Struct Base 

pub struct Base { /* private fields */ }

The base field set contains all fields which are at the root of the events. These fields are common across all types of events.

Implementations

impl Base

pub fn get_timestamp(&self) -> &Timestamp

Date/time when the event originated.

This is the date/time extracted from the event, typically representing when the event was generated by the source.

If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline.

Required field for all events.

pub fn set_timestamp(&mut self, timestamp_arg: Timestamp)

Date/time when the event originated.

This is the date/time extracted from the event, typically representing when the event was generated by the source.

If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline.

Required field for all events.

Example

2016-05-23T08:05:34.853Z

pub fn get_tags(&self) -> &Vec<String>

List of keywords used to tag each event.

pub fn add_tag(&mut self, tag_arg: String)

List of keywords used to tag each event.

Example

["production", "env2"]

pub fn get_labels(&self) -> Option<&Value>

Custom key/value pairs.

Can be used to add meta information to events. Should not contain nested objects. All values are stored as keyword.

Example: docker and k8s labels.

pub fn set_labels(&mut self, labels_arg: Value)

Custom key/value pairs.

Can be used to add meta information to events. Should not contain nested objects. All values are stored as keyword.

Example: docker and k8s labels.

Example

{"application": "foo-bar", "env": "production"}

pub fn get_message(&self) -> Option<&String>

For log events the message field contains the log message, optimized for viewing in a log viewer.

For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event.

If multiple messages exist, they can be combined into one message.

pub fn set_message(&mut self, message_arg: String)

For log events the message field contains the log message, optimized for viewing in a log viewer.

For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event.

If multiple messages exist, they can be combined into one message.

Example

Hello World

pub fn with_macho(&mut self, macho_arg: Macho) -> &mut Self

add child of type crate::Macho

pub fn with_risk(&mut self, risk_arg: Risk) -> &mut Self

add child of type crate::Risk

pub fn with_x509(&mut self, x509_arg: X509) -> &mut Self

add child of type crate::X509

pub fn with_dns(&mut self, dns_arg: Dns) -> &mut Self

add child of type crate::Dns

pub fn with_related(&mut self, related_arg: Related) -> &mut Self

add child of type crate::Related

pub fn with_threat(&mut self, threat_arg: Threat) -> &mut Self

add child of type crate::Threat

pub fn with_client(&mut self, client_arg: Client) -> &mut Self

add child of type crate::Client

pub fn with_vlan(&mut self, vlan_arg: Vlan) -> &mut Self

add child of type crate::Vlan

pub fn with_file(&mut self, file_arg: File) -> &mut Self

add child of type crate::File

pub fn with_elf(&mut self, elf_arg: Elf) -> &mut Self

add child of type crate::Elf

pub fn with_http(&mut self, http_arg: Http) -> &mut Self

add child of type crate::Http

pub fn with_tls(&mut self, tls_arg: Tls) -> &mut Self

add child of type crate::Tls

pub fn with_pe(&mut self, pe_arg: Pe) -> &mut Self

add child of type crate::Pe

pub fn with_dll(&mut self, dll_arg: Dll) -> &mut Self

add child of type crate::Dll

pub fn with_code_signature( &mut self, code_signature_arg: CodeSignature, ) -> &mut Self

add child of type crate::CodeSignature

pub fn with_host(&mut self, host_arg: Host) -> &mut Self

add child of type crate::Host

pub fn with_as(&mut self, as_arg: As) -> &mut Self

add child of type crate::As

pub fn with_network(&mut self, network_arg: Network) -> &mut Self

add child of type crate::Network

pub fn with_source(&mut self, source_arg: Source) -> &mut Self

add child of type crate::Source

pub fn with_user_agent(&mut self, user_agent_arg: UserAgent) -> &mut Self

add child of type crate::UserAgent

pub fn with_vulnerability( &mut self, vulnerability_arg: Vulnerability, ) -> &mut Self

add child of type crate::Vulnerability

pub fn with_hash(&mut self, hash_arg: Hash) -> &mut Self

add child of type crate::Hash

pub fn with_log(&mut self, log_arg: Log) -> &mut Self

add child of type crate::Log

pub fn with_email(&mut self, email_arg: Email) -> &mut Self

add child of type crate::Email

pub fn with_destination(&mut self, destination_arg: Destination) -> &mut Self

add child of type crate::Destination

pub fn with_url(&mut self, url_arg: Url) -> &mut Self

add child of type crate::Url

pub fn with_service(&mut self, service_arg: Service) -> &mut Self

add child of type crate::Service

pub fn with_server(&mut self, server_arg: Server) -> &mut Self

add child of type crate::Server

pub fn with_registry(&mut self, registry_arg: Registry) -> &mut Self

add child of type crate::Registry

pub fn with_geo(&mut self, geo_arg: Geo) -> &mut Self

add child of type crate::Geo

pub fn with_observer(&mut self, observer_arg: Observer) -> &mut Self

add child of type crate::Observer

pub fn with_error(&mut self, error_arg: Error) -> &mut Self

add child of type crate::Error

pub fn with_ecs(&mut self, ecs_arg: Ecs) -> &mut Self

add child of type crate::Ecs

pub fn with_orchestrator(&mut self, orchestrator_arg: Orchestrator) -> &mut Self

add child of type crate::Orchestrator

pub fn with_os(&mut self, os_arg: Os) -> &mut Self

add child of type crate::Os

pub fn with_event(&mut self, event_arg: Event) -> &mut Self

add child of type crate::Event

pub fn with_agent(&mut self, agent_arg: Agent) -> &mut Self

add child of type crate::Agent

pub fn with_container(&mut self, container_arg: Container) -> &mut Self

add child of type crate::Container

pub fn with_faas(&mut self, faas_arg: Faas) -> &mut Self

add child of type crate::Faas

pub fn with_process(&mut self, process_arg: Process) -> &mut Self

add child of type crate::Process

pub fn with_user(&mut self, user_arg: User) -> &mut Self

add child of type crate::User

pub fn with_device(&mut self, device_arg: Device) -> &mut Self

add child of type crate::Device

pub fn with_interface(&mut self, interface_arg: Interface) -> &mut Self

add child of type crate::Interface

pub fn with_package(&mut self, package_arg: Package) -> &mut Self

add child of type crate::Package

pub fn with_organization(&mut self, organization_arg: Organization) -> &mut Self

add child of type crate::Organization

pub fn with_cloud(&mut self, cloud_arg: Cloud) -> &mut Self

add child of type crate::Cloud

pub fn with_rule(&mut self, rule_arg: Rule) -> &mut Self

add child of type crate::Rule

pub fn with_data_stream(&mut self, data_stream_arg: DataStream) -> &mut Self

add child of type crate::DataStream

pub fn with_group(&mut self, group_arg: Group) -> &mut Self

add child of type crate::Group

pub fn new(timestamp_arg: Timestamp) -> Self

Trait Implementations

impl Clone for Base

fn clone(&self) -> Base

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Serialize for Base

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.