

  • CONFIG_STATE

  • INVENTORY_INFO

  • EMAIL_ACTIVITY

  • API_ACTIVITY

  • CLOUD_API

source

pub fn configuration(self, input: CustomLogSourceConfiguration) -> Self

The configuration for the third-party custom source.

source

pub fn set_configuration( self, input: Option<CustomLogSourceConfiguration> ) -> Self

The configuration for the third-party custom source.

source

pub fn get_configuration(&self) -> &Option<CustomLogSourceConfiguration>

The configuration for the third-party custom source.

Trait Implementations§

source§

impl Clone for CreateCustomLogSourceFluentBuilder

source§

fn clone(&self) -> CreateCustomLogSourceFluentBuilder

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for CreateCustomLogSourceFluentBuilder

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<Unshared, Shared> IntoShared<Shared> for Unshared
where Shared: FromUnshared<Unshared>,

source§

fn into_shared(self) -> Shared

Creates a shared type from an unshared type.
source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more