Docs Home
Sumo Logic v1.0.7 published on Friday, Apr 11, 2025 by Pulumi
sumologic.CseCustomInsight
Explore with Pulumi AI
Provides a Sumo Logic CSE Custom Insight.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as sumologic from "@pulumi/sumologic";
const customInsight = new sumologic.CseCustomInsight("custom_insight", {
description: "Insight description",
enabled: true,
ordered: true,
name: "Custom Insight Example",
ruleIds: [
"MATCH-S00001",
"THRESHOLD-U00005",
],
severity: "HIGH",
signalMatchStrategy: "ENTITY",
dynamicSeverities: [{
minimumSignalSeverity: 8,
insightSeverity: "CRITICAL",
}],
signalNames: [
"Some Signal Name",
"Wildcard Signal Name *",
],
tags: ["_mitreAttackTactic:TA0009"],
});
import pulumi
import pulumi_sumologic as sumologic
custom_insight = sumologic.CseCustomInsight("custom_insight",
description="Insight description",
enabled=True,
ordered=True,
name="Custom Insight Example",
rule_ids=[
"MATCH-S00001",
"THRESHOLD-U00005",
],
severity="HIGH",
signal_match_strategy="ENTITY",
dynamic_severities=[{
"minimum_signal_severity": 8,
"insight_severity": "CRITICAL",
}],
signal_names=[
"Some Signal Name",
"Wildcard Signal Name *",
],
tags=["_mitreAttackTactic:TA0009"])
package main
import (
"github.com/pulumi/pulumi-sumologic/sdk/go/sumologic"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := sumologic.NewCseCustomInsight(ctx, "custom_insight", &sumologic.CseCustomInsightArgs{
Description: pulumi.String("Insight description"),
Enabled: pulumi.Bool(true),
Ordered: pulumi.Bool(true),
Name: pulumi.String("Custom Insight Example"),
RuleIds: pulumi.StringArray{
pulumi.String("MATCH-S00001"),
pulumi.String("THRESHOLD-U00005"),
},
Severity: pulumi.String("HIGH"),
SignalMatchStrategy: pulumi.String("ENTITY"),
DynamicSeverities: sumologic.CseCustomInsightDynamicSeverityArray{
&sumologic.CseCustomInsightDynamicSeverityArgs{
MinimumSignalSeverity: pulumi.Int(8),
InsightSeverity: pulumi.String("CRITICAL"),
},
},
SignalNames: pulumi.StringArray{
pulumi.String("Some Signal Name"),
pulumi.String("Wildcard Signal Name *"),
},
Tags: pulumi.StringArray{
pulumi.String("_mitreAttackTactic:TA0009"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using SumoLogic = Pulumi.SumoLogic;
return await Deployment.RunAsync(() =>
{
var customInsight = new SumoLogic.CseCustomInsight("custom_insight", new()
{
Description = "Insight description",
Enabled = true,
Ordered = true,
Name = "Custom Insight Example",
RuleIds = new[]
{
"MATCH-S00001",
"THRESHOLD-U00005",
},
Severity = "HIGH",
SignalMatchStrategy = "ENTITY",
DynamicSeverities = new[]
{
new SumoLogic.Inputs.CseCustomInsightDynamicSeverityArgs
{
MinimumSignalSeverity = 8,
InsightSeverity = "CRITICAL",
},
},
SignalNames = new[]
{
"Some Signal Name",
"Wildcard Signal Name *",
},
Tags = new[]
{
"_mitreAttackTactic:TA0009",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sumologic.CseCustomInsight;
import com.pulumi.sumologic.CseCustomInsightArgs;
import com.pulumi.sumologic.inputs.CseCustomInsightDynamicSeverityArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var customInsight = new CseCustomInsight("customInsight", CseCustomInsightArgs.builder()
.description("Insight description")
.enabled(true)
.ordered(true)
.name("Custom Insight Example")
.ruleIds(
"MATCH-S00001",
"THRESHOLD-U00005")
.severity("HIGH")
.signalMatchStrategy("ENTITY")
.dynamicSeverities(CseCustomInsightDynamicSeverityArgs.builder()
.minimumSignalSeverity(8)
.insightSeverity("CRITICAL")
.build())
.signalNames(
"Some Signal Name",
"Wildcard Signal Name *")
.tags("_mitreAttackTactic:TA0009")
.build());
}
}
resources:
customInsight:
type: sumologic:CseCustomInsight
name: custom_insight
properties:
description: Insight description
enabled: true
ordered: true
name: Custom Insight Example
ruleIds:
- MATCH-S00001
- THRESHOLD-U00005
severity: HIGH
signalMatchStrategy: ENTITY
dynamicSeverities:
- minimumSignalSeverity: 8
insightSeverity: CRITICAL
signalNames:
- Some Signal Name
- Wildcard Signal Name *
tags:
- _mitreAttackTactic:TA0009
Create CseCustomInsight Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CseCustomInsight(name: string, args: CseCustomInsightArgs, opts?: CustomResourceOptions);@overload
def CseCustomInsight(resource_name: str,
args: CseCustomInsightArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CseCustomInsight(resource_name: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
enabled: Optional[bool] = None,
ordered: Optional[bool] = None,
severity: Optional[str] = None,
tags: Optional[Sequence[str]] = None,
dynamic_severities: Optional[Sequence[CseCustomInsightDynamicSeverityArgs]] = None,
name: Optional[str] = None,
rule_ids: Optional[Sequence[str]] = None,
signal_match_strategy: Optional[str] = None,
signal_names: Optional[Sequence[str]] = None)func NewCseCustomInsight(ctx *Context, name string, args CseCustomInsightArgs, opts ...ResourceOption) (*CseCustomInsight, error)public CseCustomInsight(string name, CseCustomInsightArgs args, CustomResourceOptions? opts = null)public CseCustomInsight(String name, CseCustomInsightArgs args)
public CseCustomInsight(String name, CseCustomInsightArgs args, CustomResourceOptions options)
type: sumologic:CseCustomInsight
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. CseCustomInsightArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. CseCustomInsightArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. CseCustomInsightArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. CseCustomInsightArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. CseCustomInsightArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var cseCustomInsightResource = new SumoLogic.CseCustomInsight("cseCustomInsightResource", new()
{
Description = "string",
Enabled = false,
Ordered = false,
Severity = "string",
Tags = new[]
{
"string",
},
DynamicSeverities = new[]
{
new SumoLogic.Inputs.CseCustomInsightDynamicSeverityArgs
{
InsightSeverity = "string",
MinimumSignalSeverity = 0,
},
},
Name = "string",
RuleIds = new[]
{
"string",
},
SignalMatchStrategy = "string",
SignalNames = new[]
{
"string",
},
});
example, err := sumologic.NewCseCustomInsight(ctx, "cseCustomInsightResource", &sumologic.CseCustomInsightArgs{
Description: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Ordered: pulumi.Bool(false),
Severity: pulumi.String("string"),
Tags: pulumi.StringArray{
pulumi.String("string"),
},
DynamicSeverities: sumologic.CseCustomInsightDynamicSeverityArray{
&sumologic.CseCustomInsightDynamicSeverityArgs{
InsightSeverity: pulumi.String("string"),
MinimumSignalSeverity: pulumi.Int(0),
},
},
Name: pulumi.String("string"),
RuleIds: pulumi.StringArray{
pulumi.String("string"),
},
SignalMatchStrategy: pulumi.String("string"),
SignalNames: pulumi.StringArray{
pulumi.String("string"),
},
})
var cseCustomInsightResource = new CseCustomInsight("cseCustomInsightResource", CseCustomInsightArgs.builder()
.description("string")
.enabled(false)
.ordered(false)
.severity("string")
.tags("string")
.dynamicSeverities(CseCustomInsightDynamicSeverityArgs.builder()
.insightSeverity("string")
.minimumSignalSeverity(0)
.build())
.name("string")
.ruleIds("string")
.signalMatchStrategy("string")
.signalNames("string")
.build());
cse_custom_insight_resource = sumologic.CseCustomInsight("cseCustomInsightResource",
description="string",
enabled=False,
ordered=False,
severity="string",
tags=["string"],
dynamic_severities=[{
"insight_severity": "string",
"minimum_signal_severity": 0,
}],
name="string",
rule_ids=["string"],
signal_match_strategy="string",
signal_names=["string"])
const cseCustomInsightResource = new sumologic.CseCustomInsight("cseCustomInsightResource", {
description: "string",
enabled: false,
ordered: false,
severity: "string",
tags: ["string"],
dynamicSeverities: [{
insightSeverity: "string",
minimumSignalSeverity: 0,
}],
name: "string",
ruleIds: ["string"],
signalMatchStrategy: "string",
signalNames: ["string"],
});
type: sumologic:CseCustomInsight
properties:
description: string
dynamicSeverities:
- insightSeverity: string
minimumSignalSeverity: 0
enabled: false
name: string
ordered: false
ruleIds:
- string
severity: string
signalMatchStrategy: string
signalNames:
- string
tags:
- string
CseCustomInsight Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CseCustomInsight resource accepts the following input properties:
- Description
This property is required. string - The description of the generated Insights
- Enabled
This property is required. bool - Whether the Custom Insight should generate Insights
- Ordered
This property is required. bool - Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- Severity
This property is required. string - The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
This property is required. List<string>The tags of the generated Insights
The following attributes are exported:
- Dynamic
Severities List<Pulumi.Sumo Logic. Inputs. Cse Custom Insight Dynamic Severity> - The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- Name string
- The name of the Custom Insight and the generated Insights
- Rule
Ids List<string> - The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- Signal
Match stringStrategy - The signal match strategy to use when generating insights (ENTITY, STRICT)
- Signal
Names List<string> - The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- Description
This property is required. string - The description of the generated Insights
- Enabled
This property is required. bool - Whether the Custom Insight should generate Insights
- Ordered
This property is required. bool - Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- Severity
This property is required. string - The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
This property is required. []stringThe tags of the generated Insights
The following attributes are exported:
- Dynamic
Severities []CseCustom Insight Dynamic Severity Args - The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- Name string
- The name of the Custom Insight and the generated Insights
- Rule
Ids []string - The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- Signal
Match stringStrategy - The signal match strategy to use when generating insights (ENTITY, STRICT)
- Signal
Names []string - The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- description
This property is required. String - The description of the generated Insights
- enabled
This property is required. Boolean - Whether the Custom Insight should generate Insights
- ordered
This property is required. Boolean - Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- severity
This property is required. String - The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
This property is required. List<String>The tags of the generated Insights
The following attributes are exported:
- dynamic
Severities List<CseCustom Insight Dynamic Severity> - The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- name String
- The name of the Custom Insight and the generated Insights
- rule
Ids List<String> - The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- signal
Match StringStrategy - The signal match strategy to use when generating insights (ENTITY, STRICT)
- signal
Names List<String> - The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- description
This property is required. string - The description of the generated Insights
- enabled
This property is required. boolean - Whether the Custom Insight should generate Insights
- ordered
This property is required. boolean - Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- severity
This property is required. string - The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
This property is required. string[]The tags of the generated Insights
The following attributes are exported:
- dynamic
Severities CseCustom Insight Dynamic Severity[] - The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- name string
- The name of the Custom Insight and the generated Insights
- rule
Ids string[] - The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- signal
Match stringStrategy - The signal match strategy to use when generating insights (ENTITY, STRICT)
- signal
Names string[] - The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- description
This property is required. str - The description of the generated Insights
- enabled
This property is required. bool - Whether the Custom Insight should generate Insights
- ordered
This property is required. bool - Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- severity
This property is required. str - The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
This property is required. Sequence[str]The tags of the generated Insights
The following attributes are exported:
- dynamic_
severities Sequence[CseCustom Insight Dynamic Severity Args] - The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- name str
- The name of the Custom Insight and the generated Insights
- rule_
ids Sequence[str] - The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- signal_
match_ strstrategy - The signal match strategy to use when generating insights (ENTITY, STRICT)
- signal_
names Sequence[str] - The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- description
This property is required. String - The description of the generated Insights
- enabled
This property is required. Boolean - Whether the Custom Insight should generate Insights
- ordered
This property is required. Boolean - Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- severity
This property is required. String - The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
This property is required. List<String>The tags of the generated Insights
The following attributes are exported:
- dynamic
Severities List<Property Map> - The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- name String
- The name of the Custom Insight and the generated Insights
- rule
Ids List<String> - The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- signal
Match StringStrategy - The signal match strategy to use when generating insights (ENTITY, STRICT)
- signal
Names List<String> - The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
Outputs
All input properties are implicitly available as output properties. Additionally, the CseCustomInsight resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing CseCustomInsight Resource
Get an existing CseCustomInsight resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CseCustomInsightState, opts?: CustomResourceOptions): CseCustomInsight@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
dynamic_severities: Optional[Sequence[CseCustomInsightDynamicSeverityArgs]] = None,
enabled: Optional[bool] = None,
name: Optional[str] = None,
ordered: Optional[bool] = None,
rule_ids: Optional[Sequence[str]] = None,
severity: Optional[str] = None,
signal_match_strategy: Optional[str] = None,
signal_names: Optional[Sequence[str]] = None,
tags: Optional[Sequence[str]] = None) -> CseCustomInsightfunc GetCseCustomInsight(ctx *Context, name string, id IDInput, state *CseCustomInsightState, opts ...ResourceOption) (*CseCustomInsight, error)public static CseCustomInsight Get(string name, Input<string> id, CseCustomInsightState? state, CustomResourceOptions? opts = null)public static CseCustomInsight get(String name, Output<String> id, CseCustomInsightState state, CustomResourceOptions options)resources: _: type: sumologic:CseCustomInsight get: id: ${id}- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Description string
- The description of the generated Insights
- Dynamic
Severities List<Pulumi.Sumo Logic. Inputs. Cse Custom Insight Dynamic Severity> - The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- Enabled bool
- Whether the Custom Insight should generate Insights
- Name string
- The name of the Custom Insight and the generated Insights
- Ordered bool
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- Rule
Ids List<string> - The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- Severity string
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- Signal
Match stringStrategy - The signal match strategy to use when generating insights (ENTITY, STRICT)
- Signal
Names List<string> - The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- List<string>
The tags of the generated Insights
The following attributes are exported:
- Description string
- The description of the generated Insights
- Dynamic
Severities []CseCustom Insight Dynamic Severity Args - The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- Enabled bool
- Whether the Custom Insight should generate Insights
- Name string
- The name of the Custom Insight and the generated Insights
- Ordered bool
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- Rule
Ids []string - The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- Severity string
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- Signal
Match stringStrategy - The signal match strategy to use when generating insights (ENTITY, STRICT)
- Signal
Names []string - The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- []string
The tags of the generated Insights
The following attributes are exported:
- description String
- The description of the generated Insights
- dynamic
Severities List<CseCustom Insight Dynamic Severity> - The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- enabled Boolean
- Whether the Custom Insight should generate Insights
- name String
- The name of the Custom Insight and the generated Insights
- ordered Boolean
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- rule
Ids List<String> - The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- severity String
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- signal
Match StringStrategy - The signal match strategy to use when generating insights (ENTITY, STRICT)
- signal
Names List<String> - The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- List<String>
The tags of the generated Insights
The following attributes are exported:
- description string
- The description of the generated Insights
- dynamic
Severities CseCustom Insight Dynamic Severity[] - The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- enabled boolean
- Whether the Custom Insight should generate Insights
- name string
- The name of the Custom Insight and the generated Insights
- ordered boolean
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- rule
Ids string[] - The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- severity string
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- signal
Match stringStrategy - The signal match strategy to use when generating insights (ENTITY, STRICT)
- signal
Names string[] - The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- string[]
The tags of the generated Insights
The following attributes are exported:
- description str
- The description of the generated Insights
- dynamic_
severities Sequence[CseCustom Insight Dynamic Severity Args] - The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- enabled bool
- Whether the Custom Insight should generate Insights
- name str
- The name of the Custom Insight and the generated Insights
- ordered bool
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- rule_
ids Sequence[str] - The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- severity str
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- signal_
match_ strstrategy - The signal match strategy to use when generating insights (ENTITY, STRICT)
- signal_
names Sequence[str] - The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- Sequence[str]
The tags of the generated Insights
The following attributes are exported:
- description String
- The description of the generated Insights
- dynamic
Severities List<Property Map> - The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- enabled Boolean
- Whether the Custom Insight should generate Insights
- name String
- The name of the Custom Insight and the generated Insights
- ordered Boolean
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- rule
Ids List<String> - The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- severity String
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- signal
Match StringStrategy - The signal match strategy to use when generating insights (ENTITY, STRICT)
- signal
Names List<String> - The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- List<String>
The tags of the generated Insights
The following attributes are exported:
Supporting Types
CseCustomInsightDynamicSeverity, CseCustomInsightDynamicSeverityArgs
, CseCustomInsightDynamicSeverityArgs
- Insight
Severity This property is required. string - The severity of the generated Insight (CRITICAL, HIGH, MEDIUM, or LOW)
- Minimum
Signal Severity This property is required. int - minimum Signal severity as the threshold for an Insight severity level
- Insight
Severity This property is required. string - The severity of the generated Insight (CRITICAL, HIGH, MEDIUM, or LOW)
- Minimum
Signal Severity This property is required. int - minimum Signal severity as the threshold for an Insight severity level
- insight
Severity This property is required. String - The severity of the generated Insight (CRITICAL, HIGH, MEDIUM, or LOW)
- minimum
Signal Severity This property is required. Integer - minimum Signal severity as the threshold for an Insight severity level
- insight
Severity This property is required. string - The severity of the generated Insight (CRITICAL, HIGH, MEDIUM, or LOW)
- minimum
Signal Severity This property is required. number - minimum Signal severity as the threshold for an Insight severity level
- insight_
severity This property is required. str - The severity of the generated Insight (CRITICAL, HIGH, MEDIUM, or LOW)
- minimum_
signal_ severity This property is required. int - minimum Signal severity as the threshold for an Insight severity level
- insight
Severity This property is required. String - The severity of the generated Insight (CRITICAL, HIGH, MEDIUM, or LOW)
- minimum
Signal Severity This property is required. Number - minimum Signal severity as the threshold for an Insight severity level
Import
Custom Insights can be imported using the field id, e.g.:
hcl
$ pulumi import sumologic:index/cseCustomInsight:CseCustomInsight custom_insight id
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Sumo Logic pulumi/pulumi-sumologic
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
sumologicTerraform Provider.