pub mod egress;
pub mod engine;
pub mod enrichment;
pub mod error;
pub mod input;
pub mod io;
pub mod metrics;
pub mod parse;
pub mod pipeline_deprecation;
pub mod processor;
pub mod sources;
pub mod tap;
pub use egress::{
EgressDenial, EgressFilteredResolver, EgressPolicy, default_egress_policy,
set_default_egress_policy,
};
pub use engine::{EngineStats, RuntimeEngine};
pub use enrichment::config::{
EnricherConfig, EnrichersConfigError, EnrichersFile, build_enrichers, build_enrichers_full,
load_enrichers_file,
};
pub use enrichment::{
CacheKey, CacheOutcome, CommandEnricher, EnrichError, EnrichErrorKind, Enricher,
EnricherFactory, EnricherKind, EnrichmentPipeline, HttpEnricher, HttpEnricherClient,
HttpResponseCache, LookupEnricher, OnError, OutputFormat, Scope, TemplateEnricher,
TemplateError, build_default_http_client, lookup_builtin, register_builtin,
validate_template_namespace,
};
pub use error::RuntimeError;
pub use input::{EventInputDecoded, InputFormat, parse_line};
pub use io::webhook::{
BuiltWebhook, WebhookConfig, WebhookConfigError, WebhookKind, WebhookSink, WebhooksFile,
build_webhooks, load_webhooks_file,
};
pub use io::{
AckToken, DeliveryConfig, DeliveryFailure, DeliverySink, Dispatcher, EventSource, FileSink,
OnFull, RawEvent, Sink, StdinSource, StdoutSink, spawn_source,
};
pub use metrics::{MetricsHook, NoopMetrics};
pub use pipeline_deprecation::warn_pipeline_inline_sources;
pub use processor::{EventFilter, LogProcessor};
pub use tap::{TapPayload, TapRegistry, TapSessionHandle, TapStage};
pub use rsigma_eval::{
FieldCoverage, FieldObservation, FieldObservationEntry, FieldObserver, ProcessResult,
ProcessResultExt,
};
pub use sources::refresh::{RefreshResult, RefreshScheduler, RefreshTrigger};
pub use sources::{
DefaultSourceResolver, ResolvedValue, SourceCache, SourceError, SourceErrorKind,
SourceResolver, TemplateExpander,
};
#[cfg(feature = "nats")]
pub use io::{NatsConnectConfig, NatsSink, NatsSource, ReplayPolicy};
#[cfg(feature = "evtx")]
pub use input::evtx::{EvtxError, EvtxFileReader};
#[cfg(feature = "otlp")]
pub use io::otlp::{
ExportLogsServiceRequest, ExportLogsServiceResponse, LogsService, LogsServiceServer,
OtlpClientTls, OtlpProtocol, OtlpSink, evaluation_results_to_logs_request,
logs_request_to_raw_events,
};