datadog_api_client/datadogV2/model/
model_observability_pipeline_ocsf_mapping_library.rs1use serde::{Deserialize, Deserializer, Serialize, Serializer};
6
7#[non_exhaustive]
8#[derive(Clone, Debug, Eq, PartialEq)]
9pub enum ObservabilityPipelineOcsfMappingLibrary {
10 CLOUDTRAIL_ACCOUNT_CHANGE,
11 GCP_CLOUD_AUDIT_CREATEBUCKET,
12 GCP_CLOUD_AUDIT_CREATESINK,
13 GCP_CLOUD_AUDIT_SETIAMPOLICY,
14 GCP_CLOUD_AUDIT_UPDATESINK,
15 GITHUB_AUDIT_LOG_API_ACTIVITY,
16 GOOGLE_WORKSPACE_ADMIN_AUDIT_ADDPRIVILEGE,
17 MICROSOFT_365_DEFENDER_INCIDENT,
18 MICROSOFT_365_DEFENDER_USERLOGGEDIN,
19 OKTA_SYSTEM_LOG_AUTHENTICATION,
20 PALO_ALTO_NETWORKS_FIREWALL_TRAFFIC,
21 UnparsedObject(crate::datadog::UnparsedObject),
22}
23
24impl ToString for ObservabilityPipelineOcsfMappingLibrary {
25 fn to_string(&self) -> String {
26 match self {
27 Self::CLOUDTRAIL_ACCOUNT_CHANGE => String::from("CloudTrail Account Change"),
28 Self::GCP_CLOUD_AUDIT_CREATEBUCKET => String::from("GCP Cloud Audit CreateBucket"),
29 Self::GCP_CLOUD_AUDIT_CREATESINK => String::from("GCP Cloud Audit CreateSink"),
30 Self::GCP_CLOUD_AUDIT_SETIAMPOLICY => String::from("GCP Cloud Audit SetIamPolicy"),
31 Self::GCP_CLOUD_AUDIT_UPDATESINK => String::from("GCP Cloud Audit UpdateSink"),
32 Self::GITHUB_AUDIT_LOG_API_ACTIVITY => String::from("Github Audit Log API Activity"),
33 Self::GOOGLE_WORKSPACE_ADMIN_AUDIT_ADDPRIVILEGE => {
34 String::from("Google Workspace Admin Audit addPrivilege")
35 }
36 Self::MICROSOFT_365_DEFENDER_INCIDENT => {
37 String::from("Microsoft 365 Defender Incident")
38 }
39 Self::MICROSOFT_365_DEFENDER_USERLOGGEDIN => {
40 String::from("Microsoft 365 Defender UserLoggedIn")
41 }
42 Self::OKTA_SYSTEM_LOG_AUTHENTICATION => String::from("Okta System Log Authentication"),
43 Self::PALO_ALTO_NETWORKS_FIREWALL_TRAFFIC => {
44 String::from("Palo Alto Networks Firewall Traffic")
45 }
46 Self::UnparsedObject(v) => v.value.to_string(),
47 }
48 }
49}
50
51impl Serialize for ObservabilityPipelineOcsfMappingLibrary {
52 fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
53 where
54 S: Serializer,
55 {
56 match self {
57 Self::UnparsedObject(v) => v.serialize(serializer),
58 _ => serializer.serialize_str(self.to_string().as_str()),
59 }
60 }
61}
62
63impl<'de> Deserialize<'de> for ObservabilityPipelineOcsfMappingLibrary {
64 fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
65 where
66 D: Deserializer<'de>,
67 {
68 let s: String = String::deserialize(deserializer)?;
69 Ok(match s.as_str() {
70 "CloudTrail Account Change" => Self::CLOUDTRAIL_ACCOUNT_CHANGE,
71 "GCP Cloud Audit CreateBucket" => Self::GCP_CLOUD_AUDIT_CREATEBUCKET,
72 "GCP Cloud Audit CreateSink" => Self::GCP_CLOUD_AUDIT_CREATESINK,
73 "GCP Cloud Audit SetIamPolicy" => Self::GCP_CLOUD_AUDIT_SETIAMPOLICY,
74 "GCP Cloud Audit UpdateSink" => Self::GCP_CLOUD_AUDIT_UPDATESINK,
75 "Github Audit Log API Activity" => Self::GITHUB_AUDIT_LOG_API_ACTIVITY,
76 "Google Workspace Admin Audit addPrivilege" => {
77 Self::GOOGLE_WORKSPACE_ADMIN_AUDIT_ADDPRIVILEGE
78 }
79 "Microsoft 365 Defender Incident" => Self::MICROSOFT_365_DEFENDER_INCIDENT,
80 "Microsoft 365 Defender UserLoggedIn" => Self::MICROSOFT_365_DEFENDER_USERLOGGEDIN,
81 "Okta System Log Authentication" => Self::OKTA_SYSTEM_LOG_AUTHENTICATION,
82 "Palo Alto Networks Firewall Traffic" => Self::PALO_ALTO_NETWORKS_FIREWALL_TRAFFIC,
83 _ => Self::UnparsedObject(crate::datadog::UnparsedObject {
84 value: serde_json::Value::String(s.into()),
85 }),
86 })
87 }
88}