diff --git a/docusaurus.config.js b/docusaurus.config.js index ba49d296f2..9190899bd2 100644 --- a/docusaurus.config.js +++ b/docusaurus.config.js @@ -222,6 +222,54 @@ module.exports = { }, }), ], + [ + 'redocusaurus', + { + specs: [ + { + id: 'sumo-api', + spec: 'static/sumologic-api.yaml', + route: '/docs/api-reference/', + layout: { + title: 'API Reference', + noFooter: true, + }, + }, + ], + theme: { + primaryColor: '#0055b3', + options: { + lazyRendering: true, + }, + theme: { + typography: { + fontFamily: '"Lab Grotesque", sans-serif', + fontSize: '16px', + fontWeightRegular: '400', + fontWeightBold: '700', + headings: { + fontFamily: '"Lab Grotesque", "Segoe UI"', + fontWeight: '400', + }, + code: { + fontSize: '13px', + fontFamily: 'Source Code Pro, monospace', + }, + }, + codeBlock: { + backgroundColor: '#1e1e1e', + }, + rightPanel: { + backgroundColor: '#263238', + textColor: '#ffffff', + }, + codeSample: { + backgroundColor: '#1e1e1e', + }, + }, + }, + }, + ], ], plugins: [ 'docusaurus-plugin-sass', @@ -489,7 +537,6 @@ module.exports = { { label: 'API', position: 'left', - to: '#', type: 'dropdown', items:[ { @@ -500,8 +547,9 @@ module.exports = { }, { label: 'API Reference', - href: 'https://api.sumologic.com/docs/', + to: '/docs/api-reference/', icon: 'code', + hideParentLabel: true, }, ] }, diff --git a/package.json b/package.json index ce7ccae7d0..0a12dcb7bf 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,7 @@ "scripts": { "docusaurus": "docusaurus", "start": "docusaurus start", - "build": "docusaurus build", + "build": "DOCUSAURUS_IGNORE_SSG_WARNINGS=true docusaurus build", "swizzle": "docusaurus swizzle", "deploy": "docusaurus deploy", "clear": "docusaurus clear", @@ -153,6 +153,7 @@ "react-iframe": "^1.8.0", "react-json-view-lite": "1.2.1", "react-live": "^4.1.5", + "redocusaurus": "^2.5.0", "regjsgen": "0.8.0", "remark-code-import": "^1.2.0", "remark-emoji": "^4.0.1", diff --git a/src/css/sumo.scss b/src/css/sumo.scss index 6c27a17f97..90049dca1e 100644 --- a/src/css/sumo.scss +++ b/src/css/sumo.scss @@ -1753,3 +1753,42 @@ article header h2[class*='title_'] { .language-sumo .token.time { color: var(--sumo-number); } .language-sumo .token.operator { color: var(--sumo-operator); } .language-sumo .token.regex { color: var(--sumo-regex); } + +/* Redoc centre panel code blocks */ + +.redoc-markdown pre { + background-color: #1e1e1e !important; + border: none !important; + border-radius: 4px; + padding: 0 !important; + overflow-x: auto; +} + +.redoc-markdown pre > code { + background-color: #1e1e1e !important; + color: #f8f8f2 !important; + display: block; + padding: 16px !important; + width: max-content; + min-width: 100%; + font-family: 'Source Code Pro', monospace !important; + font-size: 13px !important; +} + +.redoc-markdown pre > code .token.operator { + color: #f92672 !important; +} + +/* Scrollbar styling for Redoc code blocks */ +.redoc-markdown pre::-webkit-scrollbar { + height: 6px; +} + +.redoc-markdown pre::-webkit-scrollbar-track { + background: #1e1e1e !important; +} + +.redoc-markdown pre::-webkit-scrollbar-thumb { + background: #555; + border-radius: 3px; +} \ No newline at end of file diff --git a/src/theme/NavbarItem/DropdownNavbarItem.tsx b/src/theme/NavbarItem/DropdownNavbarItem.tsx index 90449b72e2..8cbca3c736 100644 --- a/src/theme/NavbarItem/DropdownNavbarItem.tsx +++ b/src/theme/NavbarItem/DropdownNavbarItem.tsx @@ -66,8 +66,15 @@ according to the selected dropdown item function getDropdownProps(props, items, localPathname) { const activeItem = items.filter((item) => isItemActive(item, localPathname)); if (activeItem.length) { + const { icon: _icon, ...activeItemWithoutIcon } = activeItem[0]; + if (activeItem[0].hideParentLabel) { + return { + ...activeItemWithoutIcon, + label: activeItem[0].label, + }; + } return { - ...activeItem[0], + ...activeItemWithoutIcon, label: props.label + ' > ' + activeItem[0].label, }; } diff --git a/static/sumologic-api.yaml b/static/sumologic-api.yaml new file mode 100644 index 0000000000..df7cac3d5f --- /dev/null +++ b/static/sumologic-api.yaml @@ -0,0 +1,36415 @@ +openapi: 3.0.0 +info: + title: Sumo Logic API + description: | + # Getting Started + Welcome to the Sumo Logic API reference. You can use these APIs to interact with the Sumo Logic platform. This is the interactive API reference embedded in the Sumo Logic documentation site — browse endpoints, view request/response schemas, and explore API details directly here. For information on Collector and Search Job APIs, see our [API home page](https://help.sumologic.com/docs/api). + ## API Endpoints + Sumo Logic has several deployments in different geographic locations. You'll need to use the Sumo Logic API endpoint corresponding to your geographic location. See the table below for the different API endpoints by deployment. For details determining your account's deployment, see [API endpoints](https://help.sumologic.com/?cid=3011). + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Deployment Endpoint
AU https://api.au.sumologic.com/api/
CA https://api.ca.sumologic.com/api/
DE https://api.de.sumologic.com/api/
EU https://api.eu.sumologic.com/api/
FED https://api.fed.sumologic.com/api/
IN https://api.in.sumologic.com/api/
JP https://api.jp.sumologic.com/api/
KR https://api.kr.sumologic.com/api/
US1 https://api.sumologic.com/api/
US2 https://api.us2.sumologic.com/api/
+ + ## Authentication + Sumo Logic supports the following options for API authentication: + - Access ID and Access Key + - Base64 encoded Access ID and Access Key + + See [Access Keys](https://help.sumologic.com/docs/manage/security/access-keys) to generate an Access Key. Make sure to copy the key you create, because it is displayed only once. + When you have an Access ID and Access Key you can execute requests such as the following: + ```bash + curl -u ":" -X GET https://api..sumologic.com/api/v1/users + ``` + + Where `deployment` is either `au`, `ca`, `de`, `eu`, `fed`, `in`, `jp`, `us1`, or `us2`. See [API endpoints](#section/API-Endpoints) for details. + + If you prefer to use basic access authentication, you can do a Base64 encoding of your `:` to authenticate your HTTPS request. The following is an example request, replace the placeholder `` with your encoded Access ID and Access Key string: + ```bash + curl -H "Authorization: Basic " -X GET https://api..sumologic.com/api/v1/users + ``` + + + Refer to [API Authentication](https://help.sumologic.com/?cid=3012) for a Base64 example. + + ## Status Codes + Generic status codes that apply to all our APIs. See the [HTTP status code registry](https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml) for reference. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
HTTP Status Code Error Code Description
301 moved The requested resource SHOULD be accessed through returned URI in Location Header. See [troubleshooting](https://help.sumologic.com/docs/api/troubleshooting/#api---301-error---moved) for details.
401 unauthorized Credential could not be verified.
403 forbidden This operation is not allowed for your account type or the user doesn't have the role capability to perform this action. See [troubleshooting](https://help.sumologic.com/docs/api/troubleshooting/#api---401-error---credential-could-not-be-verified) for details.
404 notfound Requested resource could not be found.
405 method.unsupported Unsupported method for URL.
415 contenttype.invalid Invalid content type.
429 rate.limit.exceeded The API request rate is higher than 4 request per second or inflight API requests are higher than 10 request per second.
500 internal.error Internal server error.
503 service.unavailable Service is currently unavailable.
+ + ## Filtering + Some API endpoints support filtering results on a specified set of fields. Each endpoint that supports filtering will list the fields that can be filtered. Multiple fields can be combined by using an ampersand `&` character. + + Example: To get user with email `john@demo.com`: + ```bash + api.sumologic.com/v1/users?email=john@demo.com + ``` + + ## Sorting + Some API endpoints support sorting fields by using the `sortBy` query parameter. The default sort order is ascending. Prefix the field with a minus sign `-` to sort in descending order. + + For example, to get 20 users sorted by their `email` in descending order: + ```bash + api.sumologic.com/v1/users?limit=20&sort=-email + ``` + + ## Asynchronous Request + Asynchronous requests do not wait for results, instead they immediately respond back with a job identifier while the job runs in the background. You can use the job identifier to track the status of the asynchronous job request. Here is a typical flow for an asynchronous request. + 1. Start an asynchronous job. On success, a job identifier is returned. The job identifier uniquely identifies + your asynchronous job. + + 2. Once started, use the job identifier from step 1 to track the status of your asynchronous job. An asynchronous + request will typically provide an endpoint to poll for the status of asynchronous job. A successful response + from the status endpoint will have the following structure: + ```json + { + "status": "Status of asynchronous request", + "statusMessage": "Optional message with additional information in case request succeeds", + "error": "Error object in case request fails" + } + ``` + The `status` field can have one of the following values: + 1. `Success`: The job succeeded. The `statusMessage` field might have additional information. + 2. `InProgress`: The job is still running. + 3. `Failed`: The job failed. The `error` field in the response will have more information about the failure. + + 3. Some asynchronous APIs may provide a third endpoint (like [export result](#operation/getAsyncExportResult)) + to fetch the result of an asynchronous job. + + + ### Example + Let's say we want to export a folder with the identifier `0000000006A2E86F`. We will use the [async export](#operation/beginAsyncExport) API to export all the content under the folder with `id=0000000006A2E86F`. + 1. Start an export job for the folder + ```bash + curl -X POST -u ":" https://api..sumologic.com/api/v2/content/0000000006A2E86F/export + ``` + See [authentication section](#section/Authentication) for more details about `accessId`, `accessKey`, and + `deployment`. + On success, you will get back a job identifier. In the response below, `C03E086C137F38B4` is the job identifier. + ```bash + { + "id": "C03E086C137F38B4" + } + ``` + + 2. Now poll for the status of the asynchronous job with the [status](#operation/getAsyncExportStatus) endpoint. + ```bash + curl -X GET -u ":" https://api..sumologic.com/api/v2/content/0000000006A2E86F/export/C03E086C137F38B4/status + ``` + You may get a response like + ```json + { + "status": "InProgress", + "statusMessage": null, + "error": null + } + ``` + It implies the job is still in progress. Keep polling till the status is either `Success` or `Failed`. + + 3. When the asynchronous job completes (`status != "InProgress"`), you can fetch the results with the + [export result](#operation/getAsyncExportResult) endpoint. + ```bash + curl -X GET -u ":" https://api..sumologic.com/api/v2/content/0000000006A2E86F/export/C03E086C137F38B4/result + ``` + + The asynchronous job may fail (`status == "Failed"`). You can look at the `error` field for more details. + ```json + { + "status": "Failed", + "errors": { + "code": "content1:too_many_items", + "message": "Too many objects: object count(1100) was greater than limit 1000" + } + } + ``` + + + ## Rate Limiting + * A rate limit of four API requests per second (240 requests per minute) applies to all API calls from a user. + * A rate limit of 10 concurrent requests to any API endpoint applies to an access key. + + If a rate is exceeded, a rate limit exceeded 429 status code is returned. + + ## Generating Clients + You can use [OpenAPI Generator](https://openapi-generator.tech) to generate clients from the YAML file to access the API. + + ### Using [NPM](https://www.npmjs.com/get-npm) + 1. Install [NPM package wrapper](https://github.com/openapitools/openapi-generator-cli) globally, exposing the CLI + on the command line: + ```bash + npm install @openapitools/openapi-generator-cli -g + ``` + You can see detailed instructions [here](https://openapi-generator.tech/docs/installation#npm). + + 2. Download the [YAML file](/docs/sumologic-api.yaml) and save it locally. Let's say the file is saved as `sumologic-api.yaml`. + 3. Use the following command to generate `python` client inside the `sumo/client/python` directory: + ```bash + openapi-generator generate -i sumologic-api.yaml -g python -o sumo/client/python + ``` + + + ### Using [Homebrew](https://brew.sh/) + 1. Install OpenAPI Generator + ```bash + brew install openapi-generator + ``` + + 2. Download the [YAML file](/docs/sumologic-api.yaml) and save it locally. Let's say the file is saved as `sumologic-api.yaml`. + 3. Use the following command to generate `python` client side code inside the `sumo/client/python` directory: + ```bash + openapi-generator generate -i sumologic-api.yaml -g python -o sumo/client/python + ``` + version: 1.0.0 + x-logo: + url: ./sumologic_logo.png +servers: +- url: https://api.au.sumologic.com/api/ + description: AU deployment API server +- url: https://api.ca.sumologic.com/api/ + description: CA deployment API server +- url: https://api.de.sumologic.com/api/ + description: DE deployment API server +- url: https://api.eu.sumologic.com/api/ + description: EU deployment API server +- url: https://api.fed.sumologic.com/api/ + description: FED deployment API server +- url: https://api.jp.sumologic.com/api/ + description: JP deployment API server +- url: https://api.kr.sumologic.com/api/ + description: KR deployment API server +- url: https://api.in.sumologic.com/api/ + description: IN deployment API server +- url: https://api.sumologic.com/api/ + description: US1 deployment API server +- url: https://api.us2.sumologic.com/api/ + description: US2 deployment API server +security: +- basicAuth: [] +tags: +- name: accountManagement + description: | + Account Management API. + + Manage the custom subdomain for the URL used to access your Sumo Logic account. For more information, see [Manage Organization](https://help.sumologic.com/docs/manage/manage-subscription/manage-org-settings). + x-displayName: Account +- name: orgsManagement + description: Organizations Management API. + x-displayName: Organizations Management +- name: appManagement + description: | + App installation API. + + View and install Sumo Logic Applications that deliver out-of-the-box dashboards, saved searches, and field extraction for popular data sources. For more information, see [Sumo Logic Apps](https://help.sumologic.com/docs/integrations). + x-displayName: Apps (Beta) +- name: appManagementV2 + description: | + App installation API (V2). + + View and install Sumo Logic Applications that deliver out-of-the-box dashboards, saved searches, and field extraction for popular data sources. For more information, see [Sumo Logic Apps](https://help.sumologic.com/docs/integrations). + x-displayName: Apps V2 (Beta) +- name: connectionManagement + description: | + Connection management API. + + Set up connections to send alerts to other tools. For more information, see [Connections and Integrations](https://help.sumologic.com/?cid=1044). + x-displayName: Connections +- name: contentManagement + description: | + Content management API. + + You can export, import, delete and copy content in your organization’s Library. For more information, see [Library](https://help.sumologic.com/?cid=5173). You can perform the request as a Content Administrator by using the `isAdminMode` parameter. For more information, see [Admin Mode](https://help.sumologic.com/docs/manage/content-sharing/admin-mode). +

+ ### Example + The following example uses API endpoints in the US1 deployment. Sumo Logic has several deployments that are assigned depending on the geographic location and the date an account is created. For details determining your account's deployment, see [API endpoints](https://help.sumologic.com/?cid=3011). + The [Content Import API](#operation/beginAsyncImport) can be used to create or update a Search, Scheduled Search, or Dashboard. Here is an example creating a Scheduled Search: + 1. Get the identifier of your `Personal` folder. + ```bash + curl -X GET -u ":" https://api.sumologic.com/api/v2/content/folders/personal + ``` + + Find the identifier of your `Personal` folder in the response. + ```json + { + ... + "id": "0000000006A2E86F", <---- + "name": "Personal", + "itemType": "Folder", + ... + } + ``` + + You can use [getFolder](#operation/getFolder), [getAdminRecommededFolder](#operation/getAdminRecommendedFolderAsync), + or [getGlobalFolder](#operation/getGlobalFolderAsync) endpoints to traverse the content tree and find the identifier of any + folder you want to manage. + + 2. Use the [Content Import API](#operation/beginAsyncImport) to create a new Scheduled Search inside your + `Personal` folder. + ```bash + curl -X POST -u ":" -H "Content-Type: application/json" -d @search.json https://api.sumologic.com/api/v2/content/folders/0000000006A2E86F/import + ``` + + The data file `search.json` in the above command has the following `SavedSearchWithScheduleSyncDefinition` object. + ```json + // file: search.json + { + "type": "SavedSearchWithScheduleSyncDefinition", + "name": "demo-scheduled-search", + "description": "Runs every hour with timerange of 15m and sends email notifications", + "search": { + "queryText": "\"error\" and \"warn\"", + "defaultTimeRange": "-15m", + "byReceiptTime": false, + "viewName": "", + "viewStartTime": null, + "queryParameters": [] + }, + "searchSchedule": { + "cronExpression": "0 0/15 * * * ? *", + "displayableTimeRange": "-15m", + "parseableTimeRange": { + "from": { + "relativeTime": "-15m", + "type": "RelativeTimeRangeBoundary" + }, + "to": null, + "type": "BeginBoundedTimeRange" + }, + "timeZone": "America/Los_Angeles", + "threshold": null, + "notification": { + "taskType": "EmailSearchNotificationSyncDefinition", + "toList": [ + "ops@acme.org" + ], + "subjectTemplate": "Search Results: {{SearchName}}", + "includeQuery": true, + "includeResultSet": true, + "includeHistogram": true, + "includeCsvAttachment": false + }, + "muteErrorEmails": false, + "scheduleType": "1Hour", + "parameters": [] + } + } + ``` + + The response of above request will have the job identifier that you can use to track the status of the import job. + ```json + { + "id": "74DC17FA765C7443" + } + ``` + + 3. Use the job identifier from the import request to get the [status](#operation/getAsyncImportStatus) of the + import job. + ```bash + curl -X GET -u ":" https://api.sumologic.com/api/v2/content/folders/0000000006A2E86F/import/74DC17FA765C7443/status + ``` + + If you are importing a large item, you might have to wait for the import job to finish. The following is an + example response from a completed job. + ```json + { + "status": "Success", + "statusMessage": null, + "error": null + } + ``` + x-displayName: Content +- name: contentPermissions + description: | + Content permissions API. + + You can share your folders, searches, and dashboards with specific users or roles. For more information, see [Share Content](https://help.sumologic.com/?cid=8675309). You can perform the request as a Content Administrator by using the `isAdminMode` parameter. For more information, see [Admin Mode](https://help.sumologic.com/docs/manage/content-sharing/admin-mode). + x-displayName: Permissions +- name: dashboardManagement + description: | + Dashboard (New) management API. + + Dashboard (New) allows you to analyze metric and log data on the same dashboard, in a seamless view. This gives you control over the visual display of metric and log data. Dashboard (New) streamlines dashboard configurations and on-the-fly analytic visualizations with its new templating features. For more information, see [Dashboard (New)](https://help.sumologic.com/?cid=5500). + x-displayName: Dashboard (New) +- name: dataDeletionRules + description: | + Data Deletion Rules (Beta) API. + Data Deletion Rules allow creating and managing requests to delete log messages satisfying parameters ( query, timerange, etc...). For more information, see [Deletion Requests](https://help.sumologic.com/docs/manage/deletion-requests/) + x-displayName: Data Deletion Rules (Beta) +- name: dataMaskingManagement + description: | + Data Masking Rules management API. + + Data Masking Rules allow you to define regex patterns that mask sensitive data in log messages at query time. + x-displayName: Data Masking Rules +- name: dynamicParsingRuleManagement + description: | + Dynamic Parsing management API. + + Dynamic Parsing allows automatic field extraction from your log messages when you run a search. This allows you to view fields from logs without having to manually specify parsing logic. For more information, see [Dynamic Parsing](https://help.sumologic.com/?cid=20011). + x-displayName: Dynamic Parsing +- name: extractionRuleManagement + description: | + Field Extraction Rule management API. + + Field Extraction Rules allow you to parse fields from your log messages at the time the messages are ingested eliminating the need to parse fields in your query. For more information, see [Manage Field Extraction](https://help.sumologic.com/?cid=5313). + x-displayName: Field Extraction Rules +- name: fieldManagementV1 + description: | + Field management API. + + Fields allow you to reference log data based on meaningful associations. They act as metadata tags that are assigned to your logs so you can search with them. Each field contains a key-value pair, where the field name is the key. Fields may be referred to as Log Metadata Fields. For more information, see [Fields](https://help.sumologic.com/?cid=10116). + x-displayName: Field Management +- name: logSearchesManagement + description: | + Log Searches Management API. + + Whether you are running ad hoc searches during a forensic investigation or running standard searches for health checks, you can save any search to run again later. When you create a search that you would like to reuse, you can save it to the Library. From there you can run it again, share with others, edit the search, or create a Scheduled Search to run at a regularly scheduled time, and set up alerts. The saved search will also include any charts you have created in the Aggregates tab. + x-displayName: Log Searches +- name: folderManagement + description: | + Folder management API. + + You can add folders and subfolders to the Library in order to organize your content for easy access or to share content. For more information, see [Add Folders to the Library](https://help.sumologic.com/?cid=5020). You can perform the request as a Content Administrator by using the `isAdminMode` parameter. For more information, see [Admin Mode](https://help.sumologic.com/docs/manage/content-sharing/admin-mode). + x-displayName: Folders +- name: ingestBudgetManagementV2 + description: | + Ingest Budget management API V2. + + Ingest Budgets V2 provide you the ability to create and assign budgets to your log data by Fields instead of using a Field Value. For more information, see [Metadata Ingest Budgets](https://help.sumologic.com/?cid=52352). + x-displayName: Ingest Budgets V2 +- name: partitionManagement + description: | + Partition management API. + + Creating a Partition allows you to improve search performance by searching over a smaller number of messages. For more information, see [Manage Partitions](https://help.sumologic.com/?cid=5231). + x-displayName: Partitions +- name: logsDataForwardingManagement + description: | + Logs Data Forwarding management API. + + Logs Data Forwarding allows you to forward log data from a Partition or Scheduled View to an S3 bucket. For more information, see [Forwarding Data to S3](https://help.sumologic.com/docs/manage/data-forwarding/amazon-s3-bucket). + x-displayName: Logs Data Forwarding +- name: roleManagement + description: | + Role management API. + + Roles determine the functions that users are able to perform in Sumo Logic. To manage roles, you must have an administrator role or your role must have been assigned the manage users and roles capability. For more information, see [Manage Roles](https://help.sumologic.com/?cid=5234). + x-displayName: Roles +- name: roleManagementV2 + description: | + Role management API (V2). + Roles determine the functions that users are able to perform in Sumo Logic. It also allows to configure access on partitions. To manage roles, you must have an administrator role or your role must have been assigned the manage users and roles capability. For more information, see [Manage Roles](https://help.sumologic.com/?cid=5234). + x-displayName: Roles V2 +- name: lookupManagement + description: | + Lookup Table management API. + + A Lookup Table is a table of data hosted on Sumo Logic that you can use to enrich the log and event data received by Sumo Logic. You must create a table schema before you can populate the table. For more information, see [Lookup Tables](https://help.sumologic.com/?cid=10109). + x-displayName: Lookup Tables +- name: scheduledViewManagement + description: | + Scheduled View management API. + + Scheduled Views speed the search process for small and historical subsets of your data by functioning as a pre-aggregated index. For more information, see [Manage Scheduled Views](https://help.sumologic.com/?cid=5128). + x-displayName: Scheduled Views +- name: tokensLibraryManagement + description: | + Tokens management API. + + Tokens are associated with your organization to authorize specific operations. Currently, we support collector registration tokens, which can be used to register Installed Collectors. Managing tokens requires the Manage Tokens role capability. For more information, see [Installation Tokens](https://help.sumologic.com/?cid=0100). + x-displayName: Tokens +- name: transformationRuleManagement + description: | + Transformation Rule management API. + Metrics Transformation Rules allow you control how long raw metrics are retained. You can also aggregate metrics at collection time and specify a separate retention period for the aggregated metrics. For more information, see [Metrics Transformation Rules](https://help.sumologic.com/?cid=10117). + x-displayName: Transformation Rules +- name: userManagement + description: | + User management API. + + To manage users, you must have the administrator role or your role must have been assigned the manage users and roles capability. For more information, see [Manage Users](https://help.sumologic.com/?cid=1006). + x-displayName: Users +- name: metricsSearchesManagement + description: | + Metrics Search management API. + + Save metrics searches in the content library and organize them in a folder hierarchy. Share useful queries with users in your organization. For more information, see [Sharing Metric Charts](https://help.sumologic.com/docs/metrics/metric-charts/interacting-metric-charts). + x-displayName: Metrics Searches (Beta) +- name: metricsSearchesManagementV2 + description: | + New Metrics Searches Management API. + Save metrics searches in the content library and organize them in a folder hierarchy. Allows you to list metrics searches under your personal folder. + x-displayName: Metrics Searches (New) +- name: metricsQuery + description: | + Metrics Query API. + + The Metrics Query API allows you to execute queries on various metrics and retrieve multiple time-series (data-points) over time range(s). For more information, see [Metrics - Classic](https://help.sumologic.com/?cid=1079). + x-displayName: Metrics Query +- name: accessKeyManagement + description: | + Access Key management API. + + Access Keys allow you to securely register new Collectors and access Sumo Logic APIs. For more information, see [Access Keys](https://help.sumologic.com/?cid=6690). + x-displayName: Access Keys +- name: samlConfigurationManagement + description: | + SAML configuration management API + + Organizations with Enterprise accounts can provision Security Assertion Markup Language (SAML) 2.0 to enable Single Sign-On (SSO) for user access to Sumo Logic. For more information, see [SAML Configuration](https://help.sumologic.com/?cid=4016). + x-displayName: SAML Configuration +- name: serviceAllowlistManagement + description: | + Service Allowlist management API + + Service Allowlist Settings allow you to explicitly grant access to specific IP addresses and/or CIDR notations for logins, APIs, and dashboard access. For more information, see [Service Allowlist Settings](https://help.sumologic.com/?cid=5454). + x-displayName: Service Allowlist +- name: serviceAccountManagement + description: APIs to manage service accounts + x-displayName: Service Accounts +- name: oauthManagement + description: |- + ** Only available to Beta customers. During Beta endpoints are subject to backwards incompatible changes. ** + + APIs to manage OAuth Clients + x-displayName: OAuth Management (Beta) +- name: scimUserManagement + description: APIs to manage scim based users. + x-displayName: SCIM User Management +- name: healthEvents + description: | + Health Events management API. + + Health Events allow you to keep track of the health of your Collectors and Sources. You can use them to find and investigate common errors and warnings that are known to cause collection issues. For more information, see [Health Events](https://help.sumologic.com/?cid=0020). + x-displayName: Health Events +- name: archiveManagement + description: |- + Archive Ingestion Management API. + + Archive Ingestion allows you to ingest data from Archive destinations. You can use this API to ingest data from your Archive with an existing AWS S3 Archive Source. You need the Manage or View Collectors role capability to manage or view ingestion jobs. For more information, see [Archive](https://help.sumologic.com/?cid=10011). + x-displayName: Archive Ingestion Management +- name: logSearchesEstimatedUsage + description: | + Log Search Estimated Usage API. + + Gets the estimated volume of data that would be scanned for a given log search in the Infrequent data tier, over a particular time range. In the Infrequent Data Tier, you pay per query, based on the amount data scanned. You can use this endpoint to get an estimate of the total data that would be scanned before running a query, and refine your query to scan less data, as necessary. For more information, see [Infrequent data tier](https://help.sumologic.com/?cid=11987). + x-displayName: Log Search Estimated Usage +- name: parsersLibraryManagement + description: | + Parsers Library Management API + + Customize the Parsers via this API. The Parsers Library contains the Parsers used in the "_parser" field for collector, FER or query. For more information on customizing parsers, see [Parser Editor](https://help.sumologic.com/docs/cse/schema/parser-editor/). + x-displayName: Parsers Library Management +- name: passwordPolicy + description: | + Password Policy Management API + + The password policy controls how user passwords are managed. The "Manage Password Policy" role capability is required to update the password policy. For more information, see [how to set a password policy](https://help.sumologic.com/?cid=8595). + x-displayName: Password Policy +- name: policiesManagement + description: | + Policies management API. + + Policies control the security and share settings of your organization. For more information, see [Security](https://help.sumologic.com/?cid=4041). + x-displayName: Policies +- name: traces + description: | + Traces API + + The Traces API allows you to browse traces collected in the system. You can execute queries to find traces matching provided search criteria as well as gather detailed information about individual traces and spans. For more information, see [View and investigate traces](https://help.sumologic.com/docs/apm/traces/view-and-investigate-traces). + x-displayName: Traces +- name: spanAnalytics + description: | + Span Analytics API + + The Span Analytics API allows you to browse spans collected in the system. You can execute queries to find individual spans matching provided search criteria as well as run aggregated span queries and retrieve their results. For more information, see [Spans](https://help.sumologic.com/docs/apm/traces/spans). + x-displayName: Span Analytics +- name: serviceMap + description: | + Service Map API + + The Service Map API allows you to fetch a graph representation of the Services Map, which is a high-level view of your application environment, automatically derived from tracing data. For more information, see [Services Map](https://help.sumologic.com/docs/apm/traces/services-list-map/#services-map-view). + x-displayName: Service Map +- name: threatIntelIngest + description: | + Threat Intel Datastore Management API + + The Threat Intel Datastore Management API allows you to: + * Get information about the threat indicator datastore and sources. + * Delete the threat indicator database. + * View and set the retention period for threat intel indicators. + + For more information, see [Threat Intel Ingest Management](https://help.sumologic.com/Manage/Threat-Intel-Ingest) + x-displayName: Threat Intel Datastore Management +- name: threatIntelIngestProducer + description: | + Threat Intel Ingestion API + + The Threat Intel Ingestion API allows you to: + * Upload threat intel indicators in STIX 2.x or Sumo normalized format. + * Delete indicators by ID or source. + + For more information, see [Threat Intel Ingest Management](https://help.sumologic.com/Manage/Threat-Intel-Ingest). + x-displayName: Threat Intel Ingestion +- name: otCollectorManagementExternal + description: | + OT Collector Management API External. + x-displayName: OpenTelemetry Collector Management +- name: sourceTemplateManagementExternal + description: | + Source Template Management APIs. + x-displayName: Source Template Management +- name: schemaBaseManagement + description: | + Schema Base Management APIs. + x-displayName: Schema Base Management +- name: eventAnalytics + description: | + Event Analytics (Beta) API. + + APIs for interacting with events in Sumo Logic. + x-displayName: Event Analytics (Beta) +- name: budgetManagement + description: | + Budget Management API. + x-displayName: Budget Management +- name: macroManagement + description: | + Macro Management APIs. Macros allow you to reference a predefined set of query language syntax across multiple queries. This enables reuse of commonly used logic, improves consistency, and reduces duplication. Macros can optionally accept arguments. When arguments are provided, the macro evaluates them dynamically and applies the resulting logic within the query. With the Macro Management APIs, you can create, update, retrieve, and delete macros to simplify and streamline your query writing process. + For more information, see [Macros](https://www.sumologic.com/help/docs/manage/macro/). + x-displayName: Macro Management APIs +- name: monitorsLibraryManagement + description: | + Monitor Management API. + + + Monitors continuously query your data to monitor and send notifications when specific events occur. + For more information see [Monitors](https://help.sumologic.com/?cid=10020). + x-displayName: Monitors +- name: mutingSchedulesLibraryManagement + description: | + Muting Schedules Management API. + + + Muting Schedule allows you to pause alert notifications from monitors. When a muting schedule is active on a monitor, + the monitor will still generate alerts, but no notifications will be sent. + For more information see [Muting Schedules](https://help.sumologic.com/docs/alerts/monitors/muting-schedules). + x-displayName: Muting Schedules +- name: slosLibraryManagement + description: | + SLO Management API. + + SLOs are used to monitor and alert on KPIs for your most important services or user experience. + x-displayName: SLOs +paths: + /v1/apps: + get: + tags: + - appManagement + summary: List available apps. + description: Lists all available apps from the App Catalog. + operationId: listApps + responses: + "200": + description: List of all available apps. + content: + application/json: + schema: + $ref: '#/components/schemas/ListAppsResult' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/apps/{uuid}: + get: + tags: + - appManagement + summary: Get an app by UUID. + description: Gets the app with the given universally unique identifier (UUID). + operationId: getApp + parameters: + - name: uuid + in: path + description: The identifier of the app to retrieve. + required: true + schema: + type: string + format: uuid + responses: + "200": + description: The retrieved app. + content: + application/json: + schema: + $ref: '#/components/schemas/App' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/apps/{uuid}/install: + post: + tags: + - appManagement + summary: Install an app by UUID. + description: Installs the app with given UUID in the folder specified using + destinationFolderId. + operationId: installApp + parameters: + - name: uuid + in: path + description: UUID of the app to install. + required: true + schema: + type: string + format: uuid + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AppInstallRequest' + required: true + responses: + "200": + description: App install job has been scheduled. + content: + application/json: + schema: + $ref: '#/components/schemas/BeginAsyncJobResponse' + default: + description: App installation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/apps/install/{jobId}/status: + get: + tags: + - appManagement + summary: App install job status. + description: Get the status of an asynchronous app install request for the given + job identifier. + operationId: getAsyncInstallStatus + parameters: + - name: jobId + in: path + description: The identifier of the asynchronous install job. + required: true + schema: + type: string + responses: + "200": + description: The status of the app install job. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncJobStatus' + default: + description: App installation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/apps/{uuid}/install: + post: + tags: + - appManagementV2 + summary: Start app install job + description: |- + Schedule an asynchronous job to install the app with the given UUID and version from the App Catalog. The app will be installed in 'Installed Apps' folder in the Content Library. + + _You get back an identifier of asynchronous job in response to this endpoint. You can then use the [app install status API](#operation/getAsyncInstallAppStatus) to get the status of the installation request. See [Asynchronous-Request](#section/Getting-Started/Asynchronous-Request) section for more details on how to work with asynchronous request._ + operationId: asyncInstallApp + parameters: + - name: uuid + in: path + description: UUID of the app to install. + required: true + schema: + type: string + example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5 + requestBody: + description: Information about the app to install. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncInstallAppRequest' + required: true + responses: + "200": + description: App installation job has been scheduled. + content: + application/json: + schema: + $ref: '#/components/schemas/BeginAsyncJobResponseV2' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/apps/install/{jobId}/status: + get: + tags: + - appManagementV2 + summary: App install job status + description: Get the status of an asynchronous app install request for the given + job identifier. + operationId: getAsyncInstallAppStatus + parameters: + - name: jobId + in: path + description: Identifier of the asynchronous job for installing the app. + required: true + schema: + type: string + example: C03E086C137F38B4 + responses: + "200": + description: Status of the app installation job. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncInstallAppJobStatus' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/apps/{uuid}/uninstall: + post: + tags: + - appManagementV2 + summary: Start app uninstall job + description: |- + Schedule an asynchronous job to uninstall app with the given UUID. + + _You get back an identifier of asynchronous job in response to this endpoint. You can then use the [app uninstall status API](#operation/getAsyncUninstallAppStatus) to get the status of the uninstallation request. See [Asynchronous-Request](#section/Getting-Started/Asynchronous-Request) section for more details on how to work with asynchronous request._ + operationId: asyncUninstallApp + parameters: + - name: uuid + in: path + description: UUID of the app to uninstall. + required: true + schema: + type: string + example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5 + responses: + "200": + description: App uninstall job has been scheduled. + content: + application/json: + schema: + $ref: '#/components/schemas/BeginAsyncJobResponseV2' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/apps/uninstall/{jobId}/status: + get: + tags: + - appManagementV2 + summary: App uninstall job status + description: Get the status of an asynchronous app uninstall request for the + given job identifier. + operationId: getAsyncUninstallAppStatus + parameters: + - name: jobId + in: path + description: Identifier of the asynchronous job for uninstalling the app. + required: true + schema: + type: string + example: C03E086C137F38B4 + responses: + "200": + description: Status of the app uninstall job. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncUninstallAppJobStatus' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/apps/{uuid}/upgrade: + post: + tags: + - appManagementV2 + summary: Start app upgrade job + description: |- + Schedule an asynchronous job to upgrade the app with the given UUID and version from the App Catalog. The app will be installed in 'Installed Apps' folder in the Content Library. + + _You get back an identifier of asynchronous job in response to this endpoint. You can then use the [app upgrade status API](#operation/getAsyncUpgradeAppStatus) to get the status of the upgrade request. See [Asynchronous-Request](#section/Getting-Started/Asynchronous-Request) section for more details on how to work with asynchronous request._ + operationId: asyncUpgradeApp + parameters: + - name: uuid + in: path + description: UUID of the app to upgrade. + required: true + schema: + type: string + example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5 + requestBody: + description: Information about the app to upgrade. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncUpgradeAppRequest' + required: true + responses: + "200": + description: App upgrade job has been scheduled. + content: + application/json: + schema: + $ref: '#/components/schemas/BeginAsyncJobResponseV2' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/apps/upgrade/{jobId}/status: + get: + tags: + - appManagementV2 + summary: App upgrade job status + description: Get the status of an asynchronous app upgrade request for the given + job identifier. + operationId: getAsyncUpgradeAppStatus + parameters: + - name: jobId + in: path + description: Identifier of the asynchronous job for upgrading the app. + required: true + schema: + type: string + example: C03E086C137F38B4 + responses: + "200": + description: Status of the app upgrade job. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncUpgradeAppJobStatus' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/apps: + get: + tags: + - appManagementV2 + summary: List apps + description: List all apps from the App Catalog. + operationId: listAppsV2 + parameters: + - name: name + in: query + description: Name of the app. + required: false + schema: + type: string + example: AWS%20CloudTrail + - name: author + in: query + description: Author of the app. + required: false + schema: + type: string + example: Sumo%20Logic + responses: + "200": + description: List of apps. + content: + application/json: + schema: + $ref: '#/components/schemas/ListAppsV2Response' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/apps/{uuid}/details: + get: + tags: + - appManagementV2 + summary: Get details of an app version. + description: |- + Get details about an app with the given UUID and version. The details include: + + 1. The base URL for all the resource for the app. + 2. The app manifest + operationId: getAppDetails + parameters: + - name: uuid + in: path + description: UUID of the app. + required: true + schema: + type: string + example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5 + - name: version + in: query + description: Version of the app. The latest version is used if this is omitted + or specified as "latest". + required: false + schema: + type: string + example: 1.0.0 + responses: + "200": + description: Information about the requested app. + content: + application/json: + schema: + $ref: '#/components/schemas/GetAppDetailsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/apps/{uuid}/subscription: + get: + tags: + - appManagementV2 + summary: Get subscription status for the user + description: Get Subscription status for the user for a specific app. This + will indicate whether the user has subscribed to the app or not. + operationId: getAppNotificationSubscriptionStatus + parameters: + - name: uuid + in: path + description: UUID of the app. + required: true + schema: + type: string + example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5 + responses: + "200": + description: Information about user's subscription status for the app. + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriptionStatusResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - appManagementV2 + summary: Subscribe to an app upgrade notification + description: Subscribe to an app upgrade notification. This will allow the user + to receive notifications for the app updates. + operationId: subscribeToAppNotification + parameters: + - name: uuid + in: path + description: UUID of the app to subscribe to. + required: true + schema: + type: string + example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5 + responses: + "204": + description: Successfully subscribed to the app notification. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - appManagementV2 + summary: Unsubscribe from an app upgrade notification + description: Unsubscribe from an app. This will remove the user's subscription + to notifications for the app. + operationId: unsubscribeFromAppNotification + parameters: + - name: uuid + in: path + description: UUID of the app to unsubscribe from. + required: true + schema: + type: string + example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5 + responses: + "204": + description: App Notification unsubscription was successful. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/connections: + get: + tags: + - connectionManagement + summary: Get a list of connections. + description: Get a list of all connections in the organization. The response + is paginated with a default limit of 100 connections per page. + operationId: listConnections + parameters: + - name: limit + in: query + description: Limit the number of connections returned in the response. The + number of connections returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + responses: + "200": + description: A paginated list of connections in the organization. + content: + application/json: + schema: + $ref: '#/components/schemas/ListConnectionsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - connectionManagement + summary: Create a new connection. + description: Create a new connection in the organization. + operationId: createConnection + parameters: [] + requestBody: + description: Information about the new connection. + content: + application/json: + schema: + $ref: '#/components/schemas/ConnectionDefinition' + required: true + responses: + "200": + description: The connection has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/Connection' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/connections/test: + post: + tags: + - connectionManagement + summary: Test a new connection url. + description: Test a new connection url is valid and can connect. + operationId: testConnection + parameters: + - name: functionalities + in: query + description: "A comma-separated functionalities of webhook payload to test.\ + \ Acceptable values: `alert`, `resolution`." + style: form + explode: false + schema: + type: array + items: + type: string + default: + - alert + example: "alert,resolution" + - name: connectionId + in: query + description: "Unique identifier of an existing connection to test. It should\ + \ be provided when the request body of an existing connection contains masked\ + \ authorization headers. If not provided, the authorization headers will\ + \ not be correctly unmasked, and the test may fail due to unauthorized access." + required: false + schema: + type: string + example: 0000000000123ABC + requestBody: + description: Information about the new connection. + content: + application/json: + schema: + $ref: '#/components/schemas/ConnectionDefinition' + required: true + responses: + "200": + description: The connection url has been tested. + content: + application/json: + schema: + $ref: '#/components/schemas/TestConnectionResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/connections/incidentTemplates: + post: + tags: + - connectionManagement + summary: Get incident templates for CloudSOAR connections. + description: Get incident templates for CloudSOAR connections. + operationId: getIncidentTemplates + parameters: [] + requestBody: + description: Information about the new connection. + content: + application/json: + schema: + $ref: '#/components/schemas/GetIncidentTemplatesRequest' + required: false + responses: + "200": + description: A list of the incident templates for the given CloudSOAR account. + content: + application/json: + schema: + $ref: '#/components/schemas/GetIncidentTemplatesResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/connections/{id}: + get: + tags: + - connectionManagement + summary: Get a connection. + description: Get a connection with the given identifier. + operationId: getConnection + parameters: + - name: id + in: path + description: Identifier of connection to return. + required: true + schema: + type: string + - name: type + in: query + description: "Type of connection to return. Valid values are `WebhookConnection`,\ + \ `ServiceNowConnection`." + schema: + type: string + default: WebhookConnection + responses: + "200": + description: Connection object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/Connection' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - connectionManagement + summary: Update a connection. + description: Update an existing connection. + operationId: updateConnection + parameters: + - name: id + in: path + description: Identifier of the connection to update. + required: true + schema: + type: string + requestBody: + description: Information to update about the connection. + content: + application/json: + schema: + $ref: '#/components/schemas/ConnectionDefinition' + required: true + responses: + "200": + description: The connection was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/Connection' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - connectionManagement + summary: Delete a connection. + description: Delete a connection with the given identifier. + operationId: deleteConnection + parameters: + - name: id + in: path + description: Identifier of the connection to delete. + required: true + schema: + type: string + - name: type + in: query + description: "Type of connection to delete. Valid values are `WebhookConnection`,\ + \ `ServiceNowConnection`." + required: true + schema: + pattern: ^(WebhookConnection|ServiceNowConnection)$ + type: string + x-pattern-message: must be either `WebhookConnection` or `ServiceNowConnection` + responses: + "204": + description: Connection was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/scheduledViews: + get: + tags: + - scheduledViewManagement + summary: Get a list of scheduled views. + description: Get a list of all scheduled views in the organization. The response + is paginated with a default limit of 100 scheduled views per page. + operationId: listScheduledViews + parameters: + - name: limit + in: query + description: Limit the number of scheduled views returned in the response. + The number of scheduled views returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + responses: + "200": + description: A paginated list of scheduled views in the organization. + content: + application/json: + schema: + $ref: '#/components/schemas/ListScheduledViewsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - scheduledViewManagement + summary: Create a new scheduled view. + description: Creates a new scheduled view in the organization. + operationId: createScheduledView + parameters: [] + requestBody: + description: Information about the new scheduled view. + content: + application/json: + schema: + $ref: '#/components/schemas/CreateScheduledViewDefinition' + required: true + responses: + "200": + description: The scheduled view has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/ScheduledView' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-create: createScheduledView + /v1/scheduledViews/{id}: + get: + tags: + - scheduledViewManagement + summary: Get a scheduled view. + description: Get a scheduled view with the given identifier. + operationId: getScheduledView + parameters: + - name: id + in: path + description: Identifier of the scheduled view to fetch. + required: true + schema: + type: string + responses: + "200": + description: Scheduled view object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/ScheduledView' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-read: getScheduledView + put: + tags: + - scheduledViewManagement + summary: Update a scheduled view. + description: Update an existing scheduled view. + operationId: updateScheduledView + parameters: + - name: id + in: path + description: Identifier of the scheduled view to update. + required: true + schema: + type: string + requestBody: + description: Information to update about the scheduled view. + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateScheduledViewDefinition' + required: true + responses: + "200": + description: The scheduled view was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/ScheduledView' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-update: updateScheduledView + /v1/scheduledViews/{id}/disable: + delete: + tags: + - scheduledViewManagement + summary: Disable a scheduled view. + description: Disable a scheduled view with the given identifier. + operationId: disableScheduledView + parameters: + - name: id + in: path + description: Identifier of the scheduled view to disable. + required: true + schema: + type: string + responses: + "204": + description: The scheduled view was disabled successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-delete: deleteScheduledView + /v1/scheduledViews/{id}/pause: + post: + tags: + - scheduledViewManagement + summary: Pause a scheduled view. + description: Pause a scheduled view with the given identifier. + operationId: pauseScheduledView + parameters: + - name: id + in: path + description: Identifier of the scheduled view to pause. + required: true + schema: + type: string + responses: + "200": + description: The scheduled view was paused successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/ScheduledView' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/scheduledViews/{id}/start: + post: + tags: + - scheduledViewManagement + summary: Start a scheduled view. + description: Start a scheduled view with the given identifier. + operationId: startScheduledView + parameters: + - name: id + in: path + description: Identifier of the scheduled view to start. + required: true + schema: + type: string + responses: + "200": + description: The scheduled view was started successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/ScheduledView' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/scheduledViews/quota: + get: + tags: + - scheduledViewManagement + summary: Provides information about scheduled views quota. + description: Every customer can use a limited number of scheduled views. This + endpoint allows learning about these limitations and remaining quota. + operationId: getScheduledViewsQuota + responses: + "200": + description: Current state of scheduled views quota usage (limit and remaining). + content: + application/json: + schema: + $ref: '#/components/schemas/ScheduledViewsQuotaUsage' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/lookupTables: + post: + tags: + - lookupManagement + summary: Create a lookup table. + description: |- + Create a new lookup table by providing a schema and specifying its configuration. Providing parentFolderId + is mandatory. Use the [getItemByPath](#operation/getItemByPath) endpoint to get content id of a path. + Please check [Content management API](#tag/contentManagement) and [Folder management API](#tag/folderManagement) for all available options. + operationId: createTable + parameters: [] + requestBody: + description: The schema and configuration for the lookup table. + content: + application/json: + schema: + $ref: '#/components/schemas/LookupTableDefinition' + required: true + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: Lookup table created successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/LookupTable' + /v1/lookupTables/{id}: + get: + tags: + - lookupManagement + summary: Get a lookup table. + description: Get a lookup table for the given identifier. + operationId: lookupTableById + parameters: + - name: id + in: path + description: Identifier of the lookup table. + required: true + schema: + type: string + example: 0000000001C41EE4 + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: Definition of the lookup table. + content: + application/json: + schema: + $ref: '#/components/schemas/LookupTable' + put: + tags: + - lookupManagement + summary: Edit a lookup table. + description: Edit the lookup table data. All the fields are mandatory in the + request. + operationId: updateTable + parameters: + - name: id + in: path + description: Identifier of the lookup table. + required: true + schema: + type: string + example: 0000000001C41EE4 + requestBody: + description: The configuration changes for the lookup table. + content: + application/json: + schema: + $ref: '#/components/schemas/LookupUpdateDefinition' + required: true + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: Configuration updated successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/LookupTable' + delete: + tags: + - lookupManagement + summary: Delete a lookup table. + description: Delete a lookup table completely.
**Warning:** `This operation + cannot be undone`. + operationId: deleteTable + parameters: + - name: id + in: path + description: Identifier of the lookup table. + required: true + schema: + type: string + example: 0000000001C41EE4 + responses: + "204": + description: Deletion successful. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/lookupTables/{id}/upload: + post: + tags: + - lookupManagement + summary: Upload a CSV file. + description: Create a request to populate a lookup table with a CSV file. + operationId: uploadFile + parameters: + - name: id + in: path + description: Identifier of the lookup table to populate. + required: true + schema: + type: string + example: 0000000001C41EE4 + - name: merge + in: query + description: "This indicates whether the file contents will be merged with\ + \ existing data in the lookup table or not. If this is true then data with\ + \ the same primary keys will be updated while the rest of the rows will\ + \ be appended. By default, merge is false. The response includes a request\ + \ identifier that you need to use in the [Request Status API](#operation/requestStatus)\ + \ to track the status of the upload request." + schema: + type: boolean + example: true + default: false + - name: fileEncoding + in: query + description: File encoding of file being uploaded. + schema: + type: string + example: UTF-16 + default: UTF-8 + requestBody: + content: + multipart/form-data: + schema: + required: + - file + type: object + properties: + file: + type: string + description: |- + The CSV file to upload. + - The size limit for the CSV file is 100MB. + - Use Unix format, with newlines ("\n") separating rows. + - The first row should contain headers that match the lookup table schema. Matching is + case-insensitive. + format: binary + required: true + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: The upload request was accepted. Use the provided token in + a status request to track the status of the upload. + content: + application/json: + schema: + $ref: '#/components/schemas/LookupRequestToken' + /v1/lookupTables/jobs/{jobId}/status: + get: + tags: + - lookupManagement + summary: Get the status of an async job. + description: "Retrieve the status of a previously made request. If the request\ + \ was successful, the status of the response object will be `Success`." + operationId: requestJobStatus + parameters: + - name: jobId + in: path + description: An identifier returned in response to an asynchronous request. + required: true + schema: + type: string + example: 0000000001C41AA3 + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: The status of async job with given identifier. + content: + application/json: + schema: + $ref: '#/components/schemas/LookupAsyncJobStatus' + /v1/lookupTables/{id}/truncate: + post: + tags: + - lookupManagement + summary: Empty a lookup table. + description: Delete all data from a lookup table. + operationId: truncateTable + parameters: + - name: id + in: path + description: Identifier of the table to clear. + required: true + schema: + type: string + example: 0000000001C41EE4 + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: The delete data request was accepted. Use the provided token + in a status request to track the status of the delete. + content: + application/json: + schema: + $ref: '#/components/schemas/LookupRequestToken' + /v1/lookupTables/{id}/row: + put: + tags: + - lookupManagement + summary: Insert or Update a lookup table row. + description: "Insert or update a row of a lookup table with the given identifier.\ + \ A new row is inserted if the primary key does not exist already, otherwise\ + \ the existing row with the specified primary key is updated. All the fields\ + \ of the lookup table are required and will be updated to the given values.\ + \ In case a field is not specified then it will be assumed to be set to null.\ + \ If the table size exceeds the maximum limit of 100MB then based on the size\ + \ limit action of the table the update will be processed or discarded." + operationId: updateTableRow + parameters: + - name: id + in: path + description: Identifier of the lookup table. + required: true + schema: + type: string + example: 0000000001C41EE4 + requestBody: + description: Lookup table row update definition. + content: + application/json: + schema: + $ref: '#/components/schemas/RowUpdateDefinition' + required: true + responses: + "204": + description: Row updated successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/lookupTables/{id}/deleteTableRow: + put: + tags: + - lookupManagement + summary: Delete a lookup table row. + description: Delete a row from lookup table by providing the row's primary keys' + values. The complete set of primary key fields of the lookup table should + be provided. + operationId: deleteTableRow + parameters: + - name: id + in: path + description: Identifier of the lookup table. + required: true + schema: + type: string + example: 0000000001C41EE4 + requestBody: + description: Lookup table row delete definition. + content: + application/json: + schema: + $ref: '#/components/schemas/RowDeleteDefinition' + required: true + responses: + "204": + description: Row deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/partitions: + get: + tags: + - partitionManagement + summary: Get a list of partitions. + description: Get a list of all partitions in the organization. The response + is paginated with a default limit of 100 partitions per page. + operationId: listPartitions + parameters: + - name: limit + in: query + description: Limit the number of partitions returned in the response. The + number of partitions returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + - name: viewTypes + in: query + description: |- + The type of partitions to retrieve. Valid values are: + 1. `DefaultView`: To get General Index partition. + 2. `Partition`: To get user defined views/partitions. + 3. `AuditIndex`: To get the internal audit indexes. Eg. sumologic_audit_events. + + More than one type of partitions can be retrieved in same request. + required: false + style: form + explode: false + schema: + type: array + items: + pattern: ^(AuditIndex|Partition|DefaultView)$ + type: string + example: + - AuditIndex + - Partition + responses: + "200": + description: A paginated list of partitions in the organization. + content: + application/json: + schema: + $ref: '#/components/schemas/ListPartitionsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - partitionManagement + summary: Create a new partition. + description: Create a new partition. + operationId: createPartition + parameters: [] + requestBody: + description: Information about the new partition. + content: + application/json: + schema: + $ref: '#/components/schemas/CreatePartitionDefinition' + required: true + responses: + "200": + description: The partition has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/Partition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/partitions/{id}: + get: + tags: + - partitionManagement + summary: Get a partition. + description: Get a partition with the given identifier from the organization. + operationId: getPartition + parameters: + - name: id + in: path + description: Identifier of partition to return. + required: true + schema: + type: string + responses: + "200": + description: Partition object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/Partition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - partitionManagement + summary: Update a partition. + description: Update an existing partition in the organization. + operationId: updatePartition + parameters: + - name: id + in: path + description: Identifier of the partition to update. + required: true + schema: + type: string + requestBody: + description: Information to update about the partition. + content: + application/json: + schema: + $ref: '#/components/schemas/UpdatePartitionDefinition' + required: true + responses: + "200": + description: The partition was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/Partition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/partitions/{id}/decommission: + post: + tags: + - partitionManagement + summary: Decommission a partition. + description: Decommission a partition with the given identifier from the organization. + operationId: decommissionPartition + parameters: + - name: id + in: path + description: Identifier of the partition to decommission. + required: true + schema: + type: string + responses: + "200": + description: The partition was decommissioned successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/partitions/{id}/cancelRetentionUpdate: + post: + tags: + - partitionManagement + summary: Cancel a retention update for a partition + description: Cancel update to retention of a partition for which retention was + updated previously using `reduceRetentionPeriodImmediately` parameter as false + operationId: cancelRetentionUpdate + parameters: + - name: id + in: path + description: Identifier of the partition to cancel the retention update for. + required: true + schema: + type: string + example: 1 + responses: + "204": + description: The retention update was cancelled successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/partitions/quota: + get: + tags: + - partitionManagement + summary: Provides information about partitions quota. + description: Every customer can use a limited number of partitions. This endpoint + allows learning about these limitations and remaining quota. + operationId: getPartitionsQuota + responses: + "200": + description: Current state of partitions quota usage (limit and remaining). + content: + application/json: + schema: + $ref: '#/components/schemas/PartitionsQuotaUsage' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/logsDataForwarding/destinations: + get: + tags: + - logsDataForwardingManagement + summary: Get Amazon S3 data forwarding destinations. + description: Get a list of all Amazon S3 data forwarding destinations. + operationId: getDataForwardingBuckets + parameters: + - name: limit + in: query + description: Limit the number of data forwarding destinations returned in + the response. The number of data forwarding destinations returned may be + less than the `limit`. + required: false + schema: + maximum: 100 + minimum: 1 + type: integer + format: int32 + default: 10 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + responses: + "200": + description: List of all S3 data forwarding destinations. + content: + application/json: + schema: + $ref: '#/components/schemas/GetDataForwardingDestinations' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - logsDataForwardingManagement + summary: Create an S3 data forwarding destination. + description: Create a new Amazon S3 data forwarding destination. + operationId: createDataForwardingBucket + parameters: [] + requestBody: + description: Parameters to create new S3 data forwarding destination. + content: + application/json: + schema: + $ref: '#/components/schemas/CreateBucketDefinition' + required: true + responses: + "200": + description: The new data forwarding destination has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/BucketDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/logsDataForwarding/destinations/{id}: + get: + tags: + - logsDataForwardingManagement + summary: Get an S3 data forwarding destination. + description: Get an S3 data forwarding destination by the given identifier. + operationId: getDataForwardingDestination + parameters: + - name: id + in: path + description: Identifier of the S3 data forwarding destination to return. + required: true + schema: + type: string + example: 1 + responses: + "200": + description: Data forwarding destination object requested. + content: + application/json: + schema: + $ref: '#/components/schemas/BucketDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - logsDataForwardingManagement + summary: Update an S3 data forwarding destination. + description: Update an S3 data forwarding destination by the given identifier. + operationId: UpdateDataForwardingBucket + parameters: + - name: id + in: path + description: Identifier of the data forwarding destination to update. + required: true + schema: + type: string + example: 1 + requestBody: + description: Object with the updated parameters. + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateBucketDefinition' + required: true + responses: + "200": + description: The data forwarding destination has been updated. + content: + application/json: + schema: + $ref: '#/components/schemas/BucketDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - logsDataForwardingManagement + summary: Delete an S3 data forwarding destination. + description: Delete an existing Amazon S3 data forwarding destination with the + given identifier. + operationId: deleteDataForwardingBucket + parameters: + - name: id + in: path + description: Identifier of the data forwarding destination to delete. + required: true + schema: + type: string + example: 1 + responses: + "204": + description: The data forwarding destination has been deleted. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/logsDataForwarding/rules: + get: + tags: + - logsDataForwardingManagement + summary: Get all S3 data forwarding rules. + description: Get a list of all S3 data forwarding rules. + operationId: getRulesAndBuckets + parameters: + - name: limit + in: query + description: Limit the number of data forwarding rules returned in the response. + The number of data forwarding rules returned may be less than the `limit`. + required: false + schema: + maximum: 100 + minimum: 1 + type: integer + format: int32 + default: 10 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + responses: + "200": + description: List of all S3 data forwarding rules. + content: + application/json: + schema: + $ref: '#/components/schemas/GetRulesAndBucketsResult' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - logsDataForwardingManagement + summary: Create an S3 data forwarding rule. + description: Create a data forwarding rule to send data from a Partition or + Scheduled View to an S3 bucket. + operationId: createDataForwardingRule + parameters: [] + requestBody: + description: Parameters to create the new S3 data forwarding rule. + content: + application/json: + schema: + $ref: '#/components/schemas/CreateDataForwardingRule' + required: true + responses: + "200": + description: The data forwarding rule was created. + content: + application/json: + schema: + $ref: '#/components/schemas/DataForwardingRule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/logsDataForwarding/rules/{indexId}: + get: + tags: + - logsDataForwardingManagement + summary: Get an S3 data forwarding rule by its index. + description: Get the details of an S3 data forwarding rule by its Partition + or Scheduled View identifier. + operationId: getDataForwardingRule + parameters: + - name: indexId + in: path + description: The `id` of the Partition or Scheduled View. + required: true + schema: + type: string + example: 1 + responses: + "200": + description: Data forwarding rule that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/RuleAndBucketDetail' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - logsDataForwardingManagement + summary: Update an S3 data forwarding rule by its index. + description: Update an S3 data forwarding rule by its Partition or Scheduled + View identifier. + operationId: updateDataForwardingRule + parameters: + - name: indexId + in: path + description: The `id` of the Partition or Scheduled View with the data forwarding + rule to update. + required: true + schema: + type: string + example: 1 + requestBody: + description: Parameters of an S3 data forwarding rule. + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateDataForwardingRule' + required: true + responses: + "200": + description: The data forwarding rule was updated. + content: + application/json: + schema: + $ref: '#/components/schemas/DataForwardingRule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - logsDataForwardingManagement + summary: Delete an S3 data forwarding rule by its index. + description: Delete an S3 data forwarding rule by its Partition or Scheduled + View identifier. + operationId: deleteDataForwardingRule + parameters: + - name: indexId + in: path + description: The `id` of the Partition or Scheduled View with the data forwarding + rule to delete. + required: true + schema: + type: string + example: 1 + responses: + "204": + description: The S3 data forwarding rule was deleted. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/logSearches: + get: + tags: + - logSearchesManagement + summary: List all saved log searches. + description: List all saved log searches viewable by the user. + operationId: listLogSearches + parameters: + - name: limit + in: query + description: Limit the number of log searches returned in the response. The + number of log searches returned may be less than the `limit`. + required: false + schema: + maximum: 100 + minimum: 1 + type: integer + format: int32 + default: 50 + example: 50 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + responses: + "200": + description: Paginated list of log searches under the Personal folder created + by the user. + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedLogSearches' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - logSearchesManagement + summary: Save a log search. + description: Save the log search in the content library. + operationId: createLogSearch + parameters: [] + requestBody: + description: The definition of the saved log search. + content: + application/json: + schema: + $ref: '#/components/schemas/SaveLogSearchRequest' + required: true + responses: + "200": + description: Newly saved log search. + content: + application/json: + schema: + $ref: '#/components/schemas/LogSearch' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-create: createLogSearch + /v1/logSearches/{id}: + get: + tags: + - logSearchesManagement + summary: Get the saved log search. + description: Get a saved log search from the content library by identifier. + operationId: getLogSearch + parameters: + - name: id + in: path + description: Identifier of the saved log search. + required: true + schema: + type: string + responses: + "200": + description: Saved log search that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/LogSearch' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-read: getLogSearch + put: + tags: + - logSearchesManagement + summary: Update the saved log Search. + description: "Update the saved log search with the specified identifier. Partial\ + \ update is not supported, you must provide values for all fields." + operationId: updateLogSearch + parameters: + - name: id + in: path + description: Identifier of the saved log search. + required: true + schema: + type: string + requestBody: + description: An updated saved log search definition. + content: + application/json: + schema: + $ref: '#/components/schemas/LogSearchDefinition' + required: true + responses: + "200": + description: The saved log search that was updated. + content: + application/json: + schema: + $ref: '#/components/schemas/LogSearch' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-update: updateLogSearch + delete: + tags: + - logSearchesManagement + summary: Delete the saved log search. + description: Delete the saved log search from the content library. + operationId: deleteLogSearch + parameters: + - name: id + in: path + description: Identifier of the saved log search. + required: true + schema: + type: string + responses: + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "204": + description: The saved log search was successfully deleted. + x-tf-delete: deleteLogSearch + /v1/dataDeletionRules: + get: + tags: + - dataDeletionRules + summary: Get a list of Data Deletion Rules + description: Get a list of data deletion rules in the organization. The response + is paginated with a default limit of 50 rules. + operationId: listDeletionRules + parameters: + - name: limit + in: query + description: Limit the number of deletion Rules returned in the response + required: false + schema: + maximum: 100 + minimum: 1 + type: integer + format: int32 + default: 50 + example: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + responses: + "200": + description: A paginated list of data deletion Rules + content: + application/json: + schema: + $ref: '#/components/schemas/ListDeletionRulesResponse' + default: + description: Operation failed with an error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - dataDeletionRules + summary: Create a new Data Deletion Rule + description: Create a new data deletion rule to delete logs. + operationId: createDataDeletionRule + parameters: [] + requestBody: + description: Information about the new deletion rule. + content: + application/json: + schema: + $ref: '#/components/schemas/CreateDeletionRuleRequest' + required: true + responses: + "200": + description: The data deletion Rule that has been created + content: + application/json: + schema: + $ref: '#/components/schemas/DeletionRuleDefinition' + default: + description: Operation failed with an error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/dataDeletionRules/{id}: + get: + tags: + - dataDeletionRules + summary: Get Data Deletion Rule information for the given Id. + description: Get Data Deletion Rule information for the given Id with updated + fields. + operationId: getDataDeletionRule + parameters: + - name: id + in: path + description: Identifier of the Deletion Rule to fetch + required: true + schema: + type: string + responses: + "200": + description: The data deletion Rule Definition that was requested + content: + application/json: + schema: + $ref: '#/components/schemas/DeletionRuleDefinition' + default: + description: Operation failed with an error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/dataDeletionRules/{id}/cancel: + post: + tags: + - dataDeletionRules + summary: Cancel the data Deletion Rule with the given Id. + description: Cancel the data Deletion Rule with the given Id. Allowed only if + the rule is waiting for approval. + operationId: cancelDataDeletionRule + parameters: + - name: id + in: path + description: Identifier of the Deletion Rule to cancel + required: true + schema: + type: string + responses: + "200": + description: The data deletion Rule has been cancelled successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/DeletionRuleDefinition' + default: + description: Operation failed with an error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/dataDeletionRules/{id}/delete: + delete: + tags: + - dataDeletionRules + summary: Delete the data Deletion Rule with the given Id. + description: Delete the data Deletion Rule with the given Id. Allowed only if + the rule is cancelled. + operationId: deleteDataDeletionRule + parameters: + - name: id + in: path + description: Identifier of the Deletion Rule to delete + required: true + schema: + type: string + responses: + "204": + description: The data deletion Rule has been deleted successfully. + default: + description: Operation failed with an error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/dataMaskingRules: + get: + tags: + - dataMaskingManagement + summary: Get a list of data masking rules. + description: Get a list of all data masking rules for the current organization. + The response is paginated with a default limit of 100 rules per page. + operationId: listDataMaskingRules + parameters: + - name: limit + in: query + description: Limit the number of data masking rules returned in the response. + The number of rules returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. + required: false + schema: + type: string + responses: + "200": + description: A paginated list of data masking rules. + content: + application/json: + schema: + $ref: '#/components/schemas/ListDataMaskingRulesResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - dataMaskingManagement + summary: Create a new data masking rule. + description: "Create a new data masking rule. The rule will be applied to search\ + \ results at query time, replacing matches of the regex pattern with the specified\ + \ mask string." + operationId: createDataMaskingRule + parameters: [] + requestBody: + description: Information about the new data masking rule. + content: + application/json: + schema: + $ref: '#/components/schemas/DataMaskingRuleDefinition' + required: true + responses: + "200": + description: The data masking rule has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/DataMaskingRule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-create: createDataMaskingRule + /v1/dataMaskingRules/{id}: + get: + tags: + - dataMaskingManagement + summary: Get a data masking rule. + description: Get a data masking rule with the given identifier. + operationId: getDataMaskingRule + parameters: + - name: id + in: path + description: Identifier of the data masking rule to return. + required: true + schema: + type: string + responses: + "200": + description: Data masking rule object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/DataMaskingRule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-read: getDataMaskingRule + put: + tags: + - dataMaskingManagement + summary: Update a data masking rule. + description: Update an existing data masking rule. All properties specified + in the request are replaced. Missing properties are set to their default values. + The rule name is immutable and cannot be changed after creation. + operationId: updateDataMaskingRule + parameters: + - name: id + in: path + description: Identifier of the data masking rule to update. + required: true + schema: + type: string + requestBody: + description: Information to update about the data masking rule. The name field + cannot be changed as it is immutable. + content: + application/json: + schema: + $ref: '#/components/schemas/BaseDataMaskingRuleDefinition' + required: true + responses: + "200": + description: The data masking rule was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/DataMaskingRule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-update: updateDataMaskingRule + delete: + tags: + - dataMaskingManagement + summary: Delete a data masking rule. + description: Delete a data masking rule with the given identifier. + operationId: deleteDataMaskingRule + parameters: + - name: id + in: path + description: Identifier of the data masking rule to delete. + required: true + schema: + type: string + responses: + "204": + description: Data masking rule was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-delete: deleteDataMaskingRule + /v1/extractionRules: + get: + tags: + - extractionRuleManagement + summary: Get a list of field extraction rules. + description: Get a list of all field extraction rules. The response is paginated + with a default limit of 100 field extraction rules per page. + operationId: listExtractionRules + parameters: + - name: limit + in: query + description: Limit the number of field extraction rules returned in the response. + The number of field extraction rules returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. + required: false + schema: + type: string + responses: + "200": + description: A paginated list of field extraction rules. + content: + application/json: + schema: + $ref: '#/components/schemas/ListExtractionRulesResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - extractionRuleManagement + summary: Create a new field extraction rule. + description: Create a new field extraction rule. + operationId: createExtractionRule + parameters: [] + requestBody: + description: Information about the new field extraction rule. + content: + application/json: + schema: + $ref: '#/components/schemas/ExtractionRuleDefinition' + required: true + responses: + "200": + description: The field extraction rule has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/ExtractionRule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-create: createExtractionRule + /v1/extractionRules/{id}: + get: + tags: + - extractionRuleManagement + summary: Get a field extraction rule. + description: Get a field extraction rule with the given identifier. + operationId: getExtractionRule + parameters: + - name: id + in: path + description: Identifier of field extraction rule to return. + required: true + schema: + type: string + responses: + "200": + description: Extraction rule object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/ExtractionRule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-read: getExtractionRule + put: + tags: + - extractionRuleManagement + summary: Update a field extraction rule. + description: Update an existing field extraction rule. All properties specified + in the request are replaced. Missing properties are set to their default values. + operationId: updateExtractionRule + parameters: + - name: id + in: path + description: Identifier of the field extraction rule to update. + required: true + schema: + type: string + requestBody: + description: Information to update about the field extraction rule. + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateExtractionRuleDefinition' + required: true + responses: + "200": + description: The field extraction rule was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/ExtractionRule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-update: updateExtractionRule + delete: + tags: + - extractionRuleManagement + summary: Delete a field extraction rule. + description: Delete a field extraction rule with the given identifier. + operationId: deleteExtractionRule + parameters: + - name: id + in: path + description: Identifier of the field extraction rule to delete. + required: true + schema: + type: string + responses: + "204": + description: Extraction rule was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-delete: deleteExtractionRule + /v1/dynamicParsingRules: + get: + tags: + - dynamicParsingRuleManagement + summary: Get a list of dynamic parsing rules. + description: Get a list of all dynamic parsing rules. The response is paginated + with a default limit of 100 dynamic parsing rules per page. + operationId: listDynamicParsingRules + parameters: + - name: limit + in: query + description: Limit the number of dynamic parsing rules returned in the response. + The number of dynamic parsing rules returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + example: 10 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. + required: false + schema: + type: string + example: 0000000001C51FF7 + responses: + "200": + description: A paginated list of dynamic parsing rules. + content: + application/json: + schema: + $ref: '#/components/schemas/ListDynamicRulesResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - dynamicParsingRuleManagement + summary: Create a new dynamic parsing rule. + description: Create a new dynamic parsing rule. + operationId: createDynamicParsingRule + requestBody: + description: Information about the new dynamic parsing rule. + content: + application/json: + schema: + $ref: '#/components/schemas/DynamicRuleDefinition' + required: true + responses: + "200": + description: The dynamic parsing rule has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/DynamicRule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/dynamicParsingRules/{id}: + get: + tags: + - dynamicParsingRuleManagement + summary: Get a dynamic parsing rule. + description: Get a dynamic parsing rule with the given identifier. + operationId: getDynamicParsingRule + parameters: + - name: id + in: path + description: Identifier of dynamic parsing rule to return. + required: true + schema: + type: string + example: 0000000001C41EE4 + responses: + "200": + description: Dynamic parsing rule object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/DynamicRule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - dynamicParsingRuleManagement + summary: Update a dynamic parsing rule. + description: Update an existing dynamic parsing rule. All properties specified + in the request are replaced. Missing properties are set to their default values. + operationId: updateDynamicParsingRule + parameters: + - name: id + in: path + description: Identifier of the dynamic parsing rule to update. + required: true + schema: + type: string + example: 0000000001C41EE4 + requestBody: + description: Information to update about the dynamic parsing rule. + content: + application/json: + schema: + $ref: '#/components/schemas/DynamicRuleDefinition' + required: true + responses: + "200": + description: The dynamic parsing rule was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/DynamicRule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - dynamicParsingRuleManagement + summary: Delete a dynamic parsing rule. + description: Delete a dynamic parsing rule with the given identifier. + operationId: deleteDynamicParsingRule + parameters: + - name: id + in: path + description: Identifier of the dynamic parsing rule to delete. + required: true + schema: + type: string + example: 0000000001C41EE4 + responses: + "204": + description: Dynamic parsing rule was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/fields: + get: + tags: + - fieldManagementV1 + summary: Get a list of all custom fields. + description: Request a list of all the custom fields configured in your account. + operationId: listCustomFields + responses: + "200": + description: List of all custom fields. + content: + application/json: + schema: + $ref: '#/components/schemas/ListCustomFieldsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - fieldManagementV1 + summary: Create a new field. + description: Adding a field will define it in the Fields schema allowing it + to be assigned as metadata to your logs. + operationId: createField + parameters: [] + requestBody: + description: Name of a field to add. The name is used as the key in the key-value + pair. + content: + application/json: + schema: + $ref: '#/components/schemas/FieldName' + required: true + responses: + "200": + description: The field was created successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/CustomField' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/fields/{id}: + get: + tags: + - fieldManagementV1 + summary: Get a custom field. + description: Get the details of a custom field. + operationId: getCustomField + parameters: + - name: id + in: path + description: Identifier of a field. + required: true + schema: + type: string + example: 00000000031D02DA + responses: + "200": + description: The details of the custom field. + content: + application/json: + schema: + $ref: '#/components/schemas/CustomField' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - fieldManagementV1 + summary: Delete a custom field. + description: "Deleting a field does not delete historical data assigned with\ + \ that field. If you delete a field by mistake and one or more of those dependencies\ + \ break, you can re-add the field to get things working properly again. You\ + \ should always disable a field and ensure things are behaving as expected\ + \ before deleting a field." + operationId: deleteField + parameters: + - name: id + in: path + description: Identifier of a field to delete. + required: true + schema: + type: string + example: 00000000031D02DA + responses: + "204": + description: The field was successfully deleted. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/fields/{id}/enable: + put: + tags: + - fieldManagementV1 + summary: Enable custom field with a specified identifier. + description: Fields have to be enabled to be assigned to your data. This operation + ensures that a specified field is enabled and Sumo Logic will treat it as + safe to process. All manually created custom fields are enabled by default. + operationId: enableField + parameters: + - name: id + in: path + description: Identifier of a field to enable. + required: true + schema: + type: string + example: 00000000031D02DA + responses: + "204": + description: Field has been enabled. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/fields/{id}/disable: + delete: + tags: + - fieldManagementV1 + summary: Disable a custom field. + description: "After disabling a field Sumo Logic will start dropping its incoming\ + \ values at ingest. As a result, they won't be searchable or usable. Historical\ + \ values are not removed and remain searchable." + operationId: disableField + parameters: + - name: id + in: path + description: Identifier of a field to disable. + required: true + schema: + type: string + example: 00000000031D02DA + responses: + "204": + description: Field has been disabled. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/fields/dropped: + get: + tags: + - fieldManagementV1 + summary: Get a list of dropped fields. + description: "Dropped fields are fields sent to Sumo Logic, but are ignored\ + \ since they are not defined in your Fields schema. In order to save these\ + \ values a field must both exist and be enabled." + operationId: listDroppedFields + responses: + "200": + description: | + List of dropped fields. + content: + application/json: + schema: + $ref: '#/components/schemas/ListDroppedFieldsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/fields/builtin: + get: + tags: + - fieldManagementV1 + summary: Get a list of built-in fields. + description: Built-in fields are created automatically by Sumo Logic for standard + configuration purposes. They include `_sourceHost` and `_sourceCategory`. + Built-in fields can't be deleted or disabled. + operationId: listBuiltInFields + responses: + "200": + description: List of all built-in fields. + content: + application/json: + schema: + $ref: '#/components/schemas/ListBuiltinFieldsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/fields/builtin/{id}: + get: + tags: + - fieldManagementV1 + summary: Get a built-in field. + description: Get the details of a built-in field. + operationId: getBuiltInField + parameters: + - name: id + in: path + description: Identifier of a built-in field. + required: true + schema: + type: string + example: 000000000000000A + responses: + "200": + description: The details of the built-in field. + content: + application/json: + schema: + $ref: '#/components/schemas/BuiltinField' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/fields/quota: + get: + tags: + - fieldManagementV1 + summary: Get capacity information. + description: Every account has a limited number of fields available. This endpoint + returns your account limitations and remaining quota. + operationId: getFieldQuota + responses: + "200": + description: Current fields capacity usage (fields count). + content: + application/json: + schema: + $ref: '#/components/schemas/FieldQuotaUsage' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/ingestBudgets: + get: + tags: + - ingestBudgetManagementV2 + summary: Get a list of ingest budgets. + description: Get a list of all ingest budgets. The response is paginated with + a default limit of 100 budgets per page. + operationId: listIngestBudgetsV2 + parameters: + - name: limit + in: query + description: Limit the number of budgets returned in the response. The number + of budgets returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. + required: false + schema: + type: string + responses: + "200": + description: A paginated list of budgets. + content: + application/json: + schema: + $ref: '#/components/schemas/ListIngestBudgetsResponseV2' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - ingestBudgetManagementV2 + summary: Create a new ingest budget. + description: Create a new ingest budget. + operationId: createIngestBudgetV2 + parameters: [] + requestBody: + description: Information about the new ingest budget. + content: + application/json: + schema: + $ref: '#/components/schemas/IngestBudgetDefinitionV2' + required: true + responses: + "200": + description: The ingest budget has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/IngestBudgetV2' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/ingestBudgets/{id}: + get: + tags: + - ingestBudgetManagementV2 + summary: Get an ingest budget. + description: Get an ingest budget by the given identifier. + operationId: getIngestBudgetV2 + parameters: + - name: id + in: path + description: Identifier of ingest budget to return. + required: true + schema: + type: string + responses: + "200": + description: Ingest budget object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/IngestBudgetV2' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - ingestBudgetManagementV2 + summary: Update an ingest budget. + description: Update an existing ingest budget. All properties specified in the + request are required. + operationId: updateIngestBudgetV2 + parameters: + - name: id + in: path + description: Identifier of the ingest budget to update. + required: true + schema: + type: string + requestBody: + description: Information to update about the ingest budget. + content: + application/json: + schema: + $ref: '#/components/schemas/IngestBudgetDefinitionV2' + required: true + responses: + "200": + description: The ingest budget was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/IngestBudgetV2' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - ingestBudgetManagementV2 + summary: Delete an ingest budget. + description: Delete an ingest budget with the given identifier. + operationId: deleteIngestBudgetV2 + parameters: + - name: id + in: path + description: Identifier of the ingest budget to delete. + required: true + schema: + type: string + responses: + "204": + description: The ingest budget was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/ingestBudgets/{id}/usage/reset: + post: + tags: + - ingestBudgetManagementV2 + summary: Reset usage. + description: Reset ingest budget's current usage to 0 before the scheduled reset + time. This is only applicable to `dailyVolume` budgetType. + operationId: resetUsageV2 + parameters: + - name: id + in: path + description: Identifier of the ingest budget to reset usage. + required: true + schema: + type: string + responses: + "200": + description: Ingest budget's usage was reset successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/users: + get: + tags: + - userManagement + summary: Get a list of users. + description: Get a list of all users in the organization. The response is paginated + with a default limit of 100 users per page. + operationId: listUsers + parameters: + - name: limit + in: query + description: Limit the number of users returned in the response. The number + of users returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + - name: sortBy + in: query + description: "Sort the list of users by the `firstName`, `lastName`, or `email`\ + \ field." + required: false + schema: + type: string + - name: email + in: query + description: Find user with the given email address. + required: false + schema: + minLength: 1 + type: string + - name: includeServiceAccounts + in: query + description: Include service accounts while listing users within the organization. + required: false + schema: + type: boolean + responses: + "200": + description: A paginated list of users in the organization. + content: + application/json: + schema: + $ref: '#/components/schemas/ListUserModelsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - userManagement + summary: Create a new user. + description: Create a new user in the organization. + operationId: createUser + parameters: [] + requestBody: + description: Information about the new user. + content: + application/json: + schema: + $ref: '#/components/schemas/CreateUserDefinition' + required: true + responses: + "200": + description: The user has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/UserModel' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/users/{id}: + get: + tags: + - userManagement + summary: Get a user. + description: Get a user with the given identifier from the organization. + operationId: getUser + parameters: + - name: id + in: path + description: Identifier of user to return. + required: true + schema: + type: string + responses: + "200": + description: User object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/UserModel' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - userManagement + summary: Update a user. + description: Update an existing user in the organization. + operationId: updateUser + parameters: + - name: id + in: path + description: Identifier of the user to update. + required: true + schema: + type: string + requestBody: + description: Information to update about the user. + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateUserDefinition' + required: true + responses: + "200": + description: The user was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/UserModel' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - userManagement + summary: Delete a user. + description: Delete a user with the given identifier from the organization and + transfer their content to the user with the identifier specified in "transferTo". + operationId: deleteUser + parameters: + - name: id + in: path + description: Identifier of the user to delete. + required: true + schema: + type: string + - name: transferTo + in: query + description: "Identifier of the user to receive the transfer of content from\ + \ the deleted user.
**Note:** If `deleteContent` is not set to `true`,\ + \ and no user identifier is specified in `transferTo`, content from the\ + \ deleted user is transferred to the executing user." + required: false + schema: + type: string + - name: deleteContent + in: query + description: "Whether to delete content from the deleted user or not.
\ + \ **Warning:** If `deleteContent` is set to `true`, all of the content for\ + \ the user being deleted is permanently deleted and cannot be recovered." + required: false + schema: + type: boolean + responses: + "204": + description: User was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/users/{id}/email/requestChange: + post: + tags: + - userManagement + summary: Change email address. + description: "An email with an activation link is sent to the user’s new email\ + \ address. The user must click the link in the email within seven days to\ + \ complete the email address change, or the link will expire." + operationId: requestChangeEmail + parameters: + - name: id + in: path + description: Identifier of the user to change email address. + required: true + schema: + type: string + requestBody: + description: New email address of the user. + content: + application/json: + schema: + $ref: '#/components/schemas/ChangeEmailRequest' + required: true + responses: + "204": + description: Email change request was submitted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/users/{id}/password/reset: + post: + tags: + - userManagement + summary: Reset password. + description: Reset a user's password. + operationId: resetPassword + parameters: + - name: id + in: path + description: Identifier of the user to reset password. + required: true + schema: + type: string + responses: + "204": + description: User's password was reset successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/users/{id}/unlock: + post: + tags: + - userManagement + summary: Unlock a user. + description: Unlock another user's account. + operationId: unlockUser + parameters: + - name: id + in: path + description: The id of the user that needs to be unlocked. + required: true + schema: + type: string + responses: + "204": + description: User's account was unlocked successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/users/{id}/mfa/disable: + put: + tags: + - userManagement + summary: Disable MFA for user. + description: Disable multi-factor authentication for given user. + operationId: disableMfa + parameters: + - name: id + in: path + description: Identifier of the user to disable MFA for. + required: true + schema: + type: string + requestBody: + description: Email and Password of the user to disable MFA for. + content: + application/json: + schema: + $ref: '#/components/schemas/DisableMfaRequest' + required: true + responses: + "204": + description: User's MFA was disabled successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/users/{id}/resendWelcomeEmail: + post: + tags: + - userManagement + summary: Resend verification email. + description: Resend the welcome email to a user. + operationId: resendWelcomeEmail + parameters: + - name: id + in: path + description: Identifier of the user to resend the welcome email. + required: true + schema: + type: string + responses: + "204": + description: Welcome email was resent successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/roles: + get: + tags: + - roleManagement + summary: Get a list of roles. + description: Get a list of all the roles in the organization. The response is + paginated with a default limit of 100 roles per page. + operationId: listRoles + parameters: + - name: limit + in: query + description: Limit the number of roles returned in the response. The number + of roles returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + - name: sortBy + in: query + description: Sort the list of roles by the `name` field. + required: false + schema: + type: string + - name: name + in: query + description: Only return roles matching the given name. + required: false + schema: + minLength: 1 + type: string + responses: + "200": + description: A paginated list of roles in the organization. + content: + application/json: + schema: + $ref: '#/components/schemas/ListRoleModelsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - roleManagement + summary: Create a new role. + description: Create a new role in the organization. + operationId: createRole + parameters: [] + requestBody: + description: Information about the new role. + content: + application/json: + schema: + $ref: '#/components/schemas/CreateRoleDefinition' + required: true + responses: + "200": + description: The role has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/RoleModel' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-create: createRole + /v1/roles/{id}: + get: + tags: + - roleManagement + summary: Get a role. + description: Get a role with the given identifier in the organization. + operationId: getRole + parameters: + - name: id + in: path + description: Identifier of the role to fetch. + required: true + schema: + type: string + responses: + "200": + description: Role object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/RoleModel' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-read: getRole + put: + tags: + - roleManagement + summary: Update a role. + description: Update an existing role in the organization. + operationId: updateRole + parameters: + - name: id + in: path + description: Identifier of the role to update. + required: true + schema: + type: string + requestBody: + description: Information to update about the role. + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateRoleDefinition' + required: true + responses: + "200": + description: The user was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/RoleModel' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-update: updateRole + delete: + tags: + - roleManagement + summary: Delete a role. + description: Delete a role with the given identifier from the organization. + operationId: deleteRole + parameters: + - name: id + in: path + description: Identifier of the role to delete. + required: true + schema: + type: string + responses: + "204": + description: Role was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-delete: deleteRole + /v1/roles/{roleId}/users/{userId}: + put: + tags: + - roleManagement + summary: Assign a role to a user. + description: Assign a role to a user in the organization. + operationId: assignRoleToUser + parameters: + - name: roleId + in: path + description: Identifier of the role to assign. + required: true + schema: + type: string + - name: userId + in: path + description: Identifier of the user to assign the role to. + required: true + schema: + type: string + responses: + "200": + description: Role was successfully assigned to the user. + content: + application/json: + schema: + $ref: '#/components/schemas/RoleModel' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - roleManagement + summary: Remove role from a user. + description: Remove a role from a user in the organization. + operationId: removeRoleFromUser + parameters: + - name: roleId + in: path + description: Identifier of the role to delete. + required: true + schema: + type: string + - name: userId + in: path + description: Identifier of the user to remove the role from. + required: true + schema: + type: string + responses: + "204": + description: Role was successfully removed from the user. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/roles: + get: + tags: + - roleManagementV2 + summary: Get a list of roles. + description: Get a list of all the roles in the organization. The response is + paginated with a default limit of 100 roles per page. + operationId: listRolesV2 + parameters: + - name: limit + in: query + description: Limit the number of roles returned in the response. The number + of roles returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + - name: sortBy + in: query + description: Sort the list of roles by the `name` field. + required: false + schema: + type: string + - name: name + in: query + description: Only return roles matching the given name. + required: false + schema: + minLength: 1 + type: string + responses: + "200": + description: A paginated list of roles in the organization. + content: + application/json: + schema: + $ref: '#/components/schemas/ListRoleModelsResponseV2' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - roleManagementV2 + summary: Create a new role. + description: Create a new role in the organization. + operationId: createRoleV2 + parameters: [] + requestBody: + description: Information about the new role. + content: + application/json: + schema: + $ref: '#/components/schemas/CreateRoleDefinitionV2' + required: true + responses: + "200": + description: The role has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/RoleModelV2' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-create: createRoleV2 + /v2/roles/{id}: + get: + tags: + - roleManagementV2 + summary: Get a role. + description: Get a role with the given identifier in the organization. + operationId: getRoleV2 + parameters: + - name: id + in: path + description: Identifier of the role to fetch. + required: true + schema: + type: string + responses: + "200": + description: Role object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/GetRoleDefinitionV2' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-read: getRoleV2 + put: + tags: + - roleManagementV2 + summary: Update a role. + description: Update an existing role in the organization. + operationId: updateRoleV2 + parameters: + - name: id + in: path + description: Identifier of the role to update. + required: true + schema: + type: string + requestBody: + description: Information to update about the role. + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateRoleDefinitionV2' + required: true + responses: + "200": + description: The user was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/RoleModelV2' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-update: updateRoleV2 + delete: + tags: + - roleManagementV2 + summary: Delete a role. + description: Delete a role with the given identifier from the organization. + operationId: deleteRoleV2 + parameters: + - name: id + in: path + description: Identifier of the role to delete. + required: true + schema: + type: string + responses: + "204": + description: Role was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + x-tf-delete: deleteRoleV2 + /v2/roles/{roleId}/users/{userId}: + put: + tags: + - roleManagementV2 + summary: Assign a role to a user. + description: Assign a role to a user in the organization. + operationId: assignRoleToUserV2 + parameters: + - name: roleId + in: path + description: Identifier of the role to assign. + required: true + schema: + type: string + - name: userId + in: path + description: Identifier of the user to assign the role to. + required: true + schema: + type: string + responses: + "200": + description: Role was successfully assigned to the user. + content: + application/json: + schema: + $ref: '#/components/schemas/RoleModelV2' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - roleManagementV2 + summary: Remove role from a user. + description: Remove a role from a user in the organization. + operationId: removeRoleFromUserV2 + parameters: + - name: roleId + in: path + description: Identifier of the role to delete. + required: true + schema: + type: string + - name: userId + in: path + description: Identifier of the user to remove the role from. + required: true + schema: + type: string + responses: + "204": + description: Role was successfully removed from the user. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders: + post: + tags: + - folderManagement + summary: Create a new folder. + description: Creates a new folder under the given parent folder. Set the header + parameter `isAdminMode` to `"true"` to create a folder inside "Admin Recommended" + folder. + operationId: createFolder + parameters: + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + requestBody: + description: Information about the new folder. + content: + application/json: + schema: + $ref: '#/components/schemas/FolderDefinition' + required: true + responses: + "200": + description: The folder has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/Folder' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/{id}: + get: + tags: + - folderManagement + summary: Get a folder. + description: Get a folder with the given identifier. Set the header parameter + `isAdminMode` to `"true"` if fetching a folder inside "Admin Recommended" + folder. + operationId: getFolder + parameters: + - name: id + in: path + description: Identifier of the folder to fetch. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: Folder that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/Folder' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - folderManagement + summary: Update a folder. + description: Update an existing folder with the given identifier. Set the header + parameter `isAdminMode` to `"true"` if updating a folder inside "Admin Recommended" + folder. + operationId: updateFolder + parameters: + - name: id + in: path + description: Identifier of the folder to update. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + requestBody: + description: Information to update about the folder. + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateFolderRequest' + required: true + responses: + "200": + description: The folder was successfully updated. + content: + application/json: + schema: + $ref: '#/components/schemas/Folder' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/personal: + get: + tags: + - folderManagement + summary: Get personal folder. + description: Get the personal folder of the current user. + operationId: getPersonalFolder + responses: + "200": + description: | + The personal folder of the current user. + content: + application/json: + schema: + $ref: '#/components/schemas/Folder' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/global: + get: + tags: + - folderManagement + summary: Schedule Global View job + description: |- + Schedule an asynchronous job to get Global View. Global View contains all top-level content items that a user has permissions to view in the organization. User can traverse the top-level folders using [GetFolder API](#operation/getFolder) to get rest of the content items. Make sure you set `isAdminMode` header parameter to `true` when traversing top-level items. + + _Global View is not a real folder, therefore there is no folder identifier associated with it_. + + _You get back a identifier of asynchronous job in response to this endpoint. See [Asynchronous-Request](#section/Getting-Started/Asynchronous-Request) section for more details on how to work with asynchronous request._ + operationId: getGlobalFolderAsync + parameters: + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: An asynchronous job to get a list of all content items been + scheduled. + content: + application/json: + schema: + $ref: '#/components/schemas/BeginAsyncJobResponse' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/global/{jobId}/status: + get: + tags: + - folderManagement + summary: Get Global View job status + description: "Get the status of an asynchronous Global View job for the given\ + \ job identifier. If job succeeds, use [Global View Result](#operation/getGlobalFolderAsyncResult)\ + \ endpoint to fetch all content items that you have permissions to view." + operationId: getGlobalFolderAsyncStatus + parameters: + - name: jobId + in: path + description: The identifier of the asynchronous Global View job. + required: true + schema: + type: string + responses: + "200": + description: Asynchronous Global View job status. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncJobStatus' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/global/{jobId}/result: + get: + tags: + - folderManagement + summary: Get Global View job result + description: Get result of a Global View job for the given job identifier. The + result will be a list of all content items that a user has permissions to + view in the organization. + operationId: getGlobalFolderAsyncResult + parameters: + - name: jobId + in: path + description: The identifier of the asynchronous Global View job. + required: true + schema: + type: string + responses: + "200": + description: List of all content items with view permission. + content: + application/json: + schema: + $ref: '#/components/schemas/ContentList' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/adminRecommended: + get: + tags: + - folderManagement + summary: Schedule Admin Recommended folder job + description: |- + Schedule an asynchronous job to get the top-level Admin Recommended content items. You can read more about Admin Recommended folder [here](https://help.sumologic.com/Manage/Content_Sharing/Admin_Mode#move-important-content-to-admin-recommended). + + _You get back a identifier of asynchronous job in response to this endpoint. See [Asynchronous-Request](#section/Getting-Started/Asynchronous-Request) section for more details on how to work with asynchronous request._ + operationId: getAdminRecommendedFolderAsync + parameters: + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: An asynchronous job to get the Admin Recommended folder has + been scheduled. + content: + application/json: + schema: + $ref: '#/components/schemas/BeginAsyncJobResponse' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/adminRecommended/{jobId}/status: + get: + tags: + - folderManagement + summary: Get Admin Recommended folder job status + description: "Get the status of an asynchronous Admin Recommended folder job\ + \ for the given job identifier. If job succeeds, use [Admin Recommended Job\ + \ Result](#operation/getAdminRecommendedFolderAsyncResult) endpoint to fetch\ + \ top-level content items in Admin Recommended folder." + operationId: getAdminRecommendedFolderAsyncStatus + parameters: + - name: jobId + in: path + description: The identifier of the asynchronous Admin Recommended folder job. + required: true + schema: + type: string + responses: + "200": + description: Asynchronous Admin Recommended folder job status. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncJobStatus' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/adminRecommended/{jobId}/result: + get: + tags: + - folderManagement + summary: Get Admin Recommended folder job result + description: Get result of an Admin Recommended job for the given job identifier. + The result will be "Admin Recommended" folder with a list of top-level Admin + Recommended content items in `children` field. + operationId: getAdminRecommendedFolderAsyncResult + parameters: + - name: jobId + in: path + description: The identifier of the asynchronous Admin Recommended folder job. + required: true + schema: + type: string + responses: + "200": + description: Admin Recommended folder. + content: + application/json: + schema: + $ref: '#/components/schemas/Folder' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/installedApps: + get: + tags: + - folderManagement + summary: Schedule Installed Apps folder job + description: |- + Schedule an asynchronous job to get the top-level Installed Apps content items. + + _You get back a identifier of asynchronous job in response to this endpoint. See [Asynchronous-Request](#section/Getting-Started/Asynchronous-Request) section for more details on how to work with asynchronous request._ + operationId: getInstalledAppsFolderAsync + parameters: + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: An asynchronous job to get the Installed Apps folder has been + scheduled. + content: + application/json: + schema: + $ref: '#/components/schemas/BeginAsyncJobResponse' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/installedApps/{jobId}/status: + get: + tags: + - folderManagement + summary: Get Installed Apps folder job status + description: "Get the status of an asynchronous Installed Apps folder job for\ + \ the given job identifier. If job succeeds, use [Installed Apps Job Result](#operation/getInstalledAppsFolderAsyncResult)\ + \ endpoint to fetch top-level content items in Installed Apps folder." + operationId: getInstalledAppsFolderAsyncStatus + parameters: + - name: jobId + in: path + description: The identifier of the asynchronous Installed Apps folder job. + required: true + schema: + type: string + responses: + "200": + description: Asynchronous Installed Apps folder job status. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncJobStatus' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/installedApps/{jobId}/result: + get: + tags: + - folderManagement + summary: Get Installed Apps folder job result + description: Get result of an Installed Apps job for the given job identifier. + The result will be "Installed Apps" folder with a list of top-level Installed + Apps content items in `children` field. + operationId: getInstalledAppsFolderAsyncResult + parameters: + - name: jobId + in: path + description: The identifier of the asynchronous Installed Apps folder job. + required: true + schema: + type: string + responses: + "200": + description: Installed Apps folder. + content: + application/json: + schema: + $ref: '#/components/schemas/Folder' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/{id}/permissions: + get: + tags: + - contentPermissions + summary: Get permissions of a content item + description: Returns content permissions of a content item with the given identifier. + operationId: getContentPermissions + parameters: + - name: id + in: path + description: The identifier of the content item. + required: true + schema: + type: string + - name: explicitOnly + in: query + description: "There are two permission types: explicit and implicit. Permissions\ + \ specifically assigned to the content item are explicit. Permissions derived\ + \ from a parent content item, like a folder are implicit. To return only\ + \ explicit permissions set this to true." + schema: + type: boolean + default: false + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: A list of permissions for the requested content item. + content: + application/json: + schema: + $ref: '#/components/schemas/ContentPermissionResult' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/{id}/permissions/add: + put: + tags: + - contentPermissions + summary: Add permissions to a content item. + description: Add permissions to a content item with the given identifier. + operationId: addContentPermissions + parameters: + - name: id + in: path + description: The identifier of the content item. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + requestBody: + description: New permissions to add to the content item with the given identifier. + content: + application/json: + schema: + $ref: '#/components/schemas/ContentPermissionUpdateRequest' + required: true + responses: + "200": + description: Updated permission object for the requested content item. + content: + application/json: + schema: + $ref: '#/components/schemas/ContentPermissionResult' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/{id}/permissions/remove: + put: + tags: + - contentPermissions + summary: Remove permissions from a content item. + description: Remove permissions from a content item with the given identifier. + operationId: removeContentPermissions + parameters: + - name: id + in: path + description: The identifier of the content item. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + requestBody: + description: Permissions to remove from a content item with the given identifier. + content: + application/json: + schema: + $ref: '#/components/schemas/ContentPermissionUpdateRequest' + required: true + responses: + "200": + description: Updated permissions for the requested content item. + content: + application/json: + schema: + $ref: '#/components/schemas/ContentPermissionResult' + default: + description: Operation failed with an error. Check that your request is + valid. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/path: + get: + tags: + - contentManagement + summary: Get content item by path. + description: |- + Get a content item corresponding to the given path. + + _Path is specified in the required query parameter `path`. The path should be URL encoded._ For example, to get "Acme Corp" folder of a user "user@sumo.com" you can use the following curl command: + ```bash + curl https://api.sumologic.com/api/v2/content/path?path=/Library/Users/user%40sumo.com/Acme%20Corp + ``` + + + The absolute path to a content item should be specified to get the item. The content library has "Library" folder at the root level. For items in "Personal" folder, the base path is "/Library/Users/user@sumo.com" where "user@sumo.com" is the email address of the user. For example if a user with email address `wile@acme.com` has `Rockets` folder inside Personal folder, the path of Rockets folder will be `/Library/Users/wile@acme.com/Rockets`. + + For items in "Admin Recommended" folder, the base path is "/Library/Admin Recommended". For example, given a folder `Acme` in Admin Recommended folder, the path will be `/Library/Admin Recommended/Acme`. + operationId: getItemByPath + parameters: + - name: path + in: query + description: Path of the content item to retrieve. + required: true + schema: + type: string + example: /Library/Users/user@sumo.com/SampleFolder + responses: + "200": + description: Content item corresponding to the given path. + content: + application/json: + schema: + $ref: '#/components/schemas/Content' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/{contentId}/path: + get: + tags: + - contentManagement + summary: Get path of an item. + description: | + Get full path of a content item with the given identifier. + operationId: getPathById + parameters: + - name: contentId + in: path + description: Identifier of the content item to get the path. + required: true + schema: + type: string + responses: + "200": + description: Full path of the content item. + content: + application/json: + schema: + $ref: '#/components/schemas/ContentPath' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/{id}/export: + post: + tags: + - contentManagement + summary: Start a content export job. + description: |- + Schedule an _asynchronous_ export of content with the given identifier. You will get back an asynchronous job identifier on success. Use the [getAsyncExportStatus](#operation/getAsyncExportStatus) endpoint and the job identifier you got back in the response to track the status of an asynchronous export job. + If the content item is a folder, everything under the folder is exported recursively. Keep in mind when exporting large folders that there is a limit of 1000 content objects that can be exported at once. If you want to import more than 1000 content objects, then be sure to split the import into batches of 1000 objects or less. + The results from the export are compatible with the Library import feature in the Sumo Logic user interface as well as the API content import job. + operationId: beginAsyncExport + parameters: + - name: id + in: path + description: The identifier of the content item to export. Identifiers from + the Library in the Sumo user interface are provided in decimal format which + is incompatible with this API. The identifier needs to be in hexadecimal + format. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: Export job has been scheduled. + content: + application/json: + schema: + $ref: '#/components/schemas/BeginAsyncJobResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/{contentId}/export/{jobId}/status: + get: + tags: + - contentManagement + summary: Content export job status. + description: "Get the status of an asynchronous content export request for the\ + \ given job identifier. On success, use the [getExportResult](#operation/getAsyncExportResult)\ + \ endpoint to get the result of the export job." + operationId: getAsyncExportStatus + parameters: + - name: contentId + in: path + description: The identifier of the exported content item. + required: true + schema: + type: string + - name: jobId + in: path + description: The identifier of the asynchronous export job. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: The status of the export job. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncJobStatus' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/{contentId}/export/{jobId}/result: + get: + tags: + - contentManagement + summary: Content export job result. + description: Get results from content export job for the given job identifier. + The results from this export are incompatible with the Library import feature + in the Sumo user interface. + operationId: getAsyncExportResult + parameters: + - name: contentId + in: path + description: The identifier of the exported content item. + required: true + schema: + type: string + - name: jobId + in: path + description: The identifier of the asynchronous job. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: The result of export job. + content: + application/json: + schema: + $ref: '#/components/schemas/ContentSyncDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/{folderId}/import: + post: + tags: + - contentManagement + summary: Start a content import job. + description: "Schedule an asynchronous import of content inside an existing\ + \ folder with the given identifier. Import requests can be used to create\ + \ or update content within a folder. Content items need to have a unique name\ + \ within their folder. If there is already a content item with the same name\ + \ in the folder, you can set the `overwrite` parameter to `true` to overwrite\ + \ existing content items. By default, the `overwrite` parameter is set to\ + \ `false`, where the import will fail if a content item with the same name\ + \ already exist. Keep in mind when importing large folders that there is a\ + \ limit of 1000 content objects that can be imported at once. If you want\ + \ to import more than 1000 content objects, then be sure to split the import\ + \ into batches of 1000 objects or less." + operationId: beginAsyncImport + parameters: + - name: folderId + in: path + description: The identifier of the folder to import into. Identifiers from + the Library in the Sumo user interface are provided in decimal format which + is incompatible with this API. The identifier needs to be in hexadecimal + format. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + - name: overwrite + in: query + description: Set this to "true" to overwrite a content item if the name already + exists. + required: false + schema: + type: boolean + default: false + requestBody: + description: The content to import. + content: + application/json: + schema: + $ref: '#/components/schemas/ContentSyncDefinition' + required: true + responses: + "200": + description: Import job has been scheduled. + content: + application/json: + schema: + $ref: '#/components/schemas/BeginAsyncJobResponse' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/{folderId}/import/{jobId}/status: + get: + tags: + - contentManagement + summary: Content import job status. + description: Get the status of a content import job for the given job identifier. + operationId: getAsyncImportStatus + parameters: + - name: folderId + in: path + description: The identifier of the folder to import into. + required: true + schema: + type: string + - name: jobId + in: path + description: The identifier of the import request. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: The status of the import job. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncJobStatus' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/folders/{folderId}/import/{jobId}/result: + get: + tags: + - contentManagement + summary: Content import job result. + description: Get the complete summary of content import job for the given job + identifier. + operationId: getAsyncImportResult + parameters: + - name: folderId + in: path + description: The identifier of the folder to import into. + required: true + schema: + type: string + - name: jobId + in: path + description: The identifier of the import request. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: The result of the import job. + content: + application/json: + schema: + $ref: '#/components/schemas/ImportResult' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/{id}/delete: + delete: + tags: + - contentManagement + summary: Start a content deletion job. + description: Start an asynchronous content deletion job with the given identifier. + operationId: beginAsyncDelete + parameters: + - name: id + in: path + description: Identifier of the content to delete. Identifiers from the Library + in the Sumo user interface are provided in decimal format which is incompatible + with this API. The identifier needs to be in hexadecimal format. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: Deletion job has been scheduled. + content: + application/json: + schema: + $ref: '#/components/schemas/BeginAsyncJobResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/{id}/delete/{jobId}/status: + get: + tags: + - contentManagement + summary: Content deletion job status. + description: Get the status of an asynchronous content deletion job request + for the given job identifier. + operationId: getAsyncDeleteStatus + parameters: + - name: id + in: path + description: Identifier of the content to delete. + required: true + schema: + type: string + - name: jobId + in: path + description: The identifier of the asynchronous job. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: The status of the content deletion job. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncJobStatus' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/{id}/copy: + post: + tags: + - contentManagement + summary: Start a content copy job. + description: "Start an asynchronous content copy job with the given identifier\ + \ to the destination folder. If the content item is a folder, everything under\ + \ the folder is copied recursively." + operationId: beginAsyncCopy + parameters: + - name: id + in: path + description: The identifier of the content item to copy. Identifiers from + the Library in the Sumo user interface are provided in decimal format which + is incompatible with this API. The identifier needs to be in hexadecimal + format. + required: true + schema: + type: string + - name: destinationFolder + in: query + description: The identifier of the destination folder. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: Content copy job has been scheduled. + content: + application/json: + schema: + $ref: '#/components/schemas/BeginAsyncJobResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/{id}/copy/{jobId}/status: + get: + tags: + - contentManagement + summary: Content copy job status. + description: | + Get the status of the copy request with the given job identifier. On success, field `statusMessage` will contain identifier of the newly copied content in format: `id: {hexIdentifier}`. + operationId: asyncCopyStatus + parameters: + - name: id + in: path + description: The identifier of the content which was copied. + required: true + schema: + type: string + - name: jobId + in: path + description: The identifier of the asynchronous copy request job. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: The status of the content copy job. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncJobStatus' + example: + status: Success + statusMessage: "id: 0000000000000197" + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/content/{id}/move: + post: + tags: + - contentManagement + summary: Move an item. + description: | + Moves an item from its current location to another folder. + operationId: moveItem + parameters: + - name: destinationFolderId + in: query + description: Identifier of the destination folder. + required: true + schema: + type: string + - name: id + in: path + description: Identifier of the item the user wants to move. + required: true + schema: + type: string + - name: isAdminMode + in: header + description: Set this to "true" if you want to perform the request as a Content + Administrator. + required: false + schema: + type: string + responses: + "200": + description: Content was moved successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/transformationRules: + get: + tags: + - transformationRuleManagement + summary: Get a list of transformation rules. + description: Get a list of transformation rules in the organization. The response + is paginated with a default limit of 100 rules per page. + operationId: getTransformationRules + parameters: + - name: limit + in: query + description: Limit the number of transformation rules returned in the response. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + example: 10 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + responses: + "200": + description: List of transformation rules. + content: + application/json: + schema: + $ref: '#/components/schemas/TransformationRulesResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - transformationRuleManagement + summary: Create a new transformation rule. + description: Create a new transformation rule. + operationId: createRule + parameters: [] + requestBody: + description: The configuration of the transformation rule to create. + content: + application/json: + schema: + $ref: '#/components/schemas/TransformationRuleRequest' + required: true + responses: + "200": + description: The transformation rule was successfully created. + content: + application/json: + schema: + $ref: '#/components/schemas/TransformationRuleResponse' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/transformationRules/{id}: + get: + tags: + - transformationRuleManagement + summary: Get a transformation rule. + description: Get a transformation rule with the given identifier. + operationId: getTransformationRule + parameters: + - name: id + in: path + description: Identifier of transformation rule to return. + required: true + schema: + type: string + responses: + "200": + description: Transformation rule object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/TransformationRuleResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - transformationRuleManagement + summary: Update a transformation rule. + description: Update an existing transformation rule. All properties specified + in the request are replaced. Missing properties will remain the same. + operationId: updateTransformationRule + parameters: + - name: id + in: path + description: Identifier of the transformation rule to update. + required: true + schema: + type: string + requestBody: + description: Information to update about the transformation rule. + content: + application/json: + schema: + $ref: '#/components/schemas/TransformationRuleRequest' + required: true + responses: + "200": + description: The transformation rule was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/TransformationRuleResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - transformationRuleManagement + summary: Delete a transformation rule. + description: Delete a transformation rule with the given identifier. + operationId: deleteRule + parameters: + - name: id + in: path + description: Identifier of the transformation rule to delete. + required: true + schema: + type: string + responses: + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "204": + description: The transformation rule was successfully deleted. + /v1/account/accountOwner: + get: + tags: + - accountManagement + summary: Get the owner of an account. + description: Returns the user identifier of the account owner. + operationId: getAccountOwner + responses: + "200": + description: User identifier of the account owner. + content: + application/json: + schema: + type: string + example: 00000000000001E7 + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/account/status: + get: + tags: + - accountManagement + summary: Get overview of the account status. + description: "Get information related to the account's plan, pricing model,\ + \ expiration and payment status." + operationId: getStatus + responses: + "200": + description: Overview of the account. + content: + application/json: + schema: + $ref: '#/components/schemas/AccountStatusResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/account/subdomain: + get: + tags: + - accountManagement + summary: Get the configured subdomain. + description: Get the configured subdomain. + operationId: getSubdomain + responses: + "200": + description: The subdomain's definition. + content: + application/json: + schema: + $ref: '#/components/schemas/SubdomainDefinitionResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - accountManagement + summary: Update account subdomain. + description: Update a subdomain. Only the Account Owner can update the subdomain. + operationId: updateSubdomain + requestBody: + description: The new subdomain. + content: + application/json: + schema: + $ref: '#/components/schemas/ConfigureSubdomainRequest' + required: true + responses: + "200": + description: The updated subdomain's definition. + content: + application/json: + schema: + $ref: '#/components/schemas/SubdomainDefinitionResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - accountManagement + summary: Create account subdomain. + description: Create a subdomain. Only the Account Owner can create a subdomain. + operationId: createSubdomain + requestBody: + description: The new subdomain. + content: + application/json: + schema: + $ref: '#/components/schemas/ConfigureSubdomainRequest' + required: true + responses: + "200": + description: Created a new subdomain. + content: + application/json: + schema: + $ref: '#/components/schemas/SubdomainDefinitionResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - accountManagement + summary: Delete the configured subdomain. + description: Delete the configured subdomain. + operationId: deleteSubdomain + responses: + "204": + description: The subdomain was successfully deleted. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/account/subdomain/recover: + post: + tags: + - accountManagement + summary: Recover subdomains for a user. + description: Send an email with the subdomain information for a user with the + given email address. + operationId: recoverSubdomains + parameters: + - name: email + in: query + description: Email address of the user to get subdomain information. + required: true + schema: + type: string + responses: + "204": + description: An email containing information about associated subdomains + for the given email was sent. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/account/usage/report: + post: + tags: + - accountManagement + summary: Export credits usage details as CSV. + description: "Export the credit usage details as csv for the specific period\ + \ of time given as input in the form of a start and end date with a specific\ + \ grouping according to `day`, `week`, `month`, Note that this API will work\ + \ only for credits plan customers." + operationId: exportUsageReport + requestBody: + description: Export Usage Report Request. + content: + application/json: + schema: + $ref: '#/components/schemas/UsageReportRequest' + required: true + responses: + "200": + description: Export Response with Job Id. + content: + application/json: + schema: + $ref: '#/components/schemas/UsageReportResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/account/usage/report/{jobId}/status: + get: + tags: + - accountManagement + summary: Get report generation status. + description: Get the report download URL and status using Job Id. + operationId: getStatusForReport + parameters: + - name: jobId + in: path + description: Job Id for the report to be exported. + required: true + schema: + type: string + responses: + "200": + description: Status response containing status and downloadURL if successful. + content: + application/json: + schema: + $ref: '#/components/schemas/UsageReportStatusResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/account/usageForecast: + get: + tags: + - accountManagement + summary: Get usage forecast with respect to last number of days specified. + description: "Get usage forecast with respect to last number of days specified.\ + \ If nothing is provided for last number of days, the average of term period\ + \ will be taken to do the forecast." + operationId: getUsageForecast + parameters: + - name: numberOfDays + in: query + description: Number of days to use for calculating average usage and forecast. + required: false + schema: + type: number + responses: + "200": + description: Usage Forecast. + content: + application/json: + schema: + $ref: '#/components/schemas/UsageForecastResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/plan/pendingUpdateRequest: + get: + tags: + - accountManagement + summary: "Get the pending plan update request, if any." + description: Get the pending plan update request which will be applicable from + next billing cycle. + operationId: getPendingUpdateRequest + responses: + "200": + description: Pending plan update request. + content: + application/json: + schema: + $ref: '#/components/schemas/PendingUpdateRequest' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - accountManagement + summary: "Delete the pending plan update request, if any." + description: Delete the pending plan update request which would be applicable + from next billing cycle. + operationId: deletePendingUpdateRequest + responses: + "204": + description: Deleted the pending update request. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/organizations/usages: + post: + tags: + - orgsManagement + summary: Get usages for child orgs. + description: Get the credits usage details of the child orgs for a parent. + operationId: getChildUsages + requestBody: + description: Details for the usages to be fetched. + content: + application/json: + schema: + $ref: '#/components/schemas/ChildUsageDetailsRequest' + responses: + "200": + description: Usage details for the child orgs. + content: + application/json: + schema: + $ref: '#/components/schemas/ChildUsageDetailsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/metricsSearches: + post: + tags: + - metricsSearchesManagement + summary: Save a metrics search. + description: "Saves a metrics search in the content library. Metrics search\ + \ consists of one or more queries, a time range, a quantization period and\ + \ a set of chart properties like line width." + operationId: createMetricsSearch + parameters: [] + requestBody: + description: The definition of the metrics search. + content: + application/json: + schema: + $ref: '#/components/schemas/SaveMetricsSearchRequest' + required: true + responses: + "200": + description: Newly created metrics search. + content: + application/json: + schema: + $ref: '#/components/schemas/MetricsSearchInstance' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/metricsSearches/{id}: + get: + tags: + - metricsSearchesManagement + summary: Get a metrics search. + description: Returns a metrics search with the specified identifier. + operationId: getMetricsSearch + parameters: + - name: id + in: path + description: Identifier of the metrics search. + required: true + schema: + type: string + responses: + "200": + description: A metrics search object with metadata. + content: + application/json: + schema: + $ref: '#/components/schemas/MetricsSearchInstance' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - metricsSearchesManagement + summary: Updates a metrics search. + description: "Updates a metrics search with the specified identifier. Partial\ + \ updates are not supported, you must provide values for all fields." + operationId: updateMetricsSearch + parameters: + - name: id + in: path + description: Identifier of the metrics search. + required: true + schema: + type: string + requestBody: + description: An updated metrics search definition. + content: + application/json: + schema: + $ref: '#/components/schemas/MetricsSearchV1' + required: true + responses: + "200": + description: The metrics saved search that was updated. + content: + application/json: + schema: + $ref: '#/components/schemas/MetricsSearchInstance' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - metricsSearchesManagement + summary: Deletes a metrics search. + description: Deletes a metrics search from the content library. + operationId: deleteMetricsSearch + parameters: + - name: id + in: path + description: Identifier of the metrics search. + required: true + schema: + type: string + responses: + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "204": + description: The metrics search was successfully deleted. + /v1/tokens: + get: + tags: + - tokensLibraryManagement + summary: Get a list of tokens. + description: Get a list of all tokens in the token library. + operationId: listTokens + responses: + "200": + description: A list of tokens. + content: + application/json: + schema: + $ref: '#/components/schemas/ListTokensBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - tokensLibraryManagement + summary: Create a token. + description: Create a token in the token library. + operationId: createToken + requestBody: + description: Information about the token to create. + content: + application/json: + schema: + $ref: '#/components/schemas/TokenBaseDefinition' + required: true + responses: + "200": + description: The token has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/TokenBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tokens/{id}: + get: + tags: + - tokensLibraryManagement + summary: Get a token. + description: Get a token with the given identifier in the token library. + operationId: getToken + parameters: + - name: id + in: path + description: Identifier of the token to return. + required: true + schema: + type: string + responses: + "200": + description: Token object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/TokenBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - tokensLibraryManagement + summary: Update a token. + description: Update a token with the given identifier in the token library. + operationId: updateToken + parameters: + - name: id + in: path + description: Identifier of the token to update. + required: true + schema: + type: string + requestBody: + description: The token to update. + content: + application/json: + schema: + $ref: '#/components/schemas/TokenBaseDefinitionUpdate' + required: true + responses: + "200": + description: The token was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/TokenBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - tokensLibraryManagement + summary: Delete a token. + description: Delete a token with the given identifier in the token library. + operationId: deleteToken + parameters: + - name: id + in: path + description: Identifier of the token to delete. + required: true + schema: + type: string + responses: + "204": + description: The token was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/accessKeys: + get: + tags: + - accessKeyManagement + summary: List all access keys. + description: List all access keys in your account. + operationId: listAccessKeys + parameters: + - name: limit + in: query + description: Limit the number of access keys returned in the response. The + number of access keys returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + responses: + "200": + description: A list of all access keys in your account. + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedListAccessKeysResult' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - accessKeyManagement + summary: Create an access key. + description: |- + Creates a new access ID and key pair. The new access key can be used from the domains specified in corsHeaders field. Whether Sumo Logic accepts or rejects an API request depends on whether it contains an ORIGIN header and the entries in the allowlist. Sumo Logic will reject: + 1. Requests with an ORIGIN header but the allowlist is empty. + 2. Requests with an ORIGIN header that don't match any entry in the allowlist. + operationId: createAccessKey + parameters: [] + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AccessKeyCreateRequest' + required: true + responses: + "200": + description: Access key created successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/AccessKey' + default: + description: Access key creation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/accessKeys/personal: + get: + tags: + - accessKeyManagement + summary: List personal keys. + description: List all access keys that belong to your user. + operationId: listPersonalAccessKeys + responses: + "200": + description: A list of all access keys that belong to the user making the + request. + content: + application/json: + schema: + $ref: '#/components/schemas/ListAccessKeysResult' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/accessKeys/scopes: + get: + tags: + - accessKeyManagement + summary: Get all scopes. + description: Get a list of all of the scopes that can be added to an access + key. + operationId: listScopes + responses: + "200": + description: A list of scopes that can be added to an access key. + content: + application/json: + schema: + $ref: '#/components/schemas/ScopesList' + default: + description: Operation failed with an error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/accessKeys/{id}: + put: + tags: + - accessKeyManagement + summary: Update an access key. + description: Updates the properties of existing accessKey by accessId. It can + be used to enable or disable the access key and to update the corsHeaders + list. + operationId: updateAccessKey + parameters: + - name: id + in: path + description: The accessId of the access key to update. + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AccessKeyUpdateRequest' + required: true + responses: + "200": + description: Access key updated successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/AccessKeyPublic' + default: + description: Access key update failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - accessKeyManagement + summary: Delete an access key. + description: Deletes the access key with the given accessId. + operationId: deleteAccessKey + parameters: + - name: id + in: path + description: The accessId of the access key to delete. + required: true + schema: + type: string + responses: + "204": + description: Access key deletion completed successfully. + default: + description: Access key deletion failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/accessKeys/{id}/rotate: + put: + tags: + - accessKeyManagement + summary: Rotate the access key secret + description: "Generates a new secret for the access key that is passed in the\ + \ call, keeping the same access ID." + operationId: rotateAccessKeySecret + parameters: + - name: id + in: path + description: The accessId of the access key to rotate the secret for. + required: true + schema: + type: string + responses: + "200": + description: Access key secret rotated successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/AccessKey' + default: + description: Access key secret rotation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/saml/identityProviders: + get: + tags: + - samlConfigurationManagement + summary: Get a list of SAML configurations. + description: Get a list of all SAML configurations in the organization. + operationId: getIdentityProviders + responses: + "200": + description: A list of SAML configurations in the organization. + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/SamlIdentityProvider' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - samlConfigurationManagement + summary: Create a new SAML configuration. + description: Create a new SAML configuration in the organization. + operationId: createIdentityProvider + parameters: [] + requestBody: + description: The configuration of the SAML identity provider. + content: + application/json: + schema: + $ref: '#/components/schemas/SamlIdentityProviderRequest' + required: true + responses: + "200": + description: The SAML configuration was successfully created. + content: + application/json: + schema: + $ref: '#/components/schemas/SamlIdentityProvider' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/saml/identityProviders/{id}: + put: + tags: + - samlConfigurationManagement + summary: Update a SAML configuration. + description: Update an existing SAML configuration in the organization. + operationId: updateIdentityProvider + parameters: + - name: id + in: path + description: Identifier of the SAML configuration to update. + required: true + schema: + type: string + requestBody: + description: Information to update in the SAML configuration. + content: + application/json: + schema: + $ref: '#/components/schemas/SamlIdentityProviderRequest' + required: true + responses: + "200": + description: The SAML configuration was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/SamlIdentityProvider' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - samlConfigurationManagement + summary: Delete a SAML configuration. + description: Delete a SAML configuration with the given identifier from the + organization. + operationId: deleteIdentityProvider + parameters: + - name: id + in: path + description: Identifier of the SAML configuration to delete. + required: true + schema: + type: string + responses: + "204": + description: The SAML configuration was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/saml/allowlistedUsers: + get: + tags: + - samlConfigurationManagement + summary: Get list of allowlisted users. + description: Get a list of allowlisted users. + operationId: getAllowlistedUsers + responses: + "200": + description: A list of allowlisted users from the organization. + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/AllowlistedUserResult' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/saml/allowlistedUsers/{userId}: + post: + tags: + - samlConfigurationManagement + summary: Allowlist a user. + description: Allowlist a user from SAML lockdown allowing them to sign in using + a password in addition to SAML. + operationId: createAllowlistedUser + parameters: + - name: userId + in: path + description: Identifier of the user. + required: true + schema: + type: string + responses: + "200": + description: User was successfully allowlisted. + content: + application/json: + schema: + $ref: '#/components/schemas/AllowlistedUserResult' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - samlConfigurationManagement + summary: Remove an allowlisted user. + description: Remove an allowlisted user requiring them to sign in using SAML. + operationId: deleteAllowlistedUser + parameters: + - name: userId + in: path + description: Identifier of user that will no longer be allowlisted from SAML + Lockdown. + required: true + schema: + type: string + responses: + "204": + description: User was successfully removed from the allowlist for SAML Lockdown. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/saml/lockdown/enable: + post: + tags: + - samlConfigurationManagement + summary: Require SAML for sign-in. + description: Enabling SAML lockdown requires users to sign in using SAML preventing + them from logging in with an email and password. + operationId: enableSamlLockdown + responses: + "204": + description: SAML lockdown was enabled successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/saml/lockdown/disable: + post: + tags: + - samlConfigurationManagement + summary: Disable SAML lockdown. + description: Disable SAML lockdown for the organization. + operationId: disableSamlLockdown + responses: + "204": + description: SAML lockdown was disabled successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/saml/identityProviders/{id}/metadata: + get: + tags: + - samlConfigurationManagement + summary: Get SAML configuration metadata XML. + description: Get metadata XML for a specific SAML configuration within the organization. + operationId: getSamlMetadata + parameters: + - name: id + in: path + description: Identifier of the SAML configuration for which metadata should + be returned. + required: true + schema: + type: string + responses: + "200": + description: A SAML configuration metadata XML within the organization. + content: + application/xml: + schema: + type: string + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/serviceAllowlist/addresses: + get: + tags: + - serviceAllowlistManagement + summary: List all allowlisted CIDRs/IP addresses. + description: Get a list of all allowlisted CIDR notations and/or IP addresses + for the organization. + operationId: listAllowlistedCidrs + responses: + "200": + description: List of all allowlisted CIDR notations and/or IP addresses + for the organization. + content: + application/json: + schema: + $ref: '#/components/schemas/CidrList' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/serviceAllowlist/addresses/add: + post: + tags: + - serviceAllowlistManagement + summary: Allowlist CIDRs/IP addresses. + description: "Add CIDR notations and/or IP addresses to the allowlist of the\ + \ organization if not already there. When service allowlisting functionality\ + \ is enabled, CIDRs/IP addresses that are allowlisted will have access to\ + \ Sumo Logic and/or content sharing." + operationId: addAllowlistedCidrs + parameters: [] + requestBody: + description: List of all CIDR notations and/or IP addresses to be added to + the allowlist of the organization. + content: + application/json: + schema: + $ref: '#/components/schemas/CidrList' + required: true + responses: + "200": + description: List of all allowlisted CIDR notations and/or IP addresses + for the organization. + content: + application/json: + schema: + $ref: '#/components/schemas/CidrList' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/serviceAllowlist/addresses/remove: + post: + tags: + - serviceAllowlistManagement + summary: Remove allowlisted CIDRs/IP addresses. + description: Remove allowlisted CIDR notations and/or IP addresses from the + organization. Removed CIDRs/IPs will immediately lose access to Sumo Logic + and content sharing. + operationId: deleteAllowlistedCidrs + parameters: [] + requestBody: + description: List of all CIDR notations and/or IP addresses to be removed + from the allowlist of the organization. + content: + application/json: + schema: + $ref: '#/components/schemas/CidrList' + required: true + responses: + "200": + description: List of all allowlisted CIDR notations and/or IP addresses + for the organization. + content: + application/json: + schema: + $ref: '#/components/schemas/CidrList' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/serviceAllowlist/enable: + post: + tags: + - serviceAllowlistManagement + summary: Enable service allowlisting. + description: "Enable service allowlisting functionality for the organization.\ + \ The service allowlisting can be for 1. Login: If enabled, access to Sumo\ + \ Logic is granted only to CIDRs/IP addresses that are allowlisted. 2. Content:\ + \ If enabled, dashboards can be shared with users connecting from CIDRs/IP\ + \ addresses that are allowlisted without logging in." + operationId: enableAllowlisting + parameters: + - name: allowlistType + in: query + description: "The type of allowlisting to be enabled. It can be one of: `Login`,\ + \ `Content`, or `Both`." + required: true + schema: + pattern: ^(Login|Content|Both)$ + type: string + description: "One of: `Login`, `Content`, `Both`." + example: Login + x-pattern-message: "must be `Login`, `Content`, or `Both`" + responses: + "204": + description: Service allowlisting was enabled successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/serviceAllowlist/disable: + post: + tags: + - serviceAllowlistManagement + summary: Disable service allowlisting. + description: Disable service allowlisting functionality for login/API authentication + or content sharing for the organization. + operationId: disableAllowlisting + parameters: + - name: allowlistType + in: query + description: "The type of allowlisting to be disabled. It can be one of: `Login`,\ + \ `Content`, or `Both`." + required: true + schema: + pattern: ^(Login|Content|Both)$ + type: string + description: "One of: `Login`, `Content`, `Both`." + example: Login + x-pattern-message: "must be `Login`, `Content`, or `Both`" + responses: + "204": + description: Service allowlisting was disabled successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/serviceAllowlist/status: + get: + tags: + - serviceAllowlistManagement + summary: Get the allowlisting status. + description: Get the status of the service allowlisting functionality for login/API + authentication or content sharing for the organization. + operationId: getAllowlistingStatus + responses: + "200": + description: The status of service allowlisting for Content and Login. + content: + application/json: + schema: + $ref: '#/components/schemas/AllowlistingStatus' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/policies/audit: + get: + tags: + - policiesManagement + summary: Get Audit policy. + description: "Get the Audit policy. This policy specifies whether audit records\ + \ for your account are enabled. You can access details about reported account\ + \ events in the Sumo Logic Audit Index. [Learn More](https://help.sumologic.com/Manage/Security/Audit-Index)" + operationId: getAuditPolicy + responses: + "200": + description: The Audit policy. + content: + application/json: + schema: + $ref: '#/components/schemas/AuditPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - policiesManagement + summary: Set Audit policy. + description: "Set the Audit policy. This policy specifies whether audit records\ + \ for your account are enabled. You can access details about reported account\ + \ events in the Sumo Logic Audit Index. [Learn More](https://help.sumologic.com/Manage/Security/Audit-Index)" + operationId: setAuditPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuditPolicy' + required: true + responses: + "200": + description: Audit policy was set successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/AuditPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/policies/searchAudit: + get: + tags: + - policiesManagement + summary: Get Search Audit policy. + description: "Get the Search Audit policy. This policy specifies whether search\ + \ records for your account are enabled. You can access details about your\ + \ account's search capacity, queries run by users from the Sumo Search Audit\ + \ Index. [Learn More](https://help.sumologic.com/Manage/Security/Search_Audit_Index)" + operationId: getSearchAuditPolicy + responses: + "200": + description: The Search Audit policy. + content: + application/json: + schema: + $ref: '#/components/schemas/SearchAuditPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - policiesManagement + summary: Set Search Audit policy. + description: "Set the Search Audit policy. This policy specifies whether search\ + \ records for your account are enabled. You can access details about your\ + \ account's search capacity, queries run by users from the Sumo Search Audit\ + \ Index. [Learn More](https://help.sumologic.com/Manage/Security/Search_Audit_Index)" + operationId: setSearchAuditPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SearchAuditPolicy' + required: true + responses: + "200": + description: Search Audit policy was set successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/SearchAuditPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/policies/shareDashboardsOutsideOrganization: + get: + tags: + - policiesManagement + summary: Get Share Dashboards Outside Organization policy. + description: "Get the Share Dashboards Outside Organization policy. This policy\ + \ allows users to share the dashboard with view only privileges outside of\ + \ the organization (capability must be enabled from the Roles page). Disabling\ + \ this policy will disable all dashboards that have been shared outside of\ + \ the organization. [Learn More](https://help.sumologic.com/Visualizations-and-Alerts/Dashboards/Share_Dashboards/Share_a_Dashboard_Outside_Your_Org)" + operationId: getShareDashboardsOutsideOrganizationPolicy + responses: + "200": + description: The Share Dashboards Outside Organization policy. + content: + application/json: + schema: + $ref: '#/components/schemas/ShareDashboardsOutsideOrganizationPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - policiesManagement + summary: Set Share Dashboards Outside Organization policy. + description: "Set the Share Dashboards Outside Organization policy. This policy\ + \ allows users to share the dashboard with view only privileges outside of\ + \ the organization (capability must be enabled from the Roles page). Disabling\ + \ this policy will disable all dashboards that have been shared outside of\ + \ the organization. [Learn More](https://help.sumologic.com/Visualizations-and-Alerts/Dashboards/Share_Dashboards/Share_a_Dashboard_Outside_Your_Org)" + operationId: setShareDashboardsOutsideOrganizationPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ShareDashboardsOutsideOrganizationPolicy' + required: true + responses: + "200": + description: Share Dashboards Outside Organization policy was set successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/ShareDashboardsOutsideOrganizationPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/policies/dataAccessLevel: + get: + tags: + - policiesManagement + summary: Get Data Access Level policy. + description: "Get the Data Access Level policy. When enabled, this policy sets\ + \ the default data access level for all newly created dashboards to the viewer’\ + s role access filter. Otherwise, newly created dashboards will default to\ + \ the sharer’s role access filter and might display data that viewers’ roles\ + \ don’t allow them to view. [Learn More](https://help.sumologic.com/Manage/Security/Data_Access_Level_for_Shared_Dashboards)" + operationId: getDataAccessLevelPolicy + responses: + "200": + description: The Data Access Level policy. + content: + application/json: + schema: + $ref: '#/components/schemas/DataAccessLevelPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - policiesManagement + summary: Set Data Access Level policy. + description: "Set the Data Access Level policy. When enabled, this policy sets\ + \ the default data access level for all newly created dashboards to the viewer’\ + s role access filter. Otherwise, newly created dashboards will default to\ + \ the sharer’s role access filter and might display data that viewers’ roles\ + \ don’t allow them to view. [Learn More](https://help.sumologic.com/Manage/Security/Data_Access_Level_for_Shared_Dashboards)" + operationId: setDataAccessLevelPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DataAccessLevelPolicy' + required: true + responses: + "200": + description: Data Access Level policy was set successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/DataAccessLevelPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/policies/userConcurrentSessionsLimit: + get: + tags: + - policiesManagement + summary: Get User Concurrent Sessions Limit policy. + description: "Get the User Concurrent Sessions Limit policy. When enabled, the\ + \ number of concurrent sessions a user may have is limited to the value entered.\ + \ If a user exceeds the allowed number of sessions, the user's oldest session\ + \ will be logged out to accommodate the new one. Disabling this policy means\ + \ a user may have an unlimited number of concurrent sessions. [Learn More](https://help.sumologic.com/Manage/Security/Set_a_Limit_for_User_Concurrent_Sessions)" + operationId: getUserConcurrentSessionsLimitPolicy + responses: + "200": + description: The User Concurrent Sessions Limit policy. + content: + application/json: + schema: + $ref: '#/components/schemas/UserConcurrentSessionsLimitPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - policiesManagement + summary: Set User Concurrent Sessions Limit policy. + description: "Set the User Concurrent Sessions Limit policy. When enabled, the\ + \ number of concurrent sessions a user may have is limited to the value entered.\ + \ If a user exceeds the allowed number of sessions, the user's oldest session\ + \ will be logged out to accommodate the new one. Disabling this policy means\ + \ a user may have an unlimited number of concurrent sessions. [Learn More](https://help.sumologic.com/Manage/Security/Set_a_Limit_for_User_Concurrent_Sessions)" + operationId: setUserConcurrentSessionsLimitPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserConcurrentSessionsLimitPolicy' + required: true + responses: + "200": + description: User Concurrent Sessions Limit policy was set successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/UserConcurrentSessionsLimitPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/policies/maxUserSessionTimeout: + get: + tags: + - policiesManagement + summary: Get Max User Session Timeout policy. + description: "Get the Max User Session Timeout policy. When enabled, this policy\ + \ sets the maximum web session timeout users are able to configure within\ + \ their user preferences. Users preferences will be updated to match this\ + \ value only if their current preference is set to a higher value. [Learn\ + \ More](https://help.sumologic.com/Manage/Security/Set_a_Maximum_Web_Session_Timeout)" + operationId: getMaxUserSessionTimeoutPolicy + responses: + "200": + description: The Max User Session Timeout policy. + content: + application/json: + schema: + $ref: '#/components/schemas/MaxUserSessionTimeoutPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - policiesManagement + summary: Set Max User Session Timeout policy. + description: "Set the Max User Session Timeout policy. When enabled, this policy\ + \ sets the maximum web session timeout users are able to configure within\ + \ their user preferences. Users preferences will be updated to match this\ + \ value only if their current preference is set to a higher value. [Learn\ + \ More](https://help.sumologic.com/Manage/Security/Set_a_Maximum_Web_Session_Timeout)" + operationId: setMaxUserSessionTimeoutPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/MaxUserSessionTimeoutPolicy' + required: true + responses: + "200": + description: Max User Session Timeout policy was set successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/MaxUserSessionTimeoutPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/policies/accessKeysLifetime: + get: + tags: + - policiesManagement + summary: Get access key lifetime policy. + description: "Get access key lifetime policy. This policy defines the maximum\ + \ time an access key has once it has been created or rotated before it must\ + \ be rotated. Otherwise, it will no longer be able to be used. The value 0\ + \ represents that the access keys will never expire and the time specified\ + \ can be configured by the organization." + operationId: getAccessKeysLifetimePolicy + responses: + "200": + description: The Access Key Lifetime Policy. + content: + application/json: + schema: + $ref: '#/components/schemas/AccessKeysLifetimePolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - policiesManagement + summary: Set access keys lifetime policy. + description: "Sets the access keys lifetime policy. By setting this policy,\ + \ the time an access key has to live before it is expired or must be rotated\ + \ is defined based on the period (default = never) configured for the organization.\ + \ Setting the value to 0 would represent that the access keys never expire." + operationId: setAccessKeysLifetimePolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AccessKeysLifetimePolicy' + required: true + responses: + "200": + description: Access Keys Lifetime policy was set successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/AccessKeysLifetimePolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/policies/dataDeletion: + get: + tags: + - policiesManagement + summary: Get Data Deletion policy. + description: "Get the Data Deletion policy. This policy specifies whether users\ + \ are allowed to delete data from Sumo Logic. Disabling this policy prevents\ + \ users from deleting log data. [Learn More](https://help.sumologic.com/Manage/Security/Data_Deletion)" + operationId: getDataDeletionPolicy + responses: + "200": + description: The Data Deletion policy. + content: + application/json: + schema: + $ref: '#/components/schemas/DataDeletionPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - policiesManagement + summary: Set Data Deletion policy. + description: "Set the Data Deletion policy. This policy specifies whether users\ + \ are allowed to delete data from Sumo Logic. Disabling this policy prevents\ + \ users from deleting log data. [Learn More](https://help.sumologic.com/Manage/Security/Data_Deletion)" + operationId: setDataDeletionPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DataDeletionPolicy' + required: true + responses: + "200": + description: Data Deletion policy was set successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/DataDeletionPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/healthEvents: + get: + tags: + - healthEvents + summary: Get a list of health events. + description: Get a list of all the unresolved health events in your account. + operationId: listAllHealthEvents + parameters: + - name: limit + in: query + description: Limit the number of health events returned in the response. The + number of health events returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + responses: + "200": + description: A paginated list of all the health events. + content: + application/json: + schema: + $ref: '#/components/schemas/ListHealthEventResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/healthEvents/resources: + post: + tags: + - healthEvents + summary: Health events for specific resources. + description: Get a list of all the unresolved events in your account that belong + to the supplied resource identifiers. + operationId: listAllHealthEventsForResources + parameters: + - name: limit + in: query + description: Limit the number of health events returned in the response. The + number of health events returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + requestBody: + description: Resource identifiers to request health events from. + content: + application/json: + schema: + $ref: '#/components/schemas/ResourceIdentities' + required: true + responses: + "200": + description: List of all the health events for the specified resources. + content: + application/json: + schema: + $ref: '#/components/schemas/ListHealthEventResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/archive/{sourceId}/jobs: + get: + tags: + - archiveManagement + summary: Get ingestion jobs for an Archive Source. + description: Get a list of all the ingestion jobs created on an Archive Source. + The response is paginated with a default limit of 10 jobs per page. + operationId: listArchiveJobsBySourceId + parameters: + - name: sourceId + in: path + description: The identifier of an Archive Source. + required: true + schema: + type: string + example: 000000000606C009 + - name: limit + in: query + description: Limit the number of jobs returned in the response. The number + of jobs returned may be less than the `limit`. + required: false + schema: + maximum: 100 + minimum: 1 + type: integer + format: int32 + default: 10 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + responses: + "200": + description: A paginated list of ingestion jobs for an Archive Source. + content: + application/json: + schema: + $ref: '#/components/schemas/ListArchiveJobsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - archiveManagement + summary: Create an ingestion job. + description: Create an ingestion job to pull data from your S3 bucket. + operationId: createArchiveJob + parameters: + - name: sourceId + in: path + description: The identifier of the Archive Source for which the job is to + be added. + required: true + schema: + type: string + example: 000000000606C009 + requestBody: + description: The definition of the ingestion job to create. + content: + application/json: + schema: + $ref: '#/components/schemas/CreateArchiveJobRequest' + required: true + responses: + "200": + description: The ingestion job was created successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/ArchiveJob' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/archive/{sourceId}/jobs/{id}: + delete: + tags: + - archiveManagement + summary: Delete an ingestion job. + description: Delete an ingestion job with the given identifier from the organization. + The delete operation is only possible for jobs with a Succeeded or Failed + status. + operationId: deleteArchiveJob + parameters: + - name: sourceId + in: path + description: The identifier of the Archive Source. + required: true + schema: + type: string + - name: id + in: path + description: The identifier of the ingestion job to delete. + required: true + schema: + type: string + responses: + "204": + description: The ingestion job was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/archive/jobs/count: + get: + tags: + - archiveManagement + summary: List ingestion jobs for all Archive Sources. + description: Get a list of all Archive Sources with the count and status of + ingestion jobs. + operationId: listArchiveJobsCountPerSource + parameters: [] + responses: + "200": + description: A list of Archive Sources with ingestion jobs. + content: + application/json: + schema: + $ref: '#/components/schemas/ListArchiveJobsCount' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/logSearches/estimatedUsage: + post: + tags: + - logSearchesEstimatedUsage + summary: Gets estimated usage details. + description: | + Gets the estimated volume of data that would be scanned for a given log search in the Infrequent data tier. + operationId: getLogSearchEstimatedUsage + parameters: [] + requestBody: + description: The definition of the log search estimated usage. + content: + application/json: + schema: + $ref: '#/components/schemas/LogSearchEstimatedUsageRequest' + required: true + responses: + "200": + description: Log search information along with its estimated usage details. + content: + application/json: + schema: + $ref: '#/components/schemas/LogSearchEstimatedUsageDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/logSearches/estimatedUsageByTier: + post: + tags: + - logSearchesEstimatedUsage + summary: Gets Tier Wise estimated usage details. + description: | + Gets the estimated volume of data that would be scanned for a given log search per data tier. + operationId: getLogSearchEstimatedUsageByTier + parameters: [] + requestBody: + description: The definition of the log search estimated usage. + content: + application/json: + schema: + $ref: '#/components/schemas/LogSearchEstimatedUsageRequestV2' + required: true + responses: + "200": + description: Log search information along with its tier wise estimated usage + details. + content: + application/json: + schema: + $ref: '#/components/schemas/LogSearchEstimatedUsageByTierDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/logSearches/estimatedUsageByMeteringType: + post: + tags: + - logSearchesEstimatedUsage + summary: Gets estimated usage details per metering type. + description: | + Gets the estimated volume of data, per metering type, that would be scanned for running a given log search for a given timerange. + operationId: getLogSearchEstimatedUsageByMeteringType + parameters: [] + requestBody: + description: The definition of the log search estimated usage. + content: + application/json: + schema: + $ref: '#/components/schemas/LogSearchEstimatedUsageRequestV3' + required: true + responses: + "200": + description: Log search information along with its metering type wise estimated + usage details. + content: + application/json: + schema: + $ref: '#/components/schemas/LogSearchEstimatedUsageByMeteringTypeDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/logSearches/estimatedUsageByView: + post: + tags: + - logSearchesEstimatedUsage + summary: Gets estimated usage details per view. + description: | + Gets the estimated volume of data, per view, that would be scanned for running a given log search for a given timerange. + operationId: logSearchesEstimatedUsageByView + parameters: [] + requestBody: + description: The definition of the log search estimated usage. + content: + application/json: + schema: + $ref: '#/components/schemas/LogSearchEstimatedUsageRequestV3' + required: true + responses: + "200": + description: Log search information along with its view wise estimated usage + details. + content: + application/json: + schema: + $ref: '#/components/schemas/LogSearchEstimatedUsageByViewDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/dashboards: + get: + tags: + - dashboardManagement + summary: List all dashboards. + description: List all dashboards under the Personal folder created by the user + or under folders viewable by user. + operationId: listDashboards + parameters: + - name: limit + in: query + description: Limit the number of dashboard returned in the response. The number + of dashboards returned may be less than the `limit`. + required: false + schema: + maximum: 100 + minimum: 1 + type: integer + format: int32 + default: 50 + example: 50 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + - name: mode + in: query + description: whether to list all viewable dashboards under the folders + required: false + schema: + pattern: ^(createdByUser|allViewableByUser)$ + type: string + example: createdByUser + x-pattern-message: Must be `createdByUser` or `allViewableByUser` + example: createdByUser + responses: + "200": + description: Paginated list of dashboards under the Personal folder created + by the user. + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedDashboards' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - dashboardManagement + summary: Create a new dashboard. + description: Creates a new dashboard. + operationId: createDashboard + requestBody: + description: Information to create the new dashboard. + content: + application/json: + schema: + $ref: '#/components/schemas/DashboardRequest' + required: true + responses: + "200": + description: The dashboard has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/Dashboard' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/dashboards/{id}: + get: + tags: + - dashboardManagement + summary: Get a dashboard. + description: Get a dashboard by the given identifier. + operationId: getDashboard + parameters: + - name: id + in: path + description: UUID of the dashboard to return. + required: true + schema: + type: string + responses: + "200": + description: Dashboard object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/Dashboard' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - dashboardManagement + summary: Update a dashboard. + description: Update a dashboard by the given identifier. + operationId: updateDashboard + parameters: + - name: id + in: path + description: Identifier of the dashboard to update. + required: true + schema: + type: string + requestBody: + description: Information to update on the dashboard. + content: + application/json: + schema: + $ref: '#/components/schemas/DashboardRequest' + required: true + responses: + "200": + description: The dashboard was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/Dashboard' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - dashboardManagement + summary: Delete a dashboard. + description: Delete a dashboard by the given identifier. + operationId: deleteDashboard + parameters: + - name: id + in: path + description: Identifier of the dashboard to delete. + required: true + schema: + type: string + responses: + "204": + description: Dashboard was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/dashboards/reportJobs: + post: + tags: + - dashboardManagement + summary: Start a report job + description: | + Schedule an asynchronous job to generate a report from a template. All items in the template will be included unless specified. See template section for more details on individual templates. Reports can be generated in Pdf or Png format and exported in various methods (ex. direct download). You will get back an asynchronous job identifier on success. Use the [getAsyncReportGenerationStatus](#operation/getAsyncExportStatus) endpoint and the job identifier you got back in the response to track the status of an asynchronous report generation job. + operationId: generateDashboardReport + requestBody: + description: Request for a report. + content: + application/json: + schema: + $ref: '#/components/schemas/GenerateReportRequest' + required: true + responses: + "200": + description: Export job has been scheduled. + content: + application/json: + schema: + $ref: '#/components/schemas/BeginAsyncJobResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/dashboards/reportJobs/{jobId}/status: + get: + tags: + - dashboardManagement + summary: Get report generation job status + description: "Get the status of an asynchronous report generation request for\ + \ the given job identifier. On success, use the [getReportGenerationResult](#operation/getAsyncReportGenerationResult)\ + \ endpoint to get the result of the report generation job." + operationId: getAsyncReportGenerationStatus + parameters: + - name: jobId + in: path + description: The identifier of the asynchronous report generation job. + required: true + schema: + type: string + responses: + "200": + description: The status of the report generation job. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncJobStatus' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/dashboards/reportJobs/{jobId}/result: + get: + tags: + - dashboardManagement + summary: Get report generation job result + description: Get the result of an asynchronous report generation request for + the given job identifier. + operationId: getAsyncReportGenerationResult + parameters: + - name: jobId + in: path + description: The identifier of the asynchronous report generation job. + required: true + schema: + type: string + responses: + "200": + description: The result of export job. + content: + application/pdf: + schema: + type: string + format: binary + image/png: + schema: + type: string + format: binary + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/dashboards/migrate: + post: + tags: + - dashboardManagement + summary: Migrate Legacy Dashboards to Dashboards(New) + description: | + Schedule an asynchronous job to migrate a list of legacy Dashboards to Dashboard(New). Once migration is finished, the migrated dashboards will be in the same folder as the corresponding legacy Dashboard. + Note: This feature is in beta and may not support all existing features of legacy dashboards. + operationId: migrateReportToDashboard + requestBody: + description: List of legacy dashboard content identifiers. + content: + application/json: + schema: + $ref: '#/components/schemas/DashboardMigrationRequest' + required: true + responses: + "200": + description: Async job identifier to get the status and result of the dashboard + migration job. + content: + application/json: + schema: + $ref: '#/components/schemas/BeginAsyncJobResponseV2' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/dashboards/migrate/preview: + post: + tags: + - dashboardManagement + summary: Preview of Migrating Legacy Dashboards to Dashboards(New) + description: Get a preview of migrating Legacy Dashboards to Dashboard(New) + operationId: previewMigrateReportToDashboard + requestBody: + description: List of content identifiers. Can be folders or classic dashboard. + content: + application/json: + schema: + $ref: '#/components/schemas/DashboardMigrationRequest' + required: true + responses: + "200": + description: Preview of the dashboard migration job. + content: + application/json: + schema: + $ref: '#/components/schemas/MigrationPreviewResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/dashboards/migrate/{jobId}/status: + get: + tags: + - dashboardManagement + summary: Get dashboard migration status. + description: "Get the status of an asynchronous Dashboard Migration job for\ + \ the given job identifier. If job succeeds, use Dashboard Migration Result\ + \ endpoint to see results of the migration." + operationId: getDashboardMigrationStatus + parameters: + - name: jobId + in: path + description: The identifier of the asynchronous Dashboard Migration job. + required: true + schema: + type: string + responses: + "200": + description: Dashboard migration job status. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncJobStatus' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/dashboards/migrate/{jobId}/result: + get: + tags: + - dashboardManagement + summary: Get dashboard migration result. + description: Get the result of an asynchronous Dashboard Migration request for + the given job identifier. + operationId: getDashboardMigrationResult + parameters: + - name: jobId + in: path + description: The identifier of the asynchronous Dashboard Migration job. + required: true + schema: + type: string + responses: + "200": + description: Dashboard migration job result. + content: + application/json: + schema: + $ref: '#/components/schemas/DashboardMigrationResult' + default: + description: The operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/dashboards/reportSchedules: + get: + tags: + - dashboardManagement + summary: List all dashboard report schedules. + description: List all dashboard report schedules created by the user. + operationId: listReportSchedules + parameters: + - name: dashboardId + in: query + description: UUID of the dashboard that the report shedules are associated + with. + required: false + schema: + type: string + - name: limit + in: query + description: Limit the number of dashboard report schedules returned in the + response. The number of dashboard report schedules returned may be less + than the `limit`. + required: false + schema: + maximum: 100 + minimum: 1 + type: integer + format: int32 + default: 50 + example: 50 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + responses: + "200": + description: Paginated list of dashboard report schedules created by the + user. + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedReportSchedules' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - dashboardManagement + summary: Schedule dashboard report + description: "Schedule dashboard report to send at a specific date and time.\ + \ The report should be sent as attachment or downloadable URL in one of the\ + \ following notification types: 'Email', 'AWSLambda', 'AzureFunctions', 'Datadog',\ + \ 'HipChat', 'Jira', 'NewRelic', 'Opsgenie', 'PagerDuty', 'Slack', 'MicrosoftTeams',\ + \ 'ServiceNow', 'SumoCloudSOAR' and 'Webhook'." + operationId: createScheduleReport + requestBody: + description: Request for scheduling dashboard report. + content: + application/json: + schema: + $ref: '#/components/schemas/ReportScheduleRequest' + required: true + responses: + "200": + description: Dashboard report has been scheduled. + content: + application/json: + schema: + $ref: '#/components/schemas/ReportSchedule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/dashboards/reportSchedules/{scheduleId}: + get: + tags: + - dashboardManagement + summary: Get dashboard report schedule. + description: Get the schedule of a scheduled dashboard report by the given identifier. + operationId: getReportSchedule + parameters: + - name: scheduleId + in: path + description: Identifier of the dashboard report schedule to return. + required: true + schema: + type: string + responses: + "200": + description: Dashboard report schedule object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/ReportSchedule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - dashboardManagement + summary: Update dashboard report schedule. + description: Update the schedule of a scheduled dashboard report by the given + identifier. + operationId: updateReportSchedule + parameters: + - name: scheduleId + in: path + description: identifier of the dashboard report schedule to update. + required: true + schema: + type: string + requestBody: + description: Request to update on the dashboard report schedule. + content: + application/json: + schema: + $ref: '#/components/schemas/ReportScheduleRequest' + required: true + responses: + "200": + description: The dashboard report schedule was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/ReportSchedule' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - dashboardManagement + summary: Delete dashboard report schedule. + description: Delete the schedule of a scheduled dashboard report by the given + identifier. The scheduled dashboard report will no longer be generated and + sent. + operationId: deleteReportSchedule + parameters: + - name: scheduleId + in: path + description: UUID of the dashboard report schedule to delete. + required: true + schema: + type: string + responses: + "204": + description: Dashboard report schedule was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/metricsSearches: + get: + tags: + - metricsSearchesManagementV2 + summary: List all metrics search pages. + description: List all metrics search pages under the Personal folder created + by the user or under folders viewable by user. + operationId: ListMetricsSearches + parameters: + - name: limit + in: query + description: Limit the number of metric searches returned in the response. + The number of metric searches returned may be less than the `limit`. + required: false + schema: + maximum: 100 + minimum: 1 + type: integer + format: int32 + default: 50 + example: 50 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + - name: mode + in: query + description: whether to list all viewable metric searches under the folders + required: false + schema: + pattern: ^(createdByUser|allViewableByUser)$ + type: string + example: createdByUser + x-pattern-message: Must be `createdByUser` or `allViewableByUser` + example: createdByUser + responses: + "200": + description: Paginated list of metrics search pages under the Personal folder + created by the user or viewable by user. + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedMetricsSearches' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - metricsSearchesManagementV2 + summary: Create a new metrics search page. + description: Creates a new metrics search page. + operationId: createMetricsSearches + requestBody: + description: Information to create the new metrics search page. + content: + application/json: + schema: + $ref: '#/components/schemas/MetricsSearchRequest' + required: true + responses: + "200": + description: The metrics search page has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/MetricsSearchResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/metricsSearches/{id}: + get: + tags: + - metricsSearchesManagementV2 + summary: Get a metrics search page. + description: Get a metrics search page by the given identifier. + operationId: getMetricsSearches + parameters: + - name: id + in: path + description: Unique identifier of the metrics search page to return. + required: true + schema: + type: string + responses: + "200": + description: Metrics search page that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/MetricsSearchResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - metricsSearchesManagementV2 + summary: Update a metrics search page. + description: Update a metrics search page by the given identifier. + operationId: updateMetricsSearches + parameters: + - name: id + in: path + description: Unique identifier of the metrics search page to return. + required: true + schema: + type: string + requestBody: + description: Information to update the metrics search page. + content: + application/json: + schema: + $ref: '#/components/schemas/MetricsSearchRequest' + required: true + responses: + "200": + description: The metrics search page was successfully modified. + content: + application/json: + schema: + $ref: '#/components/schemas/MetricsSearchResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - metricsSearchesManagementV2 + summary: Delete a metrics search page. + description: Delete metrics search page by the given identifier. + operationId: deleteMetricsSearches + parameters: + - name: id + in: path + description: Unique identifier of the metrics search page to delete. + required: true + schema: + type: string + responses: + "204": + description: Metrics search page was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/usageInfo: + get: + tags: + - monitorsLibraryManagement + summary: Usage info of monitors. + description: Get the current number and the allowed number of log and metrics + monitors. + operationId: getMonitorUsageInfo + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: MonitorUsageInfo has been retrieved successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorUsageInfo' + /v1/monitors/disable: + put: + tags: + - monitorsLibraryManagement + summary: Disable monitors. + description: Bulk disable monitors by the given identifiers. + operationId: disableMonitorByIds + parameters: + - name: ids + in: query + description: A comma-separated list of identifiers. + required: true + style: form + explode: false + schema: + type: array + items: + type: string + example: "0000000000000001,0000000000000002,0000000000000003" + responses: + "200": + description: Disabled monitors + content: + application/json: + schema: + $ref: '#/components/schemas/DisableMonitorResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/playbooks: + get: + tags: + - monitorsLibraryManagement + summary: List all playbooks. + description: List all playbooks available to run. + operationId: getMonitorPlaybooks + parameters: + - name: playbookType + in: query + description: A string value for playbook type. + required: false + schema: + type: string + example: CSE + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: MonitorPlaybooks have been retrieved successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorPlaybooksList' + /v1/monitors/playbooksDetails: + get: + tags: + - monitorsLibraryManagement + summary: Get playbook details. + description: Get the details of the playbooks with the specified identifiers. + operationId: getPlaybooksDetails + parameters: + - name: ids + in: query + description: A comma-separated list of playbook identifiers. + required: true + style: form + explode: false + schema: + type: array + items: + type: string + example: "649074b5b3d402d6e80b0d1d,649074b7b3d402d6e80b0da1,649074b6b3d402d6e80b0d75" + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: MonitorPlaybooks have been retrieved successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorPlaybooksList' + /v1/slos/sli: + get: + tags: + - slosLibraryManagement + summary: "Bulk fetch SLI values, error budget remaining and SLI computation\ + \ status for the current compliance period." + description: "Bulk fetch SLI values, error budget remaining and SLI computation\ + \ status for the current compliance period." + operationId: sli + parameters: + - name: ids + in: query + description: The identifiers of the SLOs. + required: true + schema: + type: array + items: + type: string + example: "000000000000000A,000000000000000B" + responses: + "200": + description: "A map containing current status, SLI value and error budget\ + \ remaining corresponding to each SLO id." + content: + application/json: + schema: + $ref: '#/components/schemas/IdToSliStatusMap' + default: + description: Error getting SLI metrics for the SLO ids. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/slos/usageInfo: + get: + tags: + - slosLibraryManagement + summary: Usage info of SLOs. + description: Get the current number and the allowed number of log and metrics + SLOs. + operationId: getSloUsageInfo + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: SLO Usage Info has been retrieved successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/SloUsageInfo' + /v1/passwordPolicy: + get: + tags: + - passwordPolicy + summary: Get the current password policy. + description: Get the current password policy. + operationId: getPasswordPolicy + parameters: [] + responses: + "200": + description: The current password policy. + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - passwordPolicy + summary: Update password policy. + description: Update the current password policy. + operationId: setPasswordPolicy + parameters: [] + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + required: true + responses: + "200": + description: Password Policy set successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + default: + description: Setting the password policy failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/parsers/root: + get: + tags: + - parsersLibraryManagement + summary: Get the root folder in the library. + description: | + Get the root folder in the library. + operationId: getParsersLibraryRoot + responses: + "200": + description: Root folder in the library. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryFolderResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/parsers: + get: + tags: + - parsersLibraryManagement + summary: Bulk read folders and parsers. + description: | + Bulk read folders and parsers by the given identifiers from the library. + operationId: parsersReadByIds + parameters: + - name: ids + in: query + description: A comma-separated list of identifiers. + required: true + schema: + type: array + example: "0000000000000001,0000000000000002,0000000000000003" + items: + type: string + responses: + "200": + description: A map between an identifier and its definition (folder or parser). + content: + application/json: + schema: + $ref: '#/components/schemas/IdToParsersLibraryBaseResponseMap' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - parsersLibraryManagement + summary: | + Create a folder or parser. + description: | + Create a folder or parser. + operationId: parsersCreate + parameters: + - name: parentId + in: query + description: Identifier of the parent folder in which to create the folder + or parser. + required: true + schema: + type: string + requestBody: + description: The folder or parser to be created. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryBase' + required: true + responses: + "200": + description: Newly created folder or parser. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - parsersLibraryManagement + summary: | + Bulk delete folders and parsers. + description: | + Bulk delete folders and parsers by the given identifiers from the library. + operationId: parsersDeleteByIds + parameters: + - name: ids + in: query + description: A comma-separated list of identifiers. + required: true + schema: + type: array + example: "0000000000000001,0000000000000002,0000000000000003" + items: + type: string + responses: + "200": + description: A map between the deleted identifier and its meta data. + content: + application/json: + schema: + $ref: '#/components/schemas/IdToParsersLibraryBaseResponseMap' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/parsers/{id}: + get: + tags: + - parsersLibraryManagement + summary: | + Read a folder or parser. + description: | + Read a folder or parser. + operationId: parsersReadById + parameters: + - name: id + in: path + description: Identifier of the folder or parser to read. + required: true + schema: + type: string + responses: + "200": + description: Requested folder or parser. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - parsersLibraryManagement + summary: | + Update a folder or parser. + description: | + Update a folder or parser. + operationId: parsersUpdateById + parameters: + - name: id + in: path + description: Identifier of the folder or parser to update. + required: true + schema: + type: string + requestBody: + description: | + The folder or parser to be updated. Content version must match its latest version number in the library. Any staled version will not be updated. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryBaseUpdate' + required: true + responses: + "200": + description: Updated folder or parser. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - parsersLibraryManagement + summary: | + Delete a folder or parser. + description: | + Delete a folder or parser. + operationId: parsersDeleteById + parameters: + - name: id + in: path + description: Identifier of the folder or parser to delete. + required: true + schema: + type: string + responses: + "204": + description: The folder or parser was successfully deleted. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/parsers/{id}/path: + get: + tags: + - parsersLibraryManagement + summary: Get full path of folder or parser. + description: | + Get full path of folder or parser. + operationId: getParsersFullPath + parameters: + - name: id + in: path + description: Identifier of the folder or parser. + required: true + schema: + type: string + responses: + "200": + description: Full path of the folder or parser. + content: + application/json: + schema: + $ref: '#/components/schemas/Path' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/parsers/{id}/lock: + post: + tags: + - parsersLibraryManagement + summary: Lock a folder or a parser. + description: | + Locking requires the `LockParsers` capability. When an object is locked, it can't be moved or deleted and only the local fields can be modified. Locking recursively locks all of the objects children. + operationId: parsersLockById + parameters: + - name: id + in: path + description: The id of the folder or parser that needs to be locked. + required: true + schema: + type: string + responses: + "200": + description: Updated folder or parser. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/parsers/{id}/unlock: + post: + tags: + - parsersLibraryManagement + summary: Unlock a folder or a parser. + description: | + Unlocking requires the `LockParsers` capability. It is only possible to unlock the highest locked object in a tree of locked objects. Unlocking recursively unlocks all of the objects children. + operationId: parsersUnlockById + parameters: + - name: id + in: path + description: The id of the folder or parser that needs to be unlocked. + required: true + schema: + type: string + responses: + "200": + description: Updated folder or parser. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/parsers/{id}/move: + post: + tags: + - parsersLibraryManagement + summary: Move a folder or parser. + description: | + Move a folder or parser. + operationId: parsersMove + parameters: + - name: id + in: path + description: Identifier of the folder or parser to move. + required: true + schema: + type: string + - name: parentId + in: query + description: Identifier of the parent folder to move the folder or parser + to. + required: true + schema: + type: string + responses: + "200": + description: Moved folder or parser. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/parsers/{id}/copy: + post: + tags: + - parsersLibraryManagement + summary: Copy a folder or parser. + description: | + Copy a folder or parser. + operationId: parsersCopy + parameters: + - name: id + in: path + description: Identifier of the folder or parser to copy. + required: true + schema: + type: string + requestBody: + description: | + Fields include: + 1) Identifier of the parent folder to copy to. + 2) Optionally provide a new name. + 3) Optionally provide a new description. + 4) Optionally set to true if you want to copy and preserved the locked status. Requires `LockParsers` capability. + content: + application/json: + schema: + $ref: '#/components/schemas/ContentCopyParams' + required: true + responses: + "200": + description: Newly copied folder or parser. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/parsers/{id}/export: + get: + tags: + - parsersLibraryManagement + summary: Export a folder or parser. + description: Export a folder or parser. + operationId: parsersExportItem + parameters: + - name: id + in: path + description: Identifier of the folder or parser to export. + required: true + schema: + type: string + - name: preserveLock + in: query + description: | + Set this to true if you want to export an object and preserve the locked status. + required: false + schema: + type: boolean + default: false + responses: + "200": + description: Exported folder or parser + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryExportBase' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/parsers/{parentId}/import: + post: + tags: + - parsersLibraryManagement + summary: Import a folder or parser + description: | + Import a folder or parser + operationId: parsersImportItem + parameters: + - name: parentId + in: path + description: Identifier of the parent folder in which to import the folder + or parser. + required: true + schema: + type: string + requestBody: + description: | + The folder or parser to be imported. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryExportBase' + required: true + responses: + "200": + description: Newly imported folder or parser. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/parsers/path: + get: + tags: + - parsersLibraryManagement + summary: Read a folder or parser by its path. + description: | + Read a folder or parser by its path. + operationId: parsersGetByPath + parameters: + - name: path + in: query + description: The path of the folder or parser. + required: true + schema: + type: string + responses: + "200": + description: Requested folder or parser. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/parsers/search: + get: + tags: + - parsersLibraryManagement + summary: Search for folders or parsers. + description: Search for a folder or parser in the cloud SIEM parsers library + structure. + operationId: parsersSearch + parameters: + - name: query + in: query + description: |- + The search query to find folder or parsers. Below is the list of different filters with examples: + - **createdBy** : Filter by the user's identifier who created the content. Example: `createdBy:000000000000968B`. + - **createdBefore** : Filter by the content objects created before the given timestamp(in milliseconds). Example: `createdBefore:1457997222`. + - **createdAfter** : Filter by the content objects created after the given timestamp(in milliseconds). Example: `createdAfter:1457997111`. + - **modifiedBefore** : Filter by the content objects modified before the given timestamp(in milliseconds). Example: `modifiedBefore:1457997222`. + - **modifiedAfter** : Filter by the content objects modified after the given timestamp(in milliseconds). Example: `modifiedAfter:1457997111`. + - **type** : Filter by the type of the content object. Example: `type:folder`. + You can also use multiple filters in one query. For example to search for all content objects created by user with identifier 000000000000968B with creation timestamp after 1457997222 containing the text Test, the query would look like: + `createdBy:000000000000968B createdAfter:1457997222 Test` + required: true + schema: + type: string + example: createdBy:000000000000968B Test + - name: limit + in: query + description: Maximum number of items you want in the response. + required: false + schema: + type: integer + format: int32 + example: 10 + default: 100 + - name: offset + in: query + description: The position or row from where to start the search operation. + required: false + schema: + type: integer + format: int32 + example: 5 + default: 0 + responses: + "200": + description: List of folders and parsers matching the search query. + content: + application/json: + schema: + $ref: '#/components/schemas/ListParsersLibraryItemWithPath' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/system/parsers/{id}/lock: + post: + tags: + - parsersLibraryManagement + summary: Lock a folder or a parser. + description: | + Locking requires the `LockParsers` capability. When an object is locked, it can't be moved or deleted and only the local fields can be modified. Locking recursively locks all of the objects children. + operationId: systemParsersLockById + parameters: + - name: id + in: path + description: The id of the folder or parser that needs to be locked. + required: true + schema: + type: string + responses: + "200": + description: Updated folder or parser. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/system/parsers/{id}/unlock: + post: + tags: + - parsersLibraryManagement + summary: Unlock a folder or a parser. + description: | + Unlocking requires the `LockParsers` capability. It is only possible to unlock the highest locked object in a tree of locked objects. Unlocking recursively unlocks all of the objects children. + operationId: systemParsersUnlockById + parameters: + - name: id + in: path + description: The id of the folder or parser that needs to be unlocked. + required: true + schema: + type: string + responses: + "200": + description: Updated folder or parser. + content: + application/json: + schema: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/serviceAccounts: + get: + tags: + - serviceAccountManagement + summary: Get a list of service accounts. + description: Get a list of all service accounts in the organization. + operationId: listServiceAccounts + responses: + "200": + description: A list of service accounts in the organization. + content: + application/json: + schema: + $ref: '#/components/schemas/ListServiceAccountModelsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - serviceAccountManagement + summary: Create a new service account. + description: Create a new service account in the organization. + operationId: createServiceAccount + parameters: [] + requestBody: + description: Information about the new service account. + content: + application/json: + schema: + $ref: '#/components/schemas/CreateServiceAccountDefinition' + required: true + responses: + "200": + description: A service account has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceAccountModel' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/serviceAccounts/{id}: + get: + tags: + - serviceAccountManagement + summary: Get a service account. + description: Get a service account with the given identifier from the organization. + operationId: getServiceAccount + parameters: + - name: id + in: path + description: Identifier of service account to return. + required: true + schema: + type: string + responses: + "200": + description: Service account object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceAccountModel' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - serviceAccountManagement + summary: Update a service account. + description: Update an existing service account in the organization. + operationId: updateServiceAccount + parameters: + - name: id + in: path + description: Identifier of the service account to update. + required: true + schema: + type: string + requestBody: + description: Information to update about the service account. + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateServiceAccountDefinition' + required: true + responses: + "200": + description: The service account was successfully updated. + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceAccountModel' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - serviceAccountManagement + summary: Delete a service account. + description: Delete a service account with the given identifier from the organization + and transfer its content to a user or a service account with the identifier + specified in "transferTo". + operationId: deleteServiceAccount + parameters: + - name: id + in: path + description: Identifier of the service account to delete. + required: true + schema: + type: string + - name: transferTo + in: query + description: "Identifier of a user/service account to receive the transfer\ + \ of content from the deleted service account.
**Note:** If `deleteContent`\ + \ is not set to `true`, and no user identifier is specified in `transferTo`,\ + \ content from the deleted service account is transferred to the executing\ + \ user." + required: false + schema: + type: string + - name: deleteContent + in: query + description: "Whether to delete content from the deleted service account or\ + \ not.
**Warning:** If `deleteContent` is set to `true`, all of the\ + \ content for the service account being deleted is permanently deleted\ + \ and cannot be recovered." + required: false + schema: + type: boolean + responses: + "204": + description: Service account was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/serviceAccounts/{serviceAccountId}/accessKeys: + get: + tags: + - serviceAccountManagement + summary: List access keys for a service account. + description: List all access keys of a service account. + operationId: listAccessKeysForServiceAccount + parameters: + - name: serviceAccountId + in: path + description: Identifier of the service account. + required: true + schema: + type: string + responses: + "200": + description: A list of all access keys within the organization of a service + account. + content: + application/json: + schema: + $ref: '#/components/schemas/ListAccessKeysResult' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - serviceAccountManagement + summary: Create a new access key for a service account. + description: Creates a new access ID and key pair for a service account. + operationId: createAccessKeyForServiceAccount + parameters: + - name: serviceAccountId + in: path + description: Identifier of the service account. + required: true + schema: + type: string + requestBody: + description: Information about the new access key of a service account. + content: + application/json: + schema: + $ref: '#/components/schemas/AccessKeyCreateRequest' + required: true + responses: + "200": + description: The access key has been created for a service account. + content: + application/json: + schema: + $ref: '#/components/schemas/AccessKey' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/serviceAccounts/{serviceAccountId}/accessKeys/{accessId}: + get: + tags: + - serviceAccountManagement + summary: Get an access key of a service account. + description: Get an access key with the given identifier from the organization + of a service account. + operationId: getAccessKeyByIdOfAServiceAccount + parameters: + - name: serviceAccountId + in: path + description: Identifier of the service account. + required: true + schema: + type: string + - name: accessId + in: path + description: Identifier of an access key to return. + required: true + schema: + type: string + responses: + "200": + description: Access key object that was requested of a service account. + content: + application/json: + schema: + $ref: '#/components/schemas/AccessKeyPublic' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - serviceAccountManagement + summary: Update an access key of a service account. + description: Updates the properties of existing accessKey by Id of a service + account. + operationId: updateAccessKeyOfAServiceAccount + parameters: + - name: serviceAccountId + in: path + description: Identifier of the service account. + required: true + schema: + type: string + - name: accessId + in: path + description: The id of an access key to update of a service account. + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AccessKeyUpdateRequest' + required: true + responses: + "200": + description: Access key of a service account updated successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/AccessKeyPublic' + default: + description: Access key updation of a service account failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - serviceAccountManagement + summary: Delete an access key of a service account. + description: Deletes the access key with the given Id of a service account. + operationId: deleteAccessKeyOfAServiceAccount + parameters: + - name: serviceAccountId + in: path + description: Identifier of the service account. + required: true + schema: + type: string + - name: accessId + in: path + description: The Id of the access key to delete of a service account. + required: true + schema: + type: string + responses: + "204": + description: Access key deletion of a service account completed successfully. + default: + description: Access key deletion of a service account failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/oauth/scopes: + get: + tags: + - oauthManagement + summary: Get all scopes. + description: |- + ** Only available to Beta customers. During Beta endpoints are subject to backwards incompatible changes. ** + + Get a list of all of the scopes that can be added to an oauth client. + operationId: listOAuthScopes + responses: + "200": + description: A list of scopes that can be added to an oauth client. + content: + application/json: + schema: + $ref: '#/components/schemas/ScopesList' + default: + description: Operation failed with an error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/oauth/clients: + get: + tags: + - oauthManagement + summary: List the OAuth clients. + description: |- + ** Only available to Beta customers. During Beta endpoints are subject to backwards incompatible changes. ** + + List all OAuth clients. + operationId: listOAuthClients + parameters: + - name: limit + in: query + description: Limit the number of OAuth clients returned in the response. The + number of OAuth clients returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + - name: runAsId + in: query + description: Identifier of the service account that the OAuth Client runs + as. + required: false + schema: + type: string + responses: + "200": + description: A list of all OAuth clients within the organization. + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedListOAuthClientsResult' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - oauthManagement + summary: Create a new OAuth client. + description: |- + ** Only available to Beta customers. During Beta endpoints are subject to backwards incompatible changes. ** + + Creates a new OAuth clientId and clientSecret. + operationId: createOAuthClient + requestBody: + description: Information about the new OAuth client. + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthClientCreateRequest' + required: true + responses: + "200": + description: The OAuth client has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthClientWithSecret' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/oauth/clients/{clientId}: + get: + tags: + - oauthManagement + summary: Get an OAuth client. + description: |- + ** Only available to Beta customers. During Beta endpoints are subject to backwards incompatible changes. ** + + Get an OAuth client with the given identifier from the organization. + operationId: getOAuthClientById + parameters: + - name: clientId + in: path + description: Identifier of an OAuth client to return. + required: true + schema: + type: string + responses: + "200": + description: OAuth client object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthClient' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - oauthManagement + summary: Update an OAuth client. + description: |- + ** Only available to Beta customers. During Beta endpoints are subject to backwards incompatible changes. ** + + Updates the properties of existing OAuth client by Id. + operationId: updateOAuthClient + parameters: + - name: clientId + in: path + description: The id of an OAuth client to update. + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthClientUpdateRequest' + required: true + responses: + "200": + description: OAuth client updated successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthClient' + default: + description: OAuth client update failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - oauthManagement + summary: Delete an OAuth client. + description: |- + ** Only available to Beta customers. During Beta endpoints are subject to backwards incompatible changes. ** + + Deletes the OAuth client with the given Id. + operationId: deleteOAuthClient + parameters: + - name: clientId + in: path + description: The Id of the OAuth client to delete. + required: true + schema: + type: string + responses: + "204": + description: OAuth client deletion completed successfully. + default: + description: OAuth client deletion failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/oauth/clients/{clientId}/rotate: + put: + tags: + - oauthManagement + summary: Rotate the oauth client secret + description: "Generates a new secret for the oauth client that is passed in\ + \ the call, keeping the same client ID." + operationId: rotateOauthSecret + parameters: + - name: clientId + in: path + description: The ID of the oauth client to rotate the secret for. + required: true + schema: + type: string + responses: + "200": + description: OAuth client secret rotated successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthClientWithSecret' + default: + description: Oauth client secret rotation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/oauth/consents: + get: + tags: + - oauthManagement + summary: List OAuth consents. + description: "Get a list of OAuth consents within the organization. Administrators\ + \ can list all consents, while others can only list consents that they have\ + \ authorized." + operationId: listOAuthConsents + parameters: + - name: limit + in: query + description: Limit the number of consents returned in the response. + required: false + schema: + maximum: 10000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. + required: false + schema: + type: string + - name: authorizedUser + in: query + description: Filter consents by the identifier of the user who authorized + the consent. + required: false + schema: + type: string + - name: clientId + in: query + description: Filter consents by the clientId of a registered OAuth client. + required: false + schema: + type: string + responses: + "200": + description: A list of OAuth consents. + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedListOAuthConsentsResult' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/oauth/consents/{consentId}: + delete: + tags: + - oauthManagement + summary: Delete an OAuth consent. + description: Deletes the OAuth consent with the given Id. + operationId: deleteOAuthConsent + parameters: + - name: consentId + in: path + description: The ID of the OAuth consent to delete. + required: true + schema: + type: string + responses: + "204": + description: OAuth consent deletion completed successfully. + default: + description: OAuth consent deletion failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/scim/Users: + get: + tags: + - scimUserManagement + summary: List SCIM Users + description: "Retrieves a list of users in the SCIM system, with optional pagination" + operationId: listSCIMUsers + parameters: + - name: startIndex + in: query + description: "The index of the first result to return. Defaults to 1 if not\ + \ specified, a value less than 1 SHALL be interpreted as 1" + required: false + schema: + minimum: 1 + type: integer + format: int32 + default: 1 + - name: count + in: query + description: The maximum number of results to return. Defaults to 100 + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + default: 100 + - name: filter + in: query + description: Find user with the given email address + required: false + schema: + minLength: 1 + type: string + example: emails.value eq "john@doe.com" + - name: sortOrder + in: query + description: The sort order. Use "ascending" or "descending" + required: false + schema: + type: string + example: descending + enum: + - ascending + - descending + - name: sortBy + in: query + description: "Sort the list of users by the `givenName`, `familyName`, or\ + \ `emails` field" + required: false + schema: + type: string + example: givenName + responses: + "200": + description: A paginated list of users in the organization + content: + application/scim+json: + schema: + $ref: '#/components/schemas/ListSCIMUserModelsResponse' + application/json: + schema: + $ref: '#/components/schemas/ListSCIMUserModelsResponse' + default: + description: Operation failed with an error + content: + application/scim+json: + schema: + $ref: '#/components/schemas/ErrorResponseScim' + application/json: + schema: + $ref: '#/components/schemas/ErrorResponseScim' + post: + tags: + - scimUserManagement + summary: Create SCIM User + description: Creates a new user in the SCIM system + operationId: createSCIMUser + requestBody: + content: + application/scim+json: + schema: + $ref: '#/components/schemas/SCIMCreateUserDefinition' + application/json: + schema: + $ref: '#/components/schemas/ListSCIMUserModelsResponse' + required: true + responses: + "201": + description: The user has been created successfully + content: + application/scim+json: + schema: + $ref: '#/components/schemas/SCIMUserModel' + application/json: + schema: + $ref: '#/components/schemas/SCIMUserModel' + default: + description: Operation failed with an error + content: + application/scim+json: + schema: + $ref: '#/components/schemas/ErrorResponseScim' + application/json: + schema: + $ref: '#/components/schemas/ErrorResponseScim' + /v1/scim/Users/{id}: + get: + tags: + - scimUserManagement + summary: Get a SCIM User + description: Fetches the details of a SCIM user by their unique identifier + operationId: getSCIMUserById + parameters: + - name: id + in: path + description: Unique identifier of the SCIM user + required: true + schema: + type: string + responses: + "200": + description: User details retrieved successfully + content: + application/scim+json: + schema: + $ref: '#/components/schemas/SCIMUserModel' + application/json: + schema: + $ref: '#/components/schemas/SCIMUserModel' + default: + description: Operation failed with an error + content: + application/scim+json: + schema: + $ref: '#/components/schemas/ErrorResponseScim' + application/json: + schema: + $ref: '#/components/schemas/ErrorResponseScim' + put: + tags: + - scimUserManagement + summary: Update SCIM User + description: Updates an existing user's attributes in the SCIM system + operationId: updateSCIMUser + parameters: + - name: id + in: path + description: Unique identifier of the SCIM user + required: true + schema: + type: string + requestBody: + content: + application/scim+json: + schema: + $ref: '#/components/schemas/SCIMUpdateUserDefinition' + application/json: + schema: + $ref: '#/components/schemas/ListSCIMUserModelsResponse' + required: true + responses: + "200": + description: The user has been updated successfully + content: + application/scim+json: + schema: + $ref: '#/components/schemas/SCIMUserModel' + application/json: + schema: + $ref: '#/components/schemas/SCIMUserModel' + default: + description: Operation failed with an error + content: + application/scim+json: + schema: + $ref: '#/components/schemas/ErrorResponseScim' + application/json: + schema: + $ref: '#/components/schemas/ErrorResponseScim' + delete: + tags: + - scimUserManagement + summary: Delete SCIM User + description: Deletes a SCIM user by their unique identifier + operationId: deleteSCIMUserById + parameters: + - name: id + in: path + description: Unique identifier of the SCIM user to delete + required: true + schema: + type: string + responses: + "204": + description: User was deleted successfully + default: + description: Operation failed with an error + content: + application/scim+json: + schema: + $ref: '#/components/schemas/ErrorResponseScim' + application/json: + schema: + $ref: '#/components/schemas/ErrorResponseScim' + patch: + tags: + - scimUserManagement + summary: Update SCIM User Attributes + description: Updates specific attributes of an existing user in the SCIM system + operationId: patchSCIMUser + parameters: + - name: id + in: path + description: Unique identifier of the SCIM user + required: true + schema: + type: string + requestBody: + content: + application/scim+json: + schema: + $ref: '#/components/schemas/SCIMPatchUserDefinition' + application/json: + schema: + $ref: '#/components/schemas/ListSCIMUserModelsResponse' + required: true + responses: + "200": + description: The user attributes updated successfully + content: + application/scim+json: + schema: + $ref: '#/components/schemas/SCIMUserModel' + application/json: + schema: + $ref: '#/components/schemas/SCIMUserModel' + default: + description: Operation failed with an error + content: + application/scim+json: + schema: + $ref: '#/components/schemas/ErrorResponseScim' + application/json: + schema: + $ref: '#/components/schemas/ErrorResponseScim' + /v1/metricsQueries: + post: + tags: + - metricsQuery + summary: Run metrics queries + description: "Execute multiple metrics queries. Limits of this API are described\ + \ in [Metrics Query Error Messages](https://help.sumologic.com/docs/metrics/metrics-queries/metric-query-error-messages/).\ + \ For general information about Metrics Queries see [Metrics Queries](https://help.sumologic.com/docs/metrics/metrics-queries/)." + operationId: runMetricsQueries + parameters: [] + requestBody: + description: The parameters for the metrics query. + content: + application/json: + schema: + $ref: '#/components/schemas/MetricsQueryRequest' + required: true + responses: + "200": + description: A set of time series grouped by the query. + content: + application/json: + schema: + $ref: '#/components/schemas/MetricsQueryResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/tracequery: + post: + tags: + - traces + summary: Run a trace search query asynchronously. + description: "Execute a trace search query and get the id to fetch its status\ + \ and results. Use the [Trace Query Status](#operation/getTraceQueryStatus)\ + \ endpoint to check a query status. When the query has been completed, use\ + \ the [Trace Query Result](#operation/getTraceQueryResult) endpoint to get\ + \ the result of the asynchronous query." + operationId: createTraceQuery + parameters: [] + requestBody: + description: Query parameters. + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncTraceQueryRequest' + required: true + responses: + "200": + description: Query execution result. + content: + application/json: + schema: + $ref: '#/components/schemas/CreateTraceQueryResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/tracequery/{queryId}: + delete: + tags: + - traces + summary: Cancel a trace search query. + description: Cancel a currently processed trace search query with the given + id. + operationId: cancelTraceQuery + parameters: + - name: queryId + in: path + description: Identifier of the query to cancel. + required: true + schema: + type: string + example: 798a13dc1ceeb19a + responses: + "204": + description: Query canceled successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/tracequery/{queryId}/status: + get: + tags: + - traces + summary: Get a trace search query status. + description: "Get a status of a trace query with the given id. When the query\ + \ has been completed, use the [Trace Query Result](#operation/getTraceQueryResult)\ + \ endpoint to get the result of the asynchronous query." + operationId: getTraceQueryStatus + parameters: + - name: queryId + in: path + description: Identifier of the executed query. + required: true + schema: + type: string + example: 195038749d21ad109242c95cbbc8709d + responses: + "200": + description: Status of the given trace search query. + content: + application/json: + schema: + $ref: '#/components/schemas/TraceQueryStatusResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/tracequery/{queryId}/rows/{rowId}/traces: + get: + tags: + - traces + summary: Get results of a trace search query. + description: Get a list of traces matching a query with the specified id. The + response is paginated with a default limit of 100 traces per page. + operationId: getTraceQueryResult + parameters: + - name: queryId + in: path + description: Identifier of the executed query. + required: true + schema: + type: string + example: 195038749d21ad109242c95cbbc8709d + - name: rowId + in: path + description: Identifier of the query row. + required: true + schema: + type: string + example: A + - name: limit + in: query + description: Limit of the number of traces returned in the response. + required: false + schema: + maximum: 500 + minimum: 1 + type: integer + format: int32 + example: 100 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + example: dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI + responses: + "200": + description: Details about the given span query. + content: + application/json: + schema: + $ref: '#/components/schemas/TraceQueryResultResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/metrics: + get: + tags: + - traces + summary: Get trace search query metrics. + description: Get a list of available trace metrics that can be used in trace + search queries. + operationId: getMetrics + parameters: [] + responses: + "200": + description: List of available metrics. + content: + application/json: + schema: + $ref: '#/components/schemas/TraceMetricsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/tracequery/fields: + get: + tags: + - traces + summary: Get filter fields for trace search queries. + description: Get a list of available fields which can be used in trace search + queries. + operationId: getTraceQueryFields + parameters: [] + responses: + "200": + description: List of available fields. + content: + application/json: + schema: + $ref: '#/components/schemas/TraceFieldsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/tracequery/fields/{field}/values: + get: + tags: + - traces + summary: Get trace search query filter field values. + description: Get a list of available values for the given trace search query + filter field. Not all fields support value listing. The response is paginated + with a default limit of 10 values per page. + operationId: getTraceQueryFieldValues + parameters: + - name: field + in: path + description: Field identifier. + required: true + schema: + type: string + - name: query + in: query + description: Search filter to apply on the values to be returned. Only values + containing the search query term will be returned. + required: false + schema: + type: string + - name: limit + in: query + description: The maximum number of results to fetch. + required: false + schema: + maximum: 500 + minimum: 1 + type: integer + format: int32 + default: 10 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + - name: fieldType + in: query + description: "Indicates the kind of a field. Possible values: `SpanAttribute`,\ + \ `SpanEventAttribute`." + required: false + schema: + pattern: ^(SpanAttribute|SpanEventAttribute)$ + type: string + example: SpanEventAttribute + x-pattern-message: "Should be one of: `SpanAttribute`, `SpanEventAttribute`." + responses: + "200": + description: List of available filter values for the given field. + content: + application/json: + schema: + $ref: '#/components/schemas/TraceFieldValuesResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/traces/{traceId}: + get: + tags: + - traces + summary: Get trace details. + description: Get details of a trace with the given identifier. + operationId: getTrace + parameters: + - name: traceId + in: path + description: Identifier of the trace to get the details. + required: true + schema: + type: string + responses: + "200": + description: Details of the trace with the given identifier. + content: + application/json: + schema: + $ref: '#/components/schemas/TraceDetail' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/traces/{traceId}/exists: + get: + tags: + - traces + summary: Check if the trace exists. + description: Check if the trace with the given identifier exists. + operationId: traceExists + parameters: + - name: traceId + in: path + description: Identifier of the trace to check. + required: true + schema: + type: string + responses: + "200": + description: The response contains the information whether the trace exists + with other optional attributes. + content: + application/json: + schema: + $ref: '#/components/schemas/TraceExistsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/traces/{traceId}/spans: + get: + tags: + - traces + summary: Get a list of trace spans. + description: Get a list of spans for the given trace. The response is paginated + with a default limit of 100 spans per page. + operationId: getSpans + parameters: + - name: traceId + in: path + description: Identifier of the trace to get the spans. + required: true + schema: + type: string + - name: limit + in: query + description: The maximum number of results to fetch. + required: false + schema: + maximum: 500 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + responses: + "200": + description: List of spans for the given trace. + content: + application/json: + schema: + $ref: '#/components/schemas/TraceSpansResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/traces/{traceId}/traceEvents: + get: + tags: + - traces + summary: Get a list of events (without their attributes) per span for a trace. + description: Gets a list of the events (without their attributes) attached to + each span in a given trace. The response is paginated with a default limit + of 100 spans per page. + operationId: getTraceLightEvents + parameters: + - name: traceId + in: path + description: Identifier of the trace for which span events will be returned. + required: true + schema: + maxLength: 32 + minLength: 16 + type: string + example: 695068749d21cd104222a95cabc4707c + - name: limit + in: query + description: The maximum number of spans with events returned by a single + query. + required: false + schema: + maximum: 500 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + example: dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI + responses: + "200": + description: Map of spans to events relations. + content: + application/json: + schema: + $ref: '#/components/schemas/TraceLightEventsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/traces/{traceId}/criticalPath: + get: + tags: + - traces + summary: Get a critical path of a trace. + description: Get a list of span segments composing the critical path of the + trace. A span segment represents the processing time that was consumed within + the span itself and does not incorporate the processing time of its children. + The critical path is the sequence of span segments that contribute to the + total trace duration. An increase of the processing time of any segment from + the critical path would result in an increase of the total trace processing + time. + operationId: getCriticalPath + parameters: + - name: traceId + in: path + description: Identifier of the trace. + required: true + schema: + type: string + - name: limit + in: query + description: The maximum number of results to fetch. + required: false + schema: + maximum: 500 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + responses: + "200": + description: List of span segments composing the critical path. + content: + application/json: + schema: + $ref: '#/components/schemas/CriticalPathResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/traces/{traceId}/criticalPath/breakdown/service: + get: + tags: + - traces + summary: Get a critical path service breakdown of a trace. + description: Get a critical path breakdown by services of the spans contributing + to the critical path of a trace with the given identifier. + operationId: getCriticalPathServiceBreakdown + parameters: + - name: traceId + in: path + description: Identifier of the trace. + required: true + schema: + type: string + responses: + "200": + description: List of elements representing the critical path service breakdown. + content: + application/json: + schema: + $ref: '#/components/schemas/CriticalPathServiceBreakdownResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/traces/{traceId}/spans/{spanId}: + get: + tags: + - traces + summary: Get span details. + description: Get details of a span with the given identifier. + operationId: getSpan + parameters: + - name: traceId + in: path + description: Identifier of the trace the span belongs to. + required: true + schema: + type: string + - name: spanId + in: path + description: Identifier of the span to get the details. + required: true + schema: + type: string + responses: + "200": + description: Details of the span with the given identifier. + content: + application/json: + schema: + $ref: '#/components/schemas/TraceSpanDetail' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/traces/{traceId}/spans/{spanId}/billingInfo: + get: + tags: + - traces + summary: Get span billing details. + description: Get the billing information of the span. + operationId: getSpanBillingInfo + parameters: + - name: traceId + in: path + description: Identifier of the trace the span belongs to. + required: true + schema: + type: string + - name: spanId + in: path + description: Identifier of the span to get the billing info. + required: true + schema: + type: string + responses: + "200": + description: Billing information of the span with the given identifier. + content: + application/json: + schema: + $ref: '#/components/schemas/TraceSpanBillingInfo' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/spanquery: + post: + tags: + - spanAnalytics + summary: Run a span analytics query asynchronously. + description: "Execute a span analytics query and get the id to fetch its status\ + \ and results. Use the [Span Query Status](#operation/getSpanQueryStatus)\ + \ endpoint to check a query status. When the query has been completed, use\ + \ the [Span Query Result](#operation/getSpanQueryResult) endpoint to get the\ + \ result of the asynchronous query." + operationId: createSpanQuery + parameters: [] + requestBody: + description: Query parameters. + content: + application/json: + schema: + $ref: '#/components/schemas/SpanQueryRequest' + required: true + responses: + "200": + description: Query execution result. + content: + application/json: + schema: + $ref: '#/components/schemas/SpanQueryResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/spanquery/{queryId}: + delete: + tags: + - spanAnalytics + summary: Cancel a span analytics query. + description: Cancel a currently processed span search query with the given id. + operationId: cancelSpanQuery + parameters: + - name: queryId + in: path + description: Identifier of the query to cancel. + required: true + schema: + type: string + example: 195038749d21ad109242c95cbbc8709d + responses: + "204": + description: Query canceled successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/spanquery/{queryId}/status: + get: + tags: + - spanAnalytics + summary: Get a span analytics query status. + description: "Get a status of a span analytics query with the given id. When\ + \ the query has been completed, use the [Span Query Result](#operation/getSpanQueryResult)\ + \ endpoint to get the result of the asynchronous query." + operationId: getSpanQueryStatus + parameters: + - name: queryId + in: path + description: Identifier of the executed query. + required: true + schema: + type: string + example: 195038749d21ad109242c95cbbc8709d + responses: + "200": + description: Details about the given span query. + content: + application/json: + schema: + $ref: '#/components/schemas/SpanQueryStatusResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/spanquery/{queryId}/pause: + put: + tags: + - spanAnalytics + summary: Pause a span analytics query. + description: Pause a currently processed span search query with the given id. + operationId: pauseSpanQuery + parameters: + - name: queryId + in: path + description: Identifier of the query to pause. + required: true + schema: + type: string + example: 195038749d21ad109242c95cbbc8709d + responses: + "204": + description: Query paused successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/spanquery/{queryId}/resume: + put: + tags: + - spanAnalytics + summary: Resume a span analytics query. + description: Resume a previously paused span search query with the given id. + operationId: resumeSpanQuery + parameters: + - name: queryId + in: path + description: Identifier of the query to resume. + required: true + schema: + type: string + example: 195038749d21ad109242c95cbbc8709d + responses: + "204": + description: Query resumed successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/spanquery/{queryId}/rows/{rowId}/spans: + get: + tags: + - spanAnalytics + summary: Get results of a span analytics query. + description: Get a list of spans matching a query with the specified id. The + response is paginated with a default limit of 100 spans per page. + operationId: getSpanQueryResult + parameters: + - name: queryId + in: path + description: Identifier of the executed query. + required: true + schema: + type: string + example: 195038749d21ad109242c95cbbc8709d + - name: rowId + in: path + description: Identifier of the query row. + required: true + schema: + type: string + example: A + - name: limit + in: query + description: Limit of the number of spans returned in the response. + required: false + schema: + maximum: 500 + minimum: 1 + type: integer + format: int32 + example: 100 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + example: dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI + responses: + "200": + description: Details about the given span query. + content: + application/json: + schema: + $ref: '#/components/schemas/SpanQueryResultSpansResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/spanquery/{queryId}/rows/{rowId}/facets: + get: + tags: + - spanAnalytics + summary: Get a list of facets of a span analytics query. + description: Get a list of facets of a span analytics query with the specified + id. + operationId: getSpanQueryFacets + parameters: + - name: queryId + in: path + description: Identifier of the executed query. + required: true + schema: + type: string + example: 195038749d21ad109242c95cbbc8709d + - name: rowId + in: path + description: Identifier of the query row. + required: true + schema: + type: string + example: A + responses: + "200": + description: The list of facets from the executed query. + content: + application/json: + schema: + $ref: '#/components/schemas/SpanQueryResultFacetsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/spanquery/{queryId}/aggregates: + get: + tags: + - spanAnalytics + summary: Get span analytics query aggregated results. + description: Get span aggregation results for an aggregated span analytics query + with the specified id. Only aggregated rows being part of the executed query + will have matching results in the response of this endpoint. + operationId: getSpanQueryAggregates + parameters: + - name: queryId + in: path + description: Identifier of the executed query. + required: true + schema: + type: string + example: 195038749d21ad109242c95cbbc8709d + responses: + "200": + description: The aggregation result of the executed query. + content: + application/json: + schema: + $ref: '#/components/schemas/SpanQueryAggregateResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/spanquery/fields: + get: + tags: + - spanAnalytics + summary: Get filter fields for span analytics queries. + description: Get a list of available fields which can be used in span analytics + queries. + operationId: getSpanQueryFields + parameters: [] + responses: + "200": + description: List of available fields. + content: + application/json: + schema: + $ref: '#/components/schemas/SpanQueryFieldsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/spanquery/fields/{field}/values: + get: + tags: + - spanAnalytics + summary: Get span analytics query filter field values. + description: Get a list of available values for the given span analytics query + filter field. Not all fields support value listing. The response is paginated + with a default limit of 10 field values per page. + operationId: getSpanQueryFieldValues + parameters: + - name: field + in: path + description: Field identifier. + required: true + schema: + type: string + - name: query + in: query + description: Search filter to apply on the values to be returned. Only values + containing the search query term will be returned. + required: false + schema: + type: string + - name: limit + in: query + description: The maximum number of results to fetch. + required: false + schema: + maximum: 500 + minimum: 1 + type: integer + format: int32 + default: 10 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + responses: + "200": + description: List of available filter values for the given field. + content: + application/json: + schema: + $ref: '#/components/schemas/TraceFieldValuesResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/tracing/serviceMap: + get: + tags: + - serviceMap + summary: Get a service map. + description: Run a search request to get a map of services and connections between + them. + operationId: getServiceMap + parameters: [] + responses: + "200": + description: List of nodes and list of edges. + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceMapResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/threatIntel/datastore/db: + get: + tags: + - threatIntelIngest + summary: Get threat intel indicators DB information + description: "Get threat intel indicators DB information, such as storage utilization\ + \ and indicator counts" + operationId: datastoreGet + responses: + "200": + description: Threat intel ingest DB information. + content: + application/json: + schema: + $ref: '#/components/schemas/DatastoreStatusResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - threatIntelIngest + summary: Remove the threat intel indicators DB + description: Removes the entire database and all indicators associated with + this tenant + operationId: removeDatastore + responses: + "204": + description: Removing the indicator database succeeded + default: + description: Operation failed with an error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/threatIntel/datastore/retentionPeriod: + get: + tags: + - threatIntelIngest + summary: Get threat intel indicators store retention period in terms of days. + description: Get the threat intel indicators store retention period in terms + of days. + operationId: retentionPeriod + responses: + "200": + description: Threat intel indicators store retention period. + content: + application/json: + schema: + $ref: '#/components/schemas/DatastoreRetentionPeriod' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - threatIntelIngest + summary: Set the threat intel indicators store retention period in terms of + days. + description: Sets the threat intel indicators store retention period in terms + of days. + operationId: setRetentionPeriod + parameters: [] + requestBody: + description: The threat intel indicators store retention period in terms of + days. + content: + application/json: + schema: + $ref: '#/components/schemas/DatastoreRetentionPeriod' + required: true + responses: + "200": + description: Threat intel indicators store retention period. + content: + application/json: + schema: + $ref: '#/components/schemas/DatastoreRetentionPeriod' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/threatIntel/datastore/indicators/normalized: + post: + tags: + - threatIntelIngestProducer + summary: Uploads indicators in a Sumo normalized format. + description: Uploads a list indicators in a Sumo normalized format. + operationId: uploadNormalizedIndicators + parameters: [] + requestBody: + description: The list of normalized threat intel indicators to upload. + content: + application/json: + schema: + $ref: '#/components/schemas/UploadNormalizedIndicatorRequest' + required: true + responses: + "204": + description: Normalized indicators successfully uploaded. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/threatIntel/datastore/indicators/stix: + post: + tags: + - threatIntelIngestProducer + summary: Uploads indicators in a STIX 2.x json format. + description: Uploads a list indicators in in a STIX 2.x json format. + operationId: uploadStixIndicators + parameters: [] + requestBody: + description: Upload stix indicators request body. + content: + application/json: + schema: + $ref: '#/components/schemas/UploadStixIndicatorsRequest' + required: true + responses: + "200": + description: Stix indicators successfully uploaded. + content: + application/json: + schema: + $ref: '#/components/schemas/UploadStixIndicatorsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/threatIntel/datastore/indicators: + delete: + tags: + - threatIntelIngestProducer + summary: Removes indicators by their IDS + description: Removes indicators by specifying a list of indicator IDs + operationId: removeIndicators + parameters: [] + requestBody: + description: The list of indicator IDs to remove + content: + application/json: + schema: + $ref: '#/components/schemas/RemoveIndicatorsRequest' + required: true + responses: + "204": + description: Indicators successfully removed + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/threatIntel/datastore/dataSource/{dataSourceName}: + put: + tags: + - threatIntelIngest + summary: Updates source properties + description: Updates source properties + operationId: dataSourcePropertiesUpdate + parameters: + - name: dataSourceName + in: path + description: Source name + required: true + schema: + type: string + requestBody: + description: Source properties + content: + application/json: + schema: + $ref: '#/components/schemas/DataSourceProperties' + required: true + responses: + "204": + description: Data source properties successfuly updated. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/otCollectors: + post: + tags: + - otCollectorManagementExternal + summary: Get paginated list of OT Collectors + description: "Given different filter, search and sort conditions, get list of\ + \ otCollectors." + operationId: getPaginatedOTCollectors + requestBody: + description: pagination request details + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOTCollectorsRequest' + required: true + responses: + "200": + description: A list of paginated OT Collectors. + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOTCollectorsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/otCollectors/{id}: + get: + tags: + - otCollectorManagementExternal + summary: Get OT Collector by ID. + description: Get OT Collector by ID. + operationId: getOTCollector + parameters: + - name: id + in: path + description: Identifier of the OT Collector to get. + required: true + schema: + type: string + responses: + "200": + description: An OT Collector by identifier. + content: + application/json: + schema: + $ref: '#/components/schemas/OTCollector' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - otCollectorManagementExternal + summary: Delete an OT Collector. + description: Delete an OT Collector with the given identifier. + operationId: deleteOTCollector + parameters: + - name: id + in: path + description: Identifier of the OT Collector to delete. + required: true + schema: + type: string + responses: + "204": + description: The OT Collector was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/otCollectors/totalCount: + get: + tags: + - otCollectorManagementExternal + summary: Get a count of OT Collectors. + description: Get total count of OT Collectors for a customer. + operationId: getOTCollectorsCount + responses: + "200": + description: Total count of OT Collectors. + content: + application/json: + schema: + $ref: '#/components/schemas/OTCollectorCountResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/otCollectors/otCollectorsByName: + get: + tags: + - otCollectorManagementExternal + summary: Get OT Collectors by name. + description: "provided list of names, get all OT Collectors with metadata." + operationId: getOTCollectorsByNames + parameters: + - name: names + in: query + description: A required parameter that accepts a list of names for which we + need to collect all metadata. + required: true + schema: + type: array + items: + type: string + responses: + "200": + description: A list of OT Collectors. + content: + application/json: + schema: + $ref: '#/components/schemas/OTCollectorListResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/otCollectors/offline: + delete: + tags: + - otCollectorManagementExternal + summary: Delete all Offline OT Collectors + description: Delete all offline OT Collectors for a given customer. + operationId: deleteOfflineOTCollectors + responses: + "204": + description: All offline OT Collectors of the given customer deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/sourceTemplates: + get: + tags: + - sourceTemplateManagementExternal + summary: List all source templates. + description: Get a list of all source templates. + operationId: getSourceTemplatesV2 + parameters: + - name: showDisabled + in: query + description: "A boolean parameter to get all, including disabled source templates." + required: false + schema: + type: boolean + default: false + - name: name + in: query + description: Only return source template matching the given name (exact match). + required: false + schema: + minLength: 1 + type: string + nullable: true + responses: + "200": + description: A list of source templates. + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateListResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - sourceTemplateManagementExternal + summary: Create source template. + description: Create source template. + operationId: createSourceTemplateV2 + requestBody: + description: Create source template details + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateRequest' + required: true + responses: + "200": + description: Create source template response + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/sourceTemplates/{id}: + get: + tags: + - sourceTemplateManagementExternal + summary: Get a source template by Id. + description: Get a source template with the given identifier. + operationId: getSourceTemplateV2 + parameters: + - name: id + in: path + description: Identifier of the source template to get. + required: true + schema: + type: string + responses: + "200": + description: Get source template response + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - sourceTemplateManagementExternal + summary: Update source template. + description: Update a source template with the given identifier. + operationId: updateSourceTemplateV2 + parameters: + - name: id + in: path + description: Identifier of the source template to update. + required: true + schema: + type: string + requestBody: + description: Request details of update source template. + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateUpdateRequest' + required: true + responses: + "200": + description: Update source template response + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - sourceTemplateManagementExternal + summary: Delete a source template. + description: Delete a source template with the given identifier. + operationId: deleteSourceTemplateV2 + parameters: + - name: id + in: path + description: Identifier of the source template to delete. + required: true + schema: + type: string + responses: + "204": + description: The source template was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/sourceTemplates/{id}/status: + put: + tags: + - sourceTemplateManagementExternal + summary: Update status of source template + description: Update the status (enable or disable) of a source template. + operationId: updateSourceTemplateStatusV2 + parameters: + - name: id + in: path + description: Identifier of the source template to update. + required: true + schema: + type: string + requestBody: + description: Status of source template + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateStatusUpdateRequest' + required: true + responses: + "200": + description: Update source template status response + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/sourceTemplates/{id}/upgrade: + post: + tags: + - sourceTemplateManagementExternal + summary: Upgrade source template. + description: Upgrade a source template with the given identifier. + operationId: upgradeSourceTemplateV2 + parameters: + - name: id + in: path + description: Identifier of the source template to upgrade. + required: true + schema: + type: string + requestBody: + description: Source template upgrade request details. + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateUpgradeRequest' + required: true + responses: + "200": + description: Upgrade source template response + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/sourceTemplates/getLinkedSourceTemplatesImpact: + post: + tags: + - sourceTemplateManagementExternal + summary: Preview source template linking changes. + description: "Given the set of tags user wants to update, display the list of\ + \ source templates that will be linked/unlinked to the otCollector." + operationId: getLinkedSourceTemplatesImpact + requestBody: + description: Request body containing otCollector id and set of tags. + content: + application/json: + schema: + $ref: '#/components/schemas/LinkedSourceTemplatesUpdateRequest' + required: true + responses: + "200": + description: A list of source templates whose linking to the otCollector + will be impacted. + content: + application/json: + schema: + $ref: '#/components/schemas/LinkedSourceTemplatesUpdateResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/sourceTemplate: + get: + tags: + - sourceTemplateManagementExternal + summary: Return all source templates of a customer (deprecated). + description: | + Get a list of source template. + + **DEPRECATED**: This endpoint will be removed soon. Please use GET /v1/sourceTemplates instead. + operationId: getSourceTemplates + parameters: + - name: showDisabled + in: query + description: "A boolean parameter to get all, including disabled source templates." + required: false + schema: + type: boolean + default: false + - name: name + in: query + description: Only return source template matching the given name (exact match). + required: false + schema: + minLength: 1 + type: string + nullable: true + responses: + "200": + description: A list of source templates. + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateListResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + deprecated: true + post: + tags: + - sourceTemplateManagementExternal + summary: Create source template (deprecated). + description: | + Create source template. + + **DEPRECATED**: This endpoint will be removed soon. Please use POST /v1/sourceTemplates instead. + operationId: createSourceTemplate + requestBody: + description: Create source template details + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateRequest' + required: true + responses: + "200": + description: Create source template response + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + deprecated: true + /v1/sourceTemplate/{id}: + get: + tags: + - sourceTemplateManagementExternal + summary: Get a source template by Id (deprecated). + description: | + Get a source template with the given identifier. + + **DEPRECATED**: This endpoint will be removed soon. Please use GET /v1/sourceTemplates/{id} instead. + operationId: getSourceTemplate + parameters: + - name: id + in: path + description: Identifier of the source template to get. + required: true + schema: + type: string + responses: + "200": + description: Get source template response + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + deprecated: true + post: + tags: + - sourceTemplateManagementExternal + summary: Update source template (deprecated). + description: | + Update a source template with the given identifier. + + **DEPRECATED**: This endpoint will be removed soon. Please use POST /v1/sourceTemplates/{id} instead. + operationId: updateSourceTemplate + parameters: + - name: id + in: path + description: Identifier of the source template to update. + required: true + schema: + type: string + requestBody: + description: Source template request details. + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateRequest' + required: true + responses: + "200": + description: Update source template response + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + deprecated: true + delete: + tags: + - sourceTemplateManagementExternal + summary: Delete a source template (deprecated). + description: | + Delete a source template with the given identifier. + + **DEPRECATED**: This endpoint will be removed soon. Please use DELETE /v1/sourceTemplates/{id} instead. + operationId: deleteSourceTemplate + parameters: + - name: id + in: path + description: Identifier of the source template to delete. + required: true + schema: + type: string + responses: + "204": + description: The source template was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + deprecated: true + /v1/upgrade/sourceTemplate/{id}: + post: + tags: + - sourceTemplateManagementExternal + summary: Upgrade source template (deprecated). + description: | + Upgrade a source template with the given identifier. + + **DEPRECATED**: This endpoint will be removed soon. Please use POST /v1/sourceTemplates/{id}/upgrade instead. + operationId: upgradeSourceTemplate + parameters: + - name: id + in: path + description: Identifier of the source template to upgrade. + required: true + schema: + type: string + requestBody: + description: Source template upgrade request details. + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateUpgradeRequest' + required: true + responses: + "200": + description: Upgrade source template response + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + deprecated: true + /v1/sourceTemplate/getLinkedSourceTemplatesImpact: + post: + tags: + - sourceTemplateManagementExternal + summary: Get linked source templates update based on the ot-collector tags user + is wants to update. + description: "Given the set of tags user wants to update, display the list of\ + \ source templates that will be linked/unlinked to the otCollector." + operationId: getLinkedSourceTemplatesUpdate + requestBody: + description: Request body containing otCollector id and set of tags. + content: + application/json: + schema: + $ref: '#/components/schemas/LinkedSourceTemplatesUpdateRequest' + required: true + responses: + "200": + description: A list of source templates whose linking to the otCollector + will be impacted. + content: + application/json: + schema: + $ref: '#/components/schemas/LinkedSourceTemplatesUpdateResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/sourceTemplate/{id}/status: + put: + tags: + - sourceTemplateManagementExternal + summary: Update status of source template (deprecated) + description: | + Update the status (enable or disable) of a source template. + + **DEPRECATED**: This endpoint will be removed soon. Please use PUT /v1/sourceTemplates/{id}/status instead. + operationId: updateSourceTemplateStatus + parameters: + - name: id + in: path + description: Identifier of the source template to update. + required: true + schema: + type: string + requestBody: + description: Status of source template + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateStatusUpdateRequest' + required: true + responses: + "200": + description: Update source template status response + content: + application/json: + schema: + $ref: '#/components/schemas/SourceTemplateDefinition' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + deprecated: true + /v1/schemaIdentitiesGrouped: + get: + tags: + - schemaBaseManagement + summary: Get schema base identities grouped by type and sorted by version. + description: Get a summary of all available schema bases grouped by type and + their versions sorted by latest. + operationId: getSchemaIdentitiesGrouped + responses: + "200": + description: A summary of all available schema bases grouped by type and + their versions sorted by latest. + content: + application/json: + schema: + $ref: '#/components/schemas/ListSchemaBaseTypeToVersionsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/eventExtractionRules: + get: + tags: + - eventAnalytics + summary: Get all event extraction rules. + description: Get all event extraction rules. + operationId: getEventExtractionRules + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: Event extraction rules. + content: + application/json: + schema: + $ref: '#/components/schemas/ListEventExtractionRulesResponse' + post: + tags: + - eventAnalytics + summary: Create event extraction rule. + description: Create event extraction rule. + operationId: createEventExtractionRule + requestBody: + description: Information to create a new event extraction rule. + content: + application/json: + schema: + $ref: '#/components/schemas/EventExtractionRule' + required: true + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: The event extraction rule was created. + content: + application/json: + schema: + $ref: '#/components/schemas/EventExtractionRuleWithDetails' + /v1/eventExtractionRules/quota: + get: + tags: + - eventAnalytics + summary: Get event extraction rules quota. + description: Every customer can use a limited number of Event Extraction Rules. + This endpoint allows learning about these limitations and remaining quota. + operationId: getEventExtractionRulesQuota + responses: + "200": + description: Current state of Event Extraction Rules quota usage (limit + and remaining). + content: + application/json: + schema: + $ref: '#/components/schemas/EventExtractionRulesQuotaUsage' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/eventExtractionRules/{id}: + get: + tags: + - eventAnalytics + summary: Get an event extraction rule. + description: Get an event extraction rule. + operationId: getEventExtractionRule + parameters: + - name: id + in: path + description: The identifier of the event extraction rule. + required: true + schema: + type: string + example: 000000000000000A + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: Requested event extraction rule. + content: + application/json: + schema: + $ref: '#/components/schemas/EventExtractionRuleWithDetails' + put: + tags: + - eventAnalytics + summary: Update an event extraction rule. + description: Update an event extraction rule. + operationId: updateEventExtractionRule + parameters: + - name: id + in: path + description: The identifier of the event extraction rule. + required: true + schema: + type: string + example: 000000000000000A + requestBody: + description: Information to update event extraction rule. + content: + application/json: + schema: + $ref: '#/components/schemas/EventExtractionRule' + required: true + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "200": + description: The event extraction rule was updated. + content: + application/json: + schema: + $ref: '#/components/schemas/EventExtractionRuleWithDetails' + delete: + tags: + - eventAnalytics + summary: Delete an event extraction rule. + description: Delete an event extraction rule. + operationId: deleteEventExtractionRule + parameters: + - name: id + in: path + description: The identifier of the event extraction rule. + required: true + schema: + type: string + example: 000000000000000A + responses: + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + "204": + description: The event extraction rule was successfully deleted. + /v1/budgets: + get: + tags: + - budgetManagement + summary: Get budgets + description: Get budgets + operationId: getBudgets + parameters: + - name: limit + in: query + description: Limit the number of budgets returned in the response. The number + of budgets returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. + required: false + schema: + type: string + responses: + "200": + description: Budgets assigned to the org. + content: + application/json: + schema: + $ref: '#/components/schemas/ScanBudgetList' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - budgetManagement + summary: Creates a budget definition + description: Create a budget definition + operationId: createBudget + parameters: [] + requestBody: + description: Information about the new budget. + content: + application/json: + schema: + $ref: '#/components/schemas/ScanBudgetDefinition' + required: true + responses: + "200": + description: The created budget. + content: + application/json: + schema: + $ref: '#/components/schemas/ScanBudget' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/budgets/{budgetId}: + get: + tags: + - budgetManagement + summary: Get budget + description: Get budget + operationId: getBudget + parameters: + - name: budgetId + in: path + description: The id of the budget. + required: true + schema: + type: string + responses: + "200": + description: The requested budget. + content: + application/json: + schema: + $ref: '#/components/schemas/ScanBudget' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - budgetManagement + summary: Update budget + description: Update budget + operationId: updateBudget + parameters: + - name: budgetId + in: path + description: The id of the budget. + required: true + schema: + type: string + requestBody: + description: Updated budget. + content: + application/json: + schema: + $ref: '#/components/schemas/ScanBudgetDefinition' + required: true + responses: + "200": + description: The updated budget. + content: + application/json: + schema: + $ref: '#/components/schemas/ScanBudget' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - budgetManagement + summary: Delete budget + description: Delete budget + operationId: deleteBudget + parameters: + - name: budgetId + in: path + description: The id of the budget. + required: true + schema: + type: string + responses: + "204": + description: The budget was successfully deleted. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/budgets/usage: + get: + tags: + - budgetManagement + summary: Get budget usages + description: Get budget usages + operationId: getBudgetUsages + parameters: + - name: limit + in: query + description: Limit the number of budget usages returned in the response. The + number of budget usages returned may be less than the `limit`. + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + format: int32 + default: 100 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. + required: false + schema: + type: string + responses: + "200": + description: Scan budget usages. + content: + application/json: + schema: + $ref: '#/components/schemas/ScanBudgetUsageList' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/budgets/{budgetId}/usage: + get: + tags: + - budgetManagement + summary: Get budget usage + description: Get budget usage + operationId: getBudgetUsage + parameters: + - name: budgetId + in: path + description: The id of the budget. + required: true + schema: + type: string + responses: + "200": + description: The requested budget usage. + content: + application/json: + schema: + $ref: '#/components/schemas/ScanBudgetUsage' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/macros: + get: + tags: + - macroManagement + summary: List all macros. + description: List all viewable macros for the customer. + operationId: listMacros + parameters: + - name: limit + in: query + description: Limit the number of macro returned in the response. The number + of macros returned may be less than the `limit`. Default 50. + required: false + schema: + maximum: 100 + minimum: 1 + type: integer + format: int32 + default: 50 + example: 50 + - name: token + in: query + description: Continuation token to get the next page of results. A page object + with the next continuation token is returned in the response body. Subsequent + GET requests should specify the continuation token to get the next page + of results. `token` is set to null when no more pages are left. + required: false + schema: + type: string + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + responses: + "200": + description: Paginated list of viewable macros for the customer. + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedMacros' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - macroManagement + summary: Create a new macro. + description: Creates a new macro. + operationId: createMacro + requestBody: + description: Information to create the new macro. + content: + application/json: + schema: + $ref: '#/components/schemas/MacroRequest' + required: true + responses: + "200": + description: The macro has been created. + content: + application/json: + schema: + $ref: '#/components/schemas/Macro' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v2/macros/{id}: + get: + tags: + - macroManagement + summary: Get a macro. + description: Get a macro by the given identifier. + operationId: getMacro + parameters: + - name: id + in: path + description: UUID of the macro. + required: true + schema: + type: string + responses: + "200": + description: Macro object that was requested. + content: + application/json: + schema: + $ref: '#/components/schemas/Macro' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - macroManagement + summary: Edit a macro. + description: Edits an existing macro by id. Macro name is immutable. + operationId: editMacro + parameters: + - name: id + in: path + description: UUID of the macro to edit. + required: true + schema: + type: string + requestBody: + description: Macro fields to update. Macro name is immutable. + content: + application/json: + schema: + $ref: '#/components/schemas/BaseMacroRequest' + required: true + responses: + "200": + description: The edited macro. + content: + application/json: + schema: + $ref: '#/components/schemas/Macro' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - macroManagement + summary: Delete a macro. + description: Delete a macro by id. + operationId: deleteMacro + parameters: + - name: id + in: path + description: Id of macro to delete. + required: true + schema: + type: string + responses: + "204": + description: Macro was deleted successfully. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors: + get: + tags: + - monitorsLibraryManagement + summary: Bulk read a monitor or folder. + description: Bulk read a monitor or folder by the given identifiers from the + monitors library. + operationId: monitorsReadByIds + parameters: + - name: ids + in: query + description: A comma-separated list of identifiers. + required: true + schema: + type: array + items: + type: string + example: "0000000000000001,0000000000000002,0000000000000003" + - name: skipChildren + in: query + description: a boolean parameter to control skipping fetching children of + requested folder(s) + required: false + schema: + type: boolean + responses: + "200": + description: A map between an identifier and its definition (monitor or + folder). + content: + application/json: + schema: + $ref: '#/components/schemas/IdToMonitorsLibraryBaseResponseMap' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - monitorsLibraryManagement + summary: | + Create a monitor or folder. + description: Create a monitor or folder in the monitors library. + operationId: monitorsCreate + parameters: + - name: parentId + in: query + description: Identifier of the parent folder in which to create the monitor + or folder. + required: true + schema: + type: string + requestBody: + description: The monitor or folder to create. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorsLibraryBase' + required: true + responses: + "200": + description: The monitor or folder was created. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorsLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - monitorsLibraryManagement + summary: | + Bulk delete a monitor or folder. + description: Bulk delete a monitor or folder by the given identifiers in the + monitors library. + operationId: monitorsDeleteByIds + parameters: + - name: ids + in: query + description: A comma-separated list of identifiers. + required: true + schema: + type: array + items: + type: string + example: "0000000000000001,0000000000000002,0000000000000003" + responses: + "200": + description: A map between the deleted identifier and its metadata. + content: + application/json: + schema: + $ref: '#/components/schemas/IdToMonitorsLibraryBaseResponseMap' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/root: + get: + tags: + - monitorsLibraryManagement + summary: Get the root monitors folder. + description: Get the root folder in the monitors library. + operationId: getMonitorsLibraryRoot + responses: + "200": + description: Root folder of the monitors library. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorsLibraryFolderResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/path: + get: + tags: + - monitorsLibraryManagement + summary: Read a monitor or folder by its path. + description: Read a monitor or folder by its path in the monitors library structure. + operationId: monitorsGetByPath + parameters: + - name: path + in: query + description: The path of the monitor or folder. + required: true + schema: + type: string + responses: + "200": + description: Requested monitor or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorsLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/search: + get: + tags: + - monitorsLibraryManagement + summary: Search for a monitor or folder. + description: Search for a monitor or folder in the monitors library structure. + operationId: monitorsSearch + parameters: + - name: query + in: query + description: |- + The search query to find monitor or folder. Below is the list of different filters with examples: + - **createdBy** : Filter by the user's identifier who created the content. Example: `createdBy:000000000000968B`. + - **createdBefore** : Filter by the content objects created before the given timestamp(in milliseconds). Example: `createdBefore:1457997222`. + - **createdAfter** : Filter by the content objects created after the given timestamp(in milliseconds). Example: `createdAfter:1457997111`. + - **modifiedBefore** : Filter by the content objects modified before the given timestamp(in milliseconds). Example: `modifiedBefore:1457997222`. + - **modifiedAfter** : Filter by the content objects modified after the given timestamp(in milliseconds). Example: `modifiedAfter:1457997111`. + - **type** : Filter by the type of the content object. Example: `type:folder`. + - **monitorStatus** : Filter by the status of the monitor: Normal, Critical, Warning, MissingData, Disabled, AllTriggered. Example: `monitorStatus:Normal`. + + You can also use multiple filters in one query. For example to search for all content objects created by user with identifier 000000000000968B with creation timestamp after 1457997222 containing the text Test, the query would look like: + + `createdBy:000000000000968B createdAfter:1457997222 Test` + required: true + schema: + type: string + example: createdBy:000000000000968B Test + - name: limit + in: query + description: Maximum number of items you want in the response. + required: false + schema: + maximum: 5000 + type: integer + format: int32 + default: 1000 + example: 10 + - name: offset + in: query + description: The position or row from where to start the search operation. + required: false + schema: + type: integer + format: int32 + default: 0 + example: 5 + - name: skipChildren + in: query + description: a boolean parameter to control skipping fetching children of + requested folder(s) + required: false + schema: + type: boolean + responses: + "200": + description: List of folders and monitors matching the search query. + content: + application/json: + schema: + $ref: '#/components/schemas/ListMonitorsLibraryItemWithPath' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/{id}: + get: + tags: + - monitorsLibraryManagement + summary: Get a monitor or folder. + description: Get a monitor or folder from the monitors library. + operationId: monitorsReadById + parameters: + - name: id + in: path + description: Identifier of the monitor or folder to read. + required: true + schema: + type: string + responses: + "200": + description: Requested monitor or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorsLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - monitorsLibraryManagement + summary: | + Update a monitor or folder. + description: "Update a monitor or folder in the monitors library. When making\ + \ updates to existing monitors via API, all configurations are over-written.\ + \ Make sure to include all configurations of the monitor (existing with new\ + \ updates), not just the new configurations you want to apply." + operationId: monitorsUpdateById + parameters: + - name: id + in: path + description: Identifier of the monitor or folder to update. + required: true + schema: + type: string + requestBody: + description: The monitor or folder to update. The content version must match + its latest version number in the monitors library. If the version does not + match it will not be updated. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorsLibraryBaseUpdate' + required: true + responses: + "200": + description: The monitor or folder was updated. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorsLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - monitorsLibraryManagement + summary: | + Delete a monitor or folder. + description: Delete a monitor or folder from the monitors library. + operationId: monitorsDeleteById + parameters: + - name: id + in: path + description: Identifier of the monitor or folder to delete. + required: true + schema: + type: string + responses: + "204": + description: The monitor or folder was successfully deleted. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/{id}/path: + get: + tags: + - monitorsLibraryManagement + summary: Get the path of a monitor or folder. + description: Get the full path of the monitor or folder in the monitors library. + operationId: getMonitorsFullPath + parameters: + - name: id + in: path + description: Identifier of the monitor or folder. + required: true + schema: + type: string + responses: + "200": + description: Full path of the monitor or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/Path' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/{id}/move: + post: + tags: + - monitorsLibraryManagement + summary: Move a monitor or folder. + description: Move a monitor or folder to a different location in the monitors + library. + operationId: monitorsMove + parameters: + - name: id + in: path + description: Identifier of the monitor or folder to move. + required: true + schema: + type: string + - name: parentId + in: query + description: Identifier of the parent folder to move the monitor or folder + to. + required: true + schema: + type: string + responses: + "200": + description: Moved monitor or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorsLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/{id}/copy: + post: + tags: + - monitorsLibraryManagement + summary: Copy a monitor or folder. + description: Copy a monitor or folder in the monitors library. + operationId: monitorsCopy + parameters: + - name: id + in: path + description: Identifier of the monitor or folder to copy. + required: true + schema: + type: string + requestBody: + description: |- + Fields include: + 1) Identifier of the parent folder to copy to. + 2) Optionally provide a new name. + 3) Optionally provide a new description. + 4) Optionally set to true if you want to copy and preserve the locked status. Requires `LockMonitors` capability. + content: + application/json: + schema: + $ref: '#/components/schemas/ContentCopyParams' + required: true + responses: + "200": + description: The monitor or folder was copied. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorsLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/{id}/export: + get: + tags: + - monitorsLibraryManagement + summary: Export a monitor or folder. + description: "Export a monitor or folder. If the given identifier is a folder,\ + \ everything under the folder is exported recursively with folder as the root." + operationId: monitorsExportItem + parameters: + - name: id + in: path + description: Identifier of the monitor or folder to export. + required: true + schema: + type: string + responses: + "200": + description: Exported monitor or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorsLibraryBaseExport' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/{parentId}/import: + post: + tags: + - monitorsLibraryManagement + summary: Import a monitor or folder. + description: Import a monitor or folder. + operationId: monitorsImportItem + parameters: + - name: parentId + in: path + description: Identifier of the parent folder in which to import the monitor + or folder. + required: true + schema: + type: string + requestBody: + description: The monitor or folder to be imported. + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorsLibraryBaseExport' + required: true + responses: + "200": + description: "Newly imported monitor or folder. NOTE: Permissions field\ + \ will not be filled (empty list)." + content: + application/json: + schema: + $ref: '#/components/schemas/MonitorsLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/{id}/permissions: + get: + tags: + - monitorsLibraryManagement + summary: | + List explicit permissions on monitor or folder. + description: List explicit permissions on monitor or folder in the monitors + library. + operationId: monitorsReadPermissionsById + parameters: + - name: id + in: path + description: Identifier of the monitor or folder to list permissions. + required: true + schema: + type: string + responses: + "200": + description: The list of explicit permission statements for the monitor + or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/ListPermissionsResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/permissions/set: + put: + tags: + - monitorsLibraryManagement + summary: | + Set permissions on monitor or folder. + description: Set permissions on monitor or folder in the monitors library. + operationId: monitorsSetPermissions + requestBody: + description: The permission statement definitions to set. + content: + application/json: + schema: + $ref: '#/components/schemas/PermissionStatementDefinitions' + required: true + responses: + "200": + description: List of the successfully set `PermissionStatements`. + content: + application/json: + schema: + $ref: '#/components/schemas/PermissionStatements' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/permissions/revoke: + put: + tags: + - monitorsLibraryManagement + summary: | + Revoke all permissions on monitor or folder. + description: Revoke all permissions on monitor or folder in the monitors library. + operationId: monitorsRevokePermissions + requestBody: + description: The identifiers of the permissions statements to revoke. + content: + application/json: + schema: + $ref: '#/components/schemas/PermissionIdentifiers' + required: true + responses: + "204": + description: Permissions were successfully revoked for monitor or folder. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/monitors/{id}/permissionSummariesBySubjects: + get: + tags: + - monitorsLibraryManagement + summary: | + List permission summaries for a monitor or folder. + description: List permission summary meta(s) grouped by subjects on monitor + or folder in the monitors library. + operationId: monitorsReadPermissionSummariesByIdGroupBySubjects + parameters: + - name: id + in: path + description: Identifier of the monitor or folder to list permissions. + required: true + schema: + type: string + responses: + "200": + description: The list of permission summary meta(s) grouped by subjects + for the monitor or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/PermissionSummariesBySubjects' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/mutingSchedules: + get: + tags: + - mutingSchedulesLibraryManagement + summary: Bulk read a mutingschedule or folder. + description: Bulk read a mutingschedule or folder by the given identifiers from + the mutingSchedules library. + operationId: mutingSchedulesReadByIds + parameters: + - name: ids + in: query + description: A comma-separated list of identifiers. + required: true + schema: + type: array + items: + type: string + example: "0000000000000001,0000000000000002,0000000000000003" + - name: skipChildren + in: query + description: a boolean parameter to control skipping fetching children of + requested folder(s) + required: false + schema: + type: boolean + responses: + "200": + description: A map between an identifier and its definition (mutingschedule + or folder). + content: + application/json: + schema: + $ref: '#/components/schemas/IdToMutingSchedulesLibraryBaseResponseMap' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - mutingSchedulesLibraryManagement + summary: | + Create a mutingschedule or folder. + description: Create a mutingschedule or folder in the mutingSchedules library. + operationId: mutingSchedulesCreate + parameters: + - name: parentId + in: query + description: Identifier of the parent folder in which to create the mutingschedule + or folder. + required: true + schema: + type: string + requestBody: + description: The mutingschedule or folder to create. + content: + application/json: + schema: + $ref: '#/components/schemas/MutingSchedulesLibraryBase' + required: true + responses: + "200": + description: The mutingschedule or folder was created. + content: + application/json: + schema: + $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - mutingSchedulesLibraryManagement + summary: | + Bulk delete a mutingschedule or folder. + description: Bulk delete a mutingschedule or folder by the given identifiers + in the mutingSchedules library. + operationId: mutingSchedulesDeleteByIds + parameters: + - name: ids + in: query + description: A comma-separated list of identifiers. + required: true + schema: + type: array + items: + type: string + example: "0000000000000001,0000000000000002,0000000000000003" + responses: + "200": + description: A map between the deleted identifier and its metadata. + content: + application/json: + schema: + $ref: '#/components/schemas/IdToMutingSchedulesLibraryBaseResponseMap' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/mutingSchedules/root: + get: + tags: + - mutingSchedulesLibraryManagement + summary: Get the root mutingSchedules folder. + description: Get the root folder in the mutingSchedules library. + operationId: getMutingSchedulesLibraryRoot + responses: + "200": + description: Root folder of the mutingSchedules library. + content: + application/json: + schema: + $ref: '#/components/schemas/MutingSchedulesLibraryFolderResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/mutingSchedules/search: + get: + tags: + - mutingSchedulesLibraryManagement + summary: Search for a mutingschedule or folder. + description: Search for a mutingschedule or folder in the mutingSchedules library + structure. + operationId: mutingSchedulesSearch + parameters: + - name: query + in: query + description: |- + The search query to find mutingschedule or folder. Below is the list of different filters with examples: + - **createdBy** : Filter by the user's identifier who created the content. Example: `createdBy:000000000000968B`. + - **createdBefore** : Filter by the content objects created before the given timestamp(in milliseconds). Example: `createdBefore:1457997222`. + - **createdAfter** : Filter by the content objects created after the given timestamp(in milliseconds). Example: `createdAfter:1457997111`. + - **modifiedBefore** : Filter by the content objects modified before the given timestamp(in milliseconds). Example: `modifiedBefore:1457997222`. + - **modifiedAfter** : Filter by the content objects modified after the given timestamp(in milliseconds). Example: `modifiedAfter:1457997111`. + - **type** : Filter by the type of the content object. Example: `type:folder`. + + You can also use multiple filters in one query. For example to search for all content objects created by user with identifier 000000000000968B with creation timestamp after 1457997222 containing the text Test, the query would look like: + + `createdBy:000000000000968B createdAfter:1457997222 Test` + required: true + schema: + type: string + example: createdBy:000000000000968B Test + - name: limit + in: query + description: Maximum number of items you want in the response. + required: false + schema: + maximum: 5000 + type: integer + format: int32 + default: 1000 + example: 10 + - name: offset + in: query + description: The position or row from where to start the search operation. + required: false + schema: + type: integer + format: int32 + default: 0 + example: 5 + - name: skipChildren + in: query + description: a boolean parameter to control skipping fetching children of + requested folder(s) + required: false + schema: + type: boolean + responses: + "200": + description: List of folders and mutingSchedules matching the search query. + content: + application/json: + schema: + $ref: '#/components/schemas/ListMutingSchedulesLibraryItemWithPath' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/mutingSchedules/{id}: + get: + tags: + - mutingSchedulesLibraryManagement + summary: Get a mutingschedule or folder. + description: Get a mutingschedule or folder from the mutingSchedules library. + operationId: mutingSchedulesReadById + parameters: + - name: id + in: path + description: Identifier of the mutingschedule or folder to read. + required: true + schema: + type: string + responses: + "200": + description: Requested mutingschedule or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - mutingSchedulesLibraryManagement + summary: | + Update a mutingschedule or folder. + description: Update a mutingschedule or folder in the mutingSchedules library. + operationId: mutingSchedulesUpdateById + parameters: + - name: id + in: path + description: Identifier of the mutingschedule or folder to update. + required: true + schema: + type: string + requestBody: + description: The mutingschedule or folder to update. The content version must + match its latest version number in the mutingSchedules library. If the version + does not match it will not be updated. + content: + application/json: + schema: + $ref: '#/components/schemas/MutingSchedulesLibraryBaseUpdate' + required: true + responses: + "200": + description: The mutingschedule or folder was updated. + content: + application/json: + schema: + $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - mutingSchedulesLibraryManagement + summary: | + Delete a mutingschedule or folder. + description: Delete a mutingschedule or folder from the mutingSchedules library. + operationId: mutingSchedulesDeleteById + parameters: + - name: id + in: path + description: Identifier of the mutingschedule or folder to delete. + required: true + schema: + type: string + responses: + "204": + description: The mutingschedule or folder was successfully deleted. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/mutingSchedules/{id}/path: + get: + tags: + - mutingSchedulesLibraryManagement + summary: Get the path of a mutingschedule or folder. + description: Get the full path of the mutingschedule or folder in the mutingSchedules + library. + operationId: getMutingSchedulesFullPath + parameters: + - name: id + in: path + description: Identifier of the mutingschedule or folder. + required: true + schema: + type: string + responses: + "200": + description: Full path of the mutingschedule or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/Path' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/mutingSchedules/{id}/copy: + post: + tags: + - mutingSchedulesLibraryManagement + summary: Copy a mutingschedule or folder. + description: Copy a mutingschedule or folder in the mutingSchedules library. + operationId: mutingSchedulesCopy + parameters: + - name: id + in: path + description: Identifier of the mutingschedule or folder to copy. + required: true + schema: + type: string + requestBody: + description: |- + Fields include: + 1) Identifier of the parent folder to copy to. + 2) Optionally provide a new name. + 3) Optionally provide a new description. + 4) Optionally set to true if you want to copy and preserve the locked status. Requires `LockMutingSchedules` capability. + content: + application/json: + schema: + $ref: '#/components/schemas/ContentCopyParams' + required: true + responses: + "200": + description: The mutingschedule or folder was copied. + content: + application/json: + schema: + $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/mutingSchedules/{id}/export: + get: + tags: + - mutingSchedulesLibraryManagement + summary: Export a mutingschedule or folder. + description: "Export a mutingschedule or folder. If the given identifier is\ + \ a folder, everything under the folder is exported recursively with folder\ + \ as the root." + operationId: mutingSchedulesExportItem + parameters: + - name: id + in: path + description: Identifier of the mutingschedule or folder to export. + required: true + schema: + type: string + responses: + "200": + description: Exported mutingschedule or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/MutingSchedulesLibraryBaseExport' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/mutingSchedules/{parentId}/import: + post: + tags: + - mutingSchedulesLibraryManagement + summary: Import a mutingschedule or folder. + description: Import a mutingschedule or folder. + operationId: mutingSchedulesImportItem + parameters: + - name: parentId + in: path + description: Identifier of the parent folder in which to import the mutingschedule + or folder. + required: true + schema: + type: string + requestBody: + description: The mutingschedule or folder to be imported. + content: + application/json: + schema: + $ref: '#/components/schemas/MutingSchedulesLibraryBaseExport' + required: true + responses: + "200": + description: "Newly imported mutingschedule or folder. NOTE: Permissions\ + \ field will not be filled (empty list)." + content: + application/json: + schema: + $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/slos: + get: + tags: + - slosLibraryManagement + summary: Bulk read a slo or folder. + description: Bulk read a slo or folder by the given identifiers from the slos + library. + operationId: slosReadByIds + parameters: + - name: ids + in: query + description: A comma-separated list of identifiers. + required: true + schema: + type: array + items: + type: string + example: "0000000000000001,0000000000000002,0000000000000003" + - name: skipChildren + in: query + description: a boolean parameter to control skipping fetching children of + requested folder(s) + required: false + schema: + type: boolean + responses: + "200": + description: A map between an identifier and its definition (slo or folder). + content: + application/json: + schema: + $ref: '#/components/schemas/IdToSlosLibraryBaseResponseMap' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + post: + tags: + - slosLibraryManagement + summary: | + Create a slo or folder. + description: Create a slo or folder in the slos library. + operationId: slosCreate + parameters: + - name: parentId + in: query + description: Identifier of the parent folder in which to create the slo or + folder. + required: true + schema: + type: string + requestBody: + description: The slo or folder to create. + content: + application/json: + schema: + $ref: '#/components/schemas/SlosLibraryBase' + required: true + responses: + "200": + description: The slo or folder was created. + content: + application/json: + schema: + $ref: '#/components/schemas/SlosLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - slosLibraryManagement + summary: | + Bulk delete a slo or folder. + description: Bulk delete a slo or folder by the given identifiers in the slos + library. + operationId: slosDeleteByIds + parameters: + - name: ids + in: query + description: A comma-separated list of identifiers. + required: true + schema: + type: array + items: + type: string + example: "0000000000000001,0000000000000002,0000000000000003" + responses: + "200": + description: A map between the deleted identifier and its metadata. + content: + application/json: + schema: + $ref: '#/components/schemas/IdToSlosLibraryBaseResponseMap' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/slos/root: + get: + tags: + - slosLibraryManagement + summary: Get the root slos folder. + description: Get the root folder in the slos library. + operationId: getSlosLibraryRoot + responses: + "200": + description: Root folder of the slos library. + content: + application/json: + schema: + $ref: '#/components/schemas/SlosLibraryFolderResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/slos/path: + get: + tags: + - slosLibraryManagement + summary: Read a slo or folder by its path. + description: Read a slo or folder by its path in the slos library structure. + operationId: slosGetByPath + parameters: + - name: path + in: query + description: The path of the slo or folder. + required: true + schema: + type: string + responses: + "200": + description: Requested slo or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/SlosLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/slos/search: + get: + tags: + - slosLibraryManagement + summary: Search for a slo or folder. + description: Search for a slo or folder in the slos library structure. + operationId: slosSearch + parameters: + - name: query + in: query + description: |- + The search query to find slo or folder. Below is the list of different filters with examples: + - **createdBy** : Filter by the user's identifier who created the content. Example: `createdBy:000000000000968B`. + - **createdBefore** : Filter by the content objects created before the given timestamp(in milliseconds). Example: `createdBefore:1457997222`. + - **createdAfter** : Filter by the content objects created after the given timestamp(in milliseconds). Example: `createdAfter:1457997111`. + - **modifiedBefore** : Filter by the content objects modified before the given timestamp(in milliseconds). Example: `modifiedBefore:1457997222`. + - **modifiedAfter** : Filter by the content objects modified after the given timestamp(in milliseconds). Example: `modifiedAfter:1457997111`. + - **type** : Filter by the type of the content object. Example: `type:folder`. + + You can also use multiple filters in one query. For example to search for all content objects created by user with identifier 000000000000968B with creation timestamp after 1457997222 containing the text Test, the query would look like: + + `createdBy:000000000000968B createdAfter:1457997222 Test` + required: true + schema: + type: string + example: createdBy:000000000000968B Test + - name: limit + in: query + description: Maximum number of items you want in the response. + required: false + schema: + maximum: 5000 + type: integer + format: int32 + default: 1000 + example: 10 + - name: offset + in: query + description: The position or row from where to start the search operation. + required: false + schema: + type: integer + format: int32 + default: 0 + example: 5 + - name: skipChildren + in: query + description: a boolean parameter to control skipping fetching children of + requested folder(s) + required: false + schema: + type: boolean + responses: + "200": + description: List of folders and slos matching the search query. + content: + application/json: + schema: + $ref: '#/components/schemas/ListSlosLibraryItemWithPath' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/slos/{id}: + get: + tags: + - slosLibraryManagement + summary: Get a slo or folder. + description: Get a slo or folder from the slos library. + operationId: slosReadById + parameters: + - name: id + in: path + description: Identifier of the slo or folder to read. + required: true + schema: + type: string + responses: + "200": + description: Requested slo or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/SlosLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + put: + tags: + - slosLibraryManagement + summary: | + Update a slo or folder. + description: Update a slo or folder in the slos library. + operationId: slosUpdateById + parameters: + - name: id + in: path + description: Identifier of the slo or folder to update. + required: true + schema: + type: string + requestBody: + description: The slo or folder to update. The content version must match its + latest version number in the slos library. If the version does not match + it will not be updated. + content: + application/json: + schema: + $ref: '#/components/schemas/SlosLibraryBaseUpdate' + required: true + responses: + "200": + description: The slo or folder was updated. + content: + application/json: + schema: + $ref: '#/components/schemas/SlosLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + delete: + tags: + - slosLibraryManagement + summary: | + Delete a slo or folder. + description: Delete a slo or folder from the slos library. + operationId: slosDeleteById + parameters: + - name: id + in: path + description: Identifier of the slo or folder to delete. + required: true + schema: + type: string + responses: + "204": + description: The slo or folder was successfully deleted. + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/slos/{id}/path: + get: + tags: + - slosLibraryManagement + summary: Get the path of a slo or folder. + description: Get the full path of the slo or folder in the slos library. + operationId: getSlosFullPath + parameters: + - name: id + in: path + description: Identifier of the slo or folder. + required: true + schema: + type: string + responses: + "200": + description: Full path of the slo or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/Path' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/slos/{id}/move: + post: + tags: + - slosLibraryManagement + summary: Move a slo or folder. + description: Move a slo or folder to a different location in the slos library. + operationId: slosMove + parameters: + - name: id + in: path + description: Identifier of the slo or folder to move. + required: true + schema: + type: string + - name: parentId + in: query + description: Identifier of the parent folder to move the slo or folder to. + required: true + schema: + type: string + responses: + "200": + description: Moved slo or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/SlosLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/slos/{id}/copy: + post: + tags: + - slosLibraryManagement + summary: Copy a slo or folder. + description: Copy a slo or folder in the slos library. + operationId: slosCopy + parameters: + - name: id + in: path + description: Identifier of the slo or folder to copy. + required: true + schema: + type: string + requestBody: + description: |- + Fields include: + 1) Identifier of the parent folder to copy to. + 2) Optionally provide a new name. + 3) Optionally provide a new description. + 4) Optionally set to true if you want to copy and preserve the locked status. Requires `LockSlos` capability. + content: + application/json: + schema: + $ref: '#/components/schemas/ContentCopyParams' + required: true + responses: + "200": + description: The slo or folder was copied. + content: + application/json: + schema: + $ref: '#/components/schemas/SlosLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/slos/{id}/export: + get: + tags: + - slosLibraryManagement + summary: Export a slo or folder. + description: "Export a slo or folder. If the given identifier is a folder, everything\ + \ under the folder is exported recursively with folder as the root." + operationId: slosExportItem + parameters: + - name: id + in: path + description: Identifier of the slo or folder to export. + required: true + schema: + type: string + responses: + "200": + description: Exported slo or folder. + content: + application/json: + schema: + $ref: '#/components/schemas/SlosLibraryBaseExport' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /v1/slos/{parentId}/import: + post: + tags: + - slosLibraryManagement + summary: Import a slo or folder. + description: Import a slo or folder. + operationId: slosImportItem + parameters: + - name: parentId + in: path + description: Identifier of the parent folder in which to import the slo or + folder. + required: true + schema: + type: string + requestBody: + description: The slo or folder to be imported. + content: + application/json: + schema: + $ref: '#/components/schemas/SlosLibraryBaseExport' + required: true + responses: + "200": + description: "Newly imported slo or folder. NOTE: Permissions field will\ + \ not be filled (empty list)." + content: + application/json: + schema: + $ref: '#/components/schemas/SlosLibraryBaseResponse' + default: + description: Operation failed with an error. + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' +components: + schemas: + AddOrReplaceTransformation: + allOf: + - $ref: '#/components/schemas/DimensionTransformation' + - required: + - dimensionToReplace + - value + type: object + properties: + dimensionToReplace: + type: string + description: The dimension that needs to be modified or added. + example: metric + value: + type: string + description: The value for the dimension. + example: "{{metric}}_aggregated" + AggregateOnTransformation: + allOf: + - $ref: '#/components/schemas/DimensionTransformation' + - required: + - aggregateOn + type: object + properties: + aggregateOn: + type: array + description: A list of dimensions that should be aggregated on. + example: + - metric + - cluster + items: + type: string + default: [] + BeginBoundedTimeRange: + allOf: + - $ref: '#/components/schemas/ResolvableTimeRange' + - required: + - from + type: object + properties: + from: + $ref: '#/components/schemas/TimeRangeBoundary' + to: + $ref: '#/components/schemas/TimeRangeBoundary' + CompleteLiteralTimeRange: + allOf: + - $ref: '#/components/schemas/ResolvableTimeRange' + - required: + - rangeName + type: object + properties: + rangeName: + pattern: ^(today|yesterday|previous_week|previous_month)$ + type: string + description: "Name of the complete time range. Possible values are: -\ + \ `today`, - `yesterday`, - `previous_week`, - `previous_month`." + example: previous_month + x-pattern-message: "must be one of the following: `today`, `yesterday`,\ + \ `previous_week`, `previous_month`" + EpochTimeRangeBoundary: + allOf: + - $ref: '#/components/schemas/TimeRangeBoundary' + - required: + - epochMillis + type: object + properties: + epochMillis: + type: integer + description: Starting point in time as a number of milliseconds since + the epoch. For example `1538392220000` + format: int64 + example: 1538392220000 + Iso8601TimeRangeBoundary: + allOf: + - $ref: '#/components/schemas/TimeRangeBoundary' + - required: + - iso8601Time + type: object + properties: + iso8601Time: + type: string + description: Starting point in time as a string in ISO 8601 format. For + example `2018-10-01T11:10:20.52+01:00` + format: date-time + example: 2018-10-01T11:10:20.52+01:00 + LiteralTimeRangeBoundary: + allOf: + - $ref: '#/components/schemas/TimeRangeBoundary' + - required: + - rangeName + type: object + properties: + rangeName: + type: string + description: |- + Name of the time range. Possible values are: + - `now`, + - `second`, + - `minute`, + - `hour`, + - `day`, + - `today`, + - `week`, + - `month`, + - `year` + example: week + RelativeTimeRangeBoundary: + allOf: + - $ref: '#/components/schemas/TimeRangeBoundary' + - required: + - relativeTime + type: object + properties: + relativeTime: + type: string + description: |- + Relative time as a string consisting of following elements: - `-` (optional): minus sign indicates time in the past, - ``: number of time units, - ``: time unit; possible values are: `w` (week), `d` (day), `h` (hour), `m` (minute), `s` (second). + Multiple pairs of `` may be provided, and they may be in any order. For example, `-2w5d3h` points to the moment in time 2 weeks, 5 days and 3 hours ago. + example: -2w5d3h + ResolvableTimeRange: + required: + - type + type: object + properties: + type: + type: string + description: Type of the time range. Value must be either `CompleteLiteralTimeRange` + or `BeginBoundedTimeRange`. + example: + type: BeginBoundedTimeRange + from: + type: RelativeTimeRangeBoundary + relativeTime: -15m + discriminator: + propertyName: type + TimeRangeBoundary: + required: + - type + type: object + properties: + type: + type: string + description: "Type of the time range boundary. Value must be from list:\ + \ - `RelativeTimeRangeBoundary`, - `EpochTimeRangeBoundary`, - `Iso8601TimeRangeBoundary`,\ + \ - `LiteralTimeRangeBoundary`." + example: RelativeTimeRangeBoundary + discriminator: + propertyName: type + Header: + required: + - name + - value + type: object + properties: + name: + type: string + description: Name of the header field. + value: + type: string + description: Value of the header field. + ConnectionSubtype: + pattern: ^(Event|Incident)$ + type: string + description: The subtype of the connection. Valid values are `Event` or `Incident`. + x-pattern-message: must be `Event` or `Incident` + ServiceNowConnection: + allOf: + - $ref: '#/components/schemas/Connection' + - required: + - url + - username + type: object + properties: + url: + type: string + description: URL for the ServiceNow connection. + username: + type: string + description: User name for the ServiceNow connection. + ServiceNowDefinition: + allOf: + - $ref: '#/components/schemas/ConnectionDefinition' + - required: + - password + - url + - username + type: object + properties: + url: + type: string + description: URL for the ServiceNow connection. + example: https://www.google.com + username: + type: string + description: User name for the ServiceNow connection. + password: + type: string + description: User password for the ServiceNow connection. + WebhookConnection: + allOf: + - $ref: '#/components/schemas/Connection' + - required: + - customHeaders + - defaultPayload + - headers + - url + - webhookType + type: object + properties: + url: + type: string + description: URL for the webhook connection. + headers: + type: array + description: List of access authorization headers. + items: + $ref: '#/components/schemas/Header' + customHeaders: + type: array + description: List of custom webhook headers. + items: + $ref: '#/components/schemas/Header' + defaultPayload: + type: string + description: Default payload of the webhook. + webhookType: + $ref: '#/components/schemas/ConnectionType' + connectionSubtype: + $ref: '#/components/schemas/ConnectionSubtype' + resolutionPayload: + maxLength: 4096 + type: string + description: Resolution payload of the webhook. + warnings: + type: array + description: Webhook endpoint warning for incorrect variable names and + syntax. + example: "The following variables are not supported: NotSupportedVariable" + items: + type: string + WebhookDefinition: + allOf: + - $ref: '#/components/schemas/ConnectionDefinition' + - required: + - defaultPayload + - url + type: object + properties: + url: + type: string + description: URL for the webhook connection. + example: https://www.google.com + headers: + maxItems: 7995 + type: array + description: List of access authorization headers. + items: + $ref: '#/components/schemas/Header' + default: [] + customHeaders: + maxItems: 5 + type: array + description: List of custom webhook headers. + items: + $ref: '#/components/schemas/Header' + default: [] + defaultPayload: + minLength: 1 + type: string + description: Default payload of the webhook. + webhookType: + $ref: '#/components/schemas/ConnectionType' + connectionSubtype: + $ref: '#/components/schemas/ConnectionSubtype' + resolutionPayload: + maxLength: 4096 + type: string + description: Resolution payload of the webhook. + Layout: + required: + - layoutStructures + - layoutType + type: object + properties: + layoutType: + type: string + description: "The type of panel layout on the Dashboard. For example, Grid,\ + \ Tabs, or Hierarchical. Currently supports `Grid` only." + example: Grid + layoutStructures: + type: array + description: Layout structures for the panel childen. + items: + $ref: '#/components/schemas/LayoutStructure' + discriminator: + propertyName: layoutType + Panel: + required: + - key + - panelType + type: object + properties: + id: + type: string + description: Unique identifier for the panel. + example: 2F7D449E3D511066 + key: + type: string + description: | + Key for the panel. Used to create searches for the queries in the panel and configure the layout of the panel in the dashboard. + example: panelca6280e4a75fca45 + title: + type: string + description: Title of the panel. + example: This panel shows memory usage for your kubernetes pod. + visualSettings: + type: string + description: Visual settings of the panel. + example: "{\\\"general\\\":{\\\"type\\\":\\\"column\\\"}" + keepVisualSettingsConsistentWithParent: + type: boolean + description: "Keeps the visual settings, like series colors, consistent\ + \ with the settings of the parent panel." + default: true + panelType: + type: string + description: Type of panel. + example: SumoSearchPanel + discriminator: + propertyName: panelType + SumoSearchPanel: + allOf: + - $ref: '#/components/schemas/Panel' + - required: + - queries + type: object + properties: + queries: + type: array + description: Metrics and log queries of the panel. + items: + $ref: '#/components/schemas/Query' + description: + type: string + description: Description of the panel. + example: This panel gives an overview of CPU metrics for a pod + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + coloringRules: + type: array + description: Rules to set the color of data. + items: + $ref: '#/components/schemas/ColoringRule' + linkedDashboards: + type: array + description: List of linked dashboards. + items: + $ref: '#/components/schemas/LinkedDashboard' + description: A panel that has logs and metrics search queries. + Query: + required: + - queryKey + - queryString + - queryType + type: object + properties: + queryString: + type: string + description: "The metrics, traces or logs query." + example: _sourceCategory=cqsplitter metric=CPU_user | count by _sourceHost + queryType: + pattern: ^(Logs|Metrics|Traces|Spans)$ + type: string + description: "The type of the query, either `Metrics`, `Traces`, `Spans`\ + \ or `Logs`." + example: Logs + x-pattern-message: "Must be `Logs`, `Traces`, `Spans` or `Metrics`" + queryKey: + type: string + description: | + The key for metric, traces or log queries. Used as an identifier for queries. It is displayed on the panel builder and used for display overrides and query toggling. + example: A + metricsQueryMode: + pattern: ^(Basic|Advanced|basic|advanced)$ + type: string + description: | + The mode of the metrics query that the user was editing. Can be `Basic` or `Advanced`. Will ONLY be specified for metrics queries. + example: Basic + x-pattern-message: "Must be `Basic`, or `Advanced`" + metricsQueryData: + $ref: '#/components/schemas/MetricsQueryData' + tracesQueryData: + $ref: '#/components/schemas/TracesQueryData' + spansQueryData: + $ref: '#/components/schemas/SpansQueryData' + parseMode: + pattern: ^(Auto|Manual|Intelliparse)$ + type: string + description: |- + This field only applies for queryType of `Logs` but other query types may be supported in the future. Define the parsing mode to scan the JSON format log messages. Possible values are: + 1. `Auto` + 2. `Manual` + In AutoParse mode, the system automatically figures out fields to parse based on the search query. While in the Manual mode, no fields are parsed out automatically. For more information see [Dynamic Parsing](https://help.sumologic.com/?cid=0011). + example: Auto + default: Auto + x-pattern-message: "Must be either `Auto`,`Manual` or `Intelliparse`" + timeSource: + pattern: ^(Message|Receipt|Searchable)$ + type: string + description: "This field only applies for queryType of `Logs` but other\ + \ query types may be supported in the future. Define the time source of\ + \ this query. Possible values are `Message`, `Receipt`. `Message` will\ + \ use the timeStamp on the message, while `Receipt` will use the timestamp\ + \ it was received by Sumo." + example: Message + default: Message + x-pattern-message: "Must be `Message`, or `Receipt`" + transient: + type: boolean + description: "This field only applies for queryType of `Metrics` but other\ + \ query types may be supported in the future. Determines if the row should\ + \ be returned in the response. Can be used in conjunction with a join,\ + \ if only the result of the join is needed, and not the intermediate rows.\ + \ Setting `transient` to `true` wherever the intermediate results aren't\ + \ required speeds up the computation and reduces the amount of data transferred\ + \ over the network." + default: false + outputCardinalityLimit: + maximum: 3000 + minimum: 1 + type: integer + description: "This field only applies for queryType of `Metrics` but other\ + \ query types may be supported in the future. Specifies the output cardinality\ + \ limitations for the query, which is the maximum number of timeseries\ + \ returned in the result." + format: int32 + example: 1000 + default: 1000 + TextPanel: + allOf: + - $ref: '#/components/schemas/Panel' + - required: + - text + type: object + properties: + text: + type: string + description: Text to display in the panel. + example: Kubernetes pods + description: A panel that has text. + CollapsiblePanel: + allOf: + - $ref: '#/components/schemas/Panel' + - type: object + properties: + collapsed: + type: boolean + description: Indicates whether the panel is collapsed. + example: false + collapsiblePanelChildKeys: + type: array + description: A list of panel keys that will be collapsible. + items: + type: string + description: A panel that contains other panels in a collapsible/expanded + state. + PanelOverride: + required: + - id + - panelType + type: object + properties: + id: + type: string + description: The ID of the panel to override + example: "0000000000001" + panelType: + type: string + description: The type of panel to override. `CollapsiblePanel` controls + collapsible panel behavior. New panel types may be supported in the future. + example: CollapsiblePanel + discriminator: + propertyName: panelType + mapping: + CollapsiblePanel: '#/components/schemas/CollapsiblePanelOverride' + CollapsiblePanelOverride: + allOf: + - $ref: '#/components/schemas/PanelOverride' + - required: + - collapsed + type: object + properties: + collapsed: + type: boolean + description: Whether the collapsible panel should be collapsed in the + report. + example: true + EventsOfInterestScatterPanel: + allOf: + - $ref: '#/components/schemas/Panel' + TracesListPanel: + allOf: + - $ref: '#/components/schemas/Panel' + - type: object + properties: + queries: + maxItems: 6 + type: array + description: Traces queries of the panel. + example: + traceQueryExample: + value: + queryKey: A + queryString: "" + queryType: Traces + tracesQueryData: + filters: + type: FieldDescriptor + items: + $ref: '#/components/schemas/Query' + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + description: A panel for traces list + ServiceMapPanel: + allOf: + - $ref: '#/components/schemas/Panel' + - type: object + properties: + application: + type: string + description: Filter services by the application custom tag. + example: sumologic + service: + type: string + description: Show only the specific service and its connections to other + services. + example: prada + showRemoteServices: + type: boolean + description: "Show remote services, like databases or external calls,\ + \ automatically detected in client traffic." + example: true + environment: + type: string + description: Show only service map data specific to the provided environment. + example: default-environment + description: A panel for service map. + ColoringRule: + required: + - colorThresholds + - multipleSeriesAggregateFunction + - scope + - singleSeriesAggregateFunction + type: object + properties: + scope: + type: string + description: Regex string to match queries to apply coloring to. + example: CPU_* + singleSeriesAggregateFunction: + type: string + description: Function to aggregate one series into one single value. + example: Average + multipleSeriesAggregateFunction: + type: string + description: Function to aggregate the aggregate values of multiple time + series into one single value. + example: Average + colorThresholds: + type: array + description: Color thresholds. + items: + $ref: '#/components/schemas/ColoringThreshold' + Grid: + allOf: + - $ref: '#/components/schemas/Layout' + LayoutStructure: + required: + - key + - structure + type: object + properties: + key: + type: string + description: The identifier of the panel that this structure applies to. + example: panelPANE-3DC454FD977E2A46 + structure: + type: string + description: The structure of a panel. + example: "{\\\"height\\\":5,\\\"width\\\":9,\\\"x\\\":0,\\\"y\\\":0}" + ColoringThreshold: + required: + - color + type: object + properties: + color: + type: string + description: Color for the threshold. + example: FFFFFF + min: + type: number + description: Absolute inclusive threshold to color by. + format: double + example: 0 + max: + type: number + description: Absolute exclusive threshold to color by. + format: double + example: 50 + MetricsQueryData: + required: + - filters + - metric + type: object + properties: + metric: + type: string + description: The metric of the query. + example: CPU_user + aggregationType: + pattern: ^(Count|Minimum|Maximum|Sum|Average|None)$|^$ + type: string + description: "The type of aggregation. Can be `Count`, `Minimum`, `Maximum`,\ + \ `Sum`, `Average` or `None`." + example: Count + x-pattern-message: "Must be `Count`, `Minimum`, `Maximum`, `Sum`, `Average`\ + \ or `None`" + groupBy: + type: string + description: The field to group the results by. + example: _sourceHost + filters: + type: array + description: A list of filters for the metrics query. + items: + $ref: '#/components/schemas/MetricsFilter' + operators: + type: array + description: A list of operator data for the metrics query. + items: + $ref: '#/components/schemas/OperatorData' + description: The data format describing a basic metrics query. + example: + metric: CPU_user + aggregationType: count + groupBy: _sourceHost + filters: + - key: _sourceCategory + value: kubernetes + - key: _sourceHost + value: dep-kubernetes-1 + operators: + operatorName: avg + parameters: + - key: aggregator + value: max + - key: operation + value: "" + - key: value + value: 50 + SpansQueryData: + required: + - filters + - groupBy + - limit + - visualizations + type: object + properties: + filters: + type: array + description: A list of filters for the spans query. + items: + $ref: '#/components/schemas/SpansFilter' + visualizations: + type: array + description: A list of used visualization methods for the spans query. + items: + $ref: '#/components/schemas/SpansVisualization' + groupBy: + type: array + description: A list of group-by clauses for the spans query. + items: + $ref: '#/components/schemas/SpansGroupBy' + limit: + type: array + description: A list of limits that will be applied to the spans query. + items: + $ref: '#/components/schemas/SpansLimitItem' + description: The data format describing a basic spans query. + SpansCountVisualization: + allOf: + - $ref: '#/components/schemas/SpansVisualization' + - type: object + properties: + distinctBy: + type: string + description: A field by which the spans need to be counted. + example: service + description: | + Represents the visualization type where the total number of all spans is counted or where the spans are counted by a specific field. + SpansCalculationVisualization: + allOf: + - $ref: '#/components/schemas/SpansVisualization' + - required: + - aggregator + - field + type: object + properties: + field: + type: string + description: A field by which the spans are aggregated. + example: duration + aggregator: + $ref: '#/components/schemas/SpanCalculationAggregator' + description: | + Represents the visualization type where a specific aggregation by a particular field is applied to all spans / all grouped spans. + SpansFilterStandaloneKey: + allOf: + - $ref: '#/components/schemas/SpansFilter' + - type: object + description: | + A representation of a span filter where only a single filtering key is provided. The given value is then looked up in all span data. + SpansFilterKeyValuePair: + allOf: + - $ref: '#/components/schemas/SpansFilter' + - required: + - fieldValue + - operator + type: object + properties: + operator: + pattern: ^(<|<=|>|>=|=|!=)$ + type: string + description: A symbol that indicates an operation to be performed between + a `fieldName` and `fieldValue`. + example: < + x-pattern-message: "Must be `<`, `<=`, `>`, `>=`, `=` or `!=`" + fieldValue: + type: string + description: The second argument of the operation applied to a `fieldName`. + example: some_service + description: | + A representation of a span filter where both the field name and field value are provided, e.g. http.response.status_code > 500. + SpansTimeGroupBy: + allOf: + - $ref: '#/components/schemas/SpansGroupBy' + - required: + - fieldValue + type: object + properties: + fieldValue: + pattern: "^[0-9]+(w|d|h|m|s)$" + type: string + description: | + A fixed interval grouping in the following format <#>, supported values are weeks (w), days (d), hours (h), minutes (m), and seconds (s). + example: 5m + description: | + A representation of a group-by clause where results are bucketed based on a fixed interval are created, e.g. five-minute buckets. + SpansFieldGroupBy: + allOf: + - $ref: '#/components/schemas/SpansGroupBy' + - required: + - fieldName + type: object + properties: + fieldName: + type: string + description: A name of the field to group by. + example: http.response.status_code + description: | + A representation of a group-by clause where results are bucketed based on a grouping by a specific field. + SpanCalculationAggregator: + required: + - key + type: object + properties: + key: + pattern: ^(sum|avg|max|min|pct)$ + type: string + description: A specific aggregation type applied to spans. + example: sum + x-pattern-message: "Must be `sum`, `avg`, `max`, `min` or `pct`" + discriminator: + propertyName: key + mapping: + sum: '#/components/schemas/SpanCalculationSumAggregator' + avg: '#/components/schemas/SpanCalculationAvgAggregator' + max: '#/components/schemas/SpanCalculationMaxAggregator' + min: '#/components/schemas/SpanCalculationMinAggregator' + pct: '#/components/schemas/SpanCalculationPctAggregator' + SpanCalculationSumAggregator: + allOf: + - $ref: '#/components/schemas/SpanCalculationAggregator' + - type: object + SpanCalculationAvgAggregator: + allOf: + - $ref: '#/components/schemas/SpanCalculationAggregator' + - type: object + SpanCalculationMaxAggregator: + allOf: + - $ref: '#/components/schemas/SpanCalculationAggregator' + - type: object + SpanCalculationMinAggregator: + allOf: + - $ref: '#/components/schemas/SpanCalculationAggregator' + - type: object + SpanCalculationPctAggregator: + allOf: + - $ref: '#/components/schemas/SpanCalculationAggregator' + - required: + - percentile + type: object + properties: + percentile: + type: number + description: The specified percentile of a given field. + format: double + example: 95 + MetricsFilter: + required: + - value + type: object + properties: + key: + type: string + description: The key of the metrics filter. + example: _sourceCategory + value: + type: string + description: The value of the metrics filter. + example: kubernetes + negation: + type: boolean + description: Whether or not the metrics filter is negated. + example: false + description: The filter for metrics query. + example: + key: _sourceCategory + value: cqmerger + negation: false + VariablesValuesData: + required: + - data + type: object + properties: + data: + maxProperties: 1000 + type: object + additionalProperties: + type: array + items: + type: string + description: Data for variable values. + default: {} + richData: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/VariableValuesData' + description: "A rich form of data for the variable search, including variable\ + \ values, status and variable type. This field is different from `data`\ + \ in that it includes an object instead of list as the value in the map.\ + \ The `data` field is kept for backwards compatibility, please use `richData`\ + \ for all usages going forward." + GenerateReportRequest: + required: + - action + - exportFormat + - template + - timezone + type: object + properties: + action: + $ref: '#/components/schemas/ReportAction' + exportFormat: + pattern: ^(Pdf|Png)$ + type: string + description: File format of the report. Can be `Pdf` or `Png`. `Pdf` is + portable document format. `Png` is portable graphics image format. + example: Pdf + x-pattern-message: "should be one of the following: 'Pdf', 'Png'" + timezone: + type: string + description: "Time zone for the query time ranges. Follow the format in\ + \ the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + template: + $ref: '#/components/schemas/Template' + ReportAction: + required: + - actionType + type: object + properties: + actionType: + pattern: ^DirectDownloadReportAction$ + type: string + description: Type of action. + example: DirectDownloadReportAction + x-pattern-message: should be 'DirectDownloadReportAction' + description: The base class of all report action types. `DirectDownloadReportAction` + downloads dashboard from browser. New action types may be supported in the + future. + discriminator: + propertyName: actionType + DirectDownloadReportAction: + allOf: + - $ref: '#/components/schemas/ReportAction' + - type: object + description: Generate a direct download report action. + Template: + required: + - templateType + type: object + properties: + templateType: + pattern: ^(DashboardTemplate|DashboardReportModeTemplate)$ + type: string + description: The type of template. `DashboardTemplate` provides a snapshot + view of the exported dashboard. `DashboardReportModeTemplate` provides + a printer-friendly view of the exported dashboard. New templates may be + supported in the future. + example: DashboardTemplate + x-pattern-message: "Must be `DashboardTemplate`, or `DashboardReportModeTemplate`" + discriminator: + propertyName: templateType + DashboardTemplate: + allOf: + - $ref: '#/components/schemas/Template' + - required: + - id + type: object + properties: + id: + type: string + description: Id of the dashboard. + example: B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2 + panelToSessionIdMap: + type: object + additionalProperties: + type: string + description: | + A map of panel to session id. The session id will be used to fetch data of the panel for the report. If not specified, a new session id will be created for the panel. + example: + "1": 64 + "2": 128 + "3": 192 + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + variableValues: + $ref: '#/components/schemas/VariablesValuesData' + panelOverrides: + type: array + description: Override settings for panels in the report + example: + - id: "0000000000001" + panelType: CollapsiblePanel + collapsed: true + - id: "0000000000002" + panelType: CollapsiblePanel + collapsed: false + items: + $ref: '#/components/schemas/PanelOverride' + description: Generate the report from a dashboard template. + DashboardReportModeTemplate: + allOf: + - $ref: '#/components/schemas/DashboardTemplate' + - type: object + description: Generate the report from a dashboard template in report mode. + DashboardSearchSessionIds: + required: + - data + type: object + properties: + data: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Map of search keys to session ids. + default: {} + errors: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/ErrorResponse' + description: Error description for the session keys that failed validation. + Variable: + required: + - name + - sourceDefinition + type: object + properties: + id: + type: string + description: Unique identifier for the variable. + name: + maxLength: 256 + type: string + description: Name of the variable. The variable name is case-insensitive. + example: _sourceHost + displayName: + maxLength: 256 + type: string + description: | + Display name of the variable shown in the UI. If this field is empty, the name field will be used. + The display name is case-insensitive. Only numbers, and underscores are allowed in the variable name. + This field is not yet supported by the UI. + example: Source Host + defaultValue: + type: string + description: Default value of the variable. + example: default_value + sourceDefinition: + $ref: '#/components/schemas/VariableSourceDefinition' + allowMultiSelect: + type: boolean + description: Allow multiple selections in the values dropdown. + example: false + default: false + includeAllOption: + type: boolean + description: Include an "All" option at the top of the variable's values + dropdown. + example: true + default: true + hideFromUI: + type: boolean + description: Hide the variable in the dashboard UI. + example: false + default: false + valueType: + type: string + description: | + The type of value of the variable. Allowed values are `String`, Any` and `Numeric`. - `String` considers as a single phrase and will wrap in double-quotes. - `Any` is all characters. - `Numeric` consists of a numeric value for variables, it will be displayed differently in the UI. - `Integer` is a variable with an `Int` value. - `Long` is a variable with a `Long` value. - `Double` is a variable with a `Double` value. - `Boolean` is a variable with a `Boolean` value. + example: Any + default: Any + VariableSourceDefinition: + required: + - variableSourceType + type: object + properties: + variableSourceType: + type: string + description: Source type of the variable values. + example: MetadataVariableSourceDefinition + discriminator: + propertyName: variableSourceType + MetadataVariableSourceDefinition: + allOf: + - $ref: '#/components/schemas/VariableSourceDefinition' + - required: + - filter + - key + type: object + properties: + filter: + maxLength: 65536 + type: string + description: A metrics query to filter the metadata catalog. + example: _sourceHost=prod-* metric=CPU_Idle + key: + type: string + description: Return the values for this given key. + example: _sourceCategory + description: Variable with values that are powered by a metadata search. + CsvVariableSourceDefinition: + allOf: + - $ref: '#/components/schemas/VariableSourceDefinition' + - required: + - values + type: object + properties: + values: + maxLength: 65536 + type: string + description: Comma separated values for the variable. + example: "host1, host2" + description: Variable with values that are powered by a csv file. + LogQueryVariableSourceDefinition: + allOf: + - $ref: '#/components/schemas/VariableSourceDefinition' + - required: + - field + - query + type: object + properties: + query: + maxLength: 65536 + type: string + description: A log query. + example: "_sourceCategory=forge error | parse \"[pod=*]\" podid | count\ + \ by podid" + field: + maxLength: 65536 + type: string + description: A field in log query to populate the variable values. + example: podid + description: Variable with values that are powered by a log query. + VariableValuesLogQueryRequest: + required: + - field + - query + type: object + properties: + query: + type: string + description: The original log query of the variable. + example: _sourceCategory=forge | count by _sourceHost + field: + type: string + description: A field in log query to populate the variable values. + example: _sourceHost + variablesValues: + $ref: '#/components/schemas/VariablesValuesData' + description: The request to get a log query to populate variable values. + TopologySearchLabel: + required: + - key + - value + type: object + properties: + key: + type: string + description: Key of a topology label to search for. + value: + type: string + description: Value of a topology label to search for. + isRequired: + type: boolean + description: | + Whether the content item is required to contain this label in order to be matched. If true, content items without this label will not be matched. If false, content items without this label will be matched. + description: | + Topology label to search for. Each label has a key and a list of values. If a value is `*`, it means we want to match for all values of the label's key. + example: + key: pod + value: '*' + isRequired: true + AlertSearchNotificationSyncDefinition: + allOf: + - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition' + - required: + - sourceId + type: object + properties: + sourceId: + type: string + description: A String value to uniquely identify a Collector's Source. + EmailSearchNotificationSyncDefinition: + allOf: + - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition' + - required: + - toList + type: object + properties: + toList: + type: array + description: A list of email recipients. + items: + type: string + subjectTemplate: + type: string + description: "If the notification is scheduled with a threshold, the default\ + \ subject template will be \"Search Alert: {{AlertCondition}} results\ + \ found for {{SearchName}}\". For email notifications without a threshold,\ + \ the default subject template is \"Search Results: {{SearchName}}\"\ + ." + includeQuery: + type: boolean + description: A boolean value to indicate if the search query should be + included in the notification email. + default: true + includeResultSet: + type: boolean + description: A boolean value to indicate if the search result set should + be included in the notification email. + default: true + includeHistogram: + type: boolean + description: A boolean value to indicate if the search result histogram + should be included in the notification email. + default: true + includeCsvAttachment: + type: boolean + description: A boolean value to indicate if the search results should + be included in the notification email as a CSV attachment. + default: false + FolderSyncDefinition: + allOf: + - $ref: '#/components/schemas/ContentSyncDefinition' + - required: + - children + type: object + properties: + description: + type: string + description: An optional description for the folder. + children: + type: array + description: "The items in the folder, a list of Dashboard and/or Folder\ + \ items." + items: + $ref: '#/components/schemas/ContentSyncDefinition' + QueryParameterSyncDefinition: + required: + - autoComplete + - dataType + - description + - label + - name + - value + type: object + properties: + name: + type: string + description: The name of the parameter. + label: + type: string + description: The label of the parameter. + description: + type: string + description: A description of the parameter. + dataType: + type: string + description: |- + The data type of the parameter. Supported values are: + 1. `NUMBER` + 2. `STRING` + 3. `QUERY_FRAGMENT` + 4. `SEARCH_KEYWORD` + value: + type: string + description: A value for the parameter. Should be compatible with the type + set in dataType field. + autoComplete: + $ref: '#/components/schemas/ParameterAutoCompleteSyncDefinition' + LogSearchQueryParameterSyncDefinition: + type: object + allOf: + - $ref: '#/components/schemas/LogSearchQueryParameterSyncDefinitionBase' + - required: + - autoComplete + - dataType + - name + - value + type: object + properties: + autoComplete: + $ref: '#/components/schemas/LogSearchParameterAutoCompleteSyncDefinition' + LogSearchParameterAutoCompleteSyncDefinition: + required: + - autoCompleteType + type: object + properties: + autoCompleteType: + type: string + description: The autocomplete parameter type. + discriminator: + propertyName: autoCompleteType + mapping: + None: '#/components/schemas/NoneAutoCompleteSyncDefinition' + TextEntries: '#/components/schemas/TextEntriesAutoCompleteSyncDefinition' + LabelValuePairs: '#/components/schemas/LabelValuePairsAutoCompleteSyncDefinition' + ValueOnlyLookup: '#/components/schemas/ValueOnlyLookupAutoCompleteSyncDefinition' + LabelValueLookup: '#/components/schemas/LabelValueLookupAutoCompleteSyncDefinition' + NoneAutoCompleteSyncDefinition: + allOf: + - $ref: '#/components/schemas/LogSearchParameterAutoCompleteSyncDefinition' + - type: object + TextEntriesAutoCompleteSyncDefinition: + allOf: + - $ref: '#/components/schemas/LogSearchParameterAutoCompleteSyncDefinition' + - required: + - autoCompleteKey + type: object + properties: + autoCompleteKey: + type: string + description: The autocomplete key to be used to fetch autocomplete values. + example: Ephemeral-3644138589235809747-1583470806220-parameter + LabelValuePairsAutoCompleteSyncDefinition: + allOf: + - $ref: '#/components/schemas/LogSearchParameterAutoCompleteSyncDefinition' + - required: + - autoCompleteKey + type: object + properties: + autoCompleteKey: + type: string + description: The autocomplete key to be used to fetch autocomplete values. + example: Ephemeral-3644138589235809747-1583470806220-parameter + ValueOnlyLookupAutoCompleteSyncDefinition: + allOf: + - $ref: '#/components/schemas/LogSearchParameterAutoCompleteSyncDefinition' + - required: + - autoCompleteKey + - lookupFileName + - lookupValueColumn + type: object + properties: + autoCompleteKey: + type: string + description: The autocomplete key to be used to fetch autocomplete values. + example: Ephemeral-3644138589235809747-1583470806220-parameter + lookupFileName: + type: string + description: The lookup file to use as a source for autocomplete values. + lookupValueColumn: + type: string + description: The column from the lookup file to fill the actual value + when a particular label is selected. + LabelValueLookupAutoCompleteSyncDefinition: + allOf: + - $ref: '#/components/schemas/LogSearchParameterAutoCompleteSyncDefinition' + - required: + - autoCompleteKey + - lookupFileName + - lookupLabelColumn + - lookupValueColumn + type: object + properties: + autoCompleteKey: + type: string + description: The autocomplete key to be used to fetch autocomplete values. + example: Ephemeral-3644138589235809747-1583470806220-parameter + lookupFileName: + type: string + description: The lookup file to use as a source for autocomplete values. + lookupLabelColumn: + type: string + description: The column from the lookup file to use for autocomplete labels. + lookupValueColumn: + type: string + description: The column from the lookup file to fill the actual value + when a particular label is selected. + DashboardSyncDefinition: + allOf: + - $ref: '#/components/schemas/ContentSyncDefinition' + - required: + - description + - detailLevel + - filters + - panels + - properties + type: object + properties: + description: + type: string + description: A description of the dashboard. + detailLevel: + type: integer + description: |- + Supported values are: + - `1` for small + - `2` for medium + - `3` for large + properties: + type: string + description: Visual settings for the panel. + panels: + type: array + description: The panels of the dashboard. _Dashboard links are not supported._ + items: + $ref: '#/components/schemas/ReportPanelSyncDefinition' + filters: + type: array + description: The filters for the dashboard. Filters allow you to control + the amount of information displayed in your dashboards. + items: + $ref: '#/components/schemas/ReportFilterSyncDefinition' + MewboardSyncDefinition: + allOf: + - $ref: '#/components/schemas/ContentSyncDefinition' + - required: + - title + type: object + properties: + description: + maxLength: 65546 + type: string + description: A description of the dashboard. + example: "A view of pods, namespaces and nodes of your cluster." + title: + maxLength: 255 + minLength: 1 + type: string + description: The title of the dashboard. + example: Kubernetes Dashboard + theme: + pattern: ^(light|dark|Light|Dark)$ + type: string + description: Theme for the dashboard. Must be `light` or `dark`. + example: light + default: light + x-pattern-message: "Must be `Light`, or `Dark`" + topologyLabelMap: + $ref: '#/components/schemas/TopologyLabelMap' + refreshInterval: + type: integer + description: Interval of time (in seconds) to automatically refresh the + dashboard. A value of 0 means we never automatically refresh the dashboard. + format: int32 + example: 5 + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + layout: + $ref: '#/components/schemas/Layout' + panels: + type: array + description: Children panels that the container panel contains. + items: + $ref: '#/components/schemas/Panel' + variables: + type: array + description: Variables that could be applied to the panel's children. + items: + $ref: '#/components/schemas/Variable' + coloringRules: + type: array + description: Coloring rules to color the panel/data with. + items: + $ref: '#/components/schemas/ColoringRule' + DashboardV2SyncDefinition: + allOf: + - $ref: '#/components/schemas/ContentSyncDefinition' + - required: + - title + type: object + properties: + description: + maxLength: 65546 + type: string + description: A description of the dashboard. + example: "A view of pods, namespaces and nodes of your cluster." + title: + maxLength: 255 + minLength: 1 + type: string + description: The title of the dashboard. + example: Kubernetes Dashboard + theme: + pattern: ^(light|dark|Light|Dark)$ + type: string + description: Theme for the dashboard. Must be `light` or `dark`. + example: light + default: light + x-pattern-message: "Must be `Light`, or `Dark`" + topologyLabelMap: + $ref: '#/components/schemas/TopologyLabelMap' + refreshInterval: + type: integer + description: Interval of time (in seconds) to automatically refresh the + dashboard. A value of 0 means we never automatically refresh the dashboard. + format: int32 + example: 5 + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + layout: + $ref: '#/components/schemas/Layout' + panels: + type: array + description: Children panels that the container panel contains. + items: + $ref: '#/components/schemas/Panel' + variables: + type: array + description: Variables that could be applied to the panel's children. + items: + $ref: '#/components/schemas/Variable' + coloringRules: + type: array + description: Coloring rules to color the panel/data with. + items: + $ref: '#/components/schemas/ColoringRule' + schedules: + type: array + description: Dashboard report schedules. + items: + $ref: '#/components/schemas/ReportScheduleSyncDefinition' + NotificationThresholdSyncDefinition: + required: + - count + - operator + type: object + properties: + thresholdType: + type: string + description: |- + This property is deprecated. The system will automatically infer the value of this field from the query going forward, so the user-specified value will no longer be honored. + Threshold type. Possible values are: + 1. `message` + 2. `group` + + Use `group` as threshold type if the search query is of aggregate type. For non-aggregate queries, set it to `message`. + deprecated: true + operator: + pattern: ^(eq|gt|ge|lt|le)$ + type: string + description: |- + Criterion to be applied when comparing actual result count with expected count. Possible values are: + 1. `eq` + 2. `gt` + 3. `ge` + 4. `lt` + 5. `le` + x-pattern-message: "must be one of the following: `eq`, `gt`, `ge`, `lt`,\ + \ or `le`" + count: + type: integer + description: Expected result count. + ReportFilterSyncDefinition: + required: + - fieldName + - filterType + - label + - panelIds + - properties + type: object + properties: + fieldName: + type: string + description: "The name af the field being filtered on, as listed in PanelField." + label: + type: string + description: "The name of the field being filtered on, as displayed to the\ + \ user." + defaultValue: + type: string + description: The default value of the parameter. + filterType: + type: string + description: Type of filter. Can only be `numeric` or `textbox`. + properties: + type: string + description: Visual settings for the panel. + panelIds: + type: array + description: A list of panel identifiers that the filter applies to. + items: + type: string + ReportPanelSyncDefinition: + required: + - detailLevel + - height + - id + - metricsQueries + - name + - properties + - queryParameters + - queryString + - timeRange + - viewerType + - width + - x + - "y" + type: object + properties: + name: + type: string + description: The title of the panel. + viewerType: + type: string + description: |- + Type of [area chart](https://help.sumologic.com/Dashboards-and-Alerts/Dashboards/Chart-Panel-Types). Supported values are: + 1. `table` for Table + 2. `bar` for Bar Chart + 3. `column` for Column Chart + 4. `line` for Line Chart + 5. `area` for Area Chart + 6. `pie` for Pie Chart + 7. `svv` for Single Value Viewer + 8. `title` for Title Panel + 9. `text` for Text Panel + + Values 1-7 are used for Data Panels. + detailLevel: + type: integer + description: |- + Supported values are: + - `1` for small + - `2` for medium + - `3` for large + queryString: + type: string + description: "The query to run, for panels associated to log searches." + metricsQueries: + type: array + description: "The query or queries to run, for panels associated to metrics\ + \ searches." + items: + $ref: '#/components/schemas/MetricsQuerySyncDefinition' + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + x: + type: integer + description: The horizontal position of the panel. A sumo screen is divided + into 24 columns. The value for x can be any integer from 0 to 24. + "y": + type: integer + description: The vertical position of the panel. A sumo screen is divided + into 24 rows. The value for y can be any integer from 0 to 24. + width: + type: integer + description: The width of the panel. + height: + type: integer + description: The height of the panel. + properties: + type: string + description: Visual settings for the panel. + id: + type: string + description: A string identifier that you can use to refer to the panel + in filters.panelIds. + desiredQuantizationInSecs: + type: integer + description: The quantization interval aligns your time series data to common + intervals on the time axis (for example every one minute) to optimize + the visualization and performance. + queryParameters: + type: array + description: The parameters for parameterized searches. + items: + $ref: '#/components/schemas/QueryParameterSyncDefinition' + autoParsingInfo: + $ref: '#/components/schemas/ReportAutoParsingInfo' + SavedSearchWithScheduleSyncDefinition: + allOf: + - $ref: '#/components/schemas/ContentSyncDefinition' + - required: + - description + - search + type: object + properties: + search: + $ref: '#/components/schemas/SavedSearchSyncDefinition' + searchSchedule: + $ref: '#/components/schemas/SearchScheduleSyncDefinition' + description: + type: string + description: Description of the saved search. + SavedSearchWithScheduleAndDependencySyncDefinition: + allOf: + - $ref: '#/components/schemas/ContentSyncDefinition' + - required: + - description + - search + type: object + properties: + search: + $ref: '#/components/schemas/SavedSearchSyncDefinition' + scheduleWithDependency: + $ref: '#/components/schemas/SearchScheduleWithDependencySyncDefinition' + description: + type: string + description: Description of the saved search. + SavedSearchSyncDefinition: + allOf: + - $ref: '#/components/schemas/SavedSearchSyncDefinitionBase' + - required: + - defaultTimeRange + type: object + properties: + defaultTimeRange: + type: string + description: |- + Default time range for the search. Possible types of time ranges are: + - relative time range: e.g. "-1d -12h" represents a time range from one day ago to 12 hours ago. + - absolute time range: e.g. "01-04-2017 20:32:00 to 01-04-2017 20:35:00" represents a time range + from April 1st, 2017 at 8:32 PM until April 1st, 2017 at 8:35 PM. + SaveToViewNotificationSyncDefinition: + allOf: + - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition' + - required: + - viewName + type: object + properties: + viewName: + type: string + description: Name of the View to save the notification to. + SaveToLookupNotificationSyncDefinition: + allOf: + - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition' + - required: + - isLookupMergeOperation + - lookupFilePath + type: object + properties: + lookupFilePath: + type: string + description: The path of the lookup table that will store the results + of the scheduled search. + example: /personal/folder/testLookupTable + isLookupMergeOperation: + type: boolean + description: This indicates whether the file contents will be merged with + existing data in the lookup table or not. If this is true then data + with the same primary keys will be updated while the rest of the rows + will be appended. + example: false + ScheduleNotificationSyncDefinition: + required: + - taskType + type: object + properties: + taskType: + type: string + description: Delivery channel for notifications. + discriminator: + propertyName: taskType + ScheduleSearchParameterSyncDefinition: + required: + - name + - value + type: object + properties: + name: + maxLength: 60 + type: string + description: Name of scheduled search parameter. + value: + maxLength: 300 + type: string + description: Value of scheduled search parameter. + SearchScheduleSyncDefinition: + required: + - notification + - parseableTimeRange + - scheduleType + - timeZone + type: object + properties: + cronExpression: + type: string + description: "Cron-like expression specifying the search's schedule. Field\ + \ scheduleType must be set to \"Custom\", otherwise, scheduleType takes\ + \ precedence over cronExpression." + example: 0 0/15 * * * ? * + displayableTimeRange: + type: string + description: "A human-friendly text describing the query time range. For\ + \ e.g. \"-2h\", \"last three days\", \"team default time\". This value\ + \ can not be set via API." + example: -2h + parseableTimeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + timeZone: + type: string + description: "Time zone identifier for time specification. Either an abbreviation\ + \ such as \"PST\", a full name such as \"America/Los_Angeles\", or a custom\ + \ ID such as \"GMT-8:00\". Note that the support of abbreviations is for\ + \ JDK 1.1.x compatibility only and full names should be used." + threshold: + $ref: '#/components/schemas/NotificationThresholdSyncDefinition' + notification: + $ref: '#/components/schemas/ScheduleNotificationSyncDefinition' + scheduleType: + type: string + description: |- + Run schedule of the scheduled search. Set to "Custom" to specify the schedule with a CRON expression.Please note that with Custom, 1Day and 1Week schedule types you need to provide the corresponding cron expression to determine when to actually run the search. e.g. Sample Valid Cron for 1Day is "0 0 16 ? * 2-6 *". Possible schedule types are: + - `RealTime` + - `15Minutes` + - `1Hour` + - `2Hours` + - `4Hours` + - `6Hours` + - `8Hours` + - `12Hours` + - `1Day` + - `1Week` + - `Custom` + muteErrorEmails: + type: boolean + description: "If enabled, emails are not sent out in case of errors with\ + \ the search." + parameters: + maxLength: 50 + type: array + description: A list of scheduled search parameters. + items: + $ref: '#/components/schemas/ScheduleSearchParameterSyncDefinition' + ServiceNowSearchNotificationSyncDefinition: + allOf: + - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition' + - required: + - externalId + type: object + properties: + externalId: + type: string + description: ServiceNow identifier. + fields: + $ref: '#/components/schemas/ServiceNowFieldsSyncDefinition' + ServiceNowFieldsSyncDefinition: + type: object + properties: + eventType: + type: string + description: The category that the event source uses to identify the event. + severity: + type: integer + description: |- + An integer value representing the severity of the alert. Supported values are: + - `0` for Clear + - `1` for Critical + - `2` for Major + - `3` for Minor + - `4` for Warning + resource: + type: string + description: The component on the node to which the event applies. + node: + type: string + description: The physical or virtual device on which the event occurred. + WebhookSearchNotificationSyncDefinition: + allOf: + - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition' + - required: + - webhookId + type: object + properties: + webhookId: + type: string + description: Identifier of the webhook connection. + payload: + type: string + description: "A JSON object in the format required by the target WebHook\ + \ URL. For details on variables that can be used as parameters within\ + \ your JSON object, please refer to Sumo Logic Doc Hub." + itemizeAlerts: + type: boolean + description: "If this field is set to true, one webhook per result will\ + \ be sent when the trigger conditions are met" + example: true + default: false + maxItemizedAlerts: + minimum: 0 + type: integer + description: The maximum number of results for which we send separate + alerts. This value should be between 1 and 100. + format: int32 + example: 10 + CseSignalNotificationSyncDefinition: + allOf: + - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition' + - required: + - recordType + type: object + properties: + recordType: + type: string + description: Name of the Cloud SIEM Enterprise Record to be created. + MetricsSavedSearchSyncDefinition: + allOf: + - $ref: '#/components/schemas/ContentSyncDefinition' + - required: + - desiredQuantizationInSecs + - metricsQueries + - timeRange + type: object + properties: + description: + maxLength: 8192 + type: string + description: Item description in the content library. + example: Long and detailed description + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + logQuery: + maxLength: 10240 + type: string + description: Query used to add an overlay to the chart. + example: my_metric | timeslice 1m | count by _timeslice + metricsQueries: + type: array + description: Metrics queries. + items: + $ref: '#/components/schemas/MetricsSavedSearchQuerySyncDefinition' + desiredQuantizationInSecs: + minimum: 0 + type: integer + description: Desired quantization in seconds. + format: int32 + example: 60 + properties: + type: string + description: Chart properties. This field is optional. + example: "{ \\\"key\\\": \\\"value\\\" }" + MetricsSearchSyncDefinition: + allOf: + - $ref: '#/components/schemas/ContentSyncDefinition' + - required: + - queries + - timeRange + type: object + properties: + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + description: + type: string + description: Description of the metrics search page. + example: CPU and memory utilization for RDS cluster + queries: + type: array + description: Queries of the metrics search page. + example: + - queryString: CPU_Idle Namespace=RDS + queryType: Metrics + queryKey: A + - queryString: Mem_Used Namespace=RDS + queryType: Metrics + queryKey: B + items: + $ref: '#/components/schemas/Query' + visualSettings: + type: string + description: | + Visual settings of the metrics search page. Must be a string representing a valid JSON object. + example: "{\"title\": {\"fontsize\": 9}}" + LookupTableSyncDefinition: + allOf: + - $ref: '#/components/schemas/ContentSyncDefinition' + - $ref: '#/components/schemas/ExportableLookupTableInfo' + CollectorRegistrationTokenResponse: + allOf: + - $ref: '#/components/schemas/TokenBaseResponse' + - required: + - encodedTokenAndUrl + type: object + properties: + encodedTokenAndUrl: + type: string + description: The token and URL used to register the Collector as an encoded + string. + CollectorResourceIdentity: + allOf: + - $ref: '#/components/schemas/ResourceIdentity' + OrgIdentity: + allOf: + - $ref: '#/components/schemas/ResourceIdentity' + SourceResourceIdentity: + allOf: + - $ref: '#/components/schemas/ResourceIdentity' + - type: object + properties: + collectorId: + type: string + description: The unique identifier of the Collector this Source belongs + to. + default: Unknown + collectorName: + type: string + description: The name of the Collector this Source belongs to. + default: Unknown + IngestBudgetResourceIdentity: + allOf: + - $ref: '#/components/schemas/ResourceIdentity' + - type: object + properties: + ingestBudgetFieldValue: + type: string + description: The unique field value of the ingest budget v1. This will + be empty for v2 budgets. + default: Unknown + scope: + type: string + description: The scope of the ingest budget v2. This will be empty for + v1 budgets. + default: Unknown + budgetType: + type: string + description: "The type of budget. Supported values are: * `dailyVolume`\ + \ * `minuteVolume`" + LogsToMetricsRuleIdentity: + allOf: + - $ref: '#/components/schemas/ResourceIdentity' + ScheduledViewResourceIdentity: + allOf: + - $ref: '#/components/schemas/ResourceIdentity' + CollectorLimitApproachingTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + OTCollectorLimitApproachingTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + AgentRemoteConfigStatusTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - type: object + properties: + CustomerId: + type: string + description: The CustomerId. + message: + type: string + description: The error message. + GcpMetricsCollectionBrokenTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + OAuthRefreshFailedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - type: object + properties: + exceptionType: + type: string + description: The type of exception received while attempting OAuth. + exceptionMessage: + type: string + description: The error message received with the failed OAuth request. + IngestBudgetExceededTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/DataIngestAffectedTracker' + CollectionAffectedDueToIngestBudgetTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/DataIngestAffectedTracker' + - type: object + properties: + associatedBudgetNames: + type: string + description: The list of budget names. + CollectionS3AccessDeniedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/S3CollectionErrorTracker' + - type: object + properties: + bucketName: + type: string + description: The bucket name of the associated Source. + accessKey: + type: string + description: "The access key used to make the request. In the case of\ + \ IAM roles, this is the temporary key used for authentication." + CollectionS3GetObjectAccessDeniedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/S3CollectionErrorTracker' + - type: object + properties: + bucketName: + type: string + description: The bucket name of the associated Source. + accessKey: + type: string + description: "The access key used to make the request. In the case of\ + \ IAM roles, this is the temporary key used for authentication." + CollectionS3InvalidKeyTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/S3CollectionErrorTracker' + - type: object + properties: + accessKey: + type: string + description: "The access key used to make the request. In the case of\ + \ IAM roles, this is the temporary key used for authentication." + CollectionS3ListingFailedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/S3CollectionErrorTracker' + - type: object + properties: + bucketName: + type: string + description: The bucket name of the associated Source. + CollectionS3SlowListingTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/S3CollectionErrorTracker' + - type: object + properties: + bucketName: + type: string + description: The bucket name of the associated Source. + flaggedAfterMinutes: + type: string + description: The number of minutes elapsed in scanning after which this + incident was created. + InstalledCollectorOfflineTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - type: object + properties: + minutesSinceLastHeartbeat: + type: string + description: The number of minutes since the last heartbeat for the collector + was received. + IngestThrottlingTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/DataIngestAffectedTracker' + - type: object + properties: + dataType: + type: string + description: The type of data for which the rate limit was enabled. The + possible values are `LogIngest` and `MetricsIngest`. + AgentOpampConnectionStatusTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - type: object + CollectionInvalidFilePathTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/FileCollectionErrorTracker' + - type: object + properties: + path: + type: string + description: The path to the file. + CollectionPathAccessDeniedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/FileCollectionErrorTracker' + - type: object + properties: + path: + type: string + description: The path to the file. + CollectionRemoteConnectionFailedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/FileCollectionErrorTracker' + CollectionDockerClientBuildingFailedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + CollectionWindowsEventChannelConnectionFailedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + CollectionWindowsHostConnectionFailedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + CollectionAwsMetadataTagsFetchDeniedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + CollectionCloudWatchTagsFetchDeniedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/AwsCloudWatchCollectionErrorTracker' + CollectionCloudWatchListMetricsDeniedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/AwsCloudWatchCollectionErrorTracker' + - type: object + properties: + errorCode: + type: string + description: The error code from AWS for the request made to get metrics. + errorMessage: + type: string + description: The error message from AWS for the request made to get metrics. + CollectionCloudWatchGetStatisticsDeniedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/AwsCloudWatchCollectionErrorTracker' + - type: object + properties: + errorCode: + type: string + description: The error code from AWS for the request made to get metrics. + errorMessage: + type: string + description: The error message from AWS for the request made to get metrics. + CollectionCloudWatchGetStatisticsThrottledTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/AwsCloudWatchCollectionErrorTracker' + MetricsHighCardinalityDetectedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - type: object + properties: + retention: + type: string + description: The retention of metrics that approached the limit. + MetricsCardinalityLimitExceededTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - type: object + properties: + retention: + type: string + description: The retention of metrics that exceeded the limit. + HighCardinalityDimensionDroppedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - type: object + properties: + dimension: + type: string + description: The dropped high cardinality dimension. + LogsToMetricsRuleDisabledTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + SpanIngestLimitExceededTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + CollectionAwsInventoryThrottledTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/AwsInventoryCollectionErrorTracker' + CollectionAwsInventoryUnauthorizedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/AwsInventoryCollectionErrorTracker' + CSEWindowsInvalidConfigurationTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/CSEWindowsErrorTracker' + - type: object + properties: + sensorId: + type: string + description: The sensor ID. + sensorHostname: + type: string + description: The sensor's hostname. + sensorUserName: + type: string + description: The sensor's user name. + CSEWindowsRuntimeErrorTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/CSEWindowsErrorTracker' + - type: object + properties: + sensorId: + type: string + description: The sensor ID. + sensorHostname: + type: string + description: The sensor's hostname. + sensorUserName: + type: string + description: The sensor's user name. + CSEWindowsExcessiveEventLogMonitorsTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/CSEWindowsErrorTracker' + - type: object + properties: + sensorId: + type: string + description: The sensor ID. + sensorHostname: + type: string + description: The sensor's hostname. + sensorUserName: + type: string + description: The sensor's user name. + CSEWindowsRuntimeWarningTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/CSEWindowsErrorTracker' + - type: object + properties: + sensorId: + type: string + description: The sensor ID. + sensorHostname: + type: string + description: The sensor's hostname. + sensorUserName: + type: string + description: The sensor's user name. + CSEWindowsInvalidUserPermissionsTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/CSEWindowsAccessErrorTracker' + - type: object + properties: + sensorId: + type: string + description: The sensor ID. + sensorHostname: + type: string + description: The sensor's hostname. + sensorUserName: + type: string + description: The sensor's user name. + folderPath: + type: string + description: The path of the folder. + filePath: + type: string + description: The complete file path. + source: + type: string + description: The HostName + EventLog name for EventLogs and Domain name + for Directory.. + CSEWindowsWriteQueueFilesToSensorDirectoryFailedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/CSEWindowsAccessErrorTracker' + - type: object + properties: + sensorId: + type: string + description: The sensor ID. + sensorHostname: + type: string + description: The sensor's hostname. + sensorUserName: + type: string + description: The sensor's user name. + folderPath: + type: string + description: The path of the folder. + filePath: + type: string + description: The complete file path. + source: + type: string + description: The HostName + EventLog name for EventLogs and Domain name + for Directory.. + CSEWindowsStorageLimitExceededTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/CSEWindowsSensorOutOfStorageTracker' + - type: object + properties: + sensorId: + type: string + description: The sensor ID. + sensorHostname: + type: string + description: The sensor's hostname. + folderPath: + type: string + description: The path of the folder. + folderSizeLimit: + type: string + description: The complete file path. + currentFolderSize: + type: string + description: Current size of the folder. + percentageAvailableDiskSpaceLimit: + type: string + description: The percentage available disk space limit. + currentPercentageAvailableDiskSpace: + type: string + description: The current percentage available disk space. + lastError: + type: string + description: The last error. + CSEWindowsStorageLimitApproachingTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/CSEWindowsSensorOutOfStorageTracker' + - type: object + properties: + sensorId: + type: string + description: The sensor ID. + sensorHostname: + type: string + description: The sensor's hostname. + folderPath: + type: string + description: The path of the folder. + folderSizeLimit: + type: string + description: The complete file path. + currentFolderSize: + type: string + description: Current size of the folder. + percentageAvailableDiskSpaceLimit: + type: string + description: The percentage available disk space limit. + currentPercentageAvailableDiskSpace: + type: string + description: The current percentage available disk space. + lastError: + type: string + description: The last error. + CSEWindowsErrorAppendingToQueueFilesTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/CSEWindowsSensorOutOfStorageTracker' + - type: object + properties: + sensorId: + type: string + description: The sensor ID. + sensorHostname: + type: string + description: The sensor's hostname. + folderPath: + type: string + description: The path of the folder. + folderSizeLimit: + type: string + description: The complete file path. + currentFolderSize: + type: string + description: Current size of the folder. + percentageAvailableDiskSpaceLimit: + type: string + description: The percentage available disk space limit. + currentPercentageAvailableDiskSpace: + type: string + description: The current percentage available disk space. + lastError: + type: string + description: The last error. + CSEWindowsErrorParsingRecordsTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/CSEWindowsParsingErrorTracker' + - type: object + properties: + sensorId: + type: string + description: The sensor ID. + sensorHostname: + type: string + description: The sensor's hostname. + source: + type: string + description: The HostName + EventLog name for EventLogs and Domain name + for Directory. + errorCount: + type: string + description: The error count. + lastErrorMessage: + type: string + description: The last error message. + CSEWindowsExcessiveFilesPendingUploadTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/CSEWindowsExcessiveBacklogTracker' + - type: object + properties: + sensorId: + type: string + description: The sensor ID. + sensorHostname: + type: string + description: The sensor's hostname. + source: + type: string + description: The HostName + EventLog name for EventLogs and Domain name + for Directory. + lastErrorMessage: + type: string + description: The last error message. + numberOfFilesPending: + type: string + description: The number of files pending upload. + oldestTimestampInQueue: + type: string + description: The oldest timestamp in the queue. + CSEWindowsOldestRecordTimestampExceedsThresholdTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/CSEWindowsExcessiveBacklogTracker' + - type: object + properties: + sensorId: + type: string + description: The sensor ID. + sensorHostname: + type: string + description: The sensor's hostname. + source: + type: string + description: The HostName + EventLog name for EventLogs and Domain name + for Directory. + lastErrorMessage: + type: string + description: The last error message. + numberOfFilesPending: + type: string + description: The number of files pending upload. + oldestTimestampInQueue: + type: string + description: The oldest timestamp in the queue. + CSEWindowsSensorOfflineTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - type: object + properties: + minutesWithNoHeartbeatBeforeMarkingOffline: + type: string + description: The number of minutes without heartbeat after which sensor + is marked offline. + MetricsMetadataKeyLengthLimitExceeded: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker' + MetricsMetadataValueLengthLimitExceeded: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker' + MetricsMetadataKeyValuePairsLimitExceeded: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker' + MetricsMetadataTotalMetadataSizeLimitExceeded: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker' + MetricNameMissingTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/MetricNameErrorTracker' + MetricNameAsMetatagTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/MetricNameErrorTracker' + OTCReceiverNoSpansObservedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/OTCReceiverErrorTracker' + - type: object + properties: + instanceId: + type: string + description: "The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`." + instanceAddress: + type: string + description: "The collector instance address, e.g. `172.16.1.14`." + receiverId: + type: string + description: "The collector receiver ID, e.g. `otlphttp/2`." + OTCReceiverSpansDroppedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/OTCReceiverErrorTracker' + - type: object + properties: + instanceId: + type: string + description: "The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`." + instanceAddress: + type: string + description: "The collector instance address, e.g. `172.16.1.14`." + receiverId: + type: string + description: "The collector receiver ID, e.g. `otlphttp/2`." + count: + type: string + description: The count of dropped spans. + OTCReceiverSpansRefusedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/OTCReceiverErrorTracker' + - type: object + properties: + instanceId: + type: string + description: "The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`." + instanceAddress: + type: string + description: "The collector instance address, e.g. `172.16.1.14`." + receiverId: + type: string + description: "The collector receiver ID, e.g. `otlphttp/2`." + count: + type: string + description: The count of refused spans. + OTCExporterHighFailuresExportingSpansTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/OTCExporterErrorTracker' + - type: object + properties: + instanceId: + type: string + description: "The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`." + instanceAddress: + type: string + description: "The collector instance address, e.g. `172.16.1.14`." + exporterId: + type: string + description: "The collector exporter ID, e.g. `otlphttp`." + count: + type: string + description: The failure count. + OTCExporterLargeTraceBatchesTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/OTCExporterErrorTracker' + - type: object + properties: + instanceId: + type: string + description: "The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`." + instanceAddress: + type: string + description: "The collector instance address, e.g. `172.16.1.14`." + exporterId: + type: string + description: "The collector exporter ID, e.g. `otlphttp`." + count: + type: string + description: The failure count. + OTCProcessHighMemoryUsageTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/OTCProcessErrorTracker' + - type: object + properties: + instanceId: + type: string + description: "The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`." + instanceAddress: + type: string + description: "The collector instance address, e.g. `172.16.1.14`." + memoryUsage: + type: string + description: "The collector memory usage in bytes, e.g. `142606592`" + memoryLimit: + type: string + description: "The collector memory limit (if set) in bytes, e.g. `4000000000`" + OTCProcessSpansDroppedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/OTCProcessErrorTracker' + - type: object + properties: + instanceId: + type: string + description: "The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`." + instanceAddress: + type: string + description: "The collector instance address, e.g. `172.16.1.14`." + processorId: + type: string + description: "The collector processor ID, e.g. `cascading_filter`." + count: + type: string + description: The count of dropped spans. + OTCProcessSpansRefusedTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/OTCProcessErrorTracker' + - type: object + properties: + instanceId: + type: string + description: "The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`." + instanceAddress: + type: string + description: "The collector instance address, e.g. `172.16.1.14`." + processorId: + type: string + description: "The collector processor ID, e.g. `cascading_filter`." + count: + type: string + description: The count of refused spans. + OTCWarningProcessingSpansTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/OTCProcessErrorTracker' + - type: object + properties: + instanceId: + type: string + description: "The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`." + instanceAddress: + type: string + description: "The collector instance address, e.g. `172.16.1.14`." + processorId: + type: string + description: "The collector processor ID, e.g. `cascading_filter`." + message: + type: string + description: The warning message. + OTCErrorProcessingSpansTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/OTCProcessErrorTracker' + - type: object + properties: + instanceId: + type: string + description: "The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`." + instanceAddress: + type: string + description: "The collector instance address, e.g. `172.16.1.14`." + processorId: + type: string + description: "The collector processor ID, e.g. `cascading_filter`." + message: + type: string + description: The error message. + AzureEventHubConnectionErrorTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - type: object + properties: + reason: + type: string + description: The specific reason of the connection error + AzureEventHubPermissionErrorTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - properties: + reason: + type: string + description: The specific reason of the permission error + AzureMetricsInvalidClientSecretTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + AzureMetricsNoAccessibleSubscriptionsTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + FsrTooManyFieldsCreationErrorTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + InstalledCollectorDeprecatedJreTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + PartitionLimitApproachingTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + FieldsLimitApproachingTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + LookupLimitApproachingTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + FerLimitApproachingTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + ScheduledViewFailureTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + OTCollectorNoDataTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + PermissionSubject: + required: + - subjectId + - subjectType + type: object + properties: + subjectType: + pattern: ^(user|role|org)$ + type: string + description: "Type of subject for the permission. Valid values are: `user`\ + \ or `role` or `org`." + example: role + x-pattern-message: "must be one of the following: `user`, `role`, `org`" + subjectId: + type: string + description: "The identifier that belongs to the subject type chosen above.\ + \ For e.g. if the subjectType is set to `user`, subjectId should be the\ + \ identifier of a user (same goes for `role` or `org` subjectType)." + example: 0000000006743FDA + description: Identifier for the entity (subject) that is granted the permission + on resource(s). + PermissionIdentifier: + allOf: + - $ref: '#/components/schemas/PermissionSubject' + - required: + - targetId + type: object + properties: + targetId: + type: string + description: The identifier that belongs to the resource this permission + assignment applies to. + example: 0000000006743FE2 + PermissionIdentifiers: + required: + - permissionIdentifiers + type: object + properties: + permissionIdentifiers: + maxItems: 1000 + minItems: 1 + type: array + description: List of permission identifiers. + items: + $ref: '#/components/schemas/PermissionIdentifier' + PermissionStatementDefinition: + allOf: + - $ref: '#/components/schemas/Permissions' + - required: + - subjectId + - subjectType + - targetId + type: object + properties: + subjectType: + pattern: ^(role|org)$ + type: string + description: "Type of subject for the permission. Valid values are: `role`\ + \ or `org`." + example: role + x-pattern-message: "must be one of the following: `role` or `org`" + subjectId: + type: string + description: "The identifier that belongs to the subject type chosen above.\ + \ For e.g. if the subjectType is set to `role`, subjectId should be\ + \ the identifier of a role. Similarly, if the subjectType is `org`,\ + \ the subjectId should be the identifier of the same org, which owns\ + \ the resource target." + example: 0000000006743FDA + targetId: + type: string + description: The identifier that belongs to the resource this permission + assignment applies to. + example: 0000000006743FE2 + PermissionStatementDefinitions: + required: + - permissionStatementDefinitions + type: object + properties: + permissionStatementDefinitions: + maxItems: 1000 + minItems: 1 + type: array + description: List of permission statement definitions. + items: + $ref: '#/components/schemas/PermissionStatementDefinition' + PermissionStatement: + type: object + allOf: + - $ref: '#/components/schemas/PermissionStatementDefinition' + - $ref: '#/components/schemas/MetadataModel' + PermissionStatements: + required: + - permissionStatements + type: object + properties: + permissionStatements: + type: array + description: A list of permission statements. + items: + $ref: '#/components/schemas/PermissionStatement' + PermissionSummaryMeta: + required: + - isExplicit + - isInherited + - isRecursive + - isRevoked + - isSystemDefined + - name + type: object + properties: + name: + type: string + description: "Name of the permission. Example values are: `Read`, `Update`,\ + \ `Create`, etc." + example: Read + isInherited: + type: boolean + description: A true value implies that the permission is inherited from + some ancestors of the resource. A false value implies that the permission + is explicitly assigned to the resource. + example: true + isExplicit: + type: boolean + description: A true value implies that the permission is explicitly assigned + to the resource. A false value implies that the permission is not explicitly + assigned to the resource. + example: true + isRevoked: + type: boolean + description: A true value implies that the capability required for this + permission has been revoked. + example: true + isRecursive: + type: boolean + description: A true value implies that the permission is recursively cascaded + down to all the direct and indirect children of the resource. + example: true + isSystemDefined: + type: boolean + description: A true value implies that the permission is defined by the + system on the resource and can not be modified by the user. A false value + implies that the permission is defined by the user on the resource and + can be modified by the user. + example: true + description: "Permission Summary with additional information like inheritance,\ + \ revocation, etc about the permission." + PermissionSummaryBySubjects: + description: A list of PermissionSubjects and PermissionSummaryMeta(s) associated + with each subject. + allOf: + - $ref: '#/components/schemas/PermissionSubject' + - required: + - permissionSummaries + type: object + properties: + permissionSummaries: + type: array + items: + $ref: '#/components/schemas/PermissionSummaryMeta' + PermissionSummariesBySubjects: + required: + - permissionSummariesBySubjects + type: object + properties: + permissionSummariesBySubjects: + type: array + description: A list of PermissionSubjects and PermissionSummaryMeta(s) associated + with each subject. + items: + $ref: '#/components/schemas/PermissionSummaryBySubjects' + ListPermissionsResponse: + required: + - permissionStatements + type: object + properties: + permissionStatements: + type: array + description: A list of permission statements. + items: + $ref: '#/components/schemas/PermissionStatement' + Permissions: + required: + - permissions + type: object + properties: + permissions: + type: array + description: List of permissions. + example: + - Read + - Delete + items: + type: string + Email: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - recipients + - subject + type: object + properties: + recipients: + type: array + description: A list of email addresses to send to when the rule fires. + items: + type: string + example: john@doe.com + subject: + type: string + description: The subject line of the email. + example: Sample Email Subject + messageBody: + type: string + description: The message body of the email to send. + example: Sample Email Message Body + timeZone: + type: string + description: "Time zone for the email content. All dates/times will be\ + \ displayed in this timeZone in the email payload. Follow the format\ + \ in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + AWSLambda: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - connectionId + type: object + properties: + connectionId: + type: string + description: The identifier of the connection. + example: 000000000BF39283 + payloadOverride: + type: string + description: The override of the default JSON payload of the connection. + Should be in JSON format. + resolutionPayloadOverride: + type: string + description: The override of the resolution JSON payload of the connection. + Should be in JSON format. + AzureFunctions: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - connectionId + type: object + properties: + connectionId: + type: string + description: The identifier of the connection. + example: 000000000BF39283 + payloadOverride: + type: string + description: The override of the default JSON payload of the connection. + Should be in JSON format. + resolutionPayloadOverride: + type: string + description: The override of the resolution JSON payload of the connection. + Should be in JSON format. + Datadog: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - connectionId + type: object + properties: + connectionId: + type: string + description: The identifier of the connection. + example: 000000000BF39283 + payloadOverride: + type: string + description: The override of the default JSON payload of the connection. + Should be in JSON format. + HipChat: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - connectionId + type: object + properties: + connectionId: + type: string + description: The identifier of the connection. + example: 000000000BF39283 + payloadOverride: + type: string + description: The override of the default JSON payload of the connection. + Should be in JSON format. + PagerDuty: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - connectionId + type: object + properties: + connectionId: + type: string + description: The identifier of the connection. + example: 000000000BF39283 + payloadOverride: + type: string + description: The override of the default JSON payload of the connection. + Should be in JSON format. + resolutionPayloadOverride: + type: string + description: The override of the resolution JSON payload of the connection. + Should be in JSON format. + Slack: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - connectionId + type: object + properties: + connectionId: + type: string + description: The identifier of the connection. + example: 000000000BF39283 + payloadOverride: + type: string + description: The override of the default JSON payload of the connection. + Should be in JSON format. + resolutionPayloadOverride: + type: string + description: The override of the resolution JSON payload of the connection. + Should be in JSON format. + NewRelic: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - connectionId + type: object + properties: + connectionId: + type: string + description: The identifier of the connection. + example: 000000000BF39283 + payloadOverride: + type: string + description: The override of the default JSON payload of the connection. + Should be in JSON format. + Jira: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - connectionId + type: object + properties: + connectionId: + type: string + description: The identifier of the connection. + example: 000000000BF39283 + payloadOverride: + type: string + description: The override of the default JSON payload of the connection. + Should be in JSON format. + Opsgenie: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - connectionId + type: object + properties: + connectionId: + type: string + description: The identifier of the connection. + example: 000000000BF39283 + payloadOverride: + type: string + description: The override of the default JSON payload of the connection. + Should be in JSON format. + resolutionPayloadOverride: + type: string + description: The override of the resolution JSON payload of the connection. + Should be in JSON format. + MicrosoftTeams: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - connectionId + type: object + properties: + connectionId: + type: string + description: The identifier of the connection. + example: 000000000BF39283 + payloadOverride: + type: string + description: The override of the default JSON payload of the connection. + Should be in JSON format. + resolutionPayloadOverride: + type: string + description: The override of the resolution JSON payload of the connection. + Should be in JSON format. + ServiceNow: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - connectionId + type: object + properties: + connectionId: + type: string + description: The identifier of the connection. + example: 000000000BF39283 + connectionSubtype: + $ref: '#/components/schemas/ConnectionSubtype' + payloadOverride: + type: string + description: The override of the default JSON payload of the connection. + Should be in JSON format. + resolutionPayloadOverride: + type: string + description: The override of the resolution JSON payload of the connection. + Should be in JSON format. + SumoCloudSOAR: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - connectionId + type: object + properties: + connectionId: + type: string + description: The identifier of the connection. + example: 000000000BF39283 + connectionSubtype: + $ref: '#/components/schemas/ConnectionSubtype' + payloadOverride: + type: string + description: The override of the default JSON payload of the connection. + Should be in JSON format. + Webhook: + allOf: + - $ref: '#/components/schemas/Action' + - required: + - connectionId + type: object + properties: + connectionId: + type: string + description: The identifier of the connection. + example: 000000000BF39283 + payloadOverride: + type: string + description: The override of the default JSON payload of the connection. + Should be in JSON format. + resolutionPayloadOverride: + type: string + description: The override of the resolution JSON payload of the connection. + Should be in JSON format. + ChartDataRequest: + required: + - monitorType + - queries + type: object + properties: + monitorType: + pattern: ^(Logs|Metrics)$ + type: string + description: |- + The type of monitor. Valid values: + 1. `Logs`: A logs query monitor. + 2. `Metrics`: A metrics query monitor. + example: Logs + x-pattern-message: should be either 'Logs' or 'Metrics' + queries: + uniqueItems: true + type: array + description: All queries from the monitor. + items: + $ref: '#/components/schemas/MonitorQuery' + triggers: + type: array + description: Defines the conditions of when to send notifications. + items: + $ref: '#/components/schemas/TriggerCondition' + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + description: Request payload for monitor chart data visualization. + ChartDataResult: + type: object + properties: + warnings: + type: array + description: Execution warnings of queries. + items: + $ref: '#/components/schemas/ErrorDescription' + series: + type: array + description: List of time series of the monitor chart data. + items: + $ref: '#/components/schemas/SeriesData' + description: Response for monitor chart data visualization. + OutlierSeriesDataPoint: + allOf: + - $ref: '#/components/schemas/DataPoint' + - required: + - x + - "y" + type: object + properties: + x: + type: integer + description: Epoch unix time stamp. + format: int64 + example: 1617146107 + "y": + $ref: '#/components/schemas/OutlierDataValue' + description: Data point of outlier series. + StaticSeriesDataPoint: + allOf: + - $ref: '#/components/schemas/DataPoint' + - required: + - x + - "y" + type: object + properties: + x: + type: integer + description: Epoch unix time stamp. + format: int64 + example: 1617146107 + "y": + type: number + description: The value of the data point. + format: double + example: 70.0 + description: Data point of static series. + SearchQueryFieldsAndTypes: + type: array + items: + $ref: '#/components/schemas/SearchQueryFieldAndType' + SearchQueryFieldAndType: + type: object + properties: + fieldName: + type: string + description: Log field parsed from log search query. + example: status_code + fieldType: + pattern: ^(NumericValue|DistinctCount)$ + type: string + description: |- + The type of the field inferred from log results and explicit configuration. Valid values: + 1. `NumericValue`: A field with a numerical type. + 2. `DistinctCount`: A field with a dimensional type. + x-pattern-message: should be either 'NumericValue' or 'DistinctCount' + isImplicitField: + type: boolean + description: Indicates if the field is implicit or user defined. + example: true + description: A log field and its associated type + TriggerCondition: + required: + - triggerType + type: object + properties: + detectionMethod: + pattern: ^(StaticCondition|LogsStaticCondition|MetricsStaticCondition|LogsOutlierCondition|MetricsOutlierCondition|LogsMissingDataCondition|MetricsMissingDataCondition|SloSliCondition|SloBurnRateCondition|LogsAnomalyCondition|MetricsAnomalyCondition)$ + type: string + description: |- + Detection method of the trigger condition. Valid values: + 1. `StaticCondition`: A condition that triggers based off of a static threshold. This `detectionMethod` is deprecated, it is recommended to use other ones instead. + 2. `LogsStaticCondition`: A logs condition that triggers based off of a static threshold. + 3. `MetricsStaticCondition`: A metrics condition that triggers based off of a static threshold. + 4. `LogsOutlierCondition`: A logs condition that triggers based off of a dynamic outlier threshold. + 5. `MetricsOutlierCondition`: A metrics condition that triggers based off of a dynamic outlier threshold. + 6. `LogsMissingDataCondition`: A logs missing data condition that triggers based off of no data available. + 7. `MetricsMissingDataCondition`: A metrics missing data condition that triggers based off of no data available. + 8. `SloSliCondition`: An SLO condition that triggers based off of current SLI value. + 9. `SloBurnRateCondition`: An SLO condition that triggers based off of error budget burn rate. + 10. `LogsAnomalyCondition`: A log anomaly condition that triggers based off anomalies in the data. + 11. `MetricsAnomalyCondition`: A metric anomaly condition that triggers based off anomalies in the data. + example: StaticCondition + default: StaticCondition + x-pattern-message: "should be one of the following: 'StaticCondition', 'LogsStaticCondition',\ + \ 'MetricsStaticCondition', 'LogsOutlierCondition', 'MetricsOutlierCondition',\ + \ 'LogsMissingDataCondition', 'MetricsMissingDataCondition', 'SloSliCondition',\ + \ 'SloBurnRateCondition', 'LogsAnomalyCondition', 'MetricsAnomalyCondition' " + triggerType: + pattern: ^(Critical|Warning|MissingData|ResolvedCritical|ResolvedWarning|ResolvedMissingData)$ + type: string + description: |- + The type of trigger condition. Valid values: + 1. `Critical`: A critical condition to trigger on. + 2. `Warning`: A warning condition to trigger on. + 3. `MissingData`: A condition that indicates data is missing. + 4. `ResolvedCritical`: A condition to resolve a Critical trigger on. + 5. `ResolvedWarning`: A condition to resolve a Warning trigger on. + 6. `ResolvedMissingData`: A condition to resolve a MissingData trigger. + example: Critical + x-pattern-message: "should be one of the following: 'Critical', 'Warning',\ + \ 'MissingData', 'ResolvedCritical', 'ResolvedWarning', or 'ResolvedMissingData'" + resolutionWindow: + type: string + description: "The resolution window that the recovery condition must be\ + \ met in each evaluation that happens within this entire duration before\ + \ the alert is recovered (resolved). If not specified, the time range\ + \ of your trigger will be used. Valid values are: `0m`, `-5m`, `-10m`,\ + \ `-15m`, `-30m`, `-1h`, `-3h`, `-6h`, `-12h`, or `-24h`" + nullable: true + example: -5m + discriminator: + propertyName: detectionMethod + mapping: + StaticCondition: '#/components/schemas/StaticCondition' + LogsStaticCondition: '#/components/schemas/LogsStaticCondition' + MetricsStaticCondition: '#/components/schemas/MetricsStaticCondition' + LogsOutlierCondition: '#/components/schemas/LogsOutlierCondition' + MetricsOutlierCondition: '#/components/schemas/MetricsOutlierCondition' + LogsMissingDataCondition: '#/components/schemas/LogsMissingDataCondition' + MetricsMissingDataCondition: '#/components/schemas/MetricsMissingDataCondition' + SloSliCondition: '#/components/schemas/SloSliCondition' + SloBurnRateCondition: '#/components/schemas/SloBurnRateCondition' + LogsAnomalyCondition: '#/components/schemas/LogsAnomalyCondition' + MetricsAnomalyCondition: '#/components/schemas/MetricsAnomalyCondition' + StaticCondition: + allOf: + - $ref: '#/components/schemas/TriggerCondition' + - required: + - occurrenceType + - timeRange + - triggerSource + type: object + properties: + timeRange: + type: string + description: "The relative time range of the monitor. Valid values of\ + \ time ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`,\ + \ `-12h`, or `-24h`." + example: -15m + threshold: + $ref: '#/components/schemas/StaticThreshold' + thresholdType: + $ref: '#/components/schemas/StaticThresholdType' + field: + type: string + description: "The name of the field that the trigger condition will alert\ + \ on. The trigger could compare the value of specified field with the\ + \ threshold. If `field` is not specified, monitor would default to result\ + \ count instead." + example: _count + occurrenceType: + $ref: '#/components/schemas/OccurrenceType' + triggerSource: + $ref: '#/components/schemas/TriggerSource' + minDataPoints: + maximum: 100 + minimum: 1 + type: integer + description: "The minimum number of data points to alert or resolve a\ + \ metrics monitor within the time range. This field is only valid for\ + \ Metrics Monitor, it will always be set to 1 for `AtleastOnce` occurrence\ + \ type and for `Always`, if not specified by user it will default to\ + \ 2." + format: int32 + example: 5 + description: A rule that defines how the monitor should evaluate data and + trigger notifications. + LogsStaticCondition: + allOf: + - $ref: '#/components/schemas/TriggerCondition' + - required: + - threshold + - thresholdType + - timeRange + type: object + properties: + timeRange: + type: string + description: "The relative time range of the monitor. Valid values of\ + \ time ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`,\ + \ `-12h`, or `-24h`." + example: -15m + threshold: + $ref: '#/components/schemas/StaticThreshold' + thresholdType: + $ref: '#/components/schemas/StaticThresholdType' + field: + type: string + description: "The name of the field that the trigger condition will alert\ + \ on. The trigger could compare the value of specified field with the\ + \ threshold. If `field` is not specified, monitor would default to result\ + \ count instead." + example: _count + frequency: + type: string + description: "The frequency that this trigger will be evaluated. Valid\ + \ values of frequencies are `1m`, `2m`, `10m`, `20m`, `1h`" + example: 1m + description: A rule that defines how logs monitor should evaluate static data + and trigger notifications. + MetricsStaticCondition: + allOf: + - $ref: '#/components/schemas/TriggerCondition' + - required: + - occurrenceType + - threshold + - thresholdType + - timeRange + type: object + properties: + timeRange: + type: string + description: "The relative time range of the monitor. Valid values of\ + \ time ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`,\ + \ `-12h`, or `-24h`." + example: -15m + threshold: + $ref: '#/components/schemas/StaticThreshold' + thresholdType: + $ref: '#/components/schemas/StaticThresholdType' + occurrenceType: + $ref: '#/components/schemas/OccurrenceType' + minDataPoints: + maximum: 100 + minimum: 1 + type: integer + description: "The minimum number of data points required for the monitor\ + \ to alert or resolve within the time range specified. This field will\ + \ always be set to 1 for `AtleastOnce` occurrence type and for `Always`,\ + \ if not specified by user it will default to 2." + format: int32 + example: 5 + description: A rule that defines how metrics monitor should evaluate static + data and trigger notifications. + LogsOutlierCondition: + allOf: + - $ref: '#/components/schemas/TriggerCondition' + - type: object + properties: + window: + type: integer + description: Sets the trailing number of data points to calculate mean + and sigma. + format: int64 + example: 15 + default: 50 + consecutive: + type: integer + description: Sets the required number of consecutive indicator data points + (outliers) to trigger a violation. + format: int64 + example: 3 + default: 1 + direction: + $ref: '#/components/schemas/OutlierDirection_1' + threshold: + type: number + description: Sets the number of standard deviations for calculating violations. + format: double + example: 10.0 + default: 3.0 + field: + type: string + description: The name of the field that the trigger condition will alert + on. + example: _count + description: A rule that defines how logs monitor should evaluate outlier + data and trigger notifications. + MetricsOutlierCondition: + allOf: + - $ref: '#/components/schemas/TriggerCondition' + - type: object + properties: + baselineWindow: + type: string + description: The time range used to compute the baseline. + example: 1h + default: 1d + direction: + $ref: '#/components/schemas/OutlierDirection_1' + threshold: + type: number + description: How much should the indicator be different from the baseline + for each datapoint. + format: double + example: 10.0 + default: 3.0 + description: A rule that defines how metrics monitor should evaluate outlier + data and trigger notifications. + LogsMissingDataCondition: + allOf: + - $ref: '#/components/schemas/TriggerCondition' + - required: + - timeRange + type: object + properties: + timeRange: + type: string + description: "The relative time range of the monitor. Valid values of\ + \ time ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`,\ + \ `-12h`, or `-24h`." + example: -15m + frequency: + type: string + description: "The frequency that this trigger will be evaluated. Valid\ + \ values of frequencies are `1m`, `2m`, `10m`, `20m`, `1h`" + example: 1m + description: A rule that defines how logs monitors should evaluate missing + data and trigger notifications. + MetricsMissingDataCondition: + allOf: + - $ref: '#/components/schemas/TriggerCondition' + - required: + - timeRange + - triggerSource + type: object + properties: + triggerSource: + $ref: '#/components/schemas/TriggerSource' + timeRange: + type: string + description: "The relative time range of the monitor. Valid values of\ + \ time ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`,\ + \ `-12h`, or `-24h`." + example: -15m + description: A rule that defines how metrics monitors should evaluate missing + data and trigger notifications. + SloSliCondition: + allOf: + - $ref: '#/components/schemas/TriggerCondition' + - required: + - sliThreshold + type: object + properties: + sliThreshold: + type: number + description: The remaining SLI error budget threshold percentage. + format: double + example: 90 + description: A rule that defines how SLO monitors should evaluate remaining + error budget and trigger notifications. + SloBurnRateCondition: + allOf: + - $ref: '#/components/schemas/TriggerCondition' + - type: object + properties: + burnRateThreshold: + type: number + description: The error budget depletion percentage. + format: double + example: 90 + timeRange: + type: string + description: The relative time range for measuring error budget depletion. + example: -2h + description: A rule that defines parameters for burn rate based monitor evaluation + and trigger notifications. + AnomalyCondition: + type: object + properties: + timeRange: + type: string + description: "The relative time range of the monitor. Valid values of time\ + \ ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`, `-12h`,\ + \ `-24h` or `-1d`." + example: -15m + sensitivity: + type: number + description: The triggering sensitivity of the anomaly model used for this + monitor. + format: double + example: 0.5 + default: 0.5 + anomalyDetectorType: + pattern: ^Cluster$ + type: string + description: The type of anomaly model that will be used for evaluating + this monitor. Only `Cluster` option is supported currently. + example: Cluster + field: + type: string + description: "The name of the field that the trigger condition will alert\ + \ on. The trigger could compare the value of specified field with the\ + \ threshold. If `field` is not specified, monitor would default to result\ + \ count instead." + example: _count + minAnomalyCount: + type: integer + description: The minimum number of anomalies required to exist in the current + time range for the condition to trigger. + format: int32 + example: 1 + default: 1 + direction: + $ref: '#/components/schemas/OutlierDirection_1' + description: A rule that defines a monitor based on anomaly models. + LogsAnomalyCondition: + allOf: + - $ref: '#/components/schemas/AnomalyCondition' + - $ref: '#/components/schemas/TriggerCondition' + - required: + - anomalyDetectorType + - field + - timeRange + type: object + description: A rule that defines a log monitor based on an anomaly model. + MetricsAnomalyCondition: + allOf: + - $ref: '#/components/schemas/AnomalyCondition' + - $ref: '#/components/schemas/TriggerCondition' + - required: + - anomalyDetectorType + - timeRange + type: object + description: A rule that defines a metrics monitor based on an anomaly model. + MonitorFolderDefinition: + allOf: + - $ref: '#/components/schemas/MonitorContentSyncDefinition' + - required: + - children + type: object + properties: + description: + type: string + description: An optional description for the folder. + children: + type: array + description: "The items in the folder, a list of Monitor and/or Folder\ + \ items." + items: + $ref: '#/components/schemas/MonitorContentSyncDefinition' + MonitorWithDependenciesDefinition: + allOf: + - $ref: '#/components/schemas/MonitorContentSyncDefinition' + - required: + - monitor + type: object + properties: + monitor: + $ref: '#/components/schemas/MonitorsLibraryMonitorExport' + dependencies: + type: array + items: + $ref: '#/components/schemas/MonitorDependency' + lookupTableDependencies: + type: array + description: Lookup tables that this monitor depends on + items: + $ref: '#/components/schemas/LookupTableSyncDefinition' + AlertSignalContext: + type: object + description: Details of the alert signal context. + allOf: + - $ref: '#/components/schemas/SignalContext' + - required: + - alertId + type: object + properties: + alertId: + type: string + description: Alert Identifier. + example: 00000000F5000634 + TraceQueryExpression: + required: + - type + type: object + properties: + type: + type: string + description: Expression type of the object model. + description: Base query expression object. + discriminator: + propertyName: type + AndTracingExpression: + allOf: + - $ref: '#/components/schemas/TraceQueryExpression' + - required: + - expressions + type: object + properties: + expressions: + type: array + description: "Evaluates to true, if (and only if) all expressions evaluate\ + \ to true, otherwise evaluates to false." + items: + $ref: '#/components/schemas/TraceQueryExpression' + OrTracingExpression: + description: "Evaluates to true, if at least one expression evaluates to true,\ + \ otherwise evaluates to false." + allOf: + - $ref: '#/components/schemas/TraceQueryExpression' + - required: + - expressions + type: object + properties: + expressions: + type: array + items: + $ref: '#/components/schemas/TraceQueryExpression' + MetricTracingFilter: + allOf: + - $ref: '#/components/schemas/TraceQueryExpression' + - required: + - metric + - operator + type: object + properties: + metric: + type: string + description: "The name of the metric to filter by. The list of supported\ + \ metrics can be retrieved using the [Trace Metrics](#operation/getMetrics)\ + \ endpoint." + operator: + type: string + description: |- + The operator to use. Accepted values: + + + + + + + + + + + + + +
OperatorAccepted value types
< <= > >= =DoubleTracingValue IntegerTracingValue
betweenRangeTracingValue of DoubleTracingValue / IntegerTracingValue
+ value: + $ref: '#/components/schemas/TracingValue' + FieldTracingFilter: + allOf: + - $ref: '#/components/schemas/TraceQueryExpression' + - required: + - field + - operator + type: object + properties: + field: + type: string + description: "The field name to filter by. The list of supported field\ + \ names can be retrieved using the [Trace Query Fields](#operation/getTraceQueryFields)\ + \ endpoint." + operator: + type: string + description: |- + The operator to use. Accepted values: + + + + + + + + + + + + + + + + + +
OperatorAccepted value types
< <= > >= = !=StringTracingValue DoubleTracingValue IntegerTracingValue DateTimeTracingValue
inArrayTracingValue of StringTracingValue / DoubleTracingValue / IntegerTracingValue / DateTimeTracingValue
betweenRangeTracingValue of StringTracingValue / DoubleTracingValue / IntegerTracingValue / DateTimeTracingValue
+ value: + $ref: '#/components/schemas/TracingValue' + RootSpanTracingFilter: + allOf: + - $ref: '#/components/schemas/TraceQueryExpression' + - required: + - field + - operator + type: object + properties: + field: + type: string + description: "The field name to filter by. The list of supported field\ + \ names can be retrieved using the [Trace Query Fields](#operation/getTraceQueryFields)\ + \ endpoint." + operator: + type: string + description: |- + The operator to use. Accepted values: + + + + + + + + + + + + + + + + + +
OperatorAccepted value types
< <= > >= = !=StringTracingValue DoubleTracingValue IntegerTracingValue DateTimeTracingValue
inArrayTracingValue of StringTracingValue / DoubleTracingValue / IntegerTracingValue / DateTimeTracingValue
betweenRangeTracingValue of StringTracingValue / DoubleTracingValue / IntegerTracingValue / DateTimeTracingValue
+ value: + $ref: '#/components/schemas/TracingValue' + TracingValue: + required: + - type + properties: + type: + type: string + description: Type of the value model. + discriminator: + propertyName: type + DoubleTracingValue: + allOf: + - $ref: '#/components/schemas/TracingValue' + - required: + - value + type: object + properties: + value: + type: number + format: double + IntegerTracingValue: + allOf: + - $ref: '#/components/schemas/TracingValue' + - required: + - value + type: object + properties: + value: + type: integer + format: int64 + StringTracingValue: + allOf: + - $ref: '#/components/schemas/TracingValue' + - required: + - value + type: object + properties: + value: + type: string + DateTimeTracingValue: + allOf: + - $ref: '#/components/schemas/TracingValue' + - required: + - value + type: object + properties: + value: + type: string + description: "Timestamp in UTC in the [ISO 8601 / RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2019-11-22T09:00:00Z + ArrayTracingValue: + allOf: + - $ref: '#/components/schemas/TracingValue' + - required: + - values + type: object + properties: + values: + type: array + items: + $ref: '#/components/schemas/TracingValue' + RangeTracingValue: + allOf: + - $ref: '#/components/schemas/TracingValue' + - required: + - from + - to + type: object + properties: + from: + $ref: '#/components/schemas/TracingValue' + to: + $ref: '#/components/schemas/TracingValue' + EventAttributeValue: + required: + - type + properties: + type: + pattern: ^(BooleanEventAttributeValue|StringEventAttributeValue|DoubleEventAttributeValue|IntegerEventAttributeValue|BooleanArrayEventAttributeValue|StringArrayEventAttributeValue|DoubleArrayEventAttributeValue|IntegerArrayEventAttributeValue)$ + type: string + description: Type of the event attribute value. + example: BooleanAttributeValue + discriminator: + propertyName: type + BooleanEventAttributeValue: + allOf: + - $ref: '#/components/schemas/EventAttributeValue' + - required: + - value + type: object + properties: + value: + type: boolean + DoubleEventAttributeValue: + allOf: + - $ref: '#/components/schemas/EventAttributeValue' + - required: + - value + type: object + properties: + value: + type: number + format: double + IntegerEventAttributeValue: + allOf: + - $ref: '#/components/schemas/EventAttributeValue' + - required: + - value + type: object + properties: + value: + type: integer + format: int64 + StringEventAttributeValue: + allOf: + - $ref: '#/components/schemas/EventAttributeValue' + - required: + - value + type: object + properties: + value: + type: string + BooleanArrayEventAttributeValue: + allOf: + - $ref: '#/components/schemas/EventAttributeValue' + - required: + - values + type: object + properties: + values: + type: array + items: + type: boolean + DoubleArrayEventAttributeValue: + allOf: + - $ref: '#/components/schemas/EventAttributeValue' + - required: + - values + type: object + properties: + values: + type: array + items: + type: number + format: double + IntegerArrayEventAttributeValue: + allOf: + - $ref: '#/components/schemas/EventAttributeValue' + - required: + - values + type: object + properties: + values: + type: array + items: + type: integer + format: int64 + StringArrayEventAttributeValue: + allOf: + - $ref: '#/components/schemas/EventAttributeValue' + - required: + - values + type: object + properties: + values: + type: array + items: + type: string + TraceHttpSpanInfo: + allOf: + - $ref: '#/components/schemas/TraceSpanInfo' + - type: object + properties: + method: + pattern: ^(GET|HEAD|POST|PUT|DELETE|CONNECT|OPTIONS|TRACE)$ + type: string + description: HTTP method of the request for the associated span. + example: GET + url: + type: string + description: "URL of the request being handled in this span, in the standard\ + \ URI format." + example: https://domain.net/path/to?resource=here + statusCode: + type: integer + description: HTTP response status code for the associated span. + example: 200 + TraceDbSpanInfo: + allOf: + - $ref: '#/components/schemas/TraceSpanInfo' + - type: object + properties: + dbType: + type: string + description: Database type. + example: sql + instance: + type: string + description: "Database instance name, e.g. in java, if jdbc.url=\"jdbc:mysql://127.0.0.1:3306/customers\"\ + , the instance name is \"customers\"." + example: customers + statement: + type: string + description: Database statement for the given database type. + example: SELECT * FROM user_table + TraceMessageBusSpanInfo: + allOf: + - $ref: '#/components/schemas/TraceSpanInfo' + - type: object + properties: + destination: + type: string + description: An address at which messages can be exchanged e.g. a Kafka + record has an associated "topic name" that can be stored using this + tag. + example: kafka.topic.name + OTCollectorListResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of OT Collectors. + items: + $ref: '#/components/schemas/OTCollector' + PaginatedOTCollectorsRequest: + type: object + properties: + search: + type: string + description: search by collector id or free text search on collector properties. + example: testAgent + filters: + type: object + properties: + tags: + type: array + description: tags associated with the OT collector + example: + - - key: region + values: + - us2 + - mum + - - key: key2 + values: + - value2 + items: + type: array + items: + $ref: '#/components/schemas/OtTag' + default: [] + os: + type: string + description: Name of the Operating System. + nullable: true + example: linux + x-visibility: private + collectorVersionRange: + $ref: '#/components/schemas/VersionRange' + alive: + type: boolean + description: alive Status of the OT Collector based on heartbeat. + nullable: true + example: true + isRemotelyManaged: + type: boolean + description: Management Status of the OT Collector based on if it is + remotely or locally managed. + nullable: true + example: true + isUpgradeAvailable: + type: boolean + description: upgrade availability status of the OT Collector. + nullable: true + example: true + hasNoSourceTemplateLinked: + type: boolean + description: whether the remotely managed OT Collector has no source + template linked. + nullable: true + example: true + description: parameter which is used for filtering. + sortBy: + type: string + description: parameter which is used for sorting. + example: name + next: + type: string + description: parameter which is used for fetching next set of results. + example: token + limit: + maximum: 1000 + minimum: 1 + type: integer + description: parameter which is used for limiting number of otCollectors + on a page. + format: int32 + example: 30 + includeCount: + type: boolean + description: count of filtered otCollectors. + nullable: true + example: false + PaginatedOTCollectorsResponse: + required: + - data + type: object + properties: + data: + type: array + description: paginated list of OT Collectors. + items: + $ref: '#/components/schemas/OTCollector' + next: + type: string + description: next page token. + count: + type: integer + description: count of otCollectors in response. + format: int32 + OTCollectorCountResponse: + required: + - totalCount + type: object + properties: + totalCount: + type: integer + description: Total number of OT Collector for a customer. + format: int32 + example: 100 + description: response for total count of otCollectors. + SearchQueryContext: + allOf: + - $ref: '#/components/schemas/EventContext' + - required: + - queryId + type: object + properties: + queryId: + type: string + description: The query id of the log search. + example: 0BA5454CDE467 + ParsersLibraryBase: + required: + - description + - name + - type + type: object + properties: + name: + maxLength: 255 + minLength: 1 + type: string + description: Name of the folder or parser. + description: + maxLength: 4096 + type: string + description: Description of the folder or parser. + type: + type: string + description: Type of the object model. + isLocked: + type: boolean + description: Locking/Unlocking requires the `LockParsers` capability. Locked + objects can only be `Localized`. Updating or moving requires unlocking + the object. Locking/Unlocking recursively locks all of the objects children. + All children of a locked object must be locked. + default: false + discriminator: + propertyName: type + ParsersLibraryBaseUpdate: + required: + - description + - name + - version + type: object + properties: + name: + maxLength: 255 + minLength: 1 + type: string + description: Name of the folder or parser. + description: + maxLength: 4096 + type: string + description: Description of the folder or parser. + version: + type: integer + description: Version of the folder or parser. + format: int64 + type: + type: string + description: Type of the object model. + discriminator: + propertyName: type + ParsersLibraryBaseResponse: + required: + - contentType + - createdAt + - createdBy + - description + - id + - isLocked + - isMutable + - isSystem + - modifiedAt + - modifiedBy + - name + - parentId + - type + - version + type: object + properties: + id: + type: string + description: Identifier of the folder or parser. + name: + type: string + description: Name of the folder or parser. + description: + type: string + description: Description of the folder or parser. + version: + type: integer + description: Version of the folder or parser. + format: int64 + createdAt: + type: string + description: | + Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339) format. + format: date-time + createdBy: + type: string + description: Identifier of the user who created the resource. + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + parentId: + type: string + description: Identifier of the parent folder. + contentType: + type: string + description: | + Type of the content. Valid values: + 1) Folder + 2) Parser + type: + type: string + description: Type of the object model. + isLocked: + type: boolean + description: Whether the object is locked. + isSystem: + type: boolean + description: System objects are objects provided by Sumo Logic. System objects + can only be localized. Non-local fields can't be updated. + isMutable: + type: boolean + description: Immutable objects are "READ-ONLY". + discriminator: + propertyName: type + ParsersLibraryParser: + allOf: + - $ref: '#/components/schemas/ParsersLibraryBase' + - required: + - stanzas + type: object + properties: + stanzas: + type: string + description: Collection of stanzas describing the parser. + example: | + [sourcetype:PAN-firewall] + EVENT_MULTILINE = False + FORMAT = CSV + modelPath: + type: string + description: The path to the Model a Model-Connector is associated with. + example: Models/firewalls/PAN + sourcetypePath: + type: string + description: The path to the sourcetype a Model-Connector is associated + with. + example: Parsers/firewalls/PAN-firewall + families: + type: string + description: CSV list of model families this object belongs/applies to + example: "firewalls,IDS" + isPartial: + type: boolean + description: "Is this a complete Parser or Model-Connector, or just a\ + \ config fragment?" + default: false + localStanzas: + type: string + description: Localized stanzas. + example: | + [sourcetype:PAN-firewall] + WRAPPER = BSD_SYSLOG + ParsersLibraryFolder: + allOf: + - $ref: '#/components/schemas/ParsersLibraryBase' + ParsersLibraryParserUpdate: + allOf: + - $ref: '#/components/schemas/ParsersLibraryBaseUpdate' + - required: + - stanzas + type: object + properties: + stanzas: + type: string + description: Collection of stanzas describing the parser. + example: | + [sourcetype:PAN-firewall] + EVENT_MULTILINE = False + FORMAT = CSV + modelPath: + type: string + description: The path to the Model a Model-Connector is associated with. + example: Models/firewalls/PAN + sourcetypePath: + type: string + description: The path to the sourcetype a Model-Connector is associated + with. + example: Parsers/firewalls/PAN-firewall + families: + type: string + description: CSV list of model families this object belongs/applies to + example: "firewalls,IDS" + isPartial: + type: boolean + description: "Is this a complete Parser or Model-Connector, or just a\ + \ config fragment?" + default: false + localStanzas: + type: string + description: Localized stanzas. + example: | + [sourcetype:PAN-firewall] + WRAPPER = BSD_SYSLOG + ParsersLibraryFolderUpdate: + allOf: + - $ref: '#/components/schemas/ParsersLibraryBaseUpdate' + ParsersLibraryParserResponse: + allOf: + - $ref: '#/components/schemas/ParsersLibraryBaseResponse' + - required: + - stanzas + type: object + properties: + stanzas: + type: string + description: Collection of stanzas describing the parser. + example: | + [sourcetype:PAN-firewall] + EVENT_MULTILINE = False + FORMAT = CSV + modelPath: + type: string + description: The path to the Model a Model-Connector is associated with. + example: Models/firewalls/PAN + sourcetypePath: + type: string + description: The path to the sourcetype a Model-Connector is associated + with. + example: Parsers/firewalls/PAN-firewall + families: + type: string + description: CSV list of model families this object belongs/applies to + example: "firewalls,IDS" + isPartial: + type: boolean + description: "Is this a complete Parser or Model-Connector, or just a\ + \ config fragment?" + default: false + localStanzas: + type: string + description: Localized stanzas. + example: | + [sourcetype:PAN-firewall] + WRAPPER = BSD_SYSLOG + ParsersLibraryFolderResponse: + allOf: + - $ref: '#/components/schemas/ParsersLibraryBaseResponse' + - required: + - children + type: object + properties: + children: + type: array + description: Children of the folder. + items: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + IdToParsersLibraryBaseResponseMap: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + ParsersLibraryExportBase: + required: + - description + - name + - type + type: object + properties: + name: + maxLength: 255 + minLength: 1 + type: string + description: Name of the folder or parser. + description: + maxLength: 4096 + type: string + description: Description of the folder or parser. + type: + type: string + description: Type of the object model. + discriminator: + propertyName: type + ParsersLibraryParserExportV2: + allOf: + - $ref: '#/components/schemas/ParsersLibraryExportBase' + - required: + - stanzas + type: object + properties: + stanzas: + type: array + description: Array of lines of stanzas describing the parser. + example: | + ["[sourcetype:PAN-firewall]", + "EVENT_MULTILINE = False", + "FORMAT = CSV"] + items: + type: string + modelPath: + type: string + description: The path to the Model a Model-Connector is associated with. + example: Models/firewalls/PAN + sourcetypePath: + type: string + description: The path to the sourcetype a Model-Connector is associated + with. + example: Parsers/firewalls/PAN-firewall + families: + type: string + description: CSV list of model families this object belongs/applies to + example: "firewalls,IDS" + isPartial: + type: boolean + description: "Is this a complete Parser or Model-Connector, or just a\ + \ config fragment?" + default: false + localStanzas: + type: string + description: Localized stanzas. + example: | + [sourcetype:PAN-firewall] + WRAPPER = BSD_SYSLOG + ParsersLibraryParserExport: + allOf: + - $ref: '#/components/schemas/ParsersLibraryExportBase' + - required: + - stanzas + type: object + properties: + stanzas: + type: string + description: Collection of stanza or array of lines of stanzas describing + the parser. + example: | + [sourcetype:PAN-firewall] + EVENT_MULTILINE = False + FORMAT = CSV + modelPath: + type: string + description: The path to the Model a Model-Connector is associated with. + example: Models/firewalls/PAN + sourcetypePath: + type: string + description: The path to the sourcetype a Model-Connector is associated + with. + example: Parsers/firewalls/PAN-firewall + families: + type: string + description: CSV list of model families this object belongs/applies to + example: "firewalls,IDS" + isPartial: + type: boolean + description: "Is this a complete Parser or Model-Connector, or just a\ + \ config fragment?" + default: false + localStanzas: + type: string + description: Localized stanzas. + example: | + [sourcetype:PAN-firewall] + WRAPPER = BSD_SYSLOG + ParsersLibraryFolderExport: + allOf: + - $ref: '#/components/schemas/ParsersLibraryExportBase' + - type: object + properties: + children: + type: array + description: Children of the folder + items: + $ref: '#/components/schemas/ParsersLibraryExportBase' + ParsersLibraryItemWithPath: + required: + - item + - path + type: object + properties: + item: + $ref: '#/components/schemas/ParsersLibraryBaseResponse' + path: + type: string + description: Path of the folder or parser. + example: /Parsers/SampleFolder/TestParser + ListParsersLibraryItemWithPath: + type: array + description: List of folders or parsers. + items: + $ref: '#/components/schemas/ParsersLibraryItemWithPath' + SCIMRoles: + required: + - primary + - value + type: object + properties: + value: + type: string + description: Role assigned to the user + example: Administrator + primary: + type: boolean + description: Always set to 'true' as sumologic doesn't have a concept of + primary/secondary roles + example: true + default: true + OAuthClientCreateRequest: + required: + - name + - type + type: object + properties: + type: + type: string + description: Type of the object model. + name: + maxLength: 128 + minLength: 0 + type: string + description: Name of the OAuth client. + example: My OAuth Client + description: + maxLength: 255 + minLength: 0 + type: string + description: Description of the OAuth client. + example: OAuth client for data ingestion + default: "" + scopes: + type: array + description: "Scopes assigned to the client.\n### Alerting\n - adminMonitorsV2\n\ + \ - viewMonitorsV2\n - manageMonitorsV2\n\n### Data Management\n -\ + \ manageApps\n - viewCollectors\n - manageCollectors\n - viewConnections\n\ + \ - manageConnections\n - contentAdmin\n - viewFieldExtractionRules\n\ + \ - manageFieldExtractionRules \n - viewFields\n - manageFields\n\ + \ - manageBudgets\n - viewLibrary\n - manageLibrary\n - viewPartitions\n\ + \ - managePartitions \n - manageS3DataForwarding\n - viewScheduledViews\n\ + \ - manageScheduledViews\n - manageTokens\n\n### Logs\n - runLogSearch\n\ + \n### Metrics\n - runMetricsQuery \n\n### Reliability Management\n -\ + \ viewSlos\n - manageSlos\n\n### Security\n - manageAccessKeys\n -\ + \ viewPersonalAccessKeys\n - managePersonalAccessKeys\n\n### UserManagement\n\ + \ - viewUsersAndRoles\n - manageUsersAndRoles" + example: + - manageUsersAndRoles + - viewCollectors + items: + type: string + default: [] + discriminator: + propertyName: type + mapping: + ClientCredentialsClient: '#/components/schemas/CreateClientCredentialsClientRequest' + AuthorizationCodeClient: '#/components/schemas/CreateAuthorizationCodeClientRequest' + OAuthRunAs: + required: + - type + type: object + properties: + type: + type: string + description: Type of the object model. + discriminator: + propertyName: type + mapping: + ServiceAccount: '#/components/schemas/OAuthRunAsId' + OAuthRunAsId: + allOf: + - $ref: '#/components/schemas/OAuthRunAs' + - required: + - runAsId + type: object + properties: + runAsId: + type: string + description: Identifier of the service account that the OAuth Client runs + as. + example: 0000000006743FDA + CreateClientCredentialsClientRequest: + allOf: + - $ref: '#/components/schemas/OAuthClientCreateRequest' + - required: + - runAs + type: object + properties: + runAs: + $ref: '#/components/schemas/OAuthRunAs' + CreateAuthorizationCodeClientRequest: + allOf: + - $ref: '#/components/schemas/OAuthClientCreateRequest' + - required: + - redirectUris + type: object + properties: + redirectUris: + type: array + description: Redirect URIs for the OAuth client. Redirect URI's during + Authorization Code flow must be an exact match. + example: + - https://www.example.com/oauth/callback + items: + type: string + default: [] + OAuthClientUpdateRequest: + required: + - description + - disabled + - name + - scopes + - type + type: object + properties: + type: + type: string + description: Type of the object model. + name: + maxLength: 128 + minLength: 0 + type: string + description: Name of the OAuth client. + example: My OAuth Client + description: + maxLength: 255 + minLength: 0 + type: string + description: Description of the OAuth client. + example: OAuth client for data ingestion + disabled: + type: boolean + description: Whether the OAuth client is disabled. Disabled OAuth clients + cannot be used to authenticate users. + scopes: + type: array + description: "Scopes assigned to the client.\n### Alerting\n - adminMonitorsV2\n\ + \ - viewMonitorsV2\n - manageMonitorsV2\n\n### Data Management\n -\ + \ manageApps\n - viewCollectors\n - manageCollectors\n - viewConnections\n\ + \ - manageConnections\n - contentAdmin\n - viewFieldExtractionRules\n\ + \ - manageFieldExtractionRules \n - viewFields\n - manageFields\n\ + \ - manageBudgets\n - viewLibrary\n - manageLibrary\n - viewPartitions\n\ + \ - managePartitions \n - manageS3DataForwarding\n - viewScheduledViews\n\ + \ - manageScheduledViews\n - manageTokens\n\n### Logs\n - runLogSearch\n\ + \n### Metrics\n - runMetricsQuery \n\n### Reliability Management\n -\ + \ viewSlos\n - manageSlos\n\n### Security\n - manageAccessKeys\n -\ + \ viewPersonalAccessKeys\n - managePersonalAccessKeys\n\n### UserManagement\n\ + \ - viewUsersAndRoles\n - manageUsersAndRoles" + example: + - manageUsersAndRoles + - viewCollectors + items: + type: string + discriminator: + propertyName: type + mapping: + ClientCredentialsClient: '#/components/schemas/UpdateClientCredentialsClientRequest' + AuthorizationCodeClient: '#/components/schemas/UpdateAuthorizationCodeClientRequest' + UpdateClientCredentialsClientRequest: + allOf: + - $ref: '#/components/schemas/OAuthClientUpdateRequest' + - required: + - runAs + type: object + properties: + runAs: + $ref: '#/components/schemas/OAuthRunAs' + UpdateAuthorizationCodeClientRequest: + allOf: + - $ref: '#/components/schemas/OAuthClientUpdateRequest' + - required: + - redirectUris + type: object + properties: + redirectUris: + type: array + description: Redirect URIs for the OAuth client. Redirect URI's during + Authorization Code flow must be an exact match. + example: + - https://www.example.com/oauth/callback + items: + type: string + OAuthClient: + required: + - clientId + - createdAt + - createdBy + - description + - disabled + - modifiedAt + - modifiedBy + - name + - scopes + - type + type: object + properties: + type: + type: string + description: Type of the object model. + clientId: + type: string + description: Identifier of the OAuth client. + example: zVplCFHcpTDwtktBIQmFI2K6s9HEo4HAtcQD1f1M5eQ + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2018-10-16T09:10:00Z + createdBy: + type: string + description: Identifier of the user who created the OAuth client. + example: 0000000006743FDD + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + example: 2018-10-16T09:10:00Z + modifiedBy: + type: string + description: Identifier of the user who modified the OAuth client. + example: 0000000006743FDD + name: + maxLength: 128 + minLength: 0 + type: string + description: Name of the OAuth client. + example: My OAuth Client + description: + maxLength: 255 + minLength: 0 + type: string + description: Description of the OAuth client. + example: OAuth client for data ingestion + disabled: + type: boolean + description: Whether the OAuth client is disabled. Disabled OAuth clients + cannot be used to authenticate users. + scopes: + type: array + description: "Scopes assigned to the client.\n### Alerting\n - adminMonitorsV2\n\ + \ - viewMonitorsV2\n - manageMonitorsV2\n\n### Data Management\n -\ + \ manageApps\n - viewCollectors\n - manageCollectors\n - viewConnections\n\ + \ - manageConnections\n - contentAdmin\n - viewFieldExtractionRules\n\ + \ - manageFieldExtractionRules \n - viewFields\n - manageFields\n\ + \ - manageBudgets\n - viewLibrary\n - manageLibrary\n - viewPartitions\n\ + \ - managePartitions \n - manageS3DataForwarding\n - viewScheduledViews\n\ + \ - manageScheduledViews\n - manageTokens\n\n### Logs\n - runLogSearch\n\ + \n### Metrics\n - runMetricsQuery \n\n### Reliability Management\n -\ + \ viewSlos\n - manageSlos\n\n### Security\n - manageAccessKeys\n -\ + \ viewPersonalAccessKeys\n - managePersonalAccessKeys\n\n### UserManagement\n\ + \ - viewUsersAndRoles\n - manageUsersAndRoles" + example: + - manageUsersAndRoles + - viewCollectors + items: + type: string + discriminator: + propertyName: type + mapping: + ClientCredentialsClient: '#/components/schemas/ClientCredentialsClient' + AuthorizationCodeClient: '#/components/schemas/AuthorizationCodeClient' + ClientCredentialsClient: + allOf: + - $ref: '#/components/schemas/OAuthClient' + - required: + - effectiveScopes + - runAs + type: object + properties: + effectiveScopes: + type: array + description: Effective scopes based on the intersection of the user's + RBAC capabilities and the assigned scopes. + example: + - manageUsersAndRoles + - viewCollectors + items: + type: string + runAs: + $ref: '#/components/schemas/OAuthRunAs' + AuthorizationCodeClient: + allOf: + - $ref: '#/components/schemas/OAuthClient' + - required: + - redirectUris + type: object + properties: + redirectUris: + type: array + description: Redirect URIs for the OAuth client. Redirect URI's during + Authorization Code flow must be an exact match. + example: + - https://www.example.com/oauth/callback + items: + type: string + OAuthClientWithSecret: + required: + - clientId + - clientSecret + - createdAt + - createdBy + - description + - disabled + - modifiedAt + - modifiedBy + - name + - scopes + - type + type: object + properties: + type: + type: string + description: Type of the object model. + clientId: + type: string + description: Identifier of the OAuth client. + example: zVplCFHcpTDwtktBIQmFI2K6s9HEo4HAtcQD1f1M5eQ + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2018-10-16T09:10:00Z + createdBy: + type: string + description: Identifier of the user who created the OAuth client. + example: 0000000006743FDD + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + example: 2018-10-16T09:10:00Z + modifiedBy: + type: string + description: Identifier of the user who modified the OAuth client. + example: 0000000006743FDD + name: + maxLength: 128 + minLength: 0 + type: string + description: Name of the OAuth client. + example: My OAuth Client + description: + maxLength: 255 + minLength: 0 + type: string + description: Description of the OAuth client. + example: OAuth client for data ingestion + disabled: + type: boolean + description: Whether the OAuth client is disabled. Disabled OAuth clients + cannot be used to authenticate users. + scopes: + type: array + description: "Scopes assigned to the client.\n### Alerting\n - adminMonitorsV2\n\ + \ - viewMonitorsV2\n - manageMonitorsV2\n\n### Data Management\n -\ + \ manageApps\n - viewCollectors\n - manageCollectors\n - viewConnections\n\ + \ - manageConnections\n - contentAdmin\n - viewFieldExtractionRules\n\ + \ - manageFieldExtractionRules \n - viewFields\n - manageFields\n\ + \ - manageBudgets\n - viewLibrary\n - manageLibrary\n - viewPartitions\n\ + \ - managePartitions \n - manageS3DataForwarding\n - viewScheduledViews\n\ + \ - manageScheduledViews\n - manageTokens\n\n### Logs\n - runLogSearch\n\ + \n### Metrics\n - runMetricsQuery \n\n### Reliability Management\n -\ + \ viewSlos\n - manageSlos\n\n### Security\n - manageAccessKeys\n -\ + \ viewPersonalAccessKeys\n - managePersonalAccessKeys\n\n### UserManagement\n\ + \ - viewUsersAndRoles\n - manageUsersAndRoles" + example: + - manageUsersAndRoles + - viewCollectors + items: + type: string + clientSecret: + type: string + description: The client secret for the created OAuth Client. + example: EqyuIvsnae0LnMC2mbJArysXcmp0LuBsRgmyeLtSkFPEzSxdvpYQMDajn_8buaDj + discriminator: + propertyName: type + mapping: + ClientCredentialsClient: '#/components/schemas/ClientCredentialsClientWithSecret' + AuthorizationCodeClient: '#/components/schemas/AuthorizationCodeClientWithSecret' + ClientCredentialsClientWithSecret: + allOf: + - $ref: '#/components/schemas/OAuthClientWithSecret' + - required: + - effectiveScopes + - runAs + type: object + properties: + effectiveScopes: + type: array + description: Effective scopes based on the intersection of the user's + RBAC capabilities and the assigned scopes. + example: + - manageUsersAndRoles + - viewCollectors + items: + type: string + runAs: + $ref: '#/components/schemas/OAuthRunAs' + AuthorizationCodeClientWithSecret: + allOf: + - $ref: '#/components/schemas/OAuthClientWithSecret' + - required: + - redirectUris + type: object + properties: + redirectUris: + type: array + description: Redirect URIs for the OAuth client. Redirect URI's during + Authorization Code flow must be an exact match. + example: + - https://www.example.com/oauth/callback + items: + type: string + PaginatedListOAuthClientsResult: + required: + - data + type: object + properties: + data: + type: array + description: An array of OAuth clients. + items: + $ref: '#/components/schemas/OAuthClient' + next: + type: string + description: Next continuation token. + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + description: List of OAuth clients. + MonitorsLibraryBase: + required: + - name + - type + type: object + properties: + name: + type: string + description: Name of the monitor or folder. + description: + type: string + description: Description of the monitor or folder. + default: "" + type: + type: string + description: |- + Type of the object model. Valid values: + 1) MonitorsLibraryMonitor + 2) MonitorsLibraryFolder + discriminator: + propertyName: type + MonitorsLibraryBaseUpdate: + required: + - name + - type + - version + type: object + properties: + name: + type: string + description: The name of the monitor or folder. + description: + type: string + description: The description of the monitor or folder. + default: "" + version: + type: integer + description: The version of the monitor or folder. + format: int64 + type: + type: string + description: Type of the object model. + discriminator: + propertyName: type + MonitorsLibraryBaseResponse: + required: + - contentType + - createdAt + - createdBy + - description + - id + - isMutable + - isSystem + - modifiedAt + - modifiedBy + - name + - parentId + - type + - version + type: object + properties: + id: + type: string + description: Identifier of the monitor or folder. + name: + type: string + description: Identifier of the monitor or folder. + description: + type: string + description: Description of the monitor or folder. + version: + type: integer + description: Version of the monitor or folder. + format: int64 + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + createdBy: + type: string + description: Identifier of the user who created the resource. + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + parentId: + type: string + description: Identifier of the parent folder. + contentType: + type: string + description: |- + Type of the content. Valid values: + 1) Monitor + 2) Folder + type: + type: string + description: Type of the object model. + isSystem: + type: boolean + description: System objects are objects provided by Sumo Logic. System objects + can only be localized. Non-local fields can't be updated. + isMutable: + type: boolean + description: Immutable objects are "READ-ONLY". + permissions: + type: array + description: "Aggregated permission summary for the calling user. If detailed\ + \ permission statements are required, please call list permissions endpoint." + example: + - Read + - Delete + items: + type: string + discriminator: + propertyName: type + MonitorsLibraryFolder: + allOf: + - $ref: '#/components/schemas/MonitorsLibraryBase' + MonitorsLibraryFolderUpdate: + allOf: + - $ref: '#/components/schemas/MonitorsLibraryBaseUpdate' + MonitorsLibraryFolderResponse: + allOf: + - $ref: '#/components/schemas/MonitorsLibraryBaseResponse' + - required: + - children + - permissions + type: object + properties: + permissions: + type: array + description: "Aggregated permission summary for the calling user. If detailed\ + \ permission statements are required, please call list permissions endpoint." + example: + - Read + - Delete + items: + type: string + children: + type: array + description: "Children of the folder. NOTE: Permissions field will not\ + \ be filled (empty list) for children." + items: + $ref: '#/components/schemas/MonitorsLibraryBaseResponse' + MonitorsLibraryBaseExport: + required: + - name + - type + type: object + properties: + name: + type: string + description: Name of the monitor or folder. + description: + type: string + description: Description of the monitor or folder. + type: + type: string + description: Type of the object model. + discriminator: + propertyName: type + MonitorsLibraryFolderExport: + allOf: + - $ref: '#/components/schemas/MonitorsLibraryBaseExport' + - type: object + properties: + children: + type: array + description: The items in the folder. A multi-type list of types monitor + or folder. + items: + $ref: '#/components/schemas/MonitorsLibraryBaseExport' + MonitorsLibraryMonitor: + allOf: + - $ref: '#/components/schemas/MonitorsLibraryBase' + - required: + - monitorType + - queries + - triggers + type: object + properties: + monitorType: + pattern: ^(Logs|Metrics|Slo)$ + type: string + description: |- + The type of monitor. Valid values: + 1. `Logs`: A logs query monitor. + 2. `Metrics`: A metrics query monitor. + 3. `Slo`: A SLO based monitor. Currently SLO based monitor is available in closed beta (Notify your Sumo Logic representative in order to get the early access). + example: Logs + x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo' + evaluationDelay: + type: string + description: The delay duration for evaluating the monitor (relative to + current time). The timerange of monitor will be shifted in the past + by this delay time. + example: 5m + default: 0m + alertName: + type: string + description: "The name of the alert(s) triggered from this monitor. Monitor\ + \ name will be used if not specified. All template variables can be\ + \ used here except {{AlertName}}, {{AlertResponseURL}}, {{ResultsJson}},\ + \ and {{Playbook}}." + runAs: + type: object + allOf: + - $ref: '#/components/schemas/RunAs' + notificationGroupFields: + type: array + description: "The set of fields to be used to group alert notifications\ + \ for a monitor. The value of this field will be considered only when\ + \ 'groupNotifications' is true. The fields with very high cardinality\ + \ such as `_blockid`, `_raw`, `_messagetime`, `_receipttime`, and `_messageid`\ + \ are not allowed for Alert Grouping." + example: + - service + - env + items: + type: string + queries: + uniqueItems: true + type: array + description: All queries from the monitor. + items: + $ref: '#/components/schemas/MonitorQuery' + triggers: + type: array + description: Defines the conditions of when to send notifications. + example: + - detectionMethod: LogsStaticCondition + timeRange: 15m + triggerType: Critical + threshold: 50 + thresholdType: GreaterThanOrEqual + - detectionMethod: LogsStaticCondition + timeRange: 15m + triggerType: ResolvedCritical + threshold: 50 + thresholdType: LessThan + items: + $ref: '#/components/schemas/TriggerCondition' + timeZone: + type: string + description: "Time zone identifier for monitor notifications. Follow the\ + \ format in [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + notifications: + type: array + description: The notifications the monitor will send when the respective + trigger condition is met. + example: + - notification: + connectionType: Slack + connectionId: "0000000000000005" + runForTriggerTypes: + - Critical + - notification: + connectionType: Email + messageBody: Alert Triggered! + recipients: + - john@doe.com + subject: "Monitor Alert: {{TriggerType}} on {{SearchName}}" + timeZone: America/Los_Angeles + runForTriggerTypes: + - Critical + items: + $ref: '#/components/schemas/MonitorNotification' + default: [] + isDisabled: + type: boolean + description: "Whether or not the monitor is disabled. Disabled monitors\ + \ will not run, and will not generate or send notifications." + example: false + default: false + groupNotifications: + type: boolean + description: Whether or not to group notifications for individual items + that meet the trigger condition. + example: true + default: true + playbook: + type: string + description: "Notes such as links and instruction to help you resolve\ + \ alerts triggered by this monitor. {{Markdown}} supported. It will\ + \ be enabled only if available for your organization. Please contact\ + \ your Sumo Logic account team to learn more." + example: This issue typically happens when database calls are timing out. + Look at ServiceA's dashboard to investigate further + default: "" + sloId: + type: string + description: Identifier of the SLO definition for the monitor. This is + only applicable for SLO type monitors. + automatedPlaybookIds: + uniqueItems: true + type: array + description: The set of automated playbook ids for a monitor. + example: + - 649dcb922b70c74b5d2110f8 + - 649dcb912b70c74b5d2110a0 + items: + type: string + default: [] + MonitorsLibraryMonitorResponse: + allOf: + - $ref: '#/components/schemas/MonitorsLibraryBaseResponse' + - required: + - monitorType + - queries + - triggers + type: object + properties: + monitorType: + pattern: ^(Logs|Metrics|Slo)$ + type: string + description: |- + The type of monitor. Valid values: + 1. `Logs`: A logs query monitor. + 2. `Metrics`: A metrics query monitor. + 3. `Slo`: A SLO based monitor. Currently SLO based monitor is available in closed beta (Notify your Sumo Logic representative in order to get the early access). + example: Logs + x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo' + evaluationDelay: + type: string + description: The delay duration for evaluating the monitor (relative to + current time). The timerange of monitor will be shifted in the past + by this delay time. + example: 5m + default: 0m + alertName: + type: string + description: "The name of the alert(s) triggered from this monitor. Monitor\ + \ name will be used if not specified. All template variables can be\ + \ used here except {{AlertName}}, {{AlertResponseURL}}, {{ResultsJson}},\ + \ and {{Playbook}}." + runAs: + type: object + allOf: + - $ref: '#/components/schemas/RunAs' + notificationGroupFields: + type: array + description: "The set of fields to be used to group alert notifications\ + \ for a monitor. The value of this field will be considered only when\ + \ 'groupNotifications' is true. The fields with very high cardinality\ + \ such as `_blockid`, `_raw`, `_messagetime`, `_receipttime`, and `_messageid`\ + \ are not allowed for Alert Grouping." + example: + - service + - env + items: + type: string + queries: + uniqueItems: true + type: array + description: All queries from the monitor. + items: + $ref: '#/components/schemas/MonitorQuery' + triggers: + type: array + description: Defines the conditions of when to send notifications. + example: + - detectionMethod: LogsStaticCondition + timeRange: 15m + triggerType: Critical + threshold: 50 + thresholdType: GreaterThanOrEqual + - detectionMethod: LogsStaticCondition + timeRange: 15m + triggerType: ResolvedCritical + threshold: 50 + thresholdType: LessThan + items: + $ref: '#/components/schemas/TriggerCondition' + timeZone: + type: string + description: "Time zone identifier for monitor notifications. Follow the\ + \ format in [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + notifications: + type: array + description: The notifications the monitor will send when the respective + trigger condition is met. + example: + - notification: + connectionType: Slack + connectionId: "0000000000000005" + runForTriggerTypes: + - Critical + - notification: + connectionType: Email + messageBody: Alert Triggered! + recipients: + - john@doe.com + subject: "Monitor Alert: {{TriggerType}} on {{SearchName}}" + timeZone: America/Los_Angeles + runForTriggerTypes: + - Critical + items: + $ref: '#/components/schemas/MonitorNotification' + default: [] + isDisabled: + type: boolean + description: "Whether or not the monitor is disabled. Disabled monitors\ + \ will not run, and will not generate or send notifications." + example: false + default: false + status: + uniqueItems: true + type: array + description: |- + The current status of the monitor. Each monitor can have one or more status values. Valid values: + 1. `Normal`: The monitor is running normally and does not have any currently triggered conditions. + 2. `Critical`: The Critical trigger condition has been met. + 3. `Warning`: The Warning trigger condition has been met. + 4. `MissingData`: The MissingData trigger condition has been met. + 5. `Disabled`: The monitor has been disabled and is not currently running. + example: "[Normal]" + items: + type: string + groupNotifications: + type: boolean + description: Whether or not to group notifications for individual items + that meet the trigger condition. + example: true + default: true + warnings: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Monitor manager warnings + playbook: + type: string + description: "Notes such as links and instruction to help you resolve\ + \ alerts triggered by this monitor. {{Markdown}} supported. It will\ + \ be enabled only if available for your organization. Please contact\ + \ your Sumo Logic account team to learn more." + example: This issue typically happens when database calls are timing out. + Look at ServiceA's dashboard to investigate further + default: "" + sloId: + type: string + description: Identifier of the SLO definition for the monitor. This is + only applicable for SLO type monitors. + automatedPlaybookIds: + uniqueItems: true + type: array + description: The set of automated playbook ids for a monitor. + example: + - 649dcb922b70c74b5d2110f8 + - 649dcb912b70c74b5d2110a0 + items: + type: string + default: [] + MonitorsLibraryMonitorExport: + allOf: + - $ref: '#/components/schemas/MonitorsLibraryBaseExport' + - required: + - monitorType + - queries + - triggers + type: object + properties: + monitorType: + pattern: ^(Logs|Metrics|Slo)$ + type: string + description: |- + The type of monitor. Valid values: + 1. `Logs`: A logs query monitor. + 2. `Metrics`: A metrics query monitor. + 3. `Slo`: A SLO based monitor. Currently SLO based monitor is available in closed beta (Notify your Sumo Logic representative in order to get the early access). + example: Logs + x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo' + evaluationDelay: + type: string + description: The delay duration for evaluating the monitor (relative to + current time). The timerange of monitor will be shifted in the past + by this delay time. + example: 5m + default: 0m + alertName: + type: string + description: "The name of the alert(s) triggered from this monitor. Monitor\ + \ name will be used if not specified. All template variables can be\ + \ used here except {{AlertName}}, {{AlertResponseURL}}, {{ResultsJson}},\ + \ and {{Playbook}}." + runAs: + type: object + allOf: + - $ref: '#/components/schemas/RunAs' + notificationGroupFields: + type: array + description: "The set of fields to be used to group alert notifications\ + \ for a monitor. The value of this field will be considered only when\ + \ 'groupNotifications' is true. The fields with very high cardinality\ + \ such as `_blockid`, `_raw`, `_messagetime`, `_receipttime`, and `_messageid`\ + \ are not allowed for Alert Grouping." + example: + - service + - env + items: + type: string + queries: + uniqueItems: true + type: array + description: All queries from the monitor. + items: + $ref: '#/components/schemas/MonitorQuery' + triggers: + type: array + description: Defines the conditions of when to send notifications. + example: + - detectionMethod: LogsStaticCondition + timeRange: 15m + triggerType: Critical + threshold: 50 + thresholdType: GreaterThanOrEqual + - detectionMethod: LogsStaticCondition + timeRange: 15m + triggerType: ResolvedCritical + threshold: 50 + thresholdType: LessThan + items: + $ref: '#/components/schemas/TriggerCondition' + timeZone: + type: string + description: "Time zone identifier for monitor notifications. Follow the\ + \ format in [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + notifications: + type: array + description: The notifications the monitor will send when the respective + trigger condition is met. + example: + - notification: + connectionType: Slack + connectionId: "0000000000000005" + runForTriggerTypes: + - Critical + - notification: + connectionType: Email + messageBody: Alert Triggered! + recipients: + - john@doe.com + subject: "Monitor Alert: {{TriggerType}} on {{SearchName}}" + timeZone: America/Los_Angeles + runForTriggerTypes: + - Critical + items: + $ref: '#/components/schemas/MonitorNotification' + default: [] + isDisabled: + type: boolean + description: "Whether or not the monitor is disabled. Disabled monitors\ + \ will not run, and will not generate or send notifications." + example: false + default: false + groupNotifications: + type: boolean + description: Whether or not to group notifications for individual items + that meet the trigger condition. + example: true + default: true + playbook: + type: string + description: "Notes such as links and instruction to help you resolve\ + \ alerts triggered by this monitor. {{Markdown}} supported. It will\ + \ be enabled only if available for your organization. Please contact\ + \ your Sumo Logic account team to learn more." + example: This issue typically happens when database calls are timing out. + Look at ServiceA's dashboard to investigate further + default: "" + sloId: + type: string + description: Identifier of the SLO definition for the monitor. This is + only applicable for SLO type monitors. + automatedPlaybookIds: + uniqueItems: true + type: array + description: The set of automated playbook ids for a monitor. + example: + - 649dcb922b70c74b5d2110f8 + - 649dcb912b70c74b5d2110a0 + items: + type: string + default: [] + MonitorsLibraryMonitorUpdate: + allOf: + - $ref: '#/components/schemas/MonitorsLibraryBaseUpdate' + - required: + - monitorType + - queries + - triggers + type: object + properties: + monitorType: + pattern: ^(Logs|Metrics|Slo)$ + type: string + description: |- + The type of monitor. Valid values: + 1. `Logs`: A logs query monitor. + 2. `Metrics`: A metrics query monitor. + 3. `Slo`: A SLO based monitor. Currently SLO based monitor is available in closed beta (Notify your Sumo Logic representative in order to get the early access). + example: Logs + x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo' + evaluationDelay: + type: string + description: The delay duration for evaluating the monitor (relative to + current time). The timerange of monitor will be shifted in the past + by this delay time. + example: 5m + default: 0m + alertName: + type: string + description: "The name of the alert(s) triggered from this monitor. Monitor\ + \ name will be used if not specified. All template variables can be\ + \ used here except {{AlertName}}, {{AlertResponseURL}}, {{ResultsJson}},\ + \ and {{Playbook}}." + runAs: + type: object + allOf: + - $ref: '#/components/schemas/RunAs' + notificationGroupFields: + type: array + description: "The set of fields to be used to group alert notifications\ + \ for a monitor. The value of this field will be considered only when\ + \ 'groupNotifications' is true. The fields with very high cardinality\ + \ such as `_blockid`, `_raw`, `_messagetime`, `_receipttime`, and `_messageid`\ + \ are not allowed for Alert Grouping." + example: + - service + - env + items: + type: string + queries: + uniqueItems: true + type: array + description: All queries from the monitor. + items: + $ref: '#/components/schemas/MonitorQuery' + triggers: + type: array + description: Defines the conditions of when to send notifications. + example: + - detectionMethod: LogsStaticCondition + timeRange: 15m + triggerType: Critical + threshold: 50 + thresholdType: GreaterThanOrEqual + - detectionMethod: LogsStaticCondition + timeRange: 15m + triggerType: ResolvedCritical + threshold: 50 + thresholdType: LessThan + items: + $ref: '#/components/schemas/TriggerCondition' + timeZone: + type: string + description: "Time zone identifier for monitor notifications. Follow the\ + \ format in [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + notifications: + type: array + description: The notifications the monitor will send when the respective + trigger condition is met. + example: + - notification: + connectionType: Slack + connectionId: "0000000000000005" + runForTriggerTypes: + - Critical + - notification: + connectionType: Email + messageBody: Alert Triggered! + recipients: + - john@doe.com + subject: "Monitor Alert: {{TriggerType}} on {{SearchName}}" + timeZone: America/Los_Angeles + runForTriggerTypes: + - Critical + items: + $ref: '#/components/schemas/MonitorNotification' + default: [] + isDisabled: + type: boolean + description: "Whether or not the monitor is disabled. Disabled monitors\ + \ will not run, and will not generate or send notifications." + example: false + default: false + groupNotifications: + type: boolean + description: Whether or not to group notifications for individual items + that meet the trigger condition. + example: true + default: true + playbook: + type: string + description: "Notes such as links and instruction to help you resolve\ + \ alerts triggered by this monitor. {{Markdown}} supported. It will\ + \ be enabled only if available for your organization. Please contact\ + \ your Sumo Logic account team to learn more." + example: This issue typically happens when database calls are timing out. + Look at ServiceA's dashboard to investigate further + default: "" + sloId: + type: string + description: Identifier of the SLO definition for the monitor. This is + only applicable for SLO type monitors. + automatedPlaybookIds: + uniqueItems: true + type: array + description: The set of automated playbook ids for a monitor. + example: + - 649dcb922b70c74b5d2110f8 + - 649dcb912b70c74b5d2110a0 + items: + type: string + default: [] + MonitorNotification: + required: + - notification + - runForTriggerTypes + type: object + properties: + notification: + $ref: '#/components/schemas/Action' + runForTriggerTypes: + uniqueItems: true + type: array + description: The trigger types assigned to send this notification. + items: + type: string + RunAs: + required: + - runAsId + type: object + properties: + runAsId: + type: string + description: "The runAsId indicates the context in which monitors will run.\ + \ If not provided, then it will run in the context of the monitor author." + example: 00000000000001DF + MutingSchedulesLibraryBase: + required: + - name + - type + type: object + properties: + name: + type: string + description: Name of the mutingschedule or folder. + description: + type: string + description: Description of the mutingschedule or folder. + default: "" + type: + type: string + description: |- + Type of the object model. Valid values: + 1) MutingSchedulesLibraryMutingschedule + 2) MutingSchedulesLibraryFolder + discriminator: + propertyName: type + MutingSchedulesLibraryBaseUpdate: + required: + - name + - type + - version + type: object + properties: + name: + type: string + description: The name of the mutingschedule or folder. + description: + type: string + description: The description of the mutingschedule or folder. + default: "" + version: + type: integer + description: The version of the mutingschedule or folder. + format: int64 + type: + type: string + description: Type of the object model. + discriminator: + propertyName: type + MutingSchedulesLibraryBaseResponse: + required: + - contentType + - createdAt + - createdBy + - description + - id + - isMutable + - isSystem + - modifiedAt + - modifiedBy + - name + - parentId + - type + - version + type: object + properties: + id: + type: string + description: Identifier of the mutingschedule or folder. + name: + type: string + description: Identifier of the mutingschedule or folder. + description: + type: string + description: Description of the mutingschedule or folder. + version: + type: integer + description: Version of the mutingschedule or folder. + format: int64 + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + createdBy: + type: string + description: Identifier of the user who created the resource. + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + parentId: + type: string + description: Identifier of the parent folder. + contentType: + type: string + description: |- + Type of the content. Valid values: + 1) Mutingschedule + 2) Folder + type: + type: string + description: Type of the object model. + isSystem: + type: boolean + description: System objects are objects provided by Sumo Logic. System objects + can only be localized. Non-local fields can't be updated. + isMutable: + type: boolean + description: Immutable objects are "READ-ONLY". + permissions: + type: array + description: "Aggregated permission summary for the calling user. If detailed\ + \ permission statements are required, please call list permissions endpoint." + example: + - Read + - Delete + items: + type: string + discriminator: + propertyName: type + MutingSchedulesLibraryFolder: + allOf: + - $ref: '#/components/schemas/MutingSchedulesLibraryBase' + MutingSchedulesLibraryFolderUpdate: + allOf: + - $ref: '#/components/schemas/MutingSchedulesLibraryBaseUpdate' + MutingSchedulesLibraryFolderResponse: + allOf: + - $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse' + - required: + - children + - permissions + type: object + properties: + permissions: + type: array + description: "Aggregated permission summary for the calling user. If detailed\ + \ permission statements are required, please call list permissions endpoint." + example: + - Read + - Delete + items: + type: string + children: + type: array + description: "Children of the folder. NOTE: Permissions field will not\ + \ be filled (empty list) for children." + items: + $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse' + MutingSchedulesLibraryBaseExport: + required: + - name + - type + type: object + properties: + name: + type: string + description: Name of the mutingschedule or folder. + description: + type: string + description: Description of the mutingschedule or folder. + type: + type: string + description: Type of the object model. + discriminator: + propertyName: type + MutingSchedulesLibraryFolderExport: + allOf: + - $ref: '#/components/schemas/MutingSchedulesLibraryBaseExport' + - type: object + properties: + children: + type: array + description: The items in the folder. A multi-type list of types mutingschedule + or folder. + items: + $ref: '#/components/schemas/MutingSchedulesLibraryBaseExport' + MutingSchedulesLibraryMutingSchedule: + allOf: + - $ref: '#/components/schemas/MutingSchedulesLibraryBase' + - required: + - schedule + type: object + properties: + schedule: + $ref: '#/components/schemas/ScheduleDefinition' + monitor: + $ref: '#/components/schemas/MonitorScope' + notificationGroups: + type: array + items: + $ref: '#/components/schemas/GroupDefinition' + default: [] + MutingSchedulesLibraryMutingScheduleResponse: + allOf: + - $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse' + - required: + - schedule + type: object + properties: + schedule: + $ref: '#/components/schemas/ScheduleDefinition' + monitor: + $ref: '#/components/schemas/MonitorScope' + notificationGroups: + type: array + items: + $ref: '#/components/schemas/GroupDefinition' + default: [] + MutingSchedulesLibraryMutingScheduleExport: + allOf: + - $ref: '#/components/schemas/MutingSchedulesLibraryBaseExport' + - required: + - schedule + type: object + properties: + schedule: + $ref: '#/components/schemas/ScheduleDefinition' + monitor: + $ref: '#/components/schemas/MonitorScope' + notificationGroups: + type: array + items: + $ref: '#/components/schemas/GroupDefinition' + default: [] + MutingSchedulesLibraryMutingScheduleUpdate: + allOf: + - $ref: '#/components/schemas/MutingSchedulesLibraryBaseUpdate' + - required: + - schedule + type: object + properties: + schedule: + $ref: '#/components/schemas/ScheduleDefinition' + monitor: + $ref: '#/components/schemas/MonitorScope' + notificationGroups: + type: array + items: + $ref: '#/components/schemas/GroupDefinition' + default: [] + ScheduleDefinition: + required: + - duration + - startDate + - startTime + - timezone + type: object + properties: + timezone: + type: string + description: "Time zone for the schedule per [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + startDate: + type: string + description: Schedule start date in the format of `yyyy-mm-dd` + startTime: + type: string + description: Schedule start time in the format of `hh:mm` + duration: + type: integer + description: Duration of the muting in minutes + format: int32 + rrule: + type: string + description: RRule (Recurrence Rule) + isForm: + type: boolean + description: A flag identifying if the RRule is created or modified through + Form UI + MonitorScope: + type: object + properties: + ids: + type: array + description: List of monitor Ids in hex. Must be empty if `all` is true. + items: + type: string + all: + type: boolean + description: true if the schedule applies to all monitors + default: false + description: Monitor scope that the schedule applies to + GroupDefinition: + required: + - groupKey + - groupValues + type: object + properties: + groupKey: + type: string + description: Field name of an alert group defined in monitors + groupValues: + type: array + description: Values of alert groups generated by monitors + items: + type: string + description: Alert group scope that the schedule applies to + example: + groupKey: region + groupValues: + - us-east-1 + - us-west-1 + AlertsLibraryBase: + required: + - name + - type + type: object + properties: + name: + type: string + description: Name of the alert or folder. + description: + type: string + description: Description of the alert or folder. + default: "" + type: + type: string + description: |- + Type of the object model. Valid values: + 1) AlertsLibraryAlert + 2) AlertsLibraryFolder + isLocked: + type: boolean + description: Locking/Unlocking requires the `LockAlerts` capability. Locked + objects can only be `Localized`. Updating or moving requires unlocking + the object. Locking/Unlocking recursively locks all of the objects children. + All children of a locked object must be locked. + default: false + discriminator: + propertyName: type + AlertsLibraryBaseUpdate: + required: + - name + - type + - version + type: object + properties: + name: + type: string + description: The name of the alert or folder. + description: + type: string + description: The description of the alert or folder. + default: "" + version: + type: integer + description: The version of the alert or folder. + format: int64 + type: + type: string + description: Type of the object model. + discriminator: + propertyName: type + AlertsLibraryBaseResponse: + required: + - contentType + - createdAt + - createdBy + - description + - id + - isMutable + - isSystem + - modifiedAt + - modifiedBy + - name + - parentId + - type + - version + type: object + properties: + id: + type: string + description: Identifier of the alert or folder. + name: + type: string + description: Identifier of the alert or folder. + description: + type: string + description: Description of the alert or folder. + version: + type: integer + description: Version of the alert or folder. + format: int64 + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + createdBy: + type: string + description: Identifier of the user who created the resource. + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + parentId: + type: string + description: Identifier of the parent folder. + contentType: + type: string + description: |- + Type of the content. Valid values: + 1) Alert + 2) Folder + type: + type: string + description: Type of the object model. + isLocked: + type: boolean + description: Whether the object is locked. + isSystem: + type: boolean + description: System objects are objects provided by Sumo Logic. System objects + can only be localized. Non-local fields can't be updated. + isMutable: + type: boolean + description: Immutable objects are "READ-ONLY". + discriminator: + propertyName: type + AlertsLibraryFolder: + allOf: + - $ref: '#/components/schemas/AlertsLibraryBase' + AlertsLibraryFolderUpdate: + allOf: + - $ref: '#/components/schemas/AlertsLibraryBaseUpdate' + AlertsLibraryFolderResponse: + allOf: + - $ref: '#/components/schemas/AlertsLibraryBaseResponse' + - required: + - children + type: object + properties: + children: + type: array + description: "Children of the folder. NOTE: Permissions field will not\ + \ be filled (empty list) for children." + items: + $ref: '#/components/schemas/AlertsLibraryBaseResponse' + AlertsLibraryBaseExport: + required: + - name + - type + type: object + properties: + name: + type: string + description: Name of the alert or folder. + description: + type: string + description: Description of the alert or folder. + type: + type: string + description: Type of the object model. + discriminator: + propertyName: type + AlertsLibraryFolderExport: + allOf: + - $ref: '#/components/schemas/AlertsLibraryBaseExport' + - type: object + properties: + children: + type: array + description: The items in the folder. A multi-type list of types alert + or folder. + items: + $ref: '#/components/schemas/AlertsLibraryBaseExport' + AlertsLibraryAlert: + allOf: + - $ref: '#/components/schemas/AlertsLibraryBase' + - type: object + properties: + monitorId: + type: string + description: The Id of the associated monitor. + example: 000000000000003C + resolvedAt: + type: string + description: The time at which the alert was resolved. + format: date-time + nullable: true + example: 2018-10-16T10:10:00Z + abnormalityStartTime: + type: string + description: The time at which the incident started. + format: date-time + example: 2018-10-16T09:10:00Z + alertType: + pattern: ^(Critical|Warning|MissingData)$ + type: string + description: |- + The severity of the Alert. Valid values: + 1. `Critical` + 2. `Warning` + 3. `MissingData` + example: Warning + x-pattern-message: "should be either 'Critical', 'Warning' or 'MissingData'" + status: + pattern: ^(Triggered|Resolved)$ + type: string + description: |- + The status of the Alert. Valid values: + 1. `Triggered` + 2. `Resolved` + example: Triggered + x-pattern-message: should be either 'Triggered' or 'Resolved' + monitorQueries: + type: array + description: All queries from the monitor relevant to the alert. + items: + $ref: '#/components/schemas/AlertMonitorQuery' + triggerQueries: + type: array + description: All queries from the monitor relevant to the alert with triggered + time series filters. + items: + $ref: '#/components/schemas/AlertMonitorQuery' + monitorUrl: + type: string + description: URL for this monitor's view page + triggerQueryUrl: + type: string + description: A link to search with the triggering data and time range + triggerConditions: + type: array + description: Trigger conditions which were breached to create this Alert. + example: + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: Critical + threshold: 50 + thresholdType: GreaterThanOrEqual + occurrenceType: ResultCount + triggerSource: AllResults + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: ResolvedCritical + threshold: 50 + thresholdType: LessThan + occurrenceType: ResultCount + triggerSource: AllResults + items: + $ref: '#/components/schemas/TriggerCondition' + triggerValue: + type: number + description: The of the query result which breached the trigger condition. + format: double + example: 99.9 + monitorType: + pattern: ^(Logs|Metrics)$ + type: string + description: |- + The type of monitor. Valid values: + 1. `Logs`: A logs query monitor. + 2. `Metrics`: A metrics query monitor. + example: Logs + x-pattern-message: should be either 'Logs' or 'Metrics' + entityIds: + maxItems: 10000 + minItems: 0 + type: array + description: | + One or more primary entity identifiers involved in this Alert. Primary/secondary entities are explained in description for `entities`. DEPRECATED, USE `entities` INSTEAD. + deprecated: true + items: + maxLength: 32 + minLength: 1 + type: string + example: be138dbaaf15ff05da1df0a9d5e763e8 + entities: + maxItems: 10000 + minItems: 0 + type: array + description: | + One or more primary entities involved in this Alert. Primary entity is the most concrete entity that can be assigned per time series or log group (e.g. k8s container), secondary entities are the less specific ones that can be assigned per that notification (e.g. k8s cluster or EC2 host). + items: + $ref: '#/components/schemas/AlertEntityInfo' + secondaryEntities: + maxItems: 10000 + minItems: 0 + type: array + description: | + One or more secondary entity involved in this Alert. Primary/secondary entities are explained in description for `entities` + items: + $ref: '#/components/schemas/AlertEntityInfo' + default: [] + notes: + type: string + example: High CPU is often fixed by scaling up the cluster. + extraDetails: + $ref: '#/components/schemas/ExtraDetails' + alertCondition: + type: string + description: The condition which triggered this alert. + nullable: true + example: Metric value greater than or equal to 100.0 for all of the last + 5 minutes. + isMuted: + type: boolean + description: Flag of the alerts muting status. + example: false + AlertsLibraryAlertResponse: + allOf: + - $ref: '#/components/schemas/AlertsLibraryBaseResponse' + - type: object + properties: + monitorId: + type: string + description: The Id of the associated monitor. + example: 000000000000003C + resolvedAt: + type: string + description: The time at which the alert was resolved. + format: date-time + nullable: true + example: 2018-10-16T10:10:00Z + abnormalityStartTime: + type: string + description: The time at which the incident started. + format: date-time + example: 2018-10-16T09:10:00Z + alertType: + pattern: ^(Critical|Warning|MissingData)$ + type: string + description: |- + The severity of the Alert. Valid values: + 1. `Critical` + 2. `Warning` + 3. `MissingData` + example: Warning + x-pattern-message: "should be either 'Critical', 'Warning' or 'MissingData'" + status: + pattern: ^(Triggered|Resolved)$ + type: string + description: |- + The status of the Alert. Valid values: + 1. `Triggered` + 2. `Resolved` + example: Triggered + x-pattern-message: should be either 'Triggered' or 'Resolved' + monitorQueries: + type: array + description: All queries from the monitor relevant to the alert. + items: + $ref: '#/components/schemas/AlertMonitorQuery' + triggerQueries: + type: array + description: All queries from the monitor relevant to the alert with triggered + time series filters. + items: + $ref: '#/components/schemas/AlertMonitorQuery' + monitorUrl: + type: string + description: URL for this monitor's view page + triggerQueryUrl: + type: string + description: A link to search with the triggering data and time range + triggerConditions: + type: array + description: Trigger conditions which were breached to create this Alert. + example: + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: Critical + threshold: 50 + thresholdType: GreaterThanOrEqual + occurrenceType: ResultCount + triggerSource: AllResults + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: ResolvedCritical + threshold: 50 + thresholdType: LessThan + occurrenceType: ResultCount + triggerSource: AllResults + items: + $ref: '#/components/schemas/TriggerCondition' + triggerValue: + type: number + description: The of the query result which breached the trigger condition. + format: double + example: 99.9 + monitorType: + pattern: ^(Logs|Metrics)$ + type: string + description: |- + The type of monitor. Valid values: + 1. `Logs`: A logs query monitor. + 2. `Metrics`: A metrics query monitor. + example: Logs + x-pattern-message: should be either 'Logs' or 'Metrics' + entityIds: + maxItems: 10000 + minItems: 0 + type: array + description: | + One or more primary entity identifiers involved in this Alert. Primary/secondary entities are explained in description for `entities`. DEPRECATED, USE `entities` INSTEAD. + deprecated: true + items: + maxLength: 32 + minLength: 1 + type: string + example: be138dbaaf15ff05da1df0a9d5e763e8 + entities: + maxItems: 10000 + minItems: 0 + type: array + description: | + One or more primary entities involved in this Alert. Primary entity is the most concrete entity that can be assigned per time series or log group (e.g. k8s container), secondary entities are the less specific ones that can be assigned per that notification (e.g. k8s cluster or EC2 host). + items: + $ref: '#/components/schemas/AlertEntityInfo' + secondaryEntities: + maxItems: 10000 + minItems: 0 + type: array + description: | + One or more secondary entity involved in this Alert. Primary/secondary entities are explained in description for `entities` + items: + $ref: '#/components/schemas/AlertEntityInfo' + default: [] + notes: + type: string + example: High CPU is often fixed by scaling up the cluster. + extraDetails: + $ref: '#/components/schemas/ExtraDetails' + alertCondition: + type: string + description: The condition which triggered this alert. + nullable: true + example: Metric value greater than or equal to 100.0 for all of the last + 5 minutes. + isMuted: + type: boolean + description: Flag of the alerts muting status. + example: false + AlertsLibraryAlertExport: + allOf: + - $ref: '#/components/schemas/AlertsLibraryBaseExport' + - type: object + properties: + monitorId: + type: string + description: The Id of the associated monitor. + example: 000000000000003C + resolvedAt: + type: string + description: The time at which the alert was resolved. + format: date-time + nullable: true + example: 2018-10-16T10:10:00Z + abnormalityStartTime: + type: string + description: The time at which the incident started. + format: date-time + example: 2018-10-16T09:10:00Z + alertType: + pattern: ^(Critical|Warning|MissingData)$ + type: string + description: |- + The severity of the Alert. Valid values: + 1. `Critical` + 2. `Warning` + 3. `MissingData` + example: Warning + x-pattern-message: "should be either 'Critical', 'Warning' or 'MissingData'" + status: + pattern: ^(Triggered|Resolved)$ + type: string + description: |- + The status of the Alert. Valid values: + 1. `Triggered` + 2. `Resolved` + example: Triggered + x-pattern-message: should be either 'Triggered' or 'Resolved' + monitorQueries: + type: array + description: All queries from the monitor relevant to the alert. + items: + $ref: '#/components/schemas/AlertMonitorQuery' + triggerQueries: + type: array + description: All queries from the monitor relevant to the alert with triggered + time series filters. + items: + $ref: '#/components/schemas/AlertMonitorQuery' + monitorUrl: + type: string + description: URL for this monitor's view page + triggerQueryUrl: + type: string + description: A link to search with the triggering data and time range + triggerConditions: + type: array + description: Trigger conditions which were breached to create this Alert. + example: + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: Critical + threshold: 50 + thresholdType: GreaterThanOrEqual + occurrenceType: ResultCount + triggerSource: AllResults + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: ResolvedCritical + threshold: 50 + thresholdType: LessThan + occurrenceType: ResultCount + triggerSource: AllResults + items: + $ref: '#/components/schemas/TriggerCondition' + triggerValue: + type: number + description: The of the query result which breached the trigger condition. + format: double + example: 99.9 + monitorType: + pattern: ^(Logs|Metrics)$ + type: string + description: |- + The type of monitor. Valid values: + 1. `Logs`: A logs query monitor. + 2. `Metrics`: A metrics query monitor. + example: Logs + x-pattern-message: should be either 'Logs' or 'Metrics' + entityIds: + maxItems: 10000 + minItems: 0 + type: array + description: | + One or more primary entity identifiers involved in this Alert. Primary/secondary entities are explained in description for `entities`. DEPRECATED, USE `entities` INSTEAD. + deprecated: true + items: + maxLength: 32 + minLength: 1 + type: string + example: be138dbaaf15ff05da1df0a9d5e763e8 + entities: + maxItems: 10000 + minItems: 0 + type: array + description: | + One or more primary entities involved in this Alert. Primary entity is the most concrete entity that can be assigned per time series or log group (e.g. k8s container), secondary entities are the less specific ones that can be assigned per that notification (e.g. k8s cluster or EC2 host). + items: + $ref: '#/components/schemas/AlertEntityInfo' + secondaryEntities: + maxItems: 10000 + minItems: 0 + type: array + description: | + One or more secondary entity involved in this Alert. Primary/secondary entities are explained in description for `entities` + items: + $ref: '#/components/schemas/AlertEntityInfo' + default: [] + notes: + type: string + example: High CPU is often fixed by scaling up the cluster. + extraDetails: + $ref: '#/components/schemas/ExtraDetails' + alertCondition: + type: string + description: The condition which triggered this alert. + nullable: true + example: Metric value greater than or equal to 100.0 for all of the last + 5 minutes. + isMuted: + type: boolean + description: Flag of the alerts muting status. + example: false + AlertsLibraryAlertUpdate: + allOf: + - $ref: '#/components/schemas/AlertsLibraryBaseUpdate' + - type: object + properties: + monitorId: + type: string + description: The Id of the associated monitor. + example: 000000000000003C + resolvedAt: + type: string + description: The time at which the alert was resolved. + format: date-time + nullable: true + example: 2018-10-16T10:10:00Z + abnormalityStartTime: + type: string + description: The time at which the incident started. + format: date-time + example: 2018-10-16T09:10:00Z + alertType: + pattern: ^(Critical|Warning|MissingData)$ + type: string + description: |- + The severity of the Alert. Valid values: + 1. `Critical` + 2. `Warning` + 3. `MissingData` + example: Warning + x-pattern-message: "should be either 'Critical', 'Warning' or 'MissingData'" + status: + pattern: ^(Triggered|Resolved)$ + type: string + description: |- + The status of the Alert. Valid values: + 1. `Triggered` + 2. `Resolved` + example: Triggered + x-pattern-message: should be either 'Triggered' or 'Resolved' + monitorQueries: + type: array + description: All queries from the monitor relevant to the alert. + items: + $ref: '#/components/schemas/AlertMonitorQuery' + triggerQueries: + type: array + description: All queries from the monitor relevant to the alert with triggered + time series filters. + items: + $ref: '#/components/schemas/AlertMonitorQuery' + monitorUrl: + type: string + description: URL for this monitor's view page + triggerQueryUrl: + type: string + description: A link to search with the triggering data and time range + triggerConditions: + type: array + description: Trigger conditions which were breached to create this Alert. + example: + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: Critical + threshold: 50 + thresholdType: GreaterThanOrEqual + occurrenceType: ResultCount + triggerSource: AllResults + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: ResolvedCritical + threshold: 50 + thresholdType: LessThan + occurrenceType: ResultCount + triggerSource: AllResults + items: + $ref: '#/components/schemas/TriggerCondition' + triggerValue: + type: number + description: The of the query result which breached the trigger condition. + format: double + example: 99.9 + monitorType: + pattern: ^(Logs|Metrics)$ + type: string + description: |- + The type of monitor. Valid values: + 1. `Logs`: A logs query monitor. + 2. `Metrics`: A metrics query monitor. + example: Logs + x-pattern-message: should be either 'Logs' or 'Metrics' + entityIds: + maxItems: 10000 + minItems: 0 + type: array + description: | + One or more primary entity identifiers involved in this Alert. Primary/secondary entities are explained in description for `entities`. DEPRECATED, USE `entities` INSTEAD. + deprecated: true + items: + maxLength: 32 + minLength: 1 + type: string + example: be138dbaaf15ff05da1df0a9d5e763e8 + entities: + maxItems: 10000 + minItems: 0 + type: array + description: | + One or more primary entities involved in this Alert. Primary entity is the most concrete entity that can be assigned per time series or log group (e.g. k8s container), secondary entities are the less specific ones that can be assigned per that notification (e.g. k8s cluster or EC2 host). + items: + $ref: '#/components/schemas/AlertEntityInfo' + secondaryEntities: + maxItems: 10000 + minItems: 0 + type: array + description: | + One or more secondary entity involved in this Alert. Primary/secondary entities are explained in description for `entities` + items: + $ref: '#/components/schemas/AlertEntityInfo' + default: [] + notes: + type: string + example: High CPU is often fixed by scaling up the cluster. + extraDetails: + $ref: '#/components/schemas/ExtraDetails' + alertCondition: + type: string + description: The condition which triggered this alert. + nullable: true + example: Metric value greater than or equal to 100.0 for all of the last + 5 minutes. + isMuted: + type: boolean + description: Flag of the alerts muting status. + example: false + AlertMonitorQuery: + allOf: + - $ref: '#/components/schemas/MonitorQuery' + - required: + - isTriggerRow + type: object + properties: + isTriggerRow: + type: boolean + description: Indicates whether the current row is the trigger (final) + row. + example: false + description: Monitor Query for the Alert. + ExtraDetails: + type: object + properties: + details: + type: array + description: Additional data from Sumo Logic related to the Alert. + items: + $ref: '#/components/schemas/KeyValuePair' + KeyValuePair: + properties: + key: + type: string + description: Name of the key. + example: cluster + value: + type: string + description: Value of the key. + example: cluster1 + AlertEntityInfo: + type: object + properties: + entityId: + type: string + description: Identifier of the entity. + example: f11046564fc9fd093f92fdca24e2823f + entityName: + type: string + description: Name of the entity. + example: _sourceCategory=worker _sourceHost=node-1 + entityTypeId: + type: string + description: Entity type ID or empty if unknown. + example: f5ef50254e45958882a2c1e37f528308 + default: "" + isPrimaryWithinDomain: + type: boolean + description: Whether entity is the most specific entity within its domain + for that alert. + default: true + isPrimaryDomain: + type: boolean + description: Whether entity is from the most accurate domain found for this + alert. + default: true + description: An entity's name and Id. + SlosLibraryBase: + required: + - name + - type + type: object + properties: + name: + type: string + description: Name of the slo or folder. + description: + type: string + description: Description of the slo or folder. + default: "" + type: + type: string + description: |- + Type of the object model. Valid values: + 1) SlosLibrarySlo + 2) SlosLibraryFolder + discriminator: + propertyName: type + SlosLibraryBaseUpdate: + required: + - name + - type + - version + type: object + properties: + name: + type: string + description: The name of the slo or folder. + description: + type: string + description: The description of the slo or folder. + default: "" + version: + type: integer + description: The version of the slo or folder. + format: int64 + type: + type: string + description: Type of the object model. + discriminator: + propertyName: type + SlosLibraryBaseResponse: + required: + - contentType + - createdAt + - createdBy + - description + - id + - isMutable + - isSystem + - modifiedAt + - modifiedBy + - name + - parentId + - type + - version + type: object + properties: + id: + type: string + description: Identifier of the slo or folder. + name: + type: string + description: Identifier of the slo or folder. + description: + type: string + description: Description of the slo or folder. + version: + type: integer + description: Version of the slo or folder. + format: int64 + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + createdBy: + type: string + description: Identifier of the user who created the resource. + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + parentId: + type: string + description: Identifier of the parent folder. + contentType: + type: string + description: |- + Type of the content. Valid values: + 1) Slo + 2) Folder + type: + type: string + description: Type of the object model. + isSystem: + type: boolean + description: System objects are objects provided by Sumo Logic. System objects + can only be localized. Non-local fields can't be updated. + isMutable: + type: boolean + description: Immutable objects are "READ-ONLY". + permissions: + type: array + description: "Aggregated permission summary for the calling user. If detailed\ + \ permission statements are required, please call list permissions endpoint." + example: + - Read + - Delete + items: + type: string + discriminator: + propertyName: type + SlosLibraryFolder: + allOf: + - $ref: '#/components/schemas/SlosLibraryBase' + SlosLibraryFolderUpdate: + allOf: + - $ref: '#/components/schemas/SlosLibraryBaseUpdate' + SlosLibraryFolderResponse: + allOf: + - $ref: '#/components/schemas/SlosLibraryBaseResponse' + - required: + - children + - permissions + type: object + properties: + permissions: + type: array + description: "Aggregated permission summary for the calling user. If detailed\ + \ permission statements are required, please call list permissions endpoint." + example: + - Read + - Delete + items: + type: string + children: + type: array + description: "Children of the folder. NOTE: Permissions field will not\ + \ be filled (empty list) for children." + items: + $ref: '#/components/schemas/SlosLibraryBaseResponse' + SlosLibraryBaseExport: + required: + - name + - type + type: object + properties: + name: + type: string + description: Name of the slo or folder. + description: + type: string + description: Description of the slo or folder. + type: + type: string + description: Type of the object model. + discriminator: + propertyName: type + SlosLibraryFolderExport: + allOf: + - $ref: '#/components/schemas/SlosLibraryBaseExport' + - type: object + properties: + children: + type: array + description: The items in the folder. A multi-type list of types slo or + folder. + items: + $ref: '#/components/schemas/SlosLibraryBaseExport' + SlosLibrarySlo: + allOf: + - $ref: '#/components/schemas/SlosLibraryBase' + - required: + - compliance + - indicator + - signalType + type: object + properties: + signalType: + pattern: ^(Latency|Error|Throughput|Availability|Other)$ + type: string + description: "Type of SLI Signal (latency, error, throughput, availability\ + \ or other)." + example: Latency + x-pattern-message: "Must be `Latency`, `Error`, `Throughput`, `Availability`\ + \ or `Other`" + compliance: + $ref: '#/components/schemas/Compliance' + indicator: + $ref: '#/components/schemas/Sli' + service: + type: string + description: Name of the service. + application: + type: string + description: Name of the application. + tags: + maxProperties: 50 + type: object + additionalProperties: + type: string + description: Tags to be associated with the SLO. + SlosLibrarySloResponse: + allOf: + - $ref: '#/components/schemas/SlosLibraryBaseResponse' + - required: + - compliance + - indicator + - signalType + type: object + properties: + signalType: + pattern: ^(Latency|Error|Throughput|Availability|Other)$ + type: string + description: "Type of SLI Signal (latency, error, throughput, availability\ + \ or other)." + example: Latency + x-pattern-message: "Must be `Latency`, `Error`, `Throughput`, `Availability`\ + \ or `Other`" + compliance: + $ref: '#/components/schemas/Compliance' + indicator: + $ref: '#/components/schemas/Sli' + service: + type: string + description: Name of the service. + application: + type: string + description: Name of the application. + tags: + maxProperties: 50 + type: object + additionalProperties: + type: string + description: Tags to be associated with the SLO. + sloVersion: + type: integer + description: "Current SLO Version. This is incremented on every change\ + \ of a critical field of the SLO (i.e, SLI or Compliance period timezone),\ + \ that requires a recompute of the SLI values over the compliance period." + format: int64 + SlosLibrarySloExport: + allOf: + - $ref: '#/components/schemas/SlosLibraryBaseExport' + - required: + - compliance + - indicator + - signalType + type: object + properties: + signalType: + pattern: ^(Latency|Error|Throughput|Availability|Other)$ + type: string + description: "Type of SLI Signal (latency, error, throughput, availability\ + \ or other)." + example: Latency + x-pattern-message: "Must be `Latency`, `Error`, `Throughput`, `Availability`\ + \ or `Other`" + compliance: + $ref: '#/components/schemas/Compliance' + indicator: + $ref: '#/components/schemas/Sli' + service: + type: string + description: Name of the service. + application: + type: string + description: Name of the application. + tags: + maxProperties: 50 + type: object + additionalProperties: + type: string + description: Tags to be associated with the SLO. + SlosLibrarySloUpdate: + allOf: + - $ref: '#/components/schemas/SlosLibraryBaseUpdate' + - required: + - compliance + - indicator + - signalType + type: object + properties: + signalType: + pattern: ^(Latency|Error|Throughput|Availability|Other)$ + type: string + description: "Type of SLI Signal (latency, error, throughput, availability\ + \ or other)." + example: Latency + x-pattern-message: "Must be `Latency`, `Error`, `Throughput`, `Availability`\ + \ or `Other`" + compliance: + $ref: '#/components/schemas/Compliance' + indicator: + $ref: '#/components/schemas/Sli' + service: + type: string + description: Name of the service. + application: + type: string + description: Name of the application. + tags: + maxProperties: 50 + type: object + additionalProperties: + type: string + description: Tags to be associated with the SLO. + Compliance: + required: + - complianceType + - target + - timezone + type: object + properties: + complianceType: + pattern: ^(Rolling|Calendar)$ + type: string + description: Compliance Type (rolling or calendar) + example: Rolling + x-pattern-message: Must be `Rolling` or `Calendar` + target: + type: number + description: Target percentage for the SLI over the compliance period. + example: 99.5 + timezone: + type: string + description: "Time zone for the SLO compliance. Follow the format in the\ + \ [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + discriminator: + propertyName: complianceType + mapping: + Rolling: '#/components/schemas/RollingCompliance' + Calendar: '#/components/schemas/CalendarCompliance' + CalendarCompliance: + type: object + description: Window for Calendar Compliance. + allOf: + - $ref: '#/components/schemas/Compliance' + - required: + - windowType + type: object + properties: + windowType: + pattern: ^(Week|Month|Quarter)$ + type: string + description: Type of Calendar Window (week/month/quarter). + example: Week + x-pattern-message: "Must be `Week`, `Month` or `Quarter`" + startFrom: + type: string + description: "Start of the calendar window. For week, it would be the\ + \ day of the week (for e.g Sunday, Monday etc). For month, it will always\ + \ be the first day of the month (therefore not required to specify for\ + \ monthly compliance). For quarter, it would be the first month of the\ + \ quarter (for e.g January, February etc.)" + example: Monday + RollingCompliance: + type: object + description: Window for Rolling Compliance. + allOf: + - $ref: '#/components/schemas/Compliance' + - required: + - size + type: object + properties: + size: + type: string + description: Size of Rolling Window. Must be a multiple of days. + example: 7d + Sli: + required: + - evaluationType + type: object + properties: + evaluationType: + pattern: ^(Window|Request|Monitor)$ + type: string + description: "Evaluate SLI using successful/total windows, or occurrence\ + \ of successful events over entire compliance period, or based on monitor\ + \ evaluation." + example: Window + x-pattern-message: Must be `Window` or `Request` or `Monitor` + discriminator: + propertyName: evaluationType + SliQueryGroup: + required: + - queryGroup + - queryGroupType + type: object + properties: + queryGroupType: + pattern: ^(Successful|Unsuccessful|Total|Threshold)$ + type: string + description: Type of Query (successful/unsuccessful/total/threshold). + example: Threshold + x-pattern-message: "Must be `Successful`, `Unsuccessful`, `Total` or `Threshold`" + queryGroup: + type: array + description: Group of queries to allow for query arithmetic. + items: + $ref: '#/components/schemas/SliQuery' + SliQuery: + required: + - query + - rowId + - useRowCount + type: object + properties: + rowId: + type: string + description: "Unique id of the row. Used for query arithmetic, only for\ + \ metric queries." + example: A + query: + type: string + description: Query String. + example: _sourceCategory=webserver "Request completed successfully" + useRowCount: + type: boolean + description: Determines whether to use count of rows (for logs) or data + points (for metrics) in query result or specific field. + example: false + field: + type: string + description: Field of log query output to compare against. To be used only + for logs based data type when `useRowCount` is false. + example: request_latency + description: Group of queries to allow for query arithmetic. + QueryBasedSli: + required: + - queries + - queryType + type: object + properties: + queryType: + pattern: ^(Logs|Metrics)$ + type: string + description: Type of Raw Data Queries for SLI (Logs/Metrics). + example: Logs + x-pattern-message: Must be `Logs` or `Metrics` + queries: + type: array + description: Queries for defining SLI. + items: + $ref: '#/components/schemas/SliQueryGroup' + description: Common properties for query based SLIs + Request: + type: object + description: Evaluate SLI using occurrences of successful events over compliance + period. + allOf: + - $ref: '#/components/schemas/QueryBasedSli' + - $ref: '#/components/schemas/Sli' + - type: object + properties: + threshold: + type: number + description: Compared against threshold query's raw data points to determine + success. + example: 200 + op: + pattern: ^(LessThan|GreaterThan|LessThanOrEqual|GreaterThanOrEqual)$ + type: string + description: Comparison function with threshold (LessThan/GreaterThan/LessThanOrEqual/GreaterThanOrEqual). + example: LessThan + x-pattern-message: "Must be `LessThan`, `GreaterThan`, `LessThanOrEqual`\ + \ or `GreaterThanOrEqual`" + Window: + type: object + description: Evaluate SLI using successful or unsuccessful windows over compliance + period. + allOf: + - $ref: '#/components/schemas/QueryBasedSli' + - $ref: '#/components/schemas/Sli' + - required: + - op + - size + - threshold + type: object + properties: + threshold: + type: number + description: Threshold for classifying window as successful or unsuccessful. + example: 200 + op: + pattern: ^(LessThan|GreaterThan|LessThanOrEqual|GreaterThanOrEqual)$ + type: string + description: Comparison function with window threshold (LessThan/GreaterThan/LessThanOrEqual/GreaterThanOrEqual). + example: LessThan + x-pattern-message: "Must be `LessThan`, `GreaterThan`, `LessThanOrEqual`\ + \ or `GreaterThanOrEqual`" + aggregation: + type: string + description: "Aggregation function applied over each window to arrive\ + \ at SLI. Must be `Avg`, `Min`, `Max`, `Sum`, or percentile of the form\ + \ `pX` where `X` is an integer between 0 and 100." + example: p99 + size: + type: string + description: Size of the aggregation window (minimum of 1m and maximum + of 1h). + example: 15m + Monitor: + type: object + description: SLI definition based on monitors. + allOf: + - $ref: '#/components/schemas/Sli' + - required: + - monitorTriggers + type: object + properties: + monitorTriggers: + type: array + description: Monitors over which the SLO is defined. + items: + $ref: '#/components/schemas/MonitorTrigger' + MonitorTrigger: + required: + - monitorId + - triggerTypes + type: object + properties: + monitorId: + type: string + description: Hex-id of the monitor on which the SLI is based. + example: 0000000000BCB3A4 + triggerTypes: + type: array + description: "The types of trigger conditions (such as Critical, Warning,\ + \ MissingData etc)." + items: + pattern: ^(Critical|Warning|MissingData)$ + type: string + description: |- + The type of trigger condition. Valid values: + 1. `Critical`: A critical condition to trigger on. + 2. `Warning`: A warning condition to trigger on. + 3. `MissingData`: A condition that indicates data is missing. + example: Critical + x-pattern-message: "should be one of the following: 'Critical', 'Warning'\ + \ or 'MissingData'" + description: Monitor related info required for defining SLO. + MonitorTemplatesLibraryBase: + required: + - name + - type + type: object + properties: + name: + type: string + description: Name of the monitortemplate or folder. + description: + type: string + description: Description of the monitortemplate or folder. + default: "" + type: + type: string + description: |- + Type of the object model. Valid values: + 1) MonitorTemplatesLibraryMonitortemplate + 2) MonitorTemplatesLibraryFolder + discriminator: + propertyName: type + MonitorTemplatesLibraryBaseUpdate: + required: + - name + - type + - version + type: object + properties: + name: + type: string + description: The name of the monitortemplate or folder. + description: + type: string + description: The description of the monitortemplate or folder. + default: "" + version: + type: integer + description: The version of the monitortemplate or folder. + format: int64 + type: + type: string + description: Type of the object model. + discriminator: + propertyName: type + MonitorTemplatesLibraryBaseResponse: + required: + - contentType + - createdAt + - createdBy + - description + - id + - isMutable + - isSystem + - modifiedAt + - modifiedBy + - name + - parentId + - type + - version + type: object + properties: + id: + type: string + description: Identifier of the monitortemplate or folder. + name: + type: string + description: Identifier of the monitortemplate or folder. + description: + type: string + description: Description of the monitortemplate or folder. + version: + type: integer + description: Version of the monitortemplate or folder. + format: int64 + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + createdBy: + type: string + description: Identifier of the user who created the resource. + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + parentId: + type: string + description: Identifier of the parent folder. + contentType: + type: string + description: |- + Type of the content. Valid values: + 1) Monitortemplate + 2) Folder + type: + type: string + description: Type of the object model. + isSystem: + type: boolean + description: System objects are objects provided by Sumo Logic. System objects + can only be localized. Non-local fields can't be updated. + isMutable: + type: boolean + description: Immutable objects are "READ-ONLY". + permissions: + type: array + description: "Aggregated permission summary for the calling user. If detailed\ + \ permission statements are required, please call list permissions endpoint." + example: + - Read + - Delete + items: + type: string + discriminator: + propertyName: type + MonitorTemplatesLibraryFolder: + allOf: + - $ref: '#/components/schemas/MonitorTemplatesLibraryBase' + MonitorTemplatesLibraryFolderUpdate: + allOf: + - $ref: '#/components/schemas/MonitorTemplatesLibraryBaseUpdate' + MonitorTemplatesLibraryFolderResponse: + allOf: + - $ref: '#/components/schemas/MonitorTemplatesLibraryBaseResponse' + - required: + - children + - permissions + type: object + properties: + permissions: + type: array + description: "Aggregated permission summary for the calling user. If detailed\ + \ permission statements are required, please call list permissions endpoint." + example: + - Read + - Delete + items: + type: string + children: + type: array + description: "Children of the folder. NOTE: Permissions field will not\ + \ be filled (empty list) for children." + items: + $ref: '#/components/schemas/MonitorTemplatesLibraryBaseResponse' + MonitorTemplatesLibraryBaseExport: + required: + - name + - type + type: object + properties: + name: + type: string + description: Name of the monitortemplate or folder. + description: + type: string + description: Description of the monitortemplate or folder. + type: + type: string + description: Type of the object model. + discriminator: + propertyName: type + MonitorTemplatesLibraryFolderExport: + allOf: + - $ref: '#/components/schemas/MonitorTemplatesLibraryBaseExport' + - type: object + properties: + children: + type: array + description: The items in the folder. A multi-type list of types monitortemplate + or folder. + items: + $ref: '#/components/schemas/MonitorTemplatesLibraryBaseExport' + MonitorTemplatesLibraryMonitorTemplate: + allOf: + - $ref: '#/components/schemas/MonitorTemplatesLibraryBase' + - required: + - monitorType + - queries + - triggers + type: object + properties: + monitorType: + pattern: ^(Logs|Metrics|Slo)$ + type: string + description: |- + The type of monitor template. Valid values: + 1. `Logs`: A logs query monitor template. + 2. `Metrics`: A metrics query monitor template. + 3. `Slo`: A SLO based monitor template. + example: Logs + x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo' + evaluationDelay: + type: string + description: The delay duration for evaluating the monitor (relative to + current time). The timerange of monitor will be shifted in the past + by this delay time. + example: 5m + default: 0m + alertName: + type: string + description: The name of the alert(s) triggered from the monitor created + based on the template. Monitor name will be used if not specified. + queries: + uniqueItems: true + type: array + description: All queries from the monitor. + items: + $ref: '#/components/schemas/MonitorQuery' + triggers: + type: array + description: Defines the conditions of when to send notifications. + example: + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: Critical + threshold: 50 + thresholdType: GreaterThanOrEqual + occurrenceType: ResultCount + triggerSource: AllResults + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: ResolvedCritical + threshold: 50 + thresholdType: LessThan + occurrenceType: ResultCount + triggerSource: AllResults + items: + $ref: '#/components/schemas/TriggerCondition' + isDisabled: + type: boolean + description: Whether or not the monitor template is disabled. + example: false + default: false + groupNotifications: + type: boolean + description: Whether or not to group notifications for individual items + that meet the trigger condition. + example: true + default: true + playbook: + maxLength: 4096 + type: string + description: "Notes such as links and instruction to help you resolve\ + \ alerts triggered by this monitor template. {{Markdown}} supported.\ + \ It will be enabled only if available for your organization. Please\ + \ contact your Sumo Logic account team to learn more." + example: This issue typically happens when database calls are timing out. + Look at ServiceA's dashboard to investigate further + default: "" + MonitorTemplatesLibraryMonitorTemplateResponse: + allOf: + - $ref: '#/components/schemas/MonitorTemplatesLibraryBaseResponse' + - required: + - monitorType + - queries + - triggers + type: object + properties: + monitorType: + pattern: ^(Logs|Metrics|Slo)$ + type: string + description: |- + The type of monitor template. Valid values: + 1. `Logs`: A logs query monitor template. + 2. `Metrics`: A metrics query monitor template. + 3. `Slo`: A SLO based monitor template. + example: Logs + x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo' + evaluationDelay: + type: string + description: The delay duration for evaluating the monitor (relative to + current time). The timerange of monitor will be shifted in the past + by this delay time. + example: 5m + default: 0m + alertName: + type: string + description: The name of the alert(s) triggered from the monitor created + based on the template. Monitor name will be used if not specified. + queries: + uniqueItems: true + type: array + description: All queries from the monitor. + items: + $ref: '#/components/schemas/MonitorQuery' + triggers: + type: array + description: Defines the conditions of when to send notifications. + example: + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: Critical + threshold: 50 + thresholdType: GreaterThanOrEqual + occurrenceType: ResultCount + triggerSource: AllResults + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: ResolvedCritical + threshold: 50 + thresholdType: LessThan + occurrenceType: ResultCount + triggerSource: AllResults + items: + $ref: '#/components/schemas/TriggerCondition' + isDisabled: + type: boolean + description: Whether or not the monitor template is disabled. + example: false + default: false + groupNotifications: + type: boolean + description: Whether or not to group notifications for individual items + that meet the trigger condition. + example: true + default: true + playbook: + maxLength: 4096 + type: string + description: "Notes such as links and instruction to help you resolve\ + \ alerts triggered by this monitor template. {{Markdown}} supported.\ + \ It will be enabled only if available for your organization. Please\ + \ contact your Sumo Logic account team to learn more." + example: This issue typically happens when database calls are timing out. + Look at ServiceA's dashboard to investigate further + default: "" + MonitorTemplatesLibraryMonitorTemplateExport: + allOf: + - $ref: '#/components/schemas/MonitorTemplatesLibraryBaseExport' + - required: + - monitorType + - queries + - triggers + type: object + properties: + monitorType: + pattern: ^(Logs|Metrics|Slo)$ + type: string + description: |- + The type of monitor template. Valid values: + 1. `Logs`: A logs query monitor template. + 2. `Metrics`: A metrics query monitor template. + 3. `Slo`: A SLO based monitor template. + example: Logs + x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo' + evaluationDelay: + type: string + description: The delay duration for evaluating the monitor (relative to + current time). The timerange of monitor will be shifted in the past + by this delay time. + example: 5m + default: 0m + alertName: + type: string + description: The name of the alert(s) triggered from the monitor created + based on the template. Monitor name will be used if not specified. + queries: + uniqueItems: true + type: array + description: All queries from the monitor. + items: + $ref: '#/components/schemas/MonitorQuery' + triggers: + type: array + description: Defines the conditions of when to send notifications. + example: + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: Critical + threshold: 50 + thresholdType: GreaterThanOrEqual + occurrenceType: ResultCount + triggerSource: AllResults + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: ResolvedCritical + threshold: 50 + thresholdType: LessThan + occurrenceType: ResultCount + triggerSource: AllResults + items: + $ref: '#/components/schemas/TriggerCondition' + isDisabled: + type: boolean + description: Whether or not the monitor template is disabled. + example: false + default: false + groupNotifications: + type: boolean + description: Whether or not to group notifications for individual items + that meet the trigger condition. + example: true + default: true + playbook: + maxLength: 4096 + type: string + description: "Notes such as links and instruction to help you resolve\ + \ alerts triggered by this monitor template. {{Markdown}} supported.\ + \ It will be enabled only if available for your organization. Please\ + \ contact your Sumo Logic account team to learn more." + example: This issue typically happens when database calls are timing out. + Look at ServiceA's dashboard to investigate further + default: "" + MonitorTemplatesLibraryMonitorTemplateUpdate: + allOf: + - $ref: '#/components/schemas/MonitorTemplatesLibraryBaseUpdate' + - required: + - monitorType + - queries + - triggers + type: object + properties: + monitorType: + pattern: ^(Logs|Metrics|Slo)$ + type: string + description: |- + The type of monitor template. Valid values: + 1. `Logs`: A logs query monitor template. + 2. `Metrics`: A metrics query monitor template. + 3. `Slo`: A SLO based monitor template. + example: Logs + x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo' + evaluationDelay: + type: string + description: The delay duration for evaluating the monitor (relative to + current time). The timerange of monitor will be shifted in the past + by this delay time. + example: 5m + default: 0m + alertName: + type: string + description: The name of the alert(s) triggered from the monitor created + based on the template. Monitor name will be used if not specified. + queries: + uniqueItems: true + type: array + description: All queries from the monitor. + items: + $ref: '#/components/schemas/MonitorQuery' + triggers: + type: array + description: Defines the conditions of when to send notifications. + example: + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: Critical + threshold: 50 + thresholdType: GreaterThanOrEqual + occurrenceType: ResultCount + triggerSource: AllResults + - detectionMethod: StaticCondition + timeRange: 15m + triggerType: ResolvedCritical + threshold: 50 + thresholdType: LessThan + occurrenceType: ResultCount + triggerSource: AllResults + items: + $ref: '#/components/schemas/TriggerCondition' + isDisabled: + type: boolean + description: Whether or not the monitor template is disabled. + example: false + default: false + groupNotifications: + type: boolean + description: Whether or not to group notifications for individual items + that meet the trigger condition. + example: true + default: true + playbook: + maxLength: 4096 + type: string + description: "Notes such as links and instruction to help you resolve\ + \ alerts triggered by this monitor template. {{Markdown}} supported.\ + \ It will be enabled only if available for your organization. Please\ + \ contact your Sumo Logic account team to learn more." + example: This issue typically happens when database calls are timing out. + Look at ServiceA's dashboard to investigate further + default: "" + ListAppsResult: + required: + - apps + type: object + properties: + apps: + type: array + description: An array of Apps + items: + $ref: '#/components/schemas/App' + description: List of all available apps from the App Catalog. + App: + required: + - appDefinition + - appManifest + type: object + properties: + appDefinition: + $ref: '#/components/schemas/AppDefinition' + appManifest: + $ref: '#/components/schemas/AppManifest' + AppDefinition: + required: + - appVersion + - contentId + - name + - uuid + type: object + properties: + contentId: + type: string + description: Content identifier of the app in hexadecimal format. + example: 00000000000011AE + uuid: + type: string + description: Unique identifier for the app. + format: uuid + example: 1c57fbc3-3141-4b12-aab3-5f40152bc3d9 + name: + type: string + description: Name of the app. + example: Sumo Config + appVersion: + type: string + description: Version of the app. + example: "1.0" + preview: + type: boolean + description: Indicates whether the app is in preview or not. + example: true + manifestVersion: + type: string + description: Manifest version of the app + example: "0.1" + AppManifest: + required: + - description + - hoverText + - iconURL + type: object + properties: + family: + type: string + description: The app family + example: IIS + description: + type: string + description: Description of the app. + example: A description for Sumo Logic Config App. + categories: + type: array + description: Categories that the app belongs to. + example: + - Sumo Logic + - Configuration + items: + type: string + hoverText: + type: string + description: Text to be displayed when hovered over in UI. + example: Sumo Config App + iconURL: + type: string + description: App icon URL. + example: https://sumologic-app-data.sumologic.com/icons/sumoconfig.png + screenshotURLs: + type: array + description: App screenshot URLs. + example: + - https://sumologic-app-data.sumologic.com/icons/sumoconfig/overview.png + - https://sumologic-app-data.sumologic.com/screenshots/sumoconfig/details.png + items: + type: string + helpURL: + type: string + description: App help page URL. + example: https://help.sumologic.com/ + helpDocIdMap: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: the IDs of the docs pages for this app + communityURL: + type: string + description: App community page URL. + example: https://support.sumologic.com/hc/en-us/community/topics/200263058-Applications-and-Integrations + requirements: + type: array + description: Requirements for the app. + example: [] + items: + type: string + accountTypes: + type: array + description: Account types that are allowed to install the app + example: + - free + items: + type: string + requiresInstallationInstructions: + type: boolean + description: Indicates whether installation instructions are required or + not. + example: false + installationInstructions: + type: string + description: Installation instructions for the app. + example: "" + parameters: + type: array + description: Content identifier of the app. + items: + $ref: '#/components/schemas/ServiceManifestDataSourceParameter' + author: + type: string + description: App author. + example: Sumo Logic + authorWebsite: + type: string + description: App author website URL. + example: https://www.sumologic.com + ServiceManifestDataSourceParameter: + required: + - parameterId + - parameterType + type: object + properties: + parameterType: + pattern: ^DATA_SOURCE$ + type: string + description: Parameter type. + example: DATA_SOURCE + x-pattern-message: "Supported parameter types include: DATA_SOURCE" + parameterId: + type: string + description: Parameter identifier. + example: paramId1 + dataSourceType: + pattern: ^(LOG|METRICS)$ + type: string + description: Data source type. + example: LOG + x-pattern-message: "Supported data source types include: LOG, METRICS" + label: + type: string + description: Label. + example: Log label + description: + type: string + description: Description. + example: Log data source + example: + type: string + description: Example. + example: "" + hidden: + type: boolean + description: Should the UI display? + default: false + ErrorResponse: + required: + - errors + - id + type: object + properties: + id: + type: string + description: An identifier for the error; this is unique to the specific + API request. + example: IUUQI-DGH5I-TJ045 + errors: + type: array + description: A list of one or more causes of the error. + example: + - code: auth:password_too_short + message: Your password was too short. + - code: auth:password_character_classes + message: Your password did not contain any non-alphanumeric characters + items: + $ref: '#/components/schemas/ErrorDescription' + ErrorDescription: + required: + - code + - message + type: object + properties: + code: + type: string + description: An error code describing the type of error. + example: auth:password_too_short + message: + type: string + description: A short English-language description of the error. + example: Your password was too short. + detail: + type: string + description: An optional fuller English-language description of the error. + example: "Your password was 5 characters long, the minimum length is 12\ + \ characters. See http://example.com/password for more information." + meta: + type: object + description: An optional list of metadata about the error. + example: + minLength: 12 + actualLength: 5 + BeginAsyncJobResponse: + required: + - id + type: object + properties: + id: + type: string + description: Identifier to get the status of an asynchronous job. + example: C03E086C137F38B4 + AsyncJobStatus: + required: + - status + type: object + properties: + status: + type: string + description: "Whether or not the request is in progress (`InProgress`),\ + \ has completed successfully (`Success`), or has completed with an error\ + \ (`Failed`)." + statusMessage: + type: string + description: Additional status message generated if the status is not `Failed`. + error: + $ref: '#/components/schemas/ErrorDescription' + example: + status: Success + statusMessage: "" + AppItemsList: + required: + - items + type: object + properties: + items: + type: array + description: Items associated with the app. + items: + $ref: '#/components/schemas/AppListItem' + AppListItem: + required: + - itemType + - name + type: object + properties: + itemType: + type: string + description: "Type of the item. Can be `Dashboard`, `Report`, `Search`,\ + \ `ScheduledSearch`, `MetricsSearch` or `Folder`." + example: Dashboard + name: + type: string + description: Name of the item. + example: AWS CloudTrail - Overview + description: + type: string + description: Description of the item. + example: "See an overview of your AWS users, resources, network and security\ + \ events." + query: + type: string + description: "Search query for the item. Applicable only for `Search`, `ScheduledSearch`\ + \ and `MetricsSearch` itemType." + example: _sourceCategory=aws + screenshotUrl: + type: string + description: URL for the screenshot of the item. Applicable only for `Dashboard` + and `Report` itemType. + example: https://my-app-data.s3.amazonaws.com/dashboards/AWSCloudTrail/Overview.PNG + panels: + type: array + description: Panels associated with the item. Applicable only for `Dashboard` + and `Report` itemType. + items: + $ref: '#/components/schemas/PanelItem' + children: + type: array + description: Child content items. Applicable only for `Folder` itemType. + items: + $ref: '#/components/schemas/AppListItem' + PanelItem: + required: + - name + type: object + properties: + name: + type: string + description: Name of the panel. + example: Failed Logins + description: + type: string + description: Description of the panel. + example: Details about failed logins + AppInstallRequest: + required: + - description + - destinationFolderId + - name + type: object + properties: + name: + maxLength: 128 + minLength: 1 + type: string + description: Preferred name of the app to be installed. This will be the + name of the app in the selected installation folder. + example: Sumo Logic Configuration App + description: + maxLength: 255 + minLength: 1 + type: string + description: Preferred description of the app to be installed. This will + be displayed as the app description in the selected installation folder. + example: Sumo Logic Configuration App to configure collectors and data sources + destinationFolderId: + type: string + description: Identifier of the folder in which the app will be installed + in hexadecimal format. + example: 00000000000001C8 + dataSourceValues: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Dictionary of properties specifying log-source name and value. + example: + logsrc: _sourceCategory = api + description: "JSON object containing name, description, destinationFolderId,\ + \ and dataSourceType." + ListAppRecommendations: + type: array + description: List of app recommendations + items: + $ref: '#/components/schemas/AppRecommendation' + AppRecommendation: + required: + - confidence + - description + - iconURL + - name + - uuid + type: object + properties: + uuid: + type: string + description: Unique identifier for the app. + format: uuid + example: ebcbd463-b38b-47b0-819c-8d44ca859c3b + name: + type: string + description: Name of the app. + example: Data Volume + description: + type: string + description: Description of the app. + example: "The Sumo Logic App for Data Volume uses predefined searches and\ + \ Dashboards to provide real-time visibility and analysis of your account's\ + \ data usage volume for both logs and metrics. Use this app to identify\ + \ your top Collectors and monitor your ingest activity and trends. NOTE:\ + \ Please enable Data Volume Index before installing this app." + iconURL: + type: string + description: URL of the app icon. + example: https://app_icons.s3.amazonaws.com/volumeview.png + confidence: + type: number + description: Percentage relevance of recommendation. + format: double + example: 0.98 + description: App recommendation details + AsyncInstallAppRequest: + type: object + properties: + version: + type: string + description: | + Version of the app to install. You can either specify a specific version of the app or use `latest` to install the latest version of the app. _If version is not specified, the latest version of the app will be installed_. + example: 1.0.1 + default: latest + parameters: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Map of additional parameters for the app installation. + example: + db_system: redis + description: Install app request. + BeginAsyncJobResponseV2: + required: + - jobId + type: object + properties: + jobId: + type: string + description: Identifier of the asynchronous job. Use it to get status of + the job. + example: C03E086C137F38B4 + AsyncInstallAppJobStatus: + required: + - status + type: object + properties: + status: + type: string + description: "Whether or not the request is in progress (`InProgress`),\ + \ has completed successfully (`Success`), or has completed with an error\ + \ (`Failed`)." + example: Success + instanceId: + type: string + description: Instance identifier of the installed app. This field is not + set yet but is a placeholder for future use. + example: 0000000001578BE8 + path: + type: string + description: Path of the folder in which the app was installed. + example: /Library/Installed Apps/AWS CloudTrail + folderId: + type: string + description: Identifier of the folder in which the app was installed. + example: 0000000001578BE8 + error: + $ref: '#/components/schemas/ErrorDescription' + description: Status of the install app async job. + AsyncUninstallAppJobStatus: + required: + - status + type: object + properties: + status: + type: string + description: "Whether or not the request is in progress (`InProgress`),\ + \ has completed successfully (`Success`), or has completed with an error\ + \ (`Failed`)." + example: Success + errors: + type: array + description: More information about the failure if the status is `Failed`. + items: + $ref: '#/components/schemas/ErrorDescription' + description: Status of an uninstall app job. + AsyncUpgradeAppRequest: + type: object + properties: + version: + type: string + description: | + Version of the app to upgrade. You can either specify a specific version of the app or use `latest` to install the latest version of the app. _If version is not specified, the latest version of the app will be installed_. + example: 1.0.1 + default: latest + parameters: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Map of additional parameters for the app installation. + example: + db_system: redis + description: Upgrade app request. + AsyncUpgradeAppJobStatus: + required: + - status + type: object + properties: + status: + type: string + description: "Whether or not the request is in progress (`InProgress`),\ + \ has completed successfully (`Success`), or has completed with an error\ + \ (`Failed`)." + example: Success + instanceId: + type: string + description: Instance identifier of the upgraded app. This field is not + set yet but is a placeholder for future use. + example: 0000000001578BE8 + path: + type: string + description: Path of the folder in which the app was upgraded. + example: /Library/Installed Apps/AWS CloudTrail + folderId: + type: string + description: Identifier of the folder in which the app was upgraded. + example: 0000000001578BE8 + error: + $ref: '#/components/schemas/ErrorDescription' + description: Status of the upgrade app async job. + ListAppsV2Response: + required: + - apps + type: object + properties: + apps: + type: array + description: An array of apps. + items: + $ref: '#/components/schemas/AppV2' + description: List of all apps from the apps + AppV2: + required: + - accountTypes + - attributes + - author + - beta + - description + - family + - icon + - installable + - latestVersion + - name + - showOnMarketplace + - uuid + type: object + properties: + uuid: + type: string + description: UUID of the app. + example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5 + name: + type: string + description: Name of the app. + example: AWS CloudTrail + description: + type: string + description: Description of the app. + example: AWS CloudTrail app description + latestVersion: + type: string + description: Latest version of the app. + example: 1.1.0 + icon: + type: string + description: URL of the icon for the app. + example: https://some-bucket.s3.amazonaws.com/AWSCloudTrail.png + author: + type: string + description: Author of the app. + example: Sumo Logic + accountTypes: + type: array + description: Account types of which the app is available to. + example: + - All + items: + type: string + beta: + type: boolean + description: Whether the app is in beta. + example: false + installs: + type: integer + description: Number of times the app was installed. + format: int32 + example: 3452 + attributes: + maxProperties: 3 + type: object + additionalProperties: + type: array + items: + type: string + description: A map of attributes for this app. Attributes allow to group + apps based on different criteria. + example: + category: + - Web Server + - IT Infrastructure + - Amazon Web Services + useCase: + - security + - observability + collection: + - OpenTelemetry + installable: + type: boolean + description: Whether the app is installable or not as not all apps are installable. + example: true + showOnMarketplace: + type: boolean + description: Whether the app should show up on sumologic.com/applications + webpage. + example: true + modifiedAt: + type: string + description: The timestamp in UTC of the most recent modification of the + app. + format: date-time + example: 2018-10-16T09:10:00Z + description: An app object. + RegisterAppResponse: + required: + - uuid + type: object + properties: + uuid: + type: string + description: UUID of the app. + format: uuid + example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5 + description: UUID of the registered app. + CreatePublicAppRequest: + required: + - name + type: object + properties: + name: + maxLength: 128 + minLength: 3 + pattern: "^([ -~]+)$" + type: string + description: Name of the app. + example: AWS CloudTrail + x-pattern-message: Should consist only of printable ASCII characters + description: Information about the new public app. + GetAppDetailsResponse: + required: + - baseUrl + - manifest + - uuid + - version + type: object + properties: + uuid: + type: string + description: UUID of the app. + format: uuid + example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5 + version: + type: string + description: Version of the app. + example: 1.0.0 + baseUrl: + type: string + description: URL prefix for where the app is stored. + format: url + example: https://some_bucket.s3.amazonaws.com/path/to/app/version/ + manifest: + type: string + description: "Content of the manifest YAML file, as Base64-encoded string." + format: byte + config: + type: string + description: "Content of the config YAML file, as Base64-encoded string." + format: byte + readme: + type: string + description: "Content of the README markdown file, as Base64-encoded string." + format: byte + files: + maxProperties: 100 + type: object + additionalProperties: + type: string + format: byte + description: "Content of various files part of app package, as Base64-encoded\ + \ string." + example: + config: ICAtIGNvbXBvbmVudFR5cGU6IHNjb3BlCiAgICBsYWJlbDog4oCYQXBhY2hlIEVycm9yIExvZyBT + b3VyY2XigJkKICAgIHRmVmFyOiBlcnJMb2dTY29wZQogICAgCiAgLSBjb21wb25lbnRUeXBlOiBz + Y29wZQogICAgbGFiZWw6IOKAmEFwYWNoZSBBY2Nlc3MgTG9nIFNvdXJjZeKAmQogICAgdGZWYXI6 + IGFjY2Vzc0xvZ1Njb3BlCgogIC0gY29tcG9uZW50VHlwZTogY3VzdG9tCiAgICBkYXRhVHlwZTog + U3RyaW5nCiAgICBsYWJlbDog4oCYQXBhY2hlIEVuZ2luZSBUeXBl4oCYCiAgICBoZWxwVGV4dDog + 4oCYVGhlIGVuZ2luZSB0eXBlIG9mIHlvdXIgQXBhY2hlIEluc3RhbmNl4oCYCiAgICByZXF1aXJl + ZDogRmFsc2UKICAgIGRlZmF1bHQ6IOKAmHYxLjDigJkKICAgIHRmVmFyOiBlbmdpbmVUeXBlCg== + readme: IyBPdmVydmlldwoKVGhlIEFwYWNoZSBhcHAgaXMgYSB1bmlmaWVkIGxvZ3MgYW5kIG1ldHJpY3Mg + YXBwIHRoYXQgaGVscHMgeW91IG1vbml0b3IgdGhlIGF2YWlsYWJpbGl0eSwgcGVyZm9ybWFuY2Us + IGhlYWx0aCBhbmQgcmVzb3VyY2UgdXRpbGl6YXRpb24gb2YgQXBhY2hlIHdlYiBzZXJ2ZXIgZmFy + bXMuICBQcmVjb25maWd1cmVkIGRhc2hib2FyZHMgYW5kIHNlYXJjaGVzIHByb3ZpZGUgaW5zaWdo + dCBpbnRvIHZpc2l0b3IgbG9jYXRpb25zLCB2aXNpdG9yIGFjY2VzcyB0eXBlcywgdHJhZmZpYyBw + YXR0ZXJucywgZXJyb3JzLCB3ZWIgc2VydmVyIG9wZXJhdGlvbnMsIHJlc291cmNlIHV0aWxpemF0 + aW9uIGFuZCBhY2Nlc3MgZnJvbSBrbm93biBtYWxpY2lvdXMgc291cmNlcy4KCiMgU2V0dXAKVGhp + cyBpcyB0aGUgc2VjdGlvbiBmb3IgQXBhY2hlIC0gT3BlblRlbGVtZXRyeSBjb2xsZWN0aW9uIHNl + dHVwLgo= + manifest: CnNjaGVtYVZlcnNpb246ICIxLjAiCgpuYW1lOiBBcGFjaGUKCmRlc2NyaXB0aW9u + OiA+LQogIFRoZSBBcGFjaGUgYXBwIGlzIGEgdW5pZmllZCBsb2dzIGFuZCBtZXRy aWNzIGFwcCB0aGF0IGhlbHBzIHlvdSBtb25pdG9yIHRoZSBhdmFpbGFiaWxpdHks + IHBlcmZvcm1hbmNlLAogIGhlYWx0aCBhbmQgcmVzb3VyY2UgdXRpbGl6YXRpb24g b2YgQXBhY2hlIHdlYiBzZXJ2ZXIgZmFybXMuICBQcmVjb25maWd1cmVkIGRhc2hi + b2FyZHMgYW5kIHNlYXJjaGVzCiAgcHJvdmlkZSBpbnNpZ2h0IGludG8gdmlzaXRv ciBsb2NhdGlvbnMsIHZpc2l0b3IgYWNjZXNzIHR5cGVzLCB0cmFmZmljIHBhdHRl + cm5zLCBlcnJvcnMsIHdlYiBzZXJ2ZXIKICBvcGVyYXRpb25zLCByZXNvdXJjZSB1 dGlsaXphdGlvbiBhbmQgYWNjZXNzIGZyb20ga25vd24gbWFsaWNpb3VzIHNvdXJj + ZXMuCmF1dGhvcjogU3VtbyBMb2dpYwoKdmVyc2lvbjogMS4wLjAKCgo= + description: Information about an app. + SubscriptionStatusResponse: + required: + - status + type: object + properties: + status: + type: boolean + description: "Show if the user has subscribed to the app or not. value is\ + \ true, if the user has subscribed to the app" + example: true + description: Subscription Status + ListConnectionsResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of connections. + items: + $ref: '#/components/schemas/Connection' + next: + type: string + description: Next continuation token. + Connection: + required: + - createdAt + - createdBy + - description + - id + - modifiedAt + - modifiedBy + - name + - type + type: object + properties: + type: + type: string + description: "Type of connection. Valid values are `WebhookConnection`,\ + \ `ServiceNowConnection`." + id: + type: string + description: Unique identifier for the connection. + name: + type: string + description: Name of the connection. + description: + type: string + description: Description of the connection. + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + createdBy: + type: string + description: Identifier of the user who created the resource. + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + discriminator: + propertyName: type + ConnectionDefinition: + required: + - name + - type + type: object + properties: + type: + pattern: ^(WebhookDefinition|ServiceNowDefinition)$ + type: string + description: "Type of connection. Valid values are `WebhookDefinition`,\ + \ `ServiceNowDefinition`." + x-pattern-message: must be either `WebhookDefinition` or `ServiceNowDefinition` + name: + maxLength: 127 + minLength: 1 + type: string + description: Name of the connection. + description: + maxLength: 1024 + type: string + description: Description of the connection. + default: "" + discriminator: + propertyName: type + mapping: + ServiceNowDefinition: '#/components/schemas/ServiceNowDefinition' + WebhookDefinition: '#/components/schemas/WebhookDefinition' + ConnectionType: + pattern: ^(AWSLambda|Azure|Datadog|HipChat|PagerDuty|Slack|Webhook|NewRelic|Jira|Opsgenie|MicrosoftTeams|ServiceNow|SumoCloudSOAR)$ + type: string + description: "Type of webhook connection. Valid values are `AWSLambda`, `Azure`,\ + \ `Datadog`, `HipChat`, `Jira`, `NewRelic`, `Opsgenie`, `PagerDuty`, `Slack`,\ + \ `MicrosoftTeams`, `ServiceNow`, `SumoCloudSOAR` and `Webhook`." + x-pattern-message: "must be `AWSLambda`, `Azure`, `Datadog`, `HipChat`, `PagerDuty`,\ + \ `Slack`, `Webhook`, `NewRelic`, `Jira`, `Opsgenie`, `MicrosoftTeams`, `ServiceNow`\ + \ or `SumoCloudSOAR`" + TestConnectionResponse: + required: + - responseContent + - statusCode + type: object + properties: + statusCode: + type: integer + description: Status code of the response of the connection test. + responseContent: + type: string + description: Content of the response of the connection test. + alertStatusCode: + type: integer + description: Status code of the response of alert payload test. + format: int32 + example: 200 + alertResponseContent: + type: string + description: Content of the response of alert payload test. + example: ok + resolutionStatusCode: + type: integer + description: Status code of the response of resolution payload test. + format: int32 + example: 200 + resolutionResponseContent: + type: string + description: Content of the response of resolution payload test. + example: ok + GetIncidentTemplatesResponse: + required: + - templates + type: object + properties: + templates: + type: array + description: List of incident templates. + items: + $ref: '#/components/schemas/IncidentTemplate' + IncidentTemplate: + required: + - id + - name + type: object + properties: + id: + type: integer + description: Unique identifier of the incident template. + name: + type: string + description: Name of the incident template. + GetIncidentTemplatesRequest: + type: object + properties: + url: + type: string + description: Optional CloudSOAR domain URL to use for the API call to get + incident templates. + example: https://staging.soar.sumologic.com/ + authHeader: + type: string + description: Optional CloudSOAR authorization header to use for the API + call to get incident templates. + example: SOMEAUTHHEADERSTRING + connectionId: + type: string + description: "Optional connectionId to get incident templates for an existing\ + \ CloudSOAR connection. If provided, the authHeader and url will be taken\ + \ from the existing connection object." + example: 0000000000123ABC + ListScheduledViewsResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of scheduled views. + items: + $ref: '#/components/schemas/ScheduledView' + next: + type: string + description: Next continuation token. + ScheduledView: + type: object + allOf: + - $ref: '#/components/schemas/CreateScheduledViewDefinition' + - $ref: '#/components/schemas/ViewRetentionProperties' + - required: + - id + properties: + id: + type: string + description: Identifier for the scheduled view. + indexId: + type: string + description: The `id` of the Index where the output from Scheduled view + is stored. + example: "1" + createdAt: + type: string + description: Creation timestamp in UTC. + format: date-time + modifiedAt: + type: string + description: "Last modification timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + createdByOptimizeIt: + type: boolean + description: If the scheduled view is created by OptimizeIt. + error: + type: string + description: Errors related to the scheduled view. + status: + type: string + description: |- + Status of the scheduled view. Possible values are: + 1. `NOT_STARTED` + 2. `FILLING` + 3. `STOPPED` + 4. `COMPLETE` + 5. `FAILED` + 6. `PAUSED` + totalBytes: + type: integer + description: Total storage consumed by the scheduled view. + format: int64 + totalMessageCount: + type: integer + description: Total number of messages for the scheduled view. + format: int64 + createdBy: + type: string + description: Identifier of the user who created the scheduled view. + example: 0000000006743FE8 + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + example: 0000000006743FE8 + filledRanges: + type: array + description: List of the different units of filled ranges since the autoview + has been created. + items: + $ref: '#/components/schemas/FilledRange' + lastAccessedAt: + type: string + description: Last accessed timestamp in UTC + format: date-time + x-tf-generated-properties: "id,query,indexName,startTime,retentionPeriod,parsingMode" + x-tf-resource-name: ScheduledView + CreateScheduledViewDefinition: + required: + - indexName + - query + - startTime + type: object + properties: + query: + maxLength: 16384 + minLength: 1 + type: string + description: The query that defines the data to be included in the scheduled + view. + example: _sourceCategory=*/Apache + indexName: + maxLength: 255 + minLength: 0 + type: string + description: Name of the index for the scheduled view. + example: TestScheduledView + startTime: + type: string + description: "Start timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + retentionPeriod: + type: integer + description: "The number of days to retain data in the scheduled view, or\ + \ -1 to use the default value for your account. Only relevant if your\ + \ account has multi-retention enabled." + format: int32 + example: 60 + default: -1 + dataForwardingId: + type: string + description: An optional ID of a data forwarding configuration to be used + by the scheduled view. + parsingMode: + pattern: ^(AutoParse|Manual)$ + type: string + description: |- + Define the parsing mode to scan the JSON format log messages. Possible values are: + 1. `AutoParse` + 2. `Manual` + In AutoParse mode, the system automatically figures out fields to parse based on the search query. While in the Manual mode, no fields are parsed out automatically. For more information see [Dynamic Parsing](https://help.sumologic.com/?cid=0011). + example: AutoParse + default: Manual + x-pattern-message: should be either AutoParse or Manual + timeZone: + type: string + description: "Time zone for ingesting data in scheduled view. Follow the\ + \ format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + default: UTC + FilledRange: + required: + - endTime + - startTime + type: object + properties: + startTime: + type: string + description: "Start of the timestamp for each unit of filled ranges, expressed\ + \ in UTC." + format: date-time + endTime: + type: string + description: "End of the timestamp for each unit of filled ranges, expressed\ + \ in UTC." + format: date-time + description: Range of timestamps already filled since the autoview has been + created. + UpdateScheduledViewDefinition: + type: object + properties: + dataForwardingId: + type: string + description: An optional ID of a data forwarding configuration to be used + by the scheduled view. + retentionPeriod: + type: integer + description: "The number of days to retain data in the scheduled view, or\ + \ -1 to use the default value for your account. Only relevant if your\ + \ account has multi-retention. enabled." + format: int32 + example: 365 + default: -1 + reduceRetentionPeriodImmediately: + type: boolean + description: "This is required if the newly specified `retentionPeriod`\ + \ is less than the existing retention period. In such a situation, a\ + \ value of `true` says that data between the existing retention period\ + \ and the new retention period should be deleted immediately; if `false`,\ + \ such data will be deleted after seven days. This property is optional\ + \ and ignored if the specified `retentionPeriod` is greater than or equal\ + \ to the current retention period." + default: false + timeZone: + type: string + description: "Updates the time zone for ingesting data in scheduled view\ + \ to the specified timezone ( does nothing if not specified ). Follow\ + \ the format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + ScheduledViewsQuotaUsage: + required: + - quota + - remaining + type: object + properties: + quota: + type: integer + description: Maximum number of Scheduled Views allowed. + format: int32 + example: 200 + remaining: + type: integer + description: Remaining number of Scheduled Views allowed. + format: int32 + example: 121 + LookupTable: + required: + - id + type: object + description: Lookup table definition and metadata. + allOf: + - $ref: '#/components/schemas/MetadataModel' + - $ref: '#/components/schemas/LookupTableDefinition' + - properties: + id: + type: string + description: Identifier of the lookup table as a content item. + example: 0000000001C41EE4 + contentPath: + type: string + description: "Address/path of the parent folder of this lookup table in\ + \ content library. For example, a lookup table existing in the personal/lookupTable\ + \ folder for user johndoe would be: /Library/Users/johndoe@acme.com/lookupTable" + example: /Library/Users/johndoe@acme.com/lookupTable + size: + type: integer + description: The current size of the lookup table in bytes + format: int64 + example: 100 + LookupTableDefinition: + required: + - name + - parentFolderId + type: object + description: Definition of the lookup table. + allOf: + - $ref: '#/components/schemas/ExportableLookupTableInfo' + - properties: + name: + maxLength: 255 + type: string + description: The name of the lookup table. + example: SampleLookupTable + parentFolderId: + type: string + description: The parent-folder-path identifier of the lookup table in + the Library. + example: 0000000001C41EE4 + ExportableLookupTableInfo: + required: + - description + - fields + - primaryKeys + type: object + properties: + description: + maxLength: 1000 + type: string + description: The description of the lookup table. + example: This is a sample lookup table description. + fields: + minItems: 1 + type: array + description: The list of fields in the lookup table. + items: + $ref: '#/components/schemas/LookupTableField' + primaryKeys: + minItems: 1 + uniqueItems: true + type: array + description: The names of the fields that make up the primary key for the + lookup table. These will be a subset of the fields that the table will + contain. + example: + - FieldName1 + items: + type: string + ttl: + maximum: 525600 + minimum: 0 + type: integer + description: A time to live for each entry in the lookup table (in minutes). + 365 days is the maximum time to live for each entry that you can specify. + Setting it to 0 means that the records will not expire automatically. + format: int32 + example: 100 + default: 0 + sizeLimitAction: + pattern: ^(StopIncomingMessages|DeleteOldData)$ + type: string + description: The action that needs to be taken when the size limit is reached + for the table. The possible values can be `StopIncomingMessages` or `DeleteOldData`. + DeleteOldData will start deleting old data once size limit is reached + whereas StopIncomingMessages will discard all the updates made to the + lookup table once size limit is reached. + example: DeleteOldData + default: StopIncomingMessages + x-pattern-message: must be either `StopIncomingMessages` or `DeleteOldData` + description: The lookup table definition independent of its location in the + Library and name. + LookupTableField: + required: + - fieldName + - fieldType + type: object + properties: + fieldName: + type: string + description: The name of the field. + example: FieldName1 + fieldType: + pattern: ^(boolean|int|long|double|string)$ + type: string + description: |- + The data type of the field. Supported types: + - `boolean` + - `int` + - `long` + - `double` + - `string` + example: boolean + x-pattern-message: "must be one of the following: `boolean`, `int`, `long`,\ + \ `double`, `string`" + description: The definition of the field. + LookupUpdateDefinition: + required: + - description + - ttl + type: object + properties: + ttl: + maximum: 525600 + minimum: 0 + type: integer + description: A time to live for each entry in the lookup table (in minutes). + 0 is a special value. A TTL of 0 implies entry will never be deleted from + the table. + format: int32 + example: 100 + default: 0 + description: + maxLength: 1000 + type: string + description: The description of the lookup table. The description cannot + be blank. + example: This is a sample lookup table description. + sizeLimitAction: + type: string + description: The action that needs to be taken when the size limit is reached + for the table. The possible values can be `StopIncomingMessages` or `DeleteOldData`. + DeleteOldData will starting deleting old data once size limit is reached + whereas StopIncomingMessages will discard all the updates made to the + lookup table once size limit is reached. + example: DeleteOldData + default: StopIncomingMessages + description: The updated lookup table parameters. + LookupRequestToken: + required: + - id + type: object + properties: + id: + type: string + description: The identifier used to track the request. + example: 0000000001C41EF2 + description: Allows you to track the status of an upload or export request. + LookupAsyncJobStatus: + required: + - createdAt + - eventType + - jobId + - lookupContentId + - lookupContentPath + - lookupName + - modifiedAt + - status + - userId + type: object + properties: + jobId: + type: string + description: An identifier returned in response to an asynchronous request. + example: 0000000001C41EF2 + status: + type: string + description: "Whether or not the request is pending (`Pending`), in progress\ + \ (`InProgress`), has completed successfully (`Success`), has completed\ + \ partially with warnings (`PartialSuccess`) or has completed with an\ + \ error (`Failed`)." + statusMessages: + type: array + description: Additional status messages generated if any if the status is + `Success`. + items: + type: string + errors: + type: array + description: "More information about the failures, if the status is `Failed`." + items: + $ref: '#/components/schemas/ErrorDescription' + warnings: + type: array + description: "More information about the warnings, if the status is `PartialSuccess`." + items: + $ref: '#/components/schemas/warningDescription' + lookupContentId: + type: string + description: Content id of lookup table on which this operation was performed. + example: 0000000001C41EE4 + lookupName: + type: string + description: Name of lookup table on which this operation was performed. + example: sampleLookup + lookupContentPath: + type: string + description: Content path of lookup table on which this operation was performed. + example: /Library/Users/xyz@demo.com/sampleLookup + requestType: + type: string + description: |- + Type of asynchronous request made: + - `BulkMerge` + - `BulkReplace` + - `Truncate` + example: BulkMerge + userId: + type: string + description: User id of user who initiated this operation. + example: 0000000006743FDD + createdAt: + type: string + description: Creation time of this job in UTC. + format: date-time + example: 2018-10-16T09:10:00Z + modifiedAt: + type: string + description: Timestamp in UTC when status was last updated. + format: date-time + example: 2018-10-16T09:10:00Z + description: Lookup table async job status. + warningDescription: + required: + - message + type: object + properties: + message: + type: string + description: Description of the warning. + example: 60 rows were dropped. + cause: + type: string + description: An optional cause of this warning. + example: Primary key values were duplicate. + description: Warning description + LookupPreviewData: + type: object + properties: + fieldProperties: + type: array + description: "The field properties of the lookup table. This includes the\ + \ field name, field description, and an identifier associated with each\ + \ field." + items: + $ref: '#/components/schemas/PreviewLookupTableField' + fieldValueMapList: + type: array + description: The data of the lookup table as a list of field identifiers + mapped to their values. + items: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: A map of all the field identifiers and their corresponding + values. + description: The preview data of the lookup table. + PreviewLookupTableField: + required: + - fieldId + - fieldName + - fieldType + type: object + properties: + fieldName: + type: string + description: The name of the field. + example: sampleFieldName + fieldType: + type: string + description: |- + The data type of the field. Supported types: + - `boolean` + - `int` + - `long` + - `double` + - `string` + example: boolean + fieldId: + type: string + description: Identifier associated with each field of the table. + example: "1" + description: The properties of the field. + RowUpdateDefinition: + required: + - row + type: object + properties: + row: + maxItems: 1000 + type: array + description: A list of all the field identifiers and their corresponding + values. + items: + $ref: '#/components/schemas/TableRow' + description: Lookup table data to be uploaded. + TableRow: + required: + - columnName + - columnValue + type: object + properties: + columnName: + type: string + description: Name of the column of the table. + example: user_id + columnValue: + type: string + description: Value of the specified column. + example: user1 + description: Lookup table row column and column value. + RowDeleteDefinition: + required: + - primaryKey + type: object + properties: + primaryKey: + maxItems: 1000 + type: array + description: A list of all the primary key field identifiers and their corresponding + values which defines the row to delete. + items: + $ref: '#/components/schemas/TableRow' + description: Lookup table primary key of the row to be deleted. + SecondaryKeysDefinition: + maxItems: 20 + minItems: 1 + type: array + description: The secondary keys of the lookup table + example: + - - ip + - - latitude + - longitude + items: + type: array + items: + type: string + LookupTablesLimits: + type: object + properties: + tablesCreated: + type: integer + description: Number of lookup tables currently created. + format: int32 + example: 8 + tableCapacityRemaining: + type: integer + description: Remaining count of lookup tables that can be created. + format: int32 + example: 2 + totalTableCapacity: + type: integer + description: Total capacity of lookup tables that can be created for the + given org id. + format: int32 + example: 10 + description: Properties related to lookup tables being allowed and created. + ListPartitionsResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of partitions. + items: + $ref: '#/components/schemas/Partition' + next: + type: string + description: Next continuation token. + example: "1" + Partition: + type: object + allOf: + - $ref: '#/components/schemas/CreatePartitionDefinition' + - $ref: '#/components/schemas/ViewRetentionProperties' + - $ref: '#/components/schemas/MetadataModel' + - required: + - id + - totalBytes + properties: + id: + type: string + description: Unique identifier for the partition. + example: "1" + totalBytes: + type: integer + description: Size of data in partition in bytes. + format: int64 + example: 42 + isActive: + type: boolean + description: This has the value `true` if the partition is active and + `false` if it has been decommissioned. + indexType: + pattern: ^(DefaultIndex|AuditIndex|Partition)$ + type: string + description: "This has the value `DefaultIndex`, `AuditIndex`or `Partition`\ + \ depending upon the type of partition." + example: Partition + dataForwardingId: + type: string + description: Id of the data forwarding configuration to be used by the + partition. + CreatePartitionDefinition: + required: + - name + - routingExpression + type: object + properties: + name: + maxLength: 255 + type: string + description: The name of the partition. + example: apache + routingExpression: + maxLength: 16384 + minLength: 1 + type: string + description: The query that defines the data to be included in the partition. + example: _sourcecategory=*/Apache + analyticsTier: + type: string + description: |- + The Data Tier where the data in the partition will reside. Possible values are: + 1. `continuous` + 2. `frequent` + 3. `infrequent` + Note: The "infrequent" and "frequent" tiers are only available to Cloud Flex Credits Enterprise Suite accounts. + example: continuous + x-limited-description: The Data Tier where the data in the partition will + reside. You can leave it empty or send `flex`. It is the only value applicable + on your account. + x-limited-example: flex + retentionPeriod: + type: integer + description: "The number of days to retain data in the partition, or -1\ + \ to use the default value for your account. Only relevant if your account\ + \ has variable retention enabled." + example: 365 + default: -1 + isCompliant: + type: boolean + description: "Whether the partition is compliant or not. Mark a partition\ + \ as compliant if it contains data used for compliance or audit purpose.\ + \ Retention for a compliant partition can only be increased and cannot\ + \ be reduced after the partition is marked compliant. A partition once\ + \ marked compliant, cannot be marked non-compliant later." + example: false + default: false + isIncludedInDefaultSearch: + type: boolean + description: "Indicates whether the partition is included in the default\ + \ search scope. When executing a query such as \"error | count,\" certain\ + \ partitions are automatically part of the search scope. However, for\ + \ specific partitions, the user must explicitly mention the partition\ + \ using the _index term, as in \"_index=webApp error | count\". This\ + \ property governs the default inclusion of the partition in the search\ + \ scope. Configuring this property is exclusively permitted for flex partitions." + example: true + ViewRetentionProperties: + type: object + properties: + newRetentionPeriod: + type: integer + description: "If the retention period is scheduled to be updated in the\ + \ future (i.e., if retention period is previously reduced with value of\ + \ reduceRetentionPeriodImmediately as false), this property gives the\ + \ future value of retention period while retentionPeriod gives the current\ + \ value. retentionPeriod will take up the value of newRetentionPeriod\ + \ after the scheduled time." + format: int32 + example: 300 + retentionEffectiveAt: + type: string + description: When the newRetentionPeriod will become effective in UTC format. + format: date-time + ListPartitionsInfoResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of partitions information + items: + $ref: '#/components/schemas/PartitionInfo' + next: + type: string + description: Next continuation token. + example: "1" + PartitionInfo: + required: + - name + type: object + properties: + name: + maxLength: 255 + type: string + description: The name of the partition. + example: apache + analyticsTier: + type: string + description: |- + The Data Tier where the data in the partition will reside. Possible values are: + 1. `continuous` + 2. `frequent` + 3. `infrequent` + Note: The "infrequent" and "frequent" tiers are only available to Cloud Flex Credits Enterprise Suite accounts. + example: continuous + x-limited-description: The Data Tier where the data in the partition will + reside. `flex` is the default value. + x-limited-example: flex + dataFilterGroup: + type: string + description: |- + The Data Filter Group to which this parition belongs to. Possible values are : + 1. `LOGS` + 2. `SECURITY` + 3. `AUDIT` + example: LOGS + UpdatePartitionDefinition: + type: object + properties: + retentionPeriod: + type: integer + description: "The number of days to retain data in the partition, or -1\ + \ to use the default value for your account. Only relevant if your account\ + \ has variable retention enabled." + example: 365 + reduceRetentionPeriodImmediately: + type: boolean + description: "This is required if the newly specified `retentionPeriod`\ + \ is less than the existing retention period. In such a situation, a\ + \ value of `true` says that data between the existing retention period\ + \ and the new retention period should be deleted immediately; if `false`,\ + \ such data will be deleted after seven days. This property is optional\ + \ and ignored if the specified `retentionPeriod` is greater than or equal\ + \ to the current retention period." + default: false + isCompliant: + type: boolean + description: "Whether to mark a partition as compliant. Mark a partition\ + \ as compliant if it contains data used for compliance or audit purpose.\ + \ Retention for a compliant partition can only be increased and cannot\ + \ be reduced after the partition marked as compliant. A partition once\ + \ marked compliant, cannot be marked non-compliant later." + example: false + default: false + isIncludedInDefaultSearch: + type: boolean + description: "Indicates whether the partition is included in the default\ + \ search scope. When executing a query such as \"error | count,\" certain\ + \ partitions are automatically part of the search scope. However, for\ + \ specific partitions, the user must explicitly mention the partition\ + \ using the _index term, as in \"_index=webApp error | count\". This\ + \ property governs the default inclusion of the partition in the search\ + \ scope. Configuring this property is exclusively permitted for flex partitions." + routingExpression: + maxLength: 16384 + minLength: 1 + type: string + description: The query that defines the data to be included in the partition. + example: _sourcecategory=*/Apache + PartitionsResponse: + required: + - data + type: object + properties: + data: + type: array + description: Array of partitions. + items: + $ref: '#/components/schemas/Partition' + PartitionsQuotaUsage: + required: + - quota + - remaining + type: object + properties: + quota: + type: integer + description: Maximum number of Partitions allowed. + format: int32 + example: 200 + remaining: + type: integer + description: Remaining number of Partitions allowed. + format: int32 + example: 121 + GetDataForwardingDestinations: + type: object + properties: + nextToken: + type: string + description: Next continuation token. + example: VEZuRU4veXF2UWFCUURYSDNQUzJxWlpRRUsvTlBieXA + data: + type: array + description: List of data forwarding destinations. + items: + $ref: '#/components/schemas/BucketDefinition' + BucketDefinition: + type: object + allOf: + - $ref: '#/components/schemas/CreateBucketDefinition' + - $ref: '#/components/schemas/MetadataModel' + - required: + - bucketName + - destinationName + - id + properties: + id: + type: string + description: The unique identifier of the data forwarding destination. + example: "1" + invalidatedBySystem: + type: boolean + description: True if invalidated by the system. + CreateBucketDefinition: + type: object + allOf: + - $ref: '#/components/schemas/UpdateBucketDefinition' + - $ref: '#/components/schemas/CreateBucketDefinitionItems' + UpdateBucketDefinition: + required: + - authenticationMode + type: object + properties: + destinationName: + type: string + description: Name of the S3 data forwarding destination. + example: df-destination + description: + type: string + description: Description of the S3 data forwarding destination. + authenticationMode: + type: string + description: "AWS IAM authentication method used for access. Possible values\ + \ are: 1. `AccessKey` 2. `RoleBased`" + example: RoleBased + accessKeyId: + type: string + description: The AWS Access ID to access the S3 bucket. + example: accessKeyId + secretAccessKey: + type: string + description: The AWS Secret Key to access the S3 bucket. + example: secretAccessKey + roleArn: + type: string + description: The AWS Role ARN to access the S3 bucket. + example: roleArn + region: + type: string + description: The region where the S3 bucket is located. + example: us-east-1 + encrypted: + type: boolean + description: Enable S3 server-side encryption. + enabled: + type: boolean + description: True if the destination is Active. + example: true + CreateBucketDefinitionItems: + required: + - authenticationMode + - bucketName + - destinationName + type: object + properties: + bucketName: + pattern: "(?!(^xn--|-s3alias$))^[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]$" + type: string + description: The name of the Amazon S3 bucket. + example: df-bucket + x-pattern-message: Must be a valid AWS S3 Bucket name. + GetRulesAndBucketsResult: + type: object + properties: + data: + type: array + description: List of S3 data forwarding rules. + items: + $ref: '#/components/schemas/RuleAndBucketDetail' + nextToken: + type: string + description: Next continuation token. + example: VEZuRU4veXF2UWFCUURYSDNQUzJxWlpRRUsvTlBieXA + RuleAndBucketDetail: + allOf: + - $ref: '#/components/schemas/DataForwardingRule' + - type: object + properties: + bucket: + $ref: '#/components/schemas/logs-data-forwarding-rule-management' + DataForwardingRule: + allOf: + - $ref: '#/components/schemas/CreateDataForwardingRule' + - $ref: '#/components/schemas/MetadataModel' + - type: object + properties: + id: + type: string + description: The unique identifier of the data forwarding rule. + example: "1" + CreateDataForwardingRule: + required: + - destinationId + - indexId + type: object + properties: + indexId: + type: string + description: The `id` of the Partition or Scheduled View the rule applies + to. + example: "1" + destinationId: + type: string + description: The data forwarding destination id. + example: "1" + enabled: + type: boolean + description: True when the data forwarding rule is enabled. + example: true + fileFormat: + type: string + description: Specify the path prefix to a directory in the S3 bucket and + how to format the file name. + example: "{index}_{day}_{hour}_{minute}_{second}" + payloadSchema: + pattern: ^(builtInFields|allFields|raw)$ + type: string + description: "Schema for the payload. Default value of the payload schema\ + \ is \"allFields\" for scheduled view, and \"builtInFields\" for partition.\ + \ \"raw\" payloadSchema should be used in conjunction with \"text\" format\ + \ and vice-versa." + example: builtInFields + x-pattern-message: "should be one of the following: 'builtInFields', 'allFields'\ + \ or 'raw'" + format: + pattern: ^(csv|json|text)$ + type: string + description: Format of the payload. Default format will be "csv". "text" + format should be used in conjunction with "raw" payloadSchema and vice-versa. + example: csv + x-pattern-message: "should be one of the following: 'csv', 'json' or 'text'" + UpdateDataForwardingRule: + type: object + properties: + destinationId: + type: string + description: Data forwarding destination id. + example: "1" + enabled: + type: boolean + description: True when the data forwarding rule is enabled. + example: true + fileFormat: + type: string + description: Specify the path prefix to a directory in the S3 bucket and + how to format the file name. + example: "{index}_{day}_{hour}_{minute}_{second}" + payloadSchema: + pattern: ^(builtInFields|allFields|raw)$ + type: string + description: "Schema for the payload. Default value of the payload schema\ + \ is \"allFields\" for scheduled view, and \"builtInFields\" for partition.\ + \ \"raw\" payloadSchema should be used in conjunction with \"text\" format\ + \ and vice-versa." + example: builtInFields + x-pattern-message: "should be one of the following: 'builtInFields', 'allFields'\ + \ or 'raw'" + format: + pattern: ^(csv|json|text)$ + type: string + description: Format of the payload. Default format will be "csv". "text" + format should be used in conjunction with "raw" payloadSchema and vice-versa. + example: csv + x-pattern-message: "should be one of the following: 'csv', 'json' or 'text'" + PaginatedLogSearches: + required: + - logSearches + type: object + properties: + logSearches: + type: array + description: List of log searches. + items: + $ref: '#/components/schemas/LogSearch' + warnings: + type: array + description: List of warning messages for invalid log search definitions. + items: + type: string + example: "Invalid saved search: . Please validate your\ + \ saved search." + token: + type: string + description: Next continuation token. `token` is set to null when no more + pages are left. + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + LogSearch: + allOf: + - $ref: '#/components/schemas/LogSearchDefinition' + - $ref: '#/components/schemas/MetadataModel' + - required: + - id + type: object + properties: + id: + type: string + description: Identifier of the saved log search. + example: 000000000000001A + parentId: + type: string + description: "Identifier of the parent element in the content library,\ + \ such as folder." + example: 0000000000007D2B + x-tf-generated-properties: "id,parentId,name,description,schedule,queryString,timeRange,runByReceiptTime,queryParameters,parsingMode,intervalTimeType" + x-tf-resource-name: LogSearch + LogSearchDefinition: + type: object + allOf: + - $ref: '#/components/schemas/LogSearchQueryTimeRangeBase' + - required: + - name + properties: + name: + maxLength: 255 + minLength: 1 + pattern: "^[a-zA-Z0-9 +%-@.,_()\\\\]+$" + type: string + description: Name of the item in the content library. + example: Short title + description: + maxLength: 255 + type: string + description: Item description in the content library. + example: Long and detailed description + schedule: + $ref: '#/components/schemas/LogSearchScheduleSyncDefinition' + properties: + maxLength: 65536 + type: string + description: | + Aggregate Results Settings and View configurations, Legends settings, and different visualisation settings overrides. Leave this field empty to use the defaults. + This property contains JSON object encoded as a string. + example: "{ \"key\": \"value\" }" + LogSearchQueryTimeRangeBase: + description: Definition of the saved log search with query and timerange. + allOf: + - $ref: '#/components/schemas/LogSearchQueryTimeRangeBaseExceptParsingMode' + - $ref: '#/components/schemas/LogSearchQueryParsingMode' + LogSearchQueryTimeRangeBaseExceptParsingMode: + required: + - queryString + - timeRange + type: object + properties: + queryString: + maxLength: 15000 + type: string + description: Query to perform. + example: "error {{sourceCategory}}| count by _sourceCategory" + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + runByReceiptTime: + type: boolean + description: This has the value `true` if the search is to be run by receipt + time and `false` if it is to be run by message time. + example: false + default: false + queryParameters: + maxLength: 50 + type: array + description: "Values for search template used in the search query. Learn\ + \ more about the search templates here : https://help.sumologic.com/docs/search/get-started-with-search/build-search/search-templates/" + items: + $ref: '#/components/schemas/LogSearchQueryParameterSyncDefinitionBase' + intervalTimeType: + pattern: ^(messageTime|receiptTime|searchableTime)$ + type: string + description: "This parameter defines whether you want to run the search\ + \ by messageTime, receiptTime, or searchableTime. By default, the search\ + \ will run by messageTime. If both runByReceiptTime and intervalTimeType\ + \ parameters are present then the preference will be given to the intervalTimeType." + example: messageTime + default: messageTime + x-pattern-message: should be either 'messageTime' or 'receiptTime' or 'searchableTime' + description: Definition of the saved log search with query and timerange. + LogSearchQueryParameterSyncDefinitionBase: + required: + - dataType + - name + - value + type: object + properties: + name: + maxLength: 50 + pattern: "^[a-zA-Z0-9_]+$" + type: string + description: The name of the parameter. + example: sourceCategory + x-pattern-message: Name must be between 1 and 50 Characters. Can only consist + alphanumeric and underscore characters. + description: + maxLength: 256 + pattern: "^[a-zA-Z0-9@ \\-_\\.]+$" + type: string + description: A description of the parameter. + example: source category for the string + x-pattern-message: "Description must be between 1 and 256 Characters. Can\ + \ only consist alphanumeric, @, underscore and dash characters." + dataType: + pattern: ^(NUMBER|STRING|ANY|KEYWORD)$ + type: string + description: |- + The data type of the parameter. Supported values are: + 1. `NUMBER` + 2. `STRING` + 3. `ANY` + 4. `KEYWORD` + example: STRING + value: + maxLength: 256 + type: string + description: A value for the parameter. Should be compatible with the type + set in dataType field. + example: apache + LogSearchQueryParsingMode: + type: object + properties: + parsingMode: + pattern: ^(AutoParse|Manual)$ + type: string + description: |- + Define the parsing mode to scan the JSON format log messages. Possible values are: + 1. `AutoParse` + 2. `Manual` + In AutoParse mode, the system automatically figures out fields to parse based on the search query. While in the Manual mode, no fields are parsed out automatically. For more information see [Dynamic Parsing](https://help.sumologic.com/?cid=0011). + example: AutoParse + default: Manual + description: Definition of log search parsing mode + SaveLogSearchRequest: + type: object + description: The definition of the log search to save in the content library. + allOf: + - $ref: '#/components/schemas/LogSearchDefinition' + - required: + - parentId + properties: + parentId: + type: string + description: Identifier of a folder where to save the log search. + example: 000000000000001A + ListDeletionRulesResponse: + required: + - deletionRulesList + type: object + properties: + deletionRulesList: + type: array + description: List of data deletion rules. + items: + $ref: '#/components/schemas/DeletionRuleDefinition' + next: + type: string + description: Next Continuation token + DeletionRuleDefinition: + allOf: + - $ref: '#/components/schemas/CreateDeletionRuleRequest' + - type: object + properties: + id: + type: string + description: Identifier for the deletion rule. + createdAt: + type: string + description: Creation timestamp in UTC. + format: date-time + modifiedAt: + type: string + description: "Last modification timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + error: + type: string + description: Errors related to the deletion rule. + status: + type: string + description: Status of the deletion rule. + createdBy: + type: string + description: Identifier of the user who created the deletion rule. + example: 0000000006743FE8 + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + example: 0000000006743FE8 + deletedRanges: + type: array + description: List of the different units of deleted ranges since the deletion + rule has been created. + items: + $ref: '#/components/schemas/DeletedRange' + CreateDeletionRuleRequest: + required: + - endMillis + - query + - ruleName + - ruleReason + - startMillis + type: object + properties: + ruleName: + maxLength: 127 + minLength: 1 + type: string + description: Name of the deletion rule. + ruleReason: + maxLength: 255 + minLength: 1 + type: string + description: Reason mentioning what data is being deleted and why. + query: + maxLength: 15000 + minLength: 0 + type: string + description: query to filter out the logs that need to be deleted. + startMillis: + type: integer + description: Start time of the search as a number of milliseconds. + format: int64 + example: 1704976268773 + endMillis: + type: integer + description: End time of the search as a number of milliseconds. + format: int64 + example: 1704977168773 + byReceiptTime: + type: boolean + description: Flag to order the search results in the order collector received + it. This has the value `true` if the search is to be run by receipt time + and `false` if it is to be run by message time. + default: false + timezone: + type: string + description: "Timezone for the resolving timerange from startMillis,endMillis" + default: UTC + parsingMode: + pattern: ^(AutoParse|Manual)$ + type: string + description: |- + Define the parsing mode to scan the JSON format log messages. Possible values are: + 1. `AutoParse` + 2. `Manual` + In AutoParse mode, the system automatically figures out fields to parse based on the search query. While in the Manual mode, no fields are parsed out automatically. For more information see [Dynamic Parsing](https://help.sumologic.com/?cid=0011). + example: AutoParse + default: Manual + DeletedRange: + required: + - endTime + - startTime + type: object + properties: + startTime: + type: string + description: "Start of the timestamp for each unit of filled ranges, expressed\ + \ in timeZone specified in rule." + format: date-time + endTime: + type: string + description: "End of the timestamp for each unit of filled ranges, expressed\ + \ in timeZone specified in rule." + format: date-time + description: Range of timestamps from which logs obtained from the query have + been deleted. + ListDataMaskingRulesResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of data masking rules. + items: + $ref: '#/components/schemas/DataMaskingRule' + next: + type: string + description: Next continuation token. Null if this is the last page. + DataMaskingRule: + type: object + allOf: + - $ref: '#/components/schemas/DataMaskingRuleDefinition' + - $ref: '#/components/schemas/MetadataModel' + - required: + - id + properties: + id: + type: string + description: Unique identifier for the data masking rule. + example: 00000000FF42A0C3 + x-tf-generated-properties: "id,name,description,regexPattern,maskString,enabled" + x-tf-resource-name: DataMaskingRule + DataMaskingRuleDefinition: + type: object + allOf: + - $ref: '#/components/schemas/BaseDataMaskingRuleDefinition' + - required: + - name + properties: + name: + maxLength: 128 + minLength: 1 + type: string + description: Name of the data masking rule. Use a name that makes it easy + to identify the rule. Must be unique within the organization. This field + is immutable and cannot be changed after creation. + example: Email Masking + BaseDataMaskingRuleDefinition: + required: + - enabled + - regexPattern + type: object + properties: + description: + maxLength: 512 + type: string + description: Optional description of the data masking rule. Provide context + about what PII this rule masks and why it's needed. + example: Masks email addresses in application logs + regexPattern: + maxLength: 2048 + minLength: 1 + type: string + description: Regular expression pattern to match PII data that should be + masked. The pattern must be valid according to Java regex syntax. All + matches in search results will be replaced with the mask string. + example: "\\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,6}\\b" + maskString: + maxLength: 64 + minLength: 1 + type: string + description: The string to replace matched PII with. Defaults to '##redactedPII##' + if not specified. Use descriptive mask strings like 'EMAIL_REDACTED' or + 'PHONE_REDACTED' for clarity. + example: EMAIL_REDACTED + default: '##redactedPII##' + enabled: + type: boolean + description: Whether the data masking rule is active. Only enabled rules + are applied to search results. Set to false to temporarily disable a rule + without deleting it. + default: true + ListExtractionRulesResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of field extraction rules. + items: + $ref: '#/components/schemas/ExtractionRule' + next: + type: string + description: Next continuation token. + ExtractionRule: + type: object + allOf: + - $ref: '#/components/schemas/ExtractionRuleDefinition' + - $ref: '#/components/schemas/MetadataModel' + - required: + - id + properties: + id: + type: string + description: Unique identifier for the field extraction rule. + fieldNames: + type: array + description: List of extracted fields from "parseExpression". + items: + type: string + x-tf-generated-properties: "id,name,scope,parseExpression,enabled" + x-tf-resource-name: ExtractionRule + ExtractionRuleDefinition: + allOf: + - $ref: '#/components/schemas/BaseExtractionRuleDefinition' + - type: object + properties: + enabled: + type: boolean + description: Is the field extraction rule enabled. + default: true + BaseExtractionRuleDefinition: + required: + - name + - parseExpression + - scope + type: object + properties: + name: + maxLength: 256 + minLength: 1 + type: string + description: Name of the field extraction rule. Use a name that makes it + easy to identify the rule. + example: ExtractionRule123 + scope: + maxLength: 2048 + minLength: 0 + type: string + description: "Scope of the field extraction rule. This could be a sourceCategory,\ + \ sourceHost, or any other metadata that describes the data you want to\ + \ extract from. Think of the Scope as the first portion of an ad hoc search,\ + \ before the first pipe ( | ). You'll use the Scope to run a search against\ + \ the rule." + example: _sourceHost=127.0.0.1 + parseExpression: + maxLength: 16384 + type: string + description: Describes the fields to be parsed. + example: csv _raw extract 1 as f1 + UpdateExtractionRuleDefinition: + allOf: + - $ref: '#/components/schemas/BaseExtractionRuleDefinition' + - required: + - enabled + type: object + properties: + enabled: + type: boolean + description: Is the field extraction rule enabled. + ListDynamicRulesResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of dynamic parsing rules. + items: + $ref: '#/components/schemas/DynamicRule' + next: + type: string + description: Next continuation token. + example: 0000000001C51FF7 + DynamicRule: + type: object + allOf: + - $ref: '#/components/schemas/DynamicRuleDefinition' + - $ref: '#/components/schemas/Metadata' + - required: + - id + - isSystemRule + properties: + id: + type: string + description: Unique identifier for the dynamic parsing rule. + example: 0000000001C41EE4 + isSystemRule: + type: boolean + description: "Whether the rule has been defined by the system, rather\ + \ than by a user." + example: false + DynamicRuleDefinition: + required: + - enabled + - name + - scope + type: object + properties: + name: + maxLength: 256 + minLength: 1 + type: string + description: Name of the dynamic parsing rule. Use a name that makes it + easy to identify the rule. + example: DynamicParsingRule123 + scope: + maxLength: 2048 + minLength: 1 + type: string + description: "Scope of the dynamic parsing rule. This could be a sourceCategory,\ + \ sourceHost, or any other metadata that describes the data you want to\ + \ extract from. Think of the Scope as the first portion of an ad hoc search,\ + \ before the first pipe ( | ). You'll use the Scope to run a search against\ + \ the rule." + example: _sourceHost=127.0.0.1 + enabled: + type: boolean + description: Is the dynamic parsing rule enabled. + example: false + default: true + ListCustomFieldsResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of custom fields. + items: + $ref: '#/components/schemas/CustomField' + CustomField: + allOf: + - $ref: '#/components/schemas/FieldName' + - required: + - dataType + - fieldId + - state + type: object + properties: + fieldId: + type: string + description: Identifier of the field. + example: 00000000031D02DA + dataType: + pattern: ^(String|Long|Int|Double|Boolean)$ + type: string + description: "Field type. Possible values are `String`, `Long`, `Int`,\ + \ `Double`, and `Boolean`." + example: String + x-pattern-message: "Must be `String`, `Long`, `Int`, `Double` or `Boolean`" + state: + pattern: ^(Enabled|Disabled)$ + type: string + description: Indicates whether the field is enabled and its values are + being accepted. Possible values are `Enabled` and `Disabled`. + example: Enabled + x-pattern-message: Must be `Enabled` or `Disabled` + FieldName: + required: + - fieldName + type: object + properties: + fieldName: + maxLength: 255 + minLength: 1 + type: string + description: Field name. + example: hostIP + ListDroppedFieldsResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of dropped fields. + items: + $ref: '#/components/schemas/DroppedField' + DroppedField: + allOf: + - $ref: '#/components/schemas/FieldName' + ListBuiltinFieldsResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of built-in fields. + items: + $ref: '#/components/schemas/BuiltinField' + BuiltinField: + allOf: + - $ref: '#/components/schemas/FieldName' + - required: + - dataType + - fieldId + - state + type: object + properties: + fieldId: + type: string + description: Identifier of the field. + example: 00000000031D02DA + dataType: + pattern: ^(String|Long|Int|Double|Boolean)$ + type: string + description: "Field type. Possible values are `String`, `Long`, `Int`,\ + \ `Double`, and `Boolean`." + example: String + x-pattern-message: "Must be `String`, `Long`, `Int`, `Double` or `Boolean`" + state: + pattern: ^(Enabled|Disabled)$ + type: string + description: Indicates whether the field is enabled and its values are + being accepted. Possible values are `Enabled` and `Disabled`. + example: Enabled + x-pattern-message: Must be `Enabled` or `Disabled` + FieldQuotaUsage: + required: + - quota + - remaining + type: object + properties: + quota: + type: integer + description: Maximum number of fields available. + format: int32 + example: 200 + remaining: + type: integer + description: Current number of fields available. + format: int32 + example: 121 + ListFieldNamesResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of all built-in and custom field names. + items: + $ref: '#/components/schemas/FieldName' + ListCustomFieldsUsageResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of fields with their usages. + items: + $ref: '#/components/schemas/CustomFieldUsage' + CustomFieldUsage: + allOf: + - $ref: '#/components/schemas/FieldName' + - required: + - dataType + - fieldId + - state + type: object + properties: + fieldId: + type: string + description: Identifier of the field. + example: 00000000031D02DA + dataType: + pattern: ^(String|Long|Int|Double|Boolean)$ + type: string + description: "Field type. Possible values are `String`, `Long`, `Int`,\ + \ `Double`, `Boolean`." + example: String + x-pattern-message: "Must be `String`, `Long`, `Int`, `Double` or `Boolean`" + state: + pattern: ^(Enabled|Disabled)$ + type: string + description: Indicates whether the field is enabled and its values are + being accepted. Possible values are `Enabled` and `Disabled`. + example: Enabled + x-pattern-message: Must be `Enabled` or `Disabled` + fieldExtractionRules: + type: array + description: An array of hexadecimal identifiers of field extraction rules + which use this field. + items: + type: string + roles: + type: array + description: An array of hexadecimal identifiers of roles which use this + field in the search filter. + items: + type: string + partitions: + type: array + description: An array of hexadecimal identifiers of partitions which use + this field in the routing expression. + items: + type: string + collectorsCount: + type: integer + description: Total number of collectors using this field. + format: int32 + example: 228 + sourcesCount: + type: integer + description: Total number of sources using this field. + format: int32 + example: 228 + ListBuiltinFieldsUsageResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of fields with their usages. + items: + $ref: '#/components/schemas/BuiltinFieldUsage' + BuiltinFieldUsage: + allOf: + - $ref: '#/components/schemas/FieldName' + - required: + - dataType + - fieldId + - state + type: object + properties: + fieldId: + type: string + description: Identifier of the field. + example: 00000000031D02DA + dataType: + pattern: ^(String|Long|Int|Double|Boolean)$ + type: string + description: "Field type. Possible values are `String`, `Long`, `Int`,\ + \ `Double`, `Boolean`." + example: String + x-pattern-message: "Must be `String`, `Long`, `Int`, `Double` or `Boolean`" + state: + pattern: ^(Enabled|Disabled)$ + type: string + description: Indicates whether the field is enabled and its values are + being accepted. Possible values are `Enabled` and `Disabled`. + example: Enabled + x-pattern-message: Must be `Enabled` or `Disabled` + fieldExtractionRules: + type: array + description: An array of hexadecimal identifiers of field extraction rules + which use this field. + items: + type: string + roles: + type: array + description: An array of hexadecimal identifiers of roles which use this + field in the search filter. + items: + type: string + partitions: + type: array + description: An array of hexadecimal identifiers of partitions which use + this field in the routing expression. + items: + type: string + GetCollectorsUsageResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of collectors. + items: + $ref: '#/components/schemas/Collector' + next: + type: string + description: Next continuation token. + Collector: + required: + - collectorId + - collectorName + type: object + properties: + collectorId: + type: string + description: Identifier of a collector. + example: 000000000000000F + collectorName: + type: string + description: Name of a collector. + example: SyslogCollector + GetSourcesUsageResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of sources. + items: + $ref: '#/components/schemas/Source' + next: + type: string + description: Next continuation token. + Source: + required: + - sourceId + - sourceName + type: object + properties: + sourceId: + type: string + description: Identifier of a source. + example: 000000000000000F + sourceName: + type: string + description: Name of a source. + example: Collector + ListIngestBudgetsResponseV2: + required: + - data + type: object + properties: + data: + type: array + description: List of ingest budgets. + items: + $ref: '#/components/schemas/IngestBudgetV2' + next: + type: string + description: Next continuation token. + IngestBudgetV2: + type: object + allOf: + - $ref: '#/components/schemas/IngestBudgetDefinitionV2' + - required: + - createdAt + - createdBy + - id + - modifiedAt + - modifiedBy + - version + properties: + id: + type: string + description: Unique identifier for the ingest budget. + example: 0000000003343FDD + usageBytes: + type: integer + description: "Current usage since the last reset, in bytes." + format: int64 + example: 900 + usageStatus: + pattern: ^(Normal|Approaching|Exceeded|Unknown)$ + type: string + description: "Status of the current usage. Can be `Normal`, `Approaching`,\ + \ `Exceeded`, or `Unknown` (unable to retrieve usage)." + example: Approaching + x-pattern-message: "must be either `Normal`, `Approaching`, `Exceeded`,\ + \ or `Unknown`" + createdAt: + type: string + description: The creation timestamp in UTC of the Ingest Budget. + format: date-time + example: 2018-10-16T09:10:00Z + createdBy: + type: string + description: The identifier of the user who created the Ingest Budget. + example: 0000000006743FDD + modifiedAt: + type: string + description: The modified timestamp in UTC of the Ingest Budget. + format: date-time + example: 2018-10-16T09:10:00Z + modifiedBy: + type: string + description: The identifier of the user who modified the Ingest Budget. + example: 0000000001243FDD + budgetVersion: + type: integer + description: The version of the Ingest Budget + format: int32 + example: 2 + IngestBudgetDefinitionV2: + required: + - action + - capacityBytes + - name + - scope + type: object + properties: + name: + maxLength: 128 + minLength: 1 + type: string + description: Display name of the ingest budget. + example: Developer Budget + scope: + maxLength: 1024 + minLength: 1 + type: string + description: "A scope is a constraint that will be used to identify the\ + \ messages on which budget needs to be applied. A scope is consists of\ + \ key and value separated by =. The field must be enabled in the fields\ + \ table. Value supports wildcard. e.g. _sourceCategory=*prod*payment*,\ + \ cluster=kafka. If the scope is defined _sourceCategory=*nginx* in this\ + \ budget will be applied on messages having fields _sourceCategory=prod/nginx,\ + \ _sourceCategory=dev/nginx, or _sourceCategory=dev/nginx/error" + example: _sourceCategory=*prod*nginx* + capacityBytes: + minimum: 1 + type: integer + description: "Capacity of the ingest budget, in bytes. It takes a few minutes\ + \ for Collectors to stop collecting when capacity is reached. We recommend\ + \ setting a soft limit that is lower than your needed hard limit. The\ + \ capacity bytes unit varies based on the budgetType field. For `dailyVolume`\ + \ budgetType the capacity specified is in bytes/day whereas for `minuteVolume`\ + \ budgetType its bytes/min." + format: int64 + example: 1000 + timezone: + type: string + description: "Time zone of the reset time for the ingest budget. Follow\ + \ the format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + default: Etc/UTC + resetTime: + maxLength: 5 + minLength: 5 + type: string + description: Reset time of the ingest budget in HH:MM format. + example: 23:30 + default: 00:00 + description: + maxLength: 1024 + minLength: 0 + type: string + description: Description of the ingest budget. + action: + pattern: ^(keepCollecting|stopCollecting)$ + type: string + description: |- + Action to take when ingest budget's capacity is reached. All actions are audited. Supported values are: + * `stopCollecting` + * `keepCollecting` + example: stopCollecting + x-pattern-message: must be either `keepCollecting` or `stopCollecting` + auditThreshold: + maximum: 99 + minimum: 1 + type: integer + description: The threshold as a percentage of when an ingest budget's capacity + usage is logged in the Audit Index. + format: int32 + example: 85 + ListUserModelsResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of users. + items: + $ref: '#/components/schemas/UserModel' + next: + type: string + description: Next continuation token. + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + UserModel: + type: object + allOf: + - $ref: '#/components/schemas/CreateUserDefinition' + - $ref: '#/components/schemas/MetadataModel' + - required: + - id + properties: + id: + type: string + description: Unique identifier for the user. + example: 000000000FE20FE2 + isActive: + type: boolean + description: True if the user is active. + example: true + isLocked: + type: boolean + description: "This has the value `true` if the user's account has been\ + \ locked. If a user tries to log into their account several times and\ + \ fails, his or her account will be locked for security reasons." + example: false + isMfaEnabled: + type: boolean + description: True if multi factor authentication is enabled for the user. + example: false + lastLoginTimestamp: + type: string + description: Timestamp of the last login for the user in UTC. Will be + null if the user has never logged in. + format: date-time + CreateUserDefinition: + required: + - email + - firstName + - lastName + - roleIds + type: object + properties: + firstName: + maxLength: 128 + minLength: 1 + type: string + description: First name of the user. + example: John + lastName: + maxLength: 128 + minLength: 0 + type: string + description: Last name of the user. + example: Doe + email: + maxLength: 255 + type: string + description: Email address of the user. + format: email + example: johndoe@acme.com + roleIds: + type: array + description: List of roleIds associated with the user. + example: + - 00000000000001DF + - 00000000000002D2 + items: + type: string + ListUserId: + required: + - data + type: object + properties: + data: + type: array + description: List of users. + items: + type: string + UpdateUserDefinition: + required: + - firstName + - lastName + type: object + properties: + firstName: + maxLength: 128 + minLength: 1 + type: string + description: "First name of the user. If the caller has `manageUsersAndRoles`\ + \ capability, this field can be updated for any user. If the caller does\ + \ NOT have `manageUsersAndRoles` capability, then only the calling user's\ + \ firstName can be updated." + example: John + lastName: + maxLength: 128 + minLength: 0 + type: string + description: "Last name of the user. If the caller has `manageUsersAndRoles`\ + \ capability, this field can be updated for any user. If the caller does\ + \ NOT have `manageUsersAndRoles` capability, then only the calling user's\ + \ lastName can be updated." + example: Doe + isActive: + type: boolean + description: This has the value `true` if the user is active and `false` + if they have been deactivated. To modify this field you must have the + `manageUserAndRoles` capability. + example: true + roleIds: + type: array + description: List of role identifiers associated with the user. To modify + this field you must have the `manageUserAndRoles` capability. + example: + - 00000000000001DF + - 00000000000002D2 + items: + type: string + ChangeEmailRequest: + required: + - email + type: object + properties: + email: + maxLength: 255 + type: string + description: New email address of the user. + format: email + example: johndoe@acme.com + DisableMfaRequest: + required: + - email + - password + type: object + properties: + email: + maxLength: 255 + type: string + description: Email of user whose mfa is being disabled. + format: email + example: johndoe@cme.com + password: + type: string + description: Password of user whose mfa is being disabled. + UserInterests: + required: + - interests + type: object + properties: + interests: + type: array + description: Labels of user interests. + example: + - Kubernetes + - AWS + items: + type: string + ListRoleModelsResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of roles. + items: + $ref: '#/components/schemas/RoleModel' + next: + type: string + description: Next continuation token. + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + RoleModel: + type: object + allOf: + - $ref: '#/components/schemas/CreateRoleDefinition' + - $ref: '#/components/schemas/MetadataModel' + - required: + - id + properties: + id: + type: string + description: Unique identifier for the role. + example: 0000000000E20FE3 + systemDefined: + type: boolean + description: Role is system or user defined. + example: false + x-tf-generated-properties: "id,name,description,filterPredicate,capabilities" + x-tf-resource-name: Role + CreateRoleDefinition: + required: + - name + type: object + properties: + name: + maxLength: 128 + minLength: 1 + type: string + description: Name of the role. + example: DataAdmin + description: + maxLength: 255 + minLength: 0 + type: string + description: Description of the role. + example: Manage data of the org. + filterPredicate: + type: string + description: "A search filter to restrict access to specific logs. The filter\ + \ is silently added to the beginning of each query a user runs. For example,\ + \ using '!_sourceCategory=billing' as a filter predicate will prevent\ + \ users assigned to the role from viewing logs from the source category\ + \ named 'billing'." + example: '!_sourceCategory=billing' + users: + type: array + description: List of user identifiers to assign the role to. + example: + - 0000000006743FE0 + - 0000000005FCE0EE + items: + type: string + capabilities: + type: array + description: "List of [capabilities](https://help.sumologic.com/docs/manage/users-roles/roles/role-capabilities/)\ + \ associated with this role. Valid values are\n### Data Management\n \ + \ - viewCollectors\n - manageCollectors\n - manageBudgets\n - manageDataVolumeFeed\n\ + \ - viewFieldExtraction\n - manageFieldExtractionRules\n - manageS3DataForwarding\n\ + \ - manageContent\n - manageApps\n - dataVolumeIndex\n - manageConnections\n\ + \ - viewScheduledViews\n - manageScheduledViews\n - viewPartitions\n\ + \ - managePartitions\n - viewFields\n - manageFields\n - viewAccountOverview\n\ + \ - manageTokens\n - downloadSearchResults\n - manageIndexes\n - manageDataStreams\n\ + \ - viewParsers\n - viewDataStreams\n\n### Entity management\n - manageEntityTypeConfig\n\ + \n### Metrics\n - metricsTransformation\n - metricsExtraction\n - metricsRules\n\ + \n### Security\n - managePasswordPolicy\n - ipAllowlisting\n - ipWhitelisting\n\ + \ - createAccessKeys\n - manageAccessKeys\n - manageSupportAccountAccess\n\ + \ - manageAuditDataFeed\n - manageSaml\n - shareDashboardOutsideOrg\n\ + \ - manageOrgSettings\n - changeDataAccessLevel\n\n### Dashboards\n\ + \ - shareDashboardWorld\n - shareDashboardAllowlist\n - shareDashboardWhitelist\n\ + \n### UserManagement\n - manageUsersAndRoles\n\n### Observability\n \ + \ - searchAuditIndex\n - auditEventIndex\n\n### Cloud SIEM Enterprise\n\ + \ - viewCse\n - cseViewAutomations\n - cseManageContextActions\n -\ + \ cseViewNetworkBlocks\n - cseManageInsightTags\n - cseViewRules\n \ + \ - cseViewThreatIntelligence\n - cseCommentOnInsights\n - cseViewEntityGroups\n\ + \ - cseManageEntityConfiguration\n - cseManageNetworkBlocks\n - cseManageMatchLists\n\ + \ - cseViewCustomInsights\n - cseManageActions\n - cseManageAutomations\n\ + \ - cseManageMappings\n - cseManageThreatIntelligence\n - cseViewActions\n\ + \ - cseCreateInsights\n - cseManageTagSchemas\n - cseInvokeInsights\n\ + \ - cseManageCustomEntityType\n - cseViewTagSchemas\n - cseDeleteInsights\n\ + \ - cseManageCustomInsights\n - cseViewFileAnalysis\n - cseManageFileAnalysis\n\ + \ - cseManageEntityCriticality\n - cseViewEntityCriticality\n - cseViewEntity\n\ + \ - cseManageCustomInsightStatuses\n - cseViewContextActions\n - cseViewMappings\n\ + \ - cseViewCustomEntityType\n - cseManageEntityGroups\n - cseViewCustomInsightStatuses\n\ + \ - cseViewEnrichments\n - cseManageInsightSignals\n - cseManageRules\n\ + \ - cseManageArtifacts\n - cseViewMatchLists\n - cseManageInsightPolicy\n\ + \ - cseManageEnrichments\n - cseViewEntityConfiguration\n - cseManageEntity\n\ + \ - cseExecuteAutomations\n - cseManageSuppressedEntities\n - cseManageInsightStatus\ + \ \n - cseManageInsightAssignee\n - cseManageFavoriteFields\n - cseViewSuppressedEntities\n\ + \n### Alerting\n - viewMonitorsV2\n - manageMonitorsV2\n - viewAlerts\n\ + \ - viewMutingSchedules\n - manageMutingSchedules\n - adminMonitorsV2\n\ + \n### SLO\n - viewSlos\n - manageSlos\n\n### CloudSoar\n - cloudSoarPlaybooksAccess\n\ + \ - cloudSoarNotificationConfigure\n - cloudSoarReportAll\n - cloudSoarIncidentTriageAccess\n\ + \ - cloudSoarIncidentTaskView\n - cloudSoarIncidentChangeOwnership\n\ + \ - cloudSoarIncidentNotesEdit\n - cloudSoarAPIEmailEdit\n - cloudSoarIncidentTemplatesAccess\n\ + \ - cloudSoarIncidentPlaybooksManage\n - cloudSoarGeneralConfigure\n\ + \ - cloudSoarEntitiesAccess\n - cloudSoarEntitiesBulkPhysicalDelete\n\ + \ - cloudSoarIncidentAttachmentsAccess\n - cloudSoarAppCentralAccess\n\ + \ - cloudSoarBridgeMonitoringAccess\n - viewCloudSoar\n - cloudSoarIncidentView\n\ + \ - cloudSoarObservabilityAccess\n - cloudSoarAPIEmailRead\n - cloudSoarAppCentralExport\n\ + \ - cloudSoarWidgetsAll\n - cloudSoarIncidentTaskReassign\n - cloudSoarIntegrationsAccess\n\ + \ - cloudSoarCustomizationIncidentLabels\n - cloudSoarAutomationRulesConfigure\n\ + \ - cloudSoarIncidentTaskAccessAll\n - cloudSoarAuditAndInformationConfigureAuditTrail\n\ + \ - cloudSoarIncidentTriageEdit\n - cloudSoarIncidentEdit\n - cloudSoarNotificationTriage\n\ + \ - cloudSoarIncidentTriageBulkPhysicalDelete\n - cloudSoarIncidentNotesAccess\n\ + \ - cloudSoarAPIUse\n - cloudSoarIncidentPlaybooksEdit\n - cloudSoarDashboardAll\n\ + \ - cloudSoarEntitiesManage\n - cloudSoarIncidentTemplatesConfigure\n\ + \ - cloudSoarIncidentTriageAccessAll\n - cloudSoarPlaybooksConfigure\n\ + \ - cloudSoarIncidentAccessAll\n - cloudSoarCustomizationLogo\n - cloudSoarIncidentTaskAccess\n\ + \ - cloudSoarIncidentTriageView\n - cloudSoarIntegrationsConfigure\n\ + \ - cloudSoarIncidentManageInvestigators\n - cloudSoarIncidentAccess\n\ + \ - cloudSoarAuditAndInformationLicenseInformation\n - cloudSoarIncidentBulkOperations\n\ + \ - cloudSoarCustomizationFields\n - cloudSoarIncidentTaskEdit\n -\ + \ cloudSoarDashboardAccess\n - cloudSoarIncidentAttachmentsEdit\n -\ + \ cloudSoarIncidentFoldersEdit\n - cloudSoarUserManagementGroups\n -\ + \ cloudSoarIncidentPlaybooksAccess\n - cloudSoarIncidentWarRoomUse\n\ + \ - cloudSoarReportAccess\n - cloudSoarAuditAndInformationAuditTrail\n\ + \ - cloudSoarAutomationRulesAccess\n - cloudSoarIncidentTriageChangeOwnership\n\ + \ - cloudSoarObservabilityManagement" + example: + - manageContent + - manageDataVolumeFeed + - manageFieldExtractionRules + - manageS3DataForwarding + items: + type: string + autofillDependencies: + type: boolean + description: Set this to true if you want to automatically append all missing + capability requirements. If set to false an error will be thrown if any + capabilities are missing their dependencies. + default: true + UpdateRoleDefinition: + required: + - capabilities + - description + - filterPredicate + - name + - users + type: object + properties: + name: + maxLength: 128 + minLength: 1 + type: string + description: Name of the role. + example: DataAdmin + description: + maxLength: 255 + minLength: 0 + type: string + description: Description of the role. + example: Manage data of the org. + filterPredicate: + type: string + description: "A search filter to restrict access to specific logs. The filter\ + \ is silently added to the beginning of each query a user runs. For example,\ + \ using '!_sourceCategory=billing' as a filter predicate will prevent\ + \ users assigned to the role from viewing logs from the source category\ + \ named 'billing'." + example: '!_sourceCategory=billing' + users: + type: array + description: List of user identifiers to assign the role to. + example: + - 0000000006743FE0 + - 0000000005FCE0EE + items: + type: string + capabilities: + type: array + description: |- + List of [capabilities](https://help.sumologic.com/Manage/Users-and-Roles/Manage-Roles/Role-Capabilities) associated with this role. Valid values are + ### Data Management + - viewCollectors + - manageCollectors + - manageBudgets + - manageDataVolumeFeed + - viewFieldExtraction + - manageFieldExtractionRules + - manageS3DataForwarding + - manageContent + - manageApps + - dataVolumeIndex + - manageConnections + - viewScheduledViews + - manageScheduledViews + - viewPartitions + - managePartitions + - viewFields + - manageFields + - viewAccountOverview + - manageTokens + - downloadSearchResults + + ### Entity management + - manageEntityTypeConfig + + ### Metrics + - metricsTransformation + - metricsExtraction + - metricsRules + + ### Security + - managePasswordPolicy + - ipAllowlisting + - createAccessKeys + - manageAccessKeys + - manageSupportAccountAccess + - manageAuditDataFeed + - manageSaml + - shareDashboardOutsideOrg + - manageOrgSettings + - changeDataAccessLevel + + ### Dashboards + - shareDashboardWorld + - shareDashboardAllowlist + + ### UserManagement + - manageUsersAndRoles + + ### Observability + - searchAuditIndex + - auditEventIndex + + ### Cloud SIEM Enterprise + - viewCse + + ### Alerting + - viewMonitorsV2 + - manageMonitorsV2 + - viewAlerts + example: + - manageContent + - manageDataVolumeFeed + - manageFieldExtractionRules + - manageS3DataForwarding + items: + type: string + autofillDependencies: + type: boolean + description: Set this to true if you want to automatically append all missing + capability requirements. If set to false an error will be thrown if any + capabilities are missing their dependencies. + default: true + CapabilityMap: + required: + - capabilities + type: object + properties: + capabilities: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/CapabilityDefinition' + description: Map of capabilities to their attributes + CapabilityDefinition: + required: + - dependsOn + - group + - id + - label + type: object + properties: + id: + type: string + description: The name of the capability + example: manageParsers + label: + type: string + description: The UI label for the capability. + example: Manage Parsers + dependsOn: + type: array + description: Any capabilities that are required for this capability to be + enabled. + example: + - ViewParsers + - EditParsers + items: + type: string + group: + required: + - id + - label + type: object + properties: + id: + type: string + description: The backend name for the capability group + example: CloudSiem + label: + type: string + description: The label for the capability group + example: Insights + parentId: + type: string + description: The ID of the parent capability group + example: Cloud Siem + description: The group that the capability belongs to. + message: + type: string + description: Warning message that appears when this capability is enabled. + example: "By enabling this capability, you are allowing any user in this\ + \ role to share a dashboard, including its contents, with ANYONE who has\ + \ the URL. This URL can be shared with users outside of your organization,\ + \ allowing them to view the dashboard and its contents. Are you sure you\ + \ want to enable this permission?" + CapabilityList: + required: + - data + type: object + properties: + data: + type: array + description: List of capabilities + items: + $ref: '#/components/schemas/CapabilityDefinition' + ListRoleModelsResponseV2: + required: + - data + type: object + properties: + data: + type: array + description: List of roles. + items: + $ref: '#/components/schemas/GetRoleDefinitionV2' + next: + type: string + description: Next continuation token. + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + GetRoleDefinitionV2: + type: object + allOf: + - $ref: '#/components/schemas/RoleDefinition' + - $ref: '#/components/schemas/MetadataModel' + - required: + - id + properties: + id: + type: string + description: Unique identifier for the role. + example: 0000000000E20FE3 + systemDefined: + type: boolean + description: Role is system or user defined. + example: false + RoleDefinition: + required: + - name + type: object + properties: + name: + maxLength: 128 + minLength: 1 + type: string + description: Name of the role. + example: DataAdmin + description: + maxLength: 255 + minLength: 0 + type: string + description: Description of the role. + example: Manage data of the org. + logAnalyticsFilter: + type: string + description: A search filter which would be applied on partitions which + belong to Log Analytics product area. + example: '!_sourceCategory=collector' + auditDataFilter: + type: string + description: "A search filter which would be applied on partitions which\ + \ belong to Audit Data product area. Help Doc : (https://help.sumologic.com/docs/manage/security/audit-index/)." + example: info + securityDataFilter: + type: string + description: A search filter which would be applied on partitions which + belong to Security Data product area. + example: error + selectionType: + type: string + description: "Describes the Permission Construct for the list of views in\ + \ \"selectedViews\" parameter. \n### Valid Values are : \n - `All` selectionType\ + \ would allow access to all views in the org.\n - `Allow` selectionType\ + \ would allow access to specific views mentioned in \"selectedViews\"\ + \ parameter.\n - `Deny` selectionType would deny access to specific views\ + \ mentioned in \"selectedViews\" parameter." + example: All + selectedViews: + type: array + description: List of views which with specific view level filters in accordance + to the selectionType chosen. + items: + $ref: '#/components/schemas/GetViewFilterDefinition' + users: + type: array + description: List of user identifiers to assign the role to. + example: + - 0000000006743FE0 + - 0000000005FCE0EE + items: + type: string + capabilities: + type: array + description: |- + List of [capabilities](https://help.sumologic.com/Manage/Users-and-Roles/Manage-Roles/Role-Capabilities) associated with this role. Valid values are + ### Data Management + - viewCollectors + - manageCollectors + - manageBudgets + - manageDataVolumeFeed + - viewFieldExtraction + - manageFieldExtractionRules + - manageS3DataForwarding + - manageContent + - manageApps + - dataVolumeIndex + - manageConnections + - viewScheduledViews + - manageScheduledViews + - viewPartitions + - managePartitions + - viewFields + - manageFields + - viewAccountOverview + - manageTokens + - downloadSearchResults + + ### Entity management + - manageEntityTypeConfig + + ### Metrics + - metricsTransformation + - metricsExtraction + - metricsRules + + ### Security + - managePasswordPolicy + - ipAllowlisting + - createAccessKeys + - manageAccessKeys + - manageSupportAccountAccess + - manageAuditDataFeed + - manageSaml + - shareDashboardOutsideOrg + - manageOrgSettings + - changeDataAccessLevel + + ### Dashboards + - shareDashboardWorld + - shareDashboardAllowlist + + ### UserManagement + - manageUsersAndRoles + + ### Observability + - searchAuditIndex + - auditEventIndex + + ### Cloud SIEM Enterprise + - viewCse + + ### Alerting + - viewMonitorsV2 + - manageMonitorsV2 + - viewAlerts + example: + - manageContent + - manageDataVolumeFeed + - manageFieldExtractionRules + - manageS3DataForwarding + items: + type: string + autofillDependencies: + type: boolean + description: Set this to true if you want to automatically append all missing + capability requirements. If set to false an error will be thrown if any + capabilities are missing their dependencies. + default: true + GetViewFilterDefinition: + required: + - viewName + type: object + properties: + viewName: + type: string + description: Name of the view. Help Doc:- (https://help.sumologic.com/docs/manage/partitions-data-tiers/) + example: auditData + RoleModelV2: + type: object + allOf: + - $ref: '#/components/schemas/CreateRoleDefinitionV2' + - $ref: '#/components/schemas/MetadataModel' + - required: + - id + properties: + id: + type: string + description: Unique identifier for the role. + example: 0000000000E20FE3 + systemDefined: + type: boolean + description: Role is system or user defined. + example: false + x-tf-generated-properties: "id,name,description,logAnalyticsFilter,auditDataFilter,securityDataFilter,selectionType,selectedViews,capabilities" + x-tf-resource-name: RoleV2 + CreateRoleDefinitionV2: + required: + - name + type: object + properties: + name: + maxLength: 128 + minLength: 1 + type: string + description: Name of the role. + example: DataAdmin + description: + maxLength: 255 + minLength: 0 + type: string + description: Description of the role. + example: Manage data of the org. + logAnalyticsFilter: + type: string + description: A search filter which would be applied on partitions which + belong to Log Analytics product area. + example: '!_sourceCategory=collector' + auditDataFilter: + type: string + description: "A search filter which would be applied on partitions which\ + \ belong to Audit Data product area. Help Doc : (https://help.sumologic.com/docs/manage/security/audit-index/)." + example: info + securityDataFilter: + type: string + description: A search filter which would be applied on partitions which + belong to Security Data product area. + example: error + selectionType: + type: string + description: "Describes the Permission Construct for the list of views in\ + \ \"selectedViews\" parameter. \n### Valid Values are : \n - `All` selectionType\ + \ would allow access to all views in the org.\n - `Allow` selectionType\ + \ would allow access to specific views mentioned in \"selectedViews\"\ + \ parameter.\n - `Deny` selectionType would deny access to specific views\ + \ mentioned in \"selectedViews\" parameter." + example: All + selectedViews: + type: array + description: List of views which with specific view level filters in accordance + to the selectionType chosen. + items: + $ref: '#/components/schemas/ViewFilterDefinition' + users: + type: array + description: List of user identifiers to assign the role to. + example: + - 0000000006743FE0 + - 0000000005FCE0EE + items: + type: string + capabilities: + type: array + description: "List of [capabilities](https://help.sumologic.com/docs/manage/users-roles/roles/role-capabilities/)\ + \ associated with this role. Valid values are\n### Data Management\n \ + \ - viewCollectors\n - manageCollectors\n - manageBudgets\n - manageDataVolumeFeed\n\ + \ - viewFieldExtraction\n - manageFieldExtractionRules\n - manageS3DataForwarding\n\ + \ - manageContent\n - manageApps\n - dataVolumeIndex\n - manageConnections\n\ + \ - viewScheduledViews\n - manageScheduledViews\n - viewPartitions\n\ + \ - managePartitions\n - viewFields\n - manageFields\n - viewAccountOverview\n\ + \ - manageTokens\n - downloadSearchResults\n - manageIndexes\n - manageDataStreams\n\ + \ - viewParsers\n - viewDataStreams\n\n### Entity management\n - manageEntityTypeConfig\n\ + \n### Metrics\n - metricsTransformation\n - metricsExtraction\n - metricsRules\n\ + \n### Security\n - managePasswordPolicy\n - ipAllowlisting\n - ipWhitelisting\n\ + \ - createAccessKeys\n - manageAccessKeys\n - manageSupportAccountAccess\n\ + \ - manageAuditDataFeed\n - manageSaml\n - shareDashboardOutsideOrg\n\ + \ - manageOrgSettings\n - changeDataAccessLevel\n\n### Dashboards\n\ + \ - shareDashboardWorld\n - shareDashboardAllowlist\n - shareDashboardWhitelist\n\ + \n### UserManagement\n - manageUsersAndRoles\n\n### Observability\n \ + \ - searchAuditIndex\n - auditEventIndex\n\n### Cloud SIEM Enterprise\n\ + \ - viewCse\n - cseViewAutomations\n - cseManageContextActions\n -\ + \ cseViewNetworkBlocks\n - cseManageInsightTags\n - cseViewRules\n \ + \ - cseViewThreatIntelligence\n - cseCommentOnInsights\n - cseViewEntityGroups\n\ + \ - cseManageEntityConfiguration\n - cseManageNetworkBlocks\n - cseManageMatchLists\n\ + \ - cseViewCustomInsights\n - cseManageActions\n - cseManageAutomations\n\ + \ - cseManageMappings\n - cseManageThreatIntelligence\n - cseViewActions\n\ + \ - cseCreateInsights\n - cseManageTagSchemas\n - cseInvokeInsights\n\ + \ - cseManageCustomEntityType\n - cseViewTagSchemas\n - cseDeleteInsights\n\ + \ - cseManageCustomInsights\n - cseViewFileAnalysis\n - cseManageFileAnalysis\n\ + \ - cseManageEntityCriticality\n - cseViewEntityCriticality\n - cseViewEntity\n\ + \ - cseManageCustomInsightStatuses\n - cseViewContextActions\n - cseViewMappings\n\ + \ - cseViewCustomEntityType\n - cseManageEntityGroups\n - cseViewCustomInsightStatuses\n\ + \ - cseViewEnrichments\n - cseManageInsightSignals\n - cseManageRules\n\ + \ - cseManageArtifacts\n - cseViewMatchLists\n - cseManageInsightPolicy\n\ + \ - cseManageEnrichments\n - cseViewEntityConfiguration\n - cseManageEntity\n\ + \ - cseExecuteAutomations\n - cseManageSuppressedEntities\n - cseManageInsightStatus\ + \ \n - cseManageInsightAssignee\n - cseManageFavoriteFields\n - cseViewSuppressedEntities\n\ + \n### Alerting\n - viewMonitorsV2\n - manageMonitorsV2\n - viewAlerts\n\ + \ - viewMutingSchedules\n - manageMutingSchedules\n - adminMonitorsV2\n\ + \n### SLO\n - viewSlos\n - manageSlos\n\n### CloudSoar\n - cloudSoarPlaybooksAccess\n\ + \ - cloudSoarNotificationConfigure\n - cloudSoarReportAll\n - cloudSoarIncidentTriageAccess\n\ + \ - cloudSoarIncidentTaskView\n - cloudSoarIncidentChangeOwnership\n\ + \ - cloudSoarIncidentNotesEdit\n - cloudSoarAPIEmailEdit\n - cloudSoarIncidentTemplatesAccess\n\ + \ - cloudSoarIncidentPlaybooksManage\n - cloudSoarGeneralConfigure\n\ + \ - cloudSoarEntitiesAccess\n - cloudSoarEntitiesBulkPhysicalDelete\n\ + \ - cloudSoarIncidentAttachmentsAccess\n - cloudSoarAppCentralAccess\n\ + \ - cloudSoarBridgeMonitoringAccess\n - viewCloudSoar\n - cloudSoarIncidentView\n\ + \ - cloudSoarObservabilityAccess\n - cloudSoarAPIEmailRead\n - cloudSoarAppCentralExport\n\ + \ - cloudSoarWidgetsAll\n - cloudSoarIncidentTaskReassign\n - cloudSoarIntegrationsAccess\n\ + \ - cloudSoarCustomizationIncidentLabels\n - cloudSoarAutomationRulesConfigure\n\ + \ - cloudSoarIncidentTaskAccessAll\n - cloudSoarAuditAndInformationConfigureAuditTrail\n\ + \ - cloudSoarIncidentTriageEdit\n - cloudSoarIncidentEdit\n - cloudSoarNotificationTriage\n\ + \ - cloudSoarIncidentTriageBulkPhysicalDelete\n - cloudSoarIncidentNotesAccess\n\ + \ - cloudSoarAPIUse\n - cloudSoarIncidentPlaybooksEdit\n - cloudSoarDashboardAll\n\ + \ - cloudSoarEntitiesManage\n - cloudSoarIncidentTemplatesConfigure\n\ + \ - cloudSoarIncidentTriageAccessAll\n - cloudSoarPlaybooksConfigure\n\ + \ - cloudSoarIncidentAccessAll\n - cloudSoarCustomizationLogo\n - cloudSoarIncidentTaskAccess\n\ + \ - cloudSoarIncidentTriageView\n - cloudSoarIntegrationsConfigure\n\ + \ - cloudSoarIncidentManageInvestigators\n - cloudSoarIncidentAccess\n\ + \ - cloudSoarAuditAndInformationLicenseInformation\n - cloudSoarIncidentBulkOperations\n\ + \ - cloudSoarCustomizationFields\n - cloudSoarIncidentTaskEdit\n -\ + \ cloudSoarDashboardAccess\n - cloudSoarIncidentAttachmentsEdit\n -\ + \ cloudSoarIncidentFoldersEdit\n - cloudSoarUserManagementGroups\n -\ + \ cloudSoarIncidentPlaybooksAccess\n - cloudSoarIncidentWarRoomUse\n\ + \ - cloudSoarReportAccess\n - cloudSoarAuditAndInformationAuditTrail\n\ + \ - cloudSoarAutomationRulesAccess\n - cloudSoarIncidentTriageChangeOwnership\n\ + \ - cloudSoarObservabilityManagement" + example: + - manageContent + - manageDataVolumeFeed + - manageFieldExtractionRules + - manageS3DataForwarding + items: + type: string + autofillDependencies: + type: boolean + description: Set this to true if you want to automatically append all missing + capability requirements. If set to false an error will be thrown if any + capabilities are missing their dependencies. + default: true + ViewFilterDefinition: + required: + - viewName + type: object + properties: + viewName: + type: string + description: Name of the view. + example: auditData + UpdateRoleDefinitionV2: + required: + - auditDataFilter + - capabilities + - description + - logAnalyticsFilter + - name + - securityDataFilter + - selectedViews + - selectionType + - users + type: object + properties: + name: + maxLength: 128 + minLength: 1 + type: string + description: Name of the role. + example: DataAdmin + description: + maxLength: 255 + minLength: 0 + type: string + description: Description of the role. + example: Manage data of the org. + logAnalyticsFilter: + type: string + description: A search filter which would be applied on partitions which + belong to Log Analytics product area. + example: '!_sourceCategory=collector' + auditDataFilter: + type: string + description: "A search filter which would be applied on partitions which\ + \ belong to Audit Data product area. Help Doc : (https://help.sumologic.com/docs/manage/security/audit-index/)." + example: info + securityDataFilter: + type: string + description: A search filter which would be applied on partitions which + belong to Security Data product area. + example: error + selectionType: + type: string + description: "Describes the Permission Construct for the list of views in\ + \ \"selectedViews\" parameter. \n### Valid Values are : \n - `All` selectionType\ + \ would allow access to all views in the org.\n - `Allow` selectionType\ + \ would allow access to specific views mentioned in \"selectedViews\"\ + \ parameter.\n - `Deny` selectionType would deny access to specific views\ + \ mentioned in \"selectedViews\" parameter." + example: All + selectedViews: + type: array + description: List of views which with specific view level filters in accordance + to the selectionType chosen. + items: + $ref: '#/components/schemas/ViewFilterDefinition' + users: + type: array + description: List of user identifiers to assign the role to. + example: + - 0000000006743FE0 + - 0000000005FCE0EE + items: + type: string + capabilities: + type: array + description: |- + List of [capabilities](https://help.sumologic.com/Manage/Users-and-Roles/Manage-Roles/Role-Capabilities) associated with this role. Valid values are + ### Data Management + - viewCollectors + - manageCollectors + - manageBudgets + - manageDataVolumeFeed + - viewFieldExtraction + - manageFieldExtractionRules + - manageS3DataForwarding + - manageContent + - manageApps + - dataVolumeIndex + - manageConnections + - viewScheduledViews + - manageScheduledViews + - viewPartitions + - managePartitions + - viewFields + - manageFields + - viewAccountOverview + - manageTokens + - downloadSearchResults + + ### Entity management + - manageEntityTypeConfig + + ### Metrics + - metricsTransformation + - metricsExtraction + - metricsRules + + ### Security + - managePasswordPolicy + - ipAllowlisting + - createAccessKeys + - manageAccessKeys + - manageSupportAccountAccess + - manageAuditDataFeed + - manageSaml + - shareDashboardOutsideOrg + - manageOrgSettings + - changeDataAccessLevel + + ### Dashboards + - shareDashboardWorld + - shareDashboardAllowlist + + ### UserManagement + - manageUsersAndRoles + + ### Observability + - searchAuditIndex + - auditEventIndex + + ### Cloud SIEM Enterprise + - viewCse + + ### Alerting + - viewMonitorsV2 + - manageMonitorsV2 + - viewAlerts + example: + - manageContent + - manageDataVolumeFeed + - manageFieldExtractionRules + - manageS3DataForwarding + items: + type: string + autofillDependencies: + type: boolean + description: Set this to true if you want to automatically append all missing + capability requirements. If set to false an error will be thrown if any + capabilities are missing their dependencies. + default: true + Folder: + allOf: + - $ref: '#/components/schemas/Content' + - type: object + properties: + description: + maxLength: 255 + minLength: 0 + type: string + description: The description of the folder. + example: This is a sample folder. + children: + type: array + description: A list of the content items. + items: + $ref: '#/components/schemas/Content' + FolderDefinition: + required: + - name + - parentId + type: object + properties: + name: + maxLength: 128 + minLength: 1 + type: string + description: The name of the folder. + example: SampleFolder + description: + maxLength: 255 + minLength: 0 + type: string + description: The description of the folder. + example: This is a sample folder. + parentId: + type: string + description: The identifier of the parent folder. + UpdateFolderRequest: + required: + - name + type: object + properties: + name: + maxLength: 128 + minLength: 1 + type: string + description: The name of the folder. + example: SampleFolder + description: + maxLength: 255 + minLength: 0 + type: string + description: The description of the folder. + example: This is a sample folder. + ContentList: + required: + - data + type: object + properties: + data: + type: array + description: A list of the content items. + items: + $ref: '#/components/schemas/Content' + ContentPermissionResult: + required: + - explicitPermissions + type: object + properties: + explicitPermissions: + type: array + description: Explicitly assigned content permissions. + items: + $ref: '#/components/schemas/ContentPermissionAssignment' + implicitPermissions: + type: array + description: Implicitly inherited content permissions. + items: + $ref: '#/components/schemas/ContentPermissionAssignment' + ContentPermissionAssignment: + required: + - contentId + - permissionName + - sourceId + - sourceType + type: object + properties: + permissionName: + pattern: ^(View|GrantView|Edit|GrantEdit|Manage|GrantManage)$ + type: string + description: "Content permission name. Valid values are: `View`, `GrantView`,\ + \ `Edit`, `GrantEdit`, `Manage`, and `GrantManage`." + x-pattern-message: "must be one of the following: `View`, `GrantView`, `Edit`,\ + \ `GrantEdit`, `Manage`, `GrantManage`" + sourceType: + pattern: ^(user|role|org)$ + type: string + description: "Type of source for the permission. Valid values are: `user`,\ + \ `role`, and `org`." + example: role + x-pattern-message: "must be one of the following: `user`, `role`, `org`" + sourceId: + type: string + description: "An identifier that belongs to the source type chosen above.\ + \ For e.g. if the sourceType is set to \"user\", sourceId should be identifier\ + \ of a user (same goes for `role` and `org` sourceType)" + contentId: + type: string + description: Unique identifier for the content item. + ContentPermissionUpdateRequest: + required: + - contentPermissionAssignments + - notificationMessage + - notifyRecipients + type: object + properties: + contentPermissionAssignments: + type: array + description: Content permissions to be updated. + items: + $ref: '#/components/schemas/ContentPermissionAssignment' + notifyRecipients: + type: boolean + description: Set this to "true" to notify the users who had a permission + update. + notificationMessage: + type: string + description: The notification message sent to the users who had a permission + update. + Content: + type: object + allOf: + - $ref: '#/components/schemas/MetadataModel' + - required: + - id + - itemType + - name + - parentId + - permissions + properties: + id: + type: string + description: Identifier of the content item. + example: 000000000C1C17C6 + name: + type: string + description: The name of the content item. + example: Personal + itemType: + type: string + description: |- + Type of the content item. Supported values are: + 1. Folder + 2. Search + 3. Report (for old dashboards) + 4. Dashboard (for new dashboards) + 5. Lookups + example: Folder + parentId: + type: string + description: Identifier of the parent content item. + example: 0000000001C41EF2 + permissions: + type: array + description: List of permissions the user has on the content item. + example: + - View + - GrantView + - Edit + items: + type: string + description: + type: string + description: Description of the content item. + example: Personal folder for John Doe + isScheduled: + type: boolean + description: Indicates whether the content item refers to scheduled search. + This field is only relevant to `Search` content type. + example: false + default: false + MetadataModel: + required: + - createdAt + - createdBy + - modifiedAt + - modifiedBy + type: object + properties: + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2018-10-16T09:10:00Z + createdBy: + type: string + description: Identifier of the user who created the resource. + example: 0000000006743FDD + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + example: 2018-10-16T09:10:00Z + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + example: 0000000006743FE8 + ContentPath: + required: + - path + type: object + properties: + path: + type: string + description: Path of the content item. + example: /Library/Users/user@test.com/SampleFolder + pathItems: + type: array + description: The items in the path of the content. + items: + $ref: '#/components/schemas/PathSegment' + PathSegment: + required: + - id + - name + type: object + properties: + id: + type: string + description: The identifier of the path segment. + example: 0000000013D98A2A + name: + type: string + description: The name of the path segment. + example: Test Folder + description: + type: string + description: An optional description of the path segment. + example: This is a test folder + description: A segment of a path. + ContentSyncDefinition: + required: + - name + - type + type: object + properties: + type: + type: string + description: |- + The content item type. + **Note:** + - `MewboardSyncDefinition` _is depreciated, and will soon be removed. Please use_ `DashboardV2SyncDefinition` + _instead_. + - Dashboard links are not supported for dashboards. + name: + type: string + description: The name of the item. + discriminator: + propertyName: type + ImportResult: + type: object + properties: + status: + type: string + description: "Whether or not the request is in progress (`InProgress`),\ + \ has completed successfully (`Success`), or has completed with an error\ + \ (`Failed`)." + summary: + type: object + properties: + totalItems: + type: integer + description: Total content items attempted in the import. + example: 15 + successCount: + type: integer + description: Number of content items successfully imported. + example: 12 + failureCount: + type: integer + description: Number of content items that failed to import. + example: 3 + description: "Summary about the import job indicating total, success and\ + \ failure count." + failures: + type: array + description: Detailed listing of failed import items. + items: + $ref: '#/components/schemas/ImportErrorResultItem' + ImportErrorResultItem: + type: object + properties: + path: + type: string + description: Full folder path to the failed item. + example: /Marketing/Website Analytics/Daily Traffic Report + type: + type: string + description: "The type of the content item (e.g., Folder, Search, Dashboard)." + example: Dashboard + error: + type: string + description: Reason why the item failed to import. + example: Invalid JSON format in widget configuration. + IdArray: + type: array + items: + type: string + BulkBeginAsyncJobResponse: + required: + - errors + - jobIds + type: object + properties: + jobIds: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Map of content identifiers to job identifiers. + errors: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/BulkErrorResponse' + description: Map of content identifiers to error messages for all failed + job requests + BulkErrorResponse: + required: + - errorResponse + - status + type: object + properties: + status: + type: integer + description: HTTP status code of individual request + errorResponse: + $ref: '#/components/schemas/ErrorResponse' + BulkAsyncStatusResponse: + required: + - errors + - jobStatuses + type: object + properties: + jobStatuses: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/AsyncJobStatus' + description: Map of job identifiers to job statuses. + errors: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/BulkErrorResponse' + description: Map of content identifiers to error messages for all failed + job requests + FolderNameDescription: + type: object + properties: + name: + type: string + description: Name of the folder. + example: User Activity + description: + type: string + description: Description of the folder. + example: Content related to User activity + description: Information about folder. + TransformationRulesResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of transformation rules. + items: + $ref: '#/components/schemas/TransformationRuleResponse' + next: + type: string + description: Next continuation token. + example: aGNzTmZBN1ZZWFk9 + description: A generic response for transformation rule. + TransformationRuleResponse: + type: object + description: A generic response for transformation rule. + allOf: + - $ref: '#/components/schemas/TransformationRuleRequest' + - $ref: '#/components/schemas/MetadataModel' + - required: + - id + properties: + id: + type: string + description: Unique identifier for the transformation rule. + TransformationRuleRequest: + required: + - enabled + - ruleDefinition + type: object + properties: + ruleDefinition: + $ref: '#/components/schemas/TransformationRuleDefinition' + enabled: + type: boolean + description: True if the rule is enabled. + example: true + description: A request for creating or updating a transformation rule. + TransformationRuleDefinition: + required: + - name + - retention + - selector + type: object + properties: + name: + type: string + description: Name of the transformation rule. + example: Transformation Rule 1 + selector: + type: string + description: Selector of the transformation rule. + example: _sourceCategory=metricsstore + dimensionTransformations: + type: array + description: Dimension transformations of the transformation rule. + example: + - transformationType: AggregateOnTransformation + aggregateOn: + - metric + - transformationType: AddOrReplaceTransformation + dimensionToReplace: metric + value: "{{metric}}_aggregated" + items: + $ref: '#/components/schemas/DimensionTransformation' + default: [] + transformedMetricsRetention: + type: integer + description: "Retention period in days for the transformed metrics that\ + \ are generated by this rule. The supported retention periods for transformed\ + \ metrics are 8 days, and 400 days. If no dimension transformations are\ + \ defined, this value will be set to 0." + format: int64 + example: 8 + default: 0 + retention: + type: integer + description: "Retention period in days for the metrics that are selected\ + \ by the selector. The supported retention periods for selected metrics\ + \ are 8 days, 400 days, and 0 (Do not store) if this rule contains dimension\ + \ transformation." + format: int64 + example: 8 + default: 400 + description: The properties that define a transformation rule. + DimensionTransformation: + required: + - transformationType + type: object + properties: + transformationType: + type: string + description: This is the base type of all dimension transformations. + description: Base class of all transformation types. + discriminator: + propertyName: transformationType + ContractDetails: + required: + - contractPeriod + - currentBillingPeriod + - entitlements + - orgId + - planType + type: object + properties: + orgId: + type: string + description: Organization identifier of the account. + planType: + type: string + description: Plan name of the account. + example: Sumo Logic Logs and Metrics Analytics Service - Enterprise Edition + (Cloud Flex) + entitlements: + type: array + description: List of the entitlements of the account. Entitlements of the + account are the list of products subscribed by the user. + items: + $ref: '#/components/schemas/Entitlements' + sharedBuckets: + type: array + description: Contains list of buckets. Bucket means shared pool from which + multiple entitlements can use capacity. + items: + $ref: '#/components/schemas/SharedBucket' + contractPeriod: + $ref: '#/components/schemas/ContractPeriod' + currentBillingPeriod: + $ref: '#/components/schemas/CurrentBillingPeriod' + description: | + Contract details include Entitlements of the customer such as ContinuousLogs, FrequentLogs, Metrics, Storage, and Dashboards along with the entitlement value of each entitlement. + Entitlements: + required: + - capacity + - contractType + - entitlementType + - label + type: object + properties: + contractType: + type: string + description: Details of the contract type. `AnnualBucket` are contracts + that buy and consume ingest on yearly basis. `Credits` are contracts that + buy a single unit called credits for all our features. `DailyAverage` + are contracts that buy and consume ingest on a monthly basis. + example: "AnnualBucket, Credits, DailyAverage" + entitlementType: + type: string + description: "Text denoting the type of entitlement. - `continuous` for\ + \ Continuous Analytics, - `frequent` for Frequent Analytics, - `storage`\ + \ for Total Storage, - `metrics` for Metrics." + label: + type: string + description: The label of an entitlement is the plan name displayed on the + accounts page in our user interface. + example: Continuous log entitlement is represented by `Daily Log Ingest + (Continuous Analytics)`. + capacity: + $ref: '#/components/schemas/Capacity' + capacities: + type: array + description: Contains the capacities that were part of the contract. + items: + $ref: '#/components/schemas/Capacity' + Capacity: + required: + - unit + - value + type: object + properties: + value: + type: number + description: The value of the entitlement in units. + format: double + example: 61425.23 + unit: + type: string + description: The unit of the entitlement. Units are provided in `GB` or + `DPM`(data points per minute). + example: GB + capacityType: + pattern: ^(Paid|Free)$ + type: string + description: "Type of capacity. Valid values are: 1) `Paid` : This means\ + \ that the capacity is chargeable. 2) `Free` : This means that this capacity\ + \ is not chargeable." + description: Amount of entitlement provided by Sumo Logic for the entitlement + type of the account. + SharedBucket: + required: + - capacities + - label + - linkedEntitlementTypes + - name + type: object + properties: + name: + type: string + description: Name of the bucket. + example: totalReservedCredits + label: + type: string + description: The text to be displayed on UI for this bucket. + example: Sumo Credits + linkedEntitlementTypes: + type: array + description: List of entitlement types which can consume from this bucket. + example: + - continuous + - frequent + - metrics + - storage + items: + type: string + capacitites: + type: array + description: List of capacities alloted. + items: + $ref: '#/components/schemas/Capacity' + description: A shared bucket contains capacities which can be used my multiple + entitlements which are linked to the bucket. There will be a 1:many mapping + between SharedBucket:Entitlement. + ContractPeriod: + required: + - endDate + - startDate + type: object + properties: + startDate: + type: string + description: Start date of the contract. + format: date + endDate: + type: string + description: End date of the contract. + format: date + CurrentBillingPeriod: + required: + - endDate + - startDate + type: object + properties: + startDate: + type: string + description: Start date of the current billing period. + format: date + example: 2012-02-02 + endDate: + type: string + description: End date of the current billing period. + format: date + example: 2012-02-02 + ConsumptionDetails: + required: + - endDate + - entitlementConsumptions + - startDate + type: object + properties: + entitlementConsumptions: + type: array + description: An array of entitlements. + items: + $ref: '#/components/schemas/EntitlementConsumption' + startDate: + type: string + description: Start date of the data usage. + format: date + example: 2019-07-20 + endDate: + type: string + description: End date of the data usage. + format: date + example: 2019-10-20 + description: List of entitlements consumption. + EntitlementConsumption: + required: + - contractType + - dataPoints + - entitlementType + - operators + type: object + properties: + entitlementType: + type: string + description: "String value denoting the type of entitlement. - `continuous`\ + \ for Continuous Analytics, - `frequent` for Frequent Analytics, - `storage`\ + \ for Total Storage, - `metrics` for Metrics." + datapoints: + type: array + description: Array of data points of the entitlement with their respective + date range. + items: + $ref: '#/components/schemas/DataPoints' + operators: + type: array + description: "Operators used on the data. Available operators are `sum`,\ + \ `average`, `usagePercentage`, `forecastValue`, `forecastPercentage`,\ + \ and `forecastRemainingDays`. sum - Returns the sum of the usages. average\ + \ - Returns the average of the usages. usagePercentage - Returns percentage\ + \ of total capacity used for the startDate and endDate. forecastValue\ + \ - Returns expected usage value assuming current usage behavior continues.\ + \ forecastPercentage - Returns expected percentage usage by the endDate\ + \ assuming current usage behavior continues. forecastRemainingDays- Returns\ + \ the number of expected days, from today, that consumption will last\ + \ assuming current usage behavior continues." + items: + $ref: '#/components/schemas/Operator' + contractType: + type: string + description: "Consumption model of the entitlements, available values are\ + \ `DailyAverage`, `AnnualBucket`, and `Credits`." + example: DailyAverage + DataPoints: + required: + - timeRange + - value + type: object + properties: + timeRange: + $ref: '#/components/schemas/BeginBoundedTimeRange' + values: + type: array + description: An array of objects denoting the value and unit of the data + points. + items: + $ref: '#/components/schemas/DataValue' + description: Denotes the data points as a result of the groupBy function performed + on the usage data. + DataValue: + required: + - unit + - value + type: object + properties: + value: + type: number + description: The value of the data point in units. + format: double + example: 425 + unit: + type: string + description: "The unit of the entitlement, possible values are `GB`, `DPM`,\ + \ or `Credits`." + example: GB + Operator: + required: + - name + - values + type: object + properties: + values: + type: array + description: An array of objects denoting the value and unit of the results. + items: + $ref: '#/components/schemas/DataValue' + name: + type: string + description: The name of the operator applied to the data. + example: sum + description: "Result of the aggregations performed on the usages. Operator can\ + \ be `sum`, `average`, `usagePercentage`, `forecastValue`,`forecastPercentage`,\ + \ or `forecastRemainingDays`." + PlansCatalog: + required: + - plans + type: object + properties: + plans: + type: array + description: List of plans available. + items: + $ref: '#/components/schemas/SelfServicePlan' + description: Plans available for the account to update. + SelfServicePlan: + required: + - productGroups + - productId + - productName + - productSubscriptionOptions + type: object + properties: + productId: + $ref: '#/components/schemas/ProductId' + productName: + $ref: '#/components/schemas/ProductName' + productGroups: + type: array + description: A list of product group for preview. + items: + $ref: '#/components/schemas/ProductGroup' + productSubscriptionOptions: + type: array + description: A list of product subscription option. + items: + $ref: '#/components/schemas/ProductSubscriptionOption' + description: "Details about a Plan, along with its product groups and subscription\ + \ options" + ProductId: + pattern: ^(Essentials|Trial|Free|EnterpriseOps|EnterpriseSec|EnterpriseSuite)$ + type: string + description: | + Unique identifier of the product in current plan. Valid values are: 1. `Free` 2. `Trial` 3. `Essentials` 4. `EnterpriseOps` 5. `EnterpriseSec` 6. `EnterpriseSuite` + example: Essentials + x-pattern-message: "must be one of the following: `Essentials`, `Trial`, `Free`,\ + \ `EnterpriseOps`, `EnterpriseSec`, `EnterpriseSuite`" + ProductName: + type: string + description: Name for the product. + example: Sumo Logic Continuous Intelligence Service - Essentials Edition + ProductGroup: + required: + - productGroupName + - productVariables + type: object + properties: + productGroupName: + type: string + description: | + Name of the Product group: + example: Continuous Analytics + productGroupId: + type: string + description: Id of the Product group + example: CSE + productVariables: + type: array + description: Different product variables of the product group + items: + $ref: '#/components/schemas/ProductVariable' + provisioningSupported: + type: boolean + description: Is provisioning supported on this Product Group. This is applicable + for product variables which are not enabled by default. + example: true + description: + type: string + description: Description about the Product group + example: CSE activations can take upto 24 hours. + learnMoreLink: + type: string + description: Link to learn more about the Product group + example: https://help.sumologic.com/Manage/01Manage_Subscription/08Create_and_Manage_Orgs + description: Details of product group and its quantity. + ProductVariable: + required: + - possibleValues + - productVariableId + - productVariableName + - unit + type: object + properties: + productVariableName: + type: string + description: Name of a product variable. + example: Continuous Log Ingest + productVariableId: + pattern: ^(continuousIngest|continuousStorage|frequentIngest|frequentStorage|infrequentIngest|infrequentStorage|infrequentScannedData|cseIngest|cseStorage|metrics)$ + type: string + description: Unique Identifier of the product variable. + example: continuousIngest + x-pattern-message: "must be one of the following: `continuousIngest`, `continuousStorage`,\ + \ `frequentIngest`, `frequentStorage`, `infrequentIngest`, `infrequentStorage`,\ + \ `infrequentScannedData`, `cseIngest`, `cseStorage`, `metrics`" + unit: + type: string + description: Unit of measure for the productvariable. + example: GB + possibleValues: + type: array + description: Possible values allowed for the productvariable. + example: + - 3 + - 5 + - 10 + - 20 + items: + type: integer + format: int64 + description: Details of product variable and its quantity. + ProductSubscriptionOption: + required: + - billingFrequency + - discountPercentage + type: object + properties: + billingFrequency: + $ref: '#/components/schemas/BillingFrequency' + discountPercentage: + type: integer + description: Discount percentage for this plan's subscription. + example: 20 + description: Subscription option containing billing frequency and discount details. + BillingFrequency: + pattern: ^(Monthly|Annually)$ + type: string + description: | + Identifier for the plans billing term. Valid values are: + 1. Monthly + 2. Annually + example: Monthly + x-pattern-message: "must be one of the following: `Monthly`, `Annually`" + CurrentPlan: + required: + - billingFrequency + - planCost + - productId + type: object + properties: + productId: + pattern: ^(Essentials|Trial|Free|EnterpriseOps|EnterpriseSec|EnterpriseSuite)$ + type: string + description: | + Unique identifier of the product in current plan. Valid values are: 1. `Free` 2. `Trial` 3. `Essentials` 4. `EnterpriseOps` 5. `EnterpriseSec` 6. `EnterpriseSuite` + example: Essentials + x-pattern-message: "must be one of the following: `Essentials`, `Trial`,\ + \ `Free`, `EnterpriseOps`, `EnterpriseSec`, `EnterpriseSuite`" + planCost: + type: number + description: Cost incurred for the current plan. + format: double + example: 725.46 + billingFrequency: + pattern: ^(Monthly|Annually)$ + type: string + description: | + Billing frequency for the current plan. Valid values are: 1. `Monthly` 2. `Annually` + example: Monthly + x-pattern-message: "must be one of the following: `Monthly` or `Annually`" + consumables: + type: array + description: Consumables in the current plan. + items: + $ref: '#/components/schemas/Consumable' + planType: + pattern: ^(Free|Trial|Paid)$ + type: string + description: Whether the account is `Free`/`Trial`/`Paid` + example: Free + x-pattern-message: "must be one of the following: `Free`, `Trial` or `Paid`" + planName: + type: string + description: The plan name for the product being used. + discountAmount: + type: integer + description: The discount offered for the given contract period. + contractPeriod: + $ref: '#/components/schemas/ContractPeriod' + currentBillingPeriod: + $ref: '#/components/schemas/CurrentBillingPeriod' + credits: + type: integer + description: Numerical value of the amount of credits + format: int64 + example: 300 + baselines: + $ref: '#/components/schemas/Baselines' + pendingUpdateRequest: + type: boolean + description: True if there is a pending update request + prorationDetails: + $ref: '#/components/schemas/ProrationDetails' + description: Current plan of the account. + Consumable: + required: + - consumableId + - quantity + type: object + properties: + consumableId: + pattern: ^(Storage|Metrics|Continuous|Credits)$ + type: string + description: | + Unique identifier of the consumable. Valid values are: 1. `Storage` 2. `Metrics` 3. `Continuous` 4. `Credits` + example: Metrics + x-pattern-message: "must be one of the following: `Storage`, `Metrics`,\ + \ `Continuous`, `Credits`" + quantity: + $ref: '#/components/schemas/Quantity' + description: Details of consumable and its quantity. + Quantity: + required: + - unit + - value + type: object + properties: + value: + type: integer + description: The value of the consumable in units. + format: int64 + example: 61425 + unit: + pattern: ^(GB|DPM|Credits|Days)$ + type: string + description: | + The unit of the consumable. Units are provided in: 1. `GB` 2. `DPM`(Data Points Per Minute) 3. `Credits` 4. `Days` + example: GB + x-pattern-message: "must be one of the following: `GB`, `DPM`, `Credits`,\ + \ `Days`" + description: Details of unit of consumption and its value. + Baselines: + type: object + properties: + continuousIngest: + maximum: 1000000 + minimum: 0 + type: integer + description: "The amount of continuous logs ingest to allocate to the organization,\ + \ in GBs." + format: int64 + example: 50000 + default: 0 + continuousStorage: + maximum: 30 + minimum: 30 + type: integer + description: "Number of days of continuous logs storage to allocate to the\ + \ organization, in Days." + format: int64 + example: 30 + default: 30 + frequentIngest: + maximum: 1000000 + minimum: 0 + type: integer + description: "The amount of frequent logs ingest to allocate to the organization,\ + \ in GBs." + format: int64 + example: 50000 + default: 0 + frequentStorage: + maximum: 30 + minimum: 30 + type: integer + description: "Number of days of frequent logs storage to allocate to the\ + \ organization, in Days." + format: int64 + example: 30 + default: 30 + infrequentIngest: + maximum: 1000000 + minimum: 0 + type: integer + description: "The amount of infrequent logs ingest to allocate to the organization,\ + \ in GBs." + format: int64 + example: 50000 + default: 0 + infrequentStorage: + maximum: 30 + minimum: 30 + type: integer + description: "The amount of infrequent logs storage to allocate to the organization,\ + \ in Days." + format: int64 + example: 30 + default: 30 + infrequentScan: + maximum: 1000000 + minimum: 0 + type: integer + description: "The amount of infrequent logs scan to allocate to the organization,\ + \ in GBs." + format: int64 + example: 50000 + default: 0 + metrics: + maximum: 5000000 + minimum: 0 + type: integer + description: "The amount of Metrics usage to allocate to the organization,\ + \ in DPMs (Data Points per Minute)." + format: int64 + example: 50000 + default: 0 + cseIngest: + maximum: 1000000 + minimum: 0 + type: integer + description: "The amount of CSE ingest to allocate to the organization,\ + \ in GBs." + format: int64 + example: 50000 + default: 0 + cseStorage: + maximum: 1000000 + minimum: 0 + type: integer + description: "The amount of CSE storage to allocate to the organization,\ + \ in GBs." + format: int64 + example: 50000 + default: 0 + tracingIngest: + maximum: 1000000 + minimum: 0 + type: integer + description: "The amount of tracing data ingest to allocate to the organization,\ + \ in GBs." + format: int64 + example: 50000 + default: 0 + flexIngest: + maximum: 1000000 + minimum: 0 + type: integer + description: "The amount of flex logs ingest to allocate to the organization,\ + \ in GBs." + format: int64 + example: 5 + default: 0 + flexStorage: + maximum: 1000000 + minimum: 0 + type: integer + description: "Number of days of flex logs storage to allocate to the organization,\ + \ in Days." + format: int64 + example: 30 + default: 0 + flexScanRatio: + maximum: 1000000 + minimum: 0 + type: integer + description: The amount of flex logs ingest scan ratio. + format: int64 + example: 5 + default: 0 + aiInvestigation: + maximum: 1000000 + minimum: 0 + type: integer + description: The amount of AI Investigations needed to allocate to the organization. + format: int64 + example: 5 + default: 0 + description: Details of consumable and its quantity. + ProrationDetails: + required: + - proratedCost + - proratedCredits + - remainingDays + type: object + properties: + remainingDays: + type: integer + description: Remaining days in the billing cycle for which the new plan + is prorated. + format: int32 + proratedCredits: + type: integer + description: Total prorated credits that get added to the bucket based on + the remaining billing period. + format: int32 + proratedCost: + type: number + description: Cost of the total prorated credits. + format: double + description: Details about the prorated credits and prorated cost in case of + immediate monthly to monthly cycle upgrades. + UpdateRequest: + required: + - baselines + - billingFrequency + - productId + type: object + properties: + productId: + $ref: '#/components/schemas/ProductId' + billingFrequency: + $ref: '#/components/schemas/BillingFrequency' + baselines: + $ref: '#/components/schemas/SelfServiceCreditsBaselines' + immediate: + type: boolean + description: true in case the subscription baselines need to be updated + immediately(only for monthly customers who are staying on the monthly + plan) + default: false + description: Update request for the account. + SelfServiceCreditsBaselines: + type: object + properties: + continuousIngest: + minimum: 0 + type: integer + description: "The amount of continuous logs ingest to allocate to the organization,\ + \ in GBs." + format: int64 + example: 5 + default: 0 + continuousStorage: + minimum: 0 + type: integer + description: "Number of days of continuous logs storage to allocate to the\ + \ organization, in Days." + format: int64 + example: 30 + default: 0 + metrics: + minimum: 0 + type: integer + description: "The amount of Metrics usage to allocate to the organization,\ + \ in DPMs (Data Points per Minute)." + format: int64 + example: 20000 + default: 0 + tracingIngest: + minimum: 0 + type: integer + description: "The amount of tracing data ingest to allocate to the organization,\ + \ in GBs." + format: int64 + example: 1 + default: 0 + flexIngest: + minimum: 0 + type: integer + description: "The amount of flex logs ingest to allocate to the organization,\ + \ in GBs." + format: int64 + example: 5 + default: 0 + flexStorage: + minimum: 0 + type: integer + description: "Number of days of flex logs storage to allocate to the organization,\ + \ in Days." + format: int64 + example: 30 + default: 0 + flexScanRatio: + minimum: 0 + type: integer + description: The amount of flex logs ingest scan ratio. + format: int64 + example: 5 + default: 0 + description: Details of product variables and its quantity as required for credits. + UpgradePlans: + required: + - plans + type: object + properties: + plans: + type: array + description: List of plans available. + items: + $ref: '#/components/schemas/Plan' + description: Upgrade plans available for the account. + Plan: + required: + - productGroups + - productId + - productName + type: object + properties: + productId: + $ref: '#/components/schemas/ProductId' + productName: + $ref: '#/components/schemas/ProductName' + productGroups: + type: array + description: A list of product group for preview. + items: + $ref: '#/components/schemas/ProductGroup' + description: Upgrade preview request for the account. + AccountStatusResponse: + required: + - applicationUse + - canUpdatePlan + - planType + - pricingModel + type: object + properties: + pricingModel: + pattern: ^(credits|cloudflex)$ + type: string + description: Whether the account is `cloudflex` or `credits` + example: credits + canUpdatePlan: + type: boolean + description: If the plan can be updated by the given user + example: true + planType: + pattern: ^(Free|Trial|Paid)$ + type: string + description: Whether the account is `Free`/`Trial`/`Paid` + example: Free + planExpirationDays: + type: integer + description: The number of days in which the plan will expire + example: 20 + applicationUse: + pattern: ^(ALLOWED|ALLOWED_WITH_WARNING|THROTTLED|RESTRICTED)$ + type: string + description: The current usage of the application. + example: ALLOWED + accountActivated: + type: boolean + description: If the account is activated or not + example: true + totalCredits: + type: integer + description: Total amount of credits assigned to the account + example: 400 + logModel: + pattern: ^(Flex|Tiered|FlexPlusTiered)$ + type: string + description: The log model of the account + example: Flex + description: Information about the account's plan and payment. + SubdomainDefinitionResponse: + required: + - createdAt + - createdBy + - modifiedAt + - modifiedBy + - subdomain + - url + type: object + properties: + createdAt: + type: string + description: | + Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339) format. + format: date-time + createdBy: + type: string + description: Identifier of the user who created the resource. + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + subdomain: + type: string + description: The new subdomain. + example: my-company + url: + type: string + description: Login URL corresponding to the subdomain. + example: https://your-company.sumologic.com + ConfigureSubdomainRequest: + required: + - subdomain + type: object + properties: + subdomain: + maxLength: 63 + minLength: 4 + pattern: "^(?!xn--)[a-z0-9]([a-z0-9-]*[a-z0-9])?$" + type: string + description: The new subdomain. + example: my-company + SubdomainAvailabilityResponse: + required: + - isAvailable + type: object + properties: + isAvailable: + type: boolean + description: Subdomain is available for use or not. + example: false + SubdomainUrlResponse: + required: + - url + type: object + properties: + url: + type: string + description: Login URL corresponding to the subdomain. + example: https://your-company.sumologic.com + TotalCredits: + required: + - totalCredits + type: object + properties: + totalCredits: + type: number + description: Numerical value of the amount of credits + format: double + example: 300.0 + breakdown: + $ref: '#/components/schemas/CreditsBreakdown' + description: Total amount of credits to be deducted from the parent organization + corresponding to the baselines + CreditsBreakdown: + required: + - allocatedCredits + - deploymentChargeCredits + type: object + properties: + deploymentChargeCredits: + type: number + description: The total credits deducted from the parent organization in + the form of deployment charge. + format: double + example: 100.0 + allocatedCredits: + type: number + description: The total useable credits allocated to the child organization. + format: double + example: 200.0 + description: Breakdown of the credits. + CalculatorRequest: + type: object + properties: + parentDeploymentId: + type: string + description: Identifier of the deployment in which the parent org is present. + example: us2 + deploymentId: + type: string + description: Identifier of the deployment in which the child org is present. + example: us2 + trialPlanPeriod: + type: integer + description: length of the trial period. + example: 45 + baselines: + $ref: '#/components/schemas/Baselines' + description: Details of the request + PlanUpdateEmail: + required: + - baselines + - emailId + type: object + properties: + emailId: + maxLength: 255 + type: string + description: email id on which support team will contact on + format: email + example: johndoe@acme.com + phoneNumber: + maxLength: 30 + type: string + description: contact number on which support team can call user + example: +01-87789-65749 + billingFrequency: + pattern: ^(Monthly|Annually|)$ + type: string + description: The frequency with with the customer needs to be billed at. + The current supported values are Monthly and Annually + example: Monthly + x-pattern-message: "must be one of the following: `Monthly`, `Annually`" + baselines: + $ref: '#/components/schemas/SelfServiceCreditsBaselines' + details: + type: string + description: option details the user might want to inform + example: I need some help with my plan. + description: details of the plan for updating with contact information + UsageDetails: + required: + - endDate + - entitlementUsages + - startDate + type: object + properties: + entitlementUsages: + type: array + description: An array of usages. + items: + $ref: '#/components/schemas/EntitlementUsage' + startDate: + type: string + description: Start date of the data usage. + format: date + example: 2019-07-20 + endDate: + type: string + description: End date of the data usage. + format: date + example: 2019-10-20 + description: List of entitlements usages. + EntitlementUsage: + required: + - dataPoints + - entitlementType + - label + - operators + - tier + type: object + properties: + entitlementType: + type: string + description: "String value denoting the type of entitlement. - `continuous`\ + \ for Continuous Analytics, - `frequent` for Frequent Analytics, - `storage`\ + \ for Total Storage, - `metrics` for Metrics, - `inFrequentIngest` for\ + \ Infrequent Ingest, - `inFrequentsStorage` for Infrequent Storage, -\ + \ `inFrequentScannedBytes` for Infrequent Scan, - `cloudSIEMContinuous`\ + \ for CSE Ingest, - `tracing` for Tracing Ingest, - `soarCount` for Soar\ + \ Count, - `dataForwarding` for Data Forwarding" + datapoints: + type: array + description: Array of data points of the entitlement with their respective + date range. + items: + $ref: '#/components/schemas/DataPoints' + operators: + type: array + description: "Operators used on the data. Available operators are `sum`,\ + \ `average`, `usagePercentage`, `forecastValue`, `forecastPercentage`,\ + \ and `forecastRemainingDays`. sum - Returns the sum of the usages. average\ + \ - Returns the average of the usages. usagePercentage - Returns percentage\ + \ of total capacity used for the startDate and endDate. forecastValue\ + \ - Returns expected usage value assuming current usage behavior continues.\ + \ forecastPercentage - Returns expected percentage usage by the endDate\ + \ assuming current usage behavior continues. forecastRemainingDays- Returns\ + \ the number of expected days, from today, that consumption will last\ + \ assuming current usage behavior continues." + items: + $ref: '#/components/schemas/Operator' + tier: + type: string + description: Tier defines the priority in which the usage for an entitlement + is calculated. For example `promotional` for promotional tier. + label: + type: string + description: The label for the entitlement. + UsageReportResponse: + type: object + properties: + jobId: + type: string + description: Job Id for export + example: "12345678" + description: Export Usage response containing the jobId + UsageReportRequest: + type: object + properties: + startDate: + type: string + description: "Start date, without the time, of the usage data to fetch.\ + \ If no value is provided startDate is used as the start of the subscription.\ + \ The start date cannot be before the start of the subscription." + example: 2019-07-20 + endDate: + type: string + description: "End date, without the time, of usage data to fetch. If no\ + \ value is provided endDate is used as the end of the subscription. The\ + \ end date cannot be after the end of the subscription." + example: 2019-08-20 + groupBy: + pattern: ^(day|week|month)$ + type: string + description: "Perform a groupBy operation on the usage details. If no value\ + \ is provided data is grouped by `Day` - `day`: Aggregate the data by\ + \ day - `week`: Aggregate the data by week. Week starts at Monday and\ + \ ends at sunday night. - `month`: Aggregate the data by calendar month." + example: day + default: day + reportType: + pattern: ^(standard|detailed|childDetailed)$ + type: string + description: Specifies the type of report to be exported. Available types + are `standard` and `detailed`. An additional `childDetailed` type is available + for Sumo Orgs parents. Detailed report will have raw consumption along + with the credits breakdown. If no value is provided Standard reports will + be exported. + example: standard + default: standard + includeDeploymentCharge: + type: boolean + description: Deployment charges will be applied to the returned usages csv + if this is set to true and the organization is a part of Sumo Organizations + as a child organization. + example: false + default: false + description: Usage Export Report Request + UsageReportStatusResponse: + allOf: + - $ref: '#/components/schemas/ErrorDescription' + - type: object + properties: + status: + pattern: ^(Success|InProgress|Failed)$ + type: string + description: Status export + example: Success + statusMessage: + type: string + description: Status message export + example: Successful request + reportDownloadURL: + type: string + description: S3 presigned download URL for the report. It is valid for + 10 minutes. + example: www.example.com + description: Status response containing status and downloadURL if successful + UsageForecastResponse: + type: object + properties: + averageUsage: + type: number + description: Average credit usage per day till now. + format: double + example: 4.0 + usagePercentage: + type: number + description: Percentage of total credits used till date. + format: double + example: 7.0 + forecastedUsage: + type: number + description: Total expected usage by the end of contract period. + format: double + example: 10.0 + forecastedUsagePercentage: + type: number + description: Percentage of allocated credits that will be used in the contract + period. + format: double + example: 5.0 + remainingDays: + type: number + description: Days remaining till all the credits are consumed. + format: double + example: 10.0 + description: Usage forecast for the organization. + PendingUpdateRequest: + required: + - createdOn + - plan + type: object + properties: + createdOn: + type: string + description: The date on which the update request was created. + format: date + plan: + $ref: '#/components/schemas/CurrentPlan' + description: The pending plan update request for the account + SumoOrgsUsageBackfillRequest: + required: + - customerId + - from + - to + type: object + properties: + customerId: + type: integer + description: the customer ID of a mam org + format: int64 + example: 12345 + from: + type: integer + description: epoch millis of date from which usage is to be copied + format: int64 + example: 1661106600000 + to: + type: integer + description: epoch millis of date upto which usage is to be copied + format: int64 + example: 1661426182666 + UsageAlertConfig: + required: + - monitorTemplateId + type: object + properties: + monitorTemplateId: + type: string + description: ID of the monitor template + monitorId: + type: string + description: ID of the monitor instance + description: Usage alert configuration + UsageAlertRequest: + required: + - monitorId + - monitorTemplateId + type: object + properties: + monitorTemplateId: + type: string + description: ID of the monitor template + monitorId: + type: string + description: ID of the monitor instance + description: Usage alert configuration request + ChildUsageDetailsResponse: + required: + - data + type: object + properties: + data: + type: array + description: Usage details of the child orgs. + items: + $ref: '#/components/schemas/ChildUsageDetail' + ChildUsageDetail: + required: + - orgId + - status + - usages + type: object + properties: + status: + pattern: ^(Active|Delinked|Deactivated)$ + type: string + description: Status of the child org. + example: Active + x-pattern-message: "Valid values are `Active`, `Delinked`, and `Deactivated`" + orgName: + type: string + description: Name of the child org. + example: DSW Corp - Prod/Main + orgId: + maxLength: 23 + minLength: 19 + type: string + description: The unique identifier of an organization. It consists of the + deployment ID and the hexadecimal account ID separated by a dash `-` character. + example: us2-00000000FF42A0C3 + allocatedCredits: + type: number + description: Denotes the total number of credits provisioned for the child + organization to use. + format: double + example: 10000.0 + usages: + $ref: '#/components/schemas/ChildUsage' + ChildUsage: + required: + - totalCreditsUsed + type: object + properties: + totalCreditsUsed: + type: number + description: Total Credits used by the child org. + format: double + example: 10000.0 + usagePercentage: + type: number + description: Percentage of used credits from the allocated credits. + format: double + example: 10000.0 + forecastPercentage: + type: number + description: Forecasted percentage of credits will be used in the given + time period. + format: double + example: 10000.0 + usagePercentChangeWoW: + type: number + description: Week over week usage percentage for the subscription period. + format: double + example: 10000.0 + usagePercentChange: + type: number + description: Percentage of usage change over the given time period. + format: double + example: 10000.0 + ChildUsageDetailsRequest: + type: object + properties: + startDate: + type: string + description: "Start date, without the time, of the usage data to fetch." + example: 2019-07-20 + endDate: + type: string + description: "End date, without the time, of usage data to fetch." + example: 2019-10-20 + description: The child usage details request for the parent account + FlexPlanUpdateEmail: + required: + - emailId + type: object + properties: + emailId: + maxLength: 255 + type: string + description: email id on which support team will contact on + format: email + example: johndoe@acme.com + phoneNumber: + maxLength: 15 + type: string + description: contact number on which support team can call user + example: +01-87789-65749 + details: + type: string + description: option details the user might want to inform + example: I need some help with my plan. + description: details of the flex plan for updating with contact information + IngestionLimitsResponse: + type: object + properties: + logs: + $ref: '#/components/schemas/UsageDetails_1' + metrics: + $ref: '#/components/schemas/UsageDetails_1' + traces: + $ref: '#/components/schemas/UsageDetails_1' + UsageDetails_1: + type: object + properties: + ingestionRate: + type: integer + description: "Current average ingestion rate. In bytes per minute for logs,\ + \ spans per minute for traces, DPM for metrics." + format: int64 + threshold: + type: integer + description: "Quota threshold. This is the per minute ingestion rate that\ + \ is allowed. In bytes per minute for logs, spans per minute for traces,\ + \ DPM for metrics." + format: int64 + remainingCapacity: + type: integer + description: "Remaining token bucket capacity. In bytes for logs, spans\ + \ for traces, DP for metrics." + format: int64 + SuccessResponse: + type: object + properties: + message: + type: string + description: some message about success + description: Response object for success + IngestionLogRequest: + type: object + properties: + viewName: + maxLength: 255 + type: string + description: view name + example: sumologic_system_events + messageTier: + maxLength: 255 + type: string + description: message tier + example: Flex + team: + type: string + description: team + example: business enablement + description: Describe ingestion usage log + MetricsSearchInstance: + allOf: + - $ref: '#/components/schemas/MetricsSearchV1' + - $ref: '#/components/schemas/MetadataModel' + - required: + - id + type: object + properties: + id: + type: string + description: Identifier of the metrics search. + example: 000000000000001A + parentId: + type: string + description: "Identifier of the parent element in the content library,\ + \ such as folder." + example: 0000000000007D2B + MetricsSearchV1: + required: + - description + - metricsQueries + - timeRange + - title + type: object + properties: + title: + maxLength: 255 + minLength: 1 + pattern: "^[a-zA-Z0-9 +%-@.,_()]+$" + type: string + description: Item title in the content library. + example: Short title + description: + maxLength: 8192 + type: string + description: Item description in the content library. + example: Long and detailed description + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + logQuery: + maxLength: 10240 + type: string + description: Log query used to add an overlay to the chart. + example: my_metric | timeslice 1m | count by _timeslice + metricsQueries: + type: array + description: "Metrics queries, up to the maximum of six." + items: + $ref: '#/components/schemas/MetricsSearchQuery' + desiredQuantizationInSecs: + minimum: 0 + type: integer + description: Desired quantization in seconds. + format: int32 + example: 60 + default: 0 + properties: + type: string + description: | + Chart properties, like line width, color palette, and the fill missing data method. Leave this field empty to use the defaults. + This property contains JSON object encoded as a string. + example: "{ \\\"key\\\": \\\"value\\\" }" + description: Definition of a metrics search. + MetricsSearchQuery: + required: + - query + - rowId + type: object + properties: + rowId: + type: string + description: Row identifier. All row IDs are represented by subsequent upper + case letters starting with `A`. + example: A + query: + type: string + description: Metrics query. + example: my_metric | avg + description: Definition of a metrics query. + SaveMetricsSearchRequest: + type: object + description: The definition of the metrics search to save in the content library. + allOf: + - $ref: '#/components/schemas/MetricsSearchV1' + - required: + - parentId + type: object + properties: + parentId: + type: string + description: Identifier of a folder to which the metrics search should + be added. + example: 000000000000001A + ListTokensBaseResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of tokens. + items: + $ref: '#/components/schemas/TokenBaseResponse' + TokenBaseResponse: + required: + - createdAt + - createdBy + - description + - id + - modifiedAt + - modifiedBy + - name + - status + - type + - version + type: object + properties: + id: + type: string + description: Identifier of the token. + name: + maxLength: 255 + minLength: 1 + type: string + description: Name of the token. + example: token-name + description: + maxLength: 4096 + minLength: 0 + type: string + description: Description of the token. + example: "token description: for test." + status: + pattern: ^(Active|Inactive)$ + type: string + description: "Status of the token. Can be `Active`, or `Inactive`." + example: Active + x-pattern-message: must be either `Active` or `Inactive` + type: + pattern: ^(CollectorRegistrationTokenResponse)$ + type: string + description: "Type of the token. Valid values: 1) CollectorRegistrationTokenResponse" + example: CollectorRegistrationTokenResponse + x-pattern-message: must be `CollectorRegistrationTokenResponse` + version: + type: integer + description: Version of the token. + format: int64 + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + createdBy: + type: string + description: Identifier of the user who created the resource. + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + discriminator: + propertyName: type + TokenBaseDefinition: + required: + - name + - status + - type + type: object + properties: + name: + maxLength: 255 + minLength: 1 + type: string + description: Name of the token. + example: token-name + description: + maxLength: 4096 + minLength: 0 + type: string + description: Description of the token. + example: "token description: for test." + status: + pattern: ^(Active|Inactive)$ + type: string + description: "Status of the token. Can be `Active`, or `Inactive`." + example: Active + x-pattern-message: must be either `Active` or `Inactive` + type: + pattern: ^(CollectorRegistration)$ + type: string + description: "Type of the token. Valid values: 1) CollectorRegistration" + example: CollectorRegistration + x-pattern-message: must be `CollectorRegistration` + TokenBaseDefinitionUpdate: + required: + - name + - status + - type + - version + type: object + properties: + name: + maxLength: 255 + minLength: 1 + type: string + description: Name of the token. + example: token-name + description: + maxLength: 4096 + minLength: 0 + type: string + description: Description of the token. + example: "token description: for test." + status: + pattern: ^(Active|Inactive)$ + type: string + description: "Status of the token. Can be `Active`, or `Inactive`." + example: Active + x-pattern-message: must be either `Active` or `Inactive` + type: + pattern: ^(CollectorRegistration)$ + type: string + description: "Type of the token. Valid values: 1) CollectorRegistration" + example: CollectorRegistration + x-pattern-message: must be `CollectorRegistration` + version: + type: integer + description: Version of the token. + format: int64 + PaginatedListAccessKeysResult: + required: + - data + type: object + properties: + data: + type: array + description: An array of access keys. + items: + $ref: '#/components/schemas/AccessKeyPublic' + next: + type: string + description: Next continuation token. + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + description: List of access keys. + AccessKeyPublic: + required: + - createdAt + - createdBy + - disabled + - id + - label + - modifiedAt + - modifiedBy + type: object + properties: + id: + type: string + description: Identifier of the access key. + example: su0w3Q37CBzHUM + label: + type: string + description: The name of the access key. + example: collector access key + corsHeaders: + type: array + description: |- + An array of domains for which the access key is valid. Whether Sumo Logic accepts or rejects an API request depends on whether it contains an ORIGIN header and the entries in the allowlist. Sumo Logic will reject: + 1. Requests with an ORIGIN header but the allowlist is empty. + 2. Requests with an ORIGIN header that don't match any entry in the allowlist. + example: + - https://my-app.com + - https://mail.my-app.com + items: + type: string + disabled: + type: boolean + description: Indicates whether the access key is disabled or not. + example: false + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2018-10-16T09:10:00Z + createdBy: + type: string + description: Identifier of the user who created the access key. + example: 0000000006743FDD + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + example: 2018-10-16T09:10:00Z + modifiedBy: + type: string + description: Identifier of the user who modified the access key. + example: 0000000006743FDD + serviceAccountId: + type: string + description: Identifier of the service account who owns the access key. + example: 0000000006743FDA + lastUsed: + type: string + description: "Last used timestamp in UTC.
**Note:** Property not in\ + \ use, it is part of an upcoming feature." + format: date-time + example: 2018-10-16T09:10:00Z + scopes: + type: array + description: "Scopes assigned to the key.\n### Alerting\n - adminMonitorsV2\n\ + \ - viewMonitorsV2\n - manageMonitorsV2\n\n### Data Management\n -\ + \ manageApps\n - viewCollectors\n - manageCollectors\n - viewConnections\n\ + \ - manageConnections\n - contentAdmin\n - viewFieldExtractionRules\n\ + \ - manageFieldExtractionRules \n - viewFields\n - manageFields\n\ + \ - manageBudgets\n - viewLibrary\n - manageLibrary\n - viewPartitions\n\ + \ - managePartitions \n - manageS3DataForwarding\n - viewScheduledViews\n\ + \ - manageScheduledViews\n - manageTokens\n\n### Logs\n - runLogSearch\n\ + \n### Metrics\n - runMetricsQuery \n\n### Reliability Management\n -\ + \ viewSlos\n - manageSlos\n\n### Security\n - manageAccessKeys\n -\ + \ viewPersonalAccessKeys\n - managePersonalAccessKeys\n\n### UserManagement\n\ + \ - viewUsersAndRoles\n - manageUsersAndRoles" + example: + - manageUsersAndRoles + - viewCollectors + items: + type: string + effectiveScopes: + type: array + description: Effective scopes based on the intersection of the user's RBAC + capabilities and the assigned scopes. + example: + - manageUsersAndRoles + - viewCollectors + items: + type: string + AccessKey: + allOf: + - $ref: '#/components/schemas/AccessKeyPublic' + - required: + - key + type: object + properties: + key: + type: string + description: The key for the created access key. This field will have + values only in the response for an access key create request. The value + will be an empty string while listing all keys. + example: F9GZvb4fISxUZHM7pqHCsGXGWf4OArgmt9Tz8ewZ + AccessKeyCreateRequest: + required: + - label + type: object + properties: + label: + maxLength: 128 + type: string + description: A name for the access key to be created. + example: automation access key + corsHeaders: + maxItems: 20 + type: array + description: |- + An array of domains for which the access key is valid. Whether Sumo Logic accepts or rejects an API request + depends on whether it contains an ORIGIN header and the entries in the allowlist. + Sumo Logic will reject: + 1. Requests with an ORIGIN header but the allowlist is empty. + 2. Requests with an ORIGIN header that don't match any entry in the allowlist. + example: + - https://my-app.com + - https://mail.my-app.com + items: + type: string + scopes: + type: array + description: "Scopes assigned to the key.\n### Alerting\n - adminMonitorsV2\n\ + \ - viewMonitorsV2\n - manageMonitorsV2\n\n### Data Management\n -\ + \ manageApps\n - viewCollectors\n - manageCollectors\n - viewConnections\n\ + \ - manageConnections\n - contentAdmin\n - viewFieldExtractionRules\n\ + \ - manageFieldExtractionRules \n - viewFields\n - manageFields\n\ + \ - manageBudgets\n - viewLibrary\n - manageLibrary\n - viewPartitions\n\ + \ - managePartitions\n - manageS3DataForwarding\n - viewScheduledViews\n\ + \ - manageScheduledViews\n - manageTokens\n\n### Logs\n - runLogSearch\n\ + \n### Metrics\n - runMetricsQuery \n\n### Reliability Management\n -\ + \ viewSlos\n - manageSlos\n\n### Security\n - manageAccessKeys\n -\ + \ viewPersonalAccessKeys\n - managePersonalAccessKeys\n\n### UserManagement\n\ + \ - viewUsersAndRoles\n - manageUsersAndRoles" + example: + - manageUsersAndRoles + - viewCollectors + items: + type: string + ListAccessKeysResult: + required: + - data + type: object + properties: + data: + type: array + description: An array of access keys. + items: + $ref: '#/components/schemas/AccessKeyPublic' + description: List of access keys. + ScopesList: + required: + - data + type: object + properties: + data: + type: array + description: List of scopes + items: + $ref: '#/components/schemas/ScopeDefinition' + ScopeDefinition: + required: + - dependsOn + - group + - id + - label + - type + type: object + properties: + id: + type: string + description: The name of the scope. + example: managePartitions + label: + type: string + description: The UI label for the scope. + example: Manage Partitions + type: + type: string + description: Type of scope. + example: Manage + dependsOn: + type: array + description: Any scopes that are required for this scope to be enabled. + example: + - viewPartitions + items: + type: string + group: + required: + - id + - label + type: object + properties: + id: + type: string + description: The name of the scope group + example: dataManagement + label: + type: string + description: The label for the scope group + example: Data Management + parentId: + type: string + description: The ID of the parent scope group + description: The group that the scope belongs to. + AccessKeyUpdateRequest: + required: + - disabled + type: object + properties: + disabled: + type: boolean + description: Indicates whether the access key is disabled or not. + example: true + corsHeaders: + maxItems: 20 + type: array + description: |- + An array of domains for which the access key is valid. Whether Sumo Logic accepts or rejects an API request depends on whether it contains an ORIGIN header and the entries in the allowlist. Sumo Logic will reject: + 1. Requests with an ORIGIN header but the allowlist is empty. + 2. Requests with an ORIGIN header that don't match any entry in the allowlist. + example: + - https://my-app.com + - https://mail.my-app.com + items: + type: string + scopes: + type: array + description: "Scopes assigned to the key.

Note: Updates to scopes\ + \ will take up to 5m to reflect due to caching in the system.\n### Alerting\n\ + \ - adminMonitorsV2\n - viewMonitorsV2\n - manageMonitorsV2\n\n###\ + \ Data Management\n - manageApps\n - viewCollectors\n - manageCollectors\n\ + \ - viewConnections\n - manageConnections\n - contentAdmin\n - viewFieldExtractionRules\n\ + \ - manageFieldExtractionRules \n - viewFields\n - manageFields\n\ + \ - manageBudgets\n - viewLibrary\n - manageLibrary\n - viewPartitions\n\ + \ - managePartitions\n - manageS3DataForwarding\n - viewScheduledViews\n\ + \ - manageScheduledViews\n - manageTokens\n\n### Logs\n - runLogSearch\n\ + \n### Metrics\n - runMetricsQuery \n\n### Reliability Management\n -\ + \ viewSlos\n - manageSlos\n\n### Security\n - manageAccessKeys\n -\ + \ viewPersonalAccessKeys\n - managePersonalAccessKeys\n\n### UserManagement\n\ + \ - viewUsersAndRoles\n - manageUsersAndRoles" + example: + - manageUsersAndRoles + - viewCollectors + items: + type: string + SamlIdentityProvider: + type: object + allOf: + - $ref: '#/components/schemas/SamlIdentityProviderRequest' + - $ref: '#/components/schemas/AuthnCertificateResult' + - $ref: '#/components/schemas/MetadataModel' + - required: + - id + properties: + id: + type: string + description: Unique identifier of the SAML Identity Provider. + example: 00000000361130F7 + assertionConsumerUrl: + type: string + description: The URL on Sumo Logic where the IdP will redirect to with + its authentication response. + example: https://service.sumologic.com/sumo/saml/consume/9483922 + default: "" + entityId: + type: string + description: A unique identifier that is the intended audience of the + SAML assertion. + example: https://service.sumologic.com/sumo/saml/9483922 + default: "" + metadataUrl: + type: string + description: The URL to fetch SAML metadata XML. + example: https://api.sumologic.com/api/v1/saml/identityProviders/00000000361130F7/metadata + default: "" + SamlIdentityProviderRequest: + required: + - configurationName + - issuer + - x509cert1 + type: object + properties: + spInitiatedLoginPath: + type: string + description: This property has been deprecated and is no longer used. + example: http://www.okta.com/abxcseyuiwelflkdjh + deprecated: true + default: "" + configurationName: + type: string + description: Name of the SSO policy or another name used to describe the + policy internally. + example: SumoLogic + issuer: + type: string + description: The unique URL assigned to the organization by the SAML Identity + Provider. + example: http://www.okta.com/abxcseyuiwelflkdjh + spInitiatedLoginEnabled: + type: boolean + description: True if Sumo Logic redirects users to your identity provider + with a SAML AuthnRequest when signing in. + default: false + authnRequestUrl: + type: string + description: The URL that the identity provider has assigned for Sumo Logic + to submit SAML authentication requests to the identity provider. + example: https://www.okta.com/app/sumologic/abxcseyuiwelflkdjh/sso/saml + default: "" + x509cert1: + type: string + description: The certificate is used to verify the signature in SAML assertions. + x509cert2: + type: string + description: The backup certificate used to verify the signature in SAML + assertions when x509cert1 expires. + default: "" + x509cert3: + type: string + description: The backup certificate used to verify the signature in SAML + assertions when x509cert1 expires and x509cert2 is empty. + default: "" + onDemandProvisioningEnabled: + $ref: '#/components/schemas/OnDemandProvisioningInfo' + rolesAttribute: + type: string + description: The role that Sumo Logic will assign to users when they sign + in. + example: Sumo_Role + default: "" + logoutEnabled: + type: boolean + description: True if users are redirected to a URL after signing out of + Sumo Logic. + default: false + logoutUrl: + type: string + description: The URL that users will be redirected to after signing out + of Sumo Logic. + example: https://www.sumologic.com + default: "" + emailAttribute: + type: string + description: The email address of the new user account. + example: attribute/subject + default: "" + debugMode: + type: boolean + description: True if additional details are included when a user fails to + sign in. + default: false + signAuthnRequest: + type: boolean + description: True if Sumo Logic will send signed Authn requests to the identity + provider. + default: false + disableRequestedAuthnContext: + type: boolean + description: True if Sumo Logic will include the RequestedAuthnContext element + of the SAML AuthnRequests it sends to the identity provider. + default: false + isRedirectBinding: + type: boolean + description: True if the SAML binding is of HTTP Redirect type. + default: false + OnDemandProvisioningInfo: + required: + - onDemandProvisioningRoles + type: object + properties: + firstNameAttribute: + type: string + description: First name attribute of the new user account. + example: http://schemas.microsoft.com/ws/2008/06/identity/claims/givenname + default: "" + lastNameAttribute: + type: string + description: Last name attribute of the new user account. + example: http://schemas.microsoft.com/ws/2008/06/identity/claims/surname + default: "" + onDemandProvisioningRoles: + type: array + description: Sumo Logic RBAC roles to be assigned when user accounts are + provisioned. + example: "[\"Analyst\", \"Administrator\"]" + items: + type: string + default: [] + AuthnCertificateResult: + required: + - certificate + type: object + properties: + certificate: + type: string + description: Authentication Request Signing Certificate for the user. + AllowlistedUserResult: + required: + - canManageSaml + - email + - firstName + - isActive + - lastLogin + - lastName + - userId + type: object + properties: + userId: + type: string + description: Unique identifier of the user. + firstName: + type: string + description: First name of the user. + lastName: + type: string + description: Last name of the user. + email: + type: string + description: Email of the user. + example: john@sumologic.com + canManageSaml: + type: boolean + description: If the user can manage SAML Configurations. + isActive: + type: boolean + description: Checks if the user is active. + lastLogin: + type: string + description: Timestamp of the last login of the user. + format: date-time + CidrList: + required: + - data + type: object + properties: + data: + maxItems: 50 + type: array + description: An array of CIDR notations and/or IP addresses. + items: + $ref: '#/components/schemas/Cidr' + description: A list of CIDR notations and/or IP addresses. + Cidr: + required: + - cidr + type: object + properties: + cidr: + pattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\\ + /([0-9]|[1-2][0-9]|3[0-2]))?$" + type: string + description: The string representation of the CIDR notation or IP address. + example: 192.35.24.1 + x-pattern-message: Invalid CIDR/IP + description: + type: string + description: Description of the CIDR notation or IP address. + example: Accountant + description: A CIDR notation or IP address along with its description. + AllowlistingStatus: + required: + - contentEnabled + - loginEnabled + type: object + properties: + contentEnabled: + type: boolean + description: Whether service allowlisting is enabled for Content. + loginEnabled: + type: boolean + description: Whether service allowlisting is enabled for Login. + description: The status of service allowlisting for Content and Login. + AuditPolicy: + required: + - enabled + type: object + properties: + enabled: + type: boolean + description: Whether the Audit policy is enabled. + example: true + description: Audit policy. + SearchAuditPolicy: + required: + - enabled + type: object + properties: + enabled: + type: boolean + description: Whether the Search Audit policy is enabled. + example: true + description: Search Audit policy. + ShareDashboardsOutsideOrganizationPolicy: + required: + - enabled + type: object + properties: + enabled: + type: boolean + description: Whether the Share Dashboards Outside Organization policy is + enabled. + example: true + description: Share Dashboards Outside Organization policy. + DataAccessLevelPolicy: + required: + - enabled + type: object + properties: + enabled: + type: boolean + description: Whether the Data Access Level policy is enabled. + example: true + description: Data Access Level policy. + UserConcurrentSessionsLimitPolicy: + required: + - enabled + type: object + properties: + enabled: + type: boolean + description: Whether the User Concurrent Sessions Limit policy is enabled. + example: true + maxConcurrentSessions: + maximum: 100 + minimum: 1 + type: integer + description: Maximum number of concurrent sessions a user may have. + format: int32 + example: 50 + default: 100 + description: User Concurrent Sessions Limit policy. + MaxUserSessionTimeoutPolicy: + required: + - maxUserSessionTimeout + type: object + properties: + maxUserSessionTimeout: + pattern: ^(5m|15m|30m|1h|2h|6h|12h|1d|2d|3d|5d|7d)$ + type: string + description: "Maximum web session timeout users are able to configure within\ + \ their user preferences. Valid values are: `5m`, `15m`, `30m`, `1h`,\ + \ `2h`, `6h`, `12h`, `1d`, `2d`, `3d`, `5d`, or `7d`" + example: 1d + x-pattern-message: "must be one of the following: `5m`, `15m`, `30m`, `1h`,\ + \ `2h`, `6h`, `12h`, `1d`, `2d`, `3d`, `5d`, or `7d`" + description: Max User Session Timeout policy. + DisableUnusedAccessKeysPolicy: + required: + - unusedAccessKeysDisableAfterInDays + type: object + properties: + unusedAccessKeysDisableAfterInDays: + maximum: 365 + minimum: 0 + type: integer + description: The number of days it will take for an unused access key to + automatically disable. Setting it to 0 (never) means that the accessKeys + will not be disabled automatically. + format: int32 + example: 60 + description: Disable Unused Access Keys policy. + AccessKeysLifetimePolicy: + required: + - accessKeysLifetimeInDays + type: object + properties: + accessKeysLifetimeInDays: + pattern: ^(0|30|45|60|90|180|365)$ + type: string + description: "The number of days it will take for an access key to expire\ + \ without being rotated/copied. Setting it to 0 (never) means that access\ + \ keys will never expire. Valid values are: `0`, `30`, `45`, `60`, `90`,\ + \ `180`, or `365`" + example: "60" + x-pattern-message: "must be one of the following: `0`, `30`, `45`, `60`,\ + \ `90`, `180`, or `365`" + description: Access Keys Lifetime policy. + DataDeletionPolicy: + required: + - enabled + type: object + properties: + enabled: + type: boolean + description: Whether the Data Deletion policy is enabled. + example: true + description: Whether the Data Deletion policy is enabled. + DashboardAutoRefreshPolicy: + required: + - minRefreshInterval + type: object + properties: + minRefreshInterval: + maximum: 86400 + minimum: 0 + type: integer + description: Minimum refresh interval in seconds. A value of 0 disables + automatic refresh. + format: int32 + example: 60 + description: Dashboard Auto-Refresh policy. + DashboardAutoRunPolicy: + required: + - enabled + type: object + properties: + enabled: + type: boolean + description: "Whether the Dashboard Auto-Run policy is enabled. When enabled,\ + \ dashboard queries will run automatically on load. When disabled, users\ + \ must manually trigger query execution." + example: true + description: Dashboard Auto-Run policy. + CheckDataIngestionPolicy: + required: + - enabled + type: object + properties: + enabled: + type: boolean + description: Whether the Check Data Ingestion policy is enabled for OT collectors. + example: true + noDataThreshold: + pattern: ^(1h|2h|4h|8h|16h|24h)$ + type: string + description: "Duration threshold after which an OT collector not sending\ + \ data will trigger an alert. Valid values are: `1h`, `2h`, `4h`, `8h`,\ + \ `16h`, or `24h`" + example: 24h + default: 24h + x-pattern-message: "must be one of the following: `1h`, `2h`, `4h`, `8h`,\ + \ `16h`, or `24h`" + description: Check Data Ingestion policy. + ListHealthEventResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of health events. + items: + $ref: '#/components/schemas/HealthEvent' + next: + type: string + description: Next continuation token. + HealthEvent: + required: + - details + - eventId + - eventName + - eventTime + - resourceIdentity + - severityLevel + - subsystem + type: object + properties: + eventId: + type: string + description: The unique identifier of the event. + example: e801dc7d-f483-46e9-bcc9-410f08f96497 + eventName: + type: string + description: The name of the event. + example: InstalledCollectorOffline + details: + $ref: '#/components/schemas/TrackerIdentity' + resourceIdentity: + $ref: '#/components/schemas/ResourceIdentity' + eventTime: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2018-10-16T09:10:00Z + subsystem: + type: string + description: The product area of the event. + severityLevel: + type: string + description: The criticality of the event. It is either `Error` or `Warning` + ResourceIdentities: + required: + - data + type: object + properties: + data: + type: array + description: A list of the resources. + items: + $ref: '#/components/schemas/ResourceIdentity' + ListArchiveJobsResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of Archive Jobs. + items: + $ref: '#/components/schemas/ArchiveJob' + next: + type: string + description: Next continuation token. + ArchiveJob: + type: object + allOf: + - $ref: '#/components/schemas/CreateArchiveJobRequest' + - required: + - createdAt + - createdBy + - id + - status + - totalBytesIngested + - totalObjectsIngested + - totalObjectsScanned + properties: + id: + type: string + description: The unique identifier of the ingestion job. + example: 4e214571-cf27-4114-93e6-69a98c017f3 + totalObjectsScanned: + type: integer + description: The total number of objects scanned by the ingestion job. + format: int64 + example: 25 + totalObjectsIngested: + type: integer + description: The total number of objects ingested by the ingestion job. + format: int64 + example: 10 + totalBytesIngested: + type: integer + description: The total bytes ingested by the ingestion job. + format: int64 + example: 100 + status: + type: string + description: "The status of the ingestion job, either `Pending`,`Scanning`,`Ingesting`,`Failed`,\ + \ or `Succeeded`." + example: Scanning + createdAt: + type: string + description: The creation timestamp in UTC of the ingestion job. + format: date-time + example: 2018-10-16T09:10:00Z + createdBy: + type: string + description: The identifier of the user who created the ingestion job. + example: 0000000006743FDD + CreateArchiveJobRequest: + required: + - endTime + - name + - startTime + type: object + properties: + name: + maxLength: 128 + minLength: 1 + type: string + description: The name of the ingestion job. + startTime: + type: string + description: The starting timestamp of the ingestion job. + format: date-time + example: 2018-10-16T09:10:00Z + endTime: + type: string + description: The ending timestamp of the ingestion job. + format: date-time + example: 2018-10-16T10:10:00Z + ListArchiveJobsCount: + required: + - data + type: object + properties: + data: + type: array + description: List of archive sources with count of jobs having various statuses. + items: + $ref: '#/components/schemas/ArchiveJobsCount' + ArchiveJobsCount: + required: + - failed + - ingesting + - pending + - scanning + - sourceId + - succeeded + type: object + properties: + sourceId: + type: string + description: Identifier for the archive source. + example: 000000000606C009 + pending: + type: integer + description: The total number of archive jobs with pending status for the + archive source. + format: int64 + example: 4 + scanning: + type: integer + description: The total number of archive jobs with scanning status for the + archive source. + format: int64 + example: 1 + ingesting: + type: integer + description: The total number of archive jobs with ingesting status for + the archive source. + format: int64 + example: 2 + failed: + type: integer + description: The total number of archive jobs with failed status for the + archive source. + format: int64 + example: 5 + succeeded: + type: integer + description: The total number of archive jobs with succeeded status for + the archive source. + format: int64 + example: 20 + LogSearchEstimatedUsageDefinition: + allOf: + - $ref: '#/components/schemas/LogSearchEstimatedUsageRequest' + - required: + - estimatedUsageDetails + type: object + properties: + estimatedUsageDetails: + $ref: '#/components/schemas/EstimatedUsageDetails' + LogSearchEstimatedUsageRequest: + allOf: + - $ref: '#/components/schemas/LogSearchQueryTimeRangeBase' + - required: + - timezone + type: object + properties: + timezone: + type: string + description: | + Time zone to get the estimated usage details. Follow the format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). + example: America/Los_Angeles + EstimatedUsageDetails: + type: object + properties: + dataScannedInBytes: + type: integer + description: "Amount of data scanned in bytes, to run the query." + format: int64 + example: 114086541 + LogSearchEstimatedUsageByTierDefinition: + allOf: + - $ref: '#/components/schemas/LogSearchEstimatedUsageRequestV2' + - required: + - estimatedUsageDetails + type: object + properties: + estimatedUsageDetails: + type: array + items: + $ref: '#/components/schemas/EstimatedUsageDetailsWithTier' + LogSearchEstimatedUsageRequestV2: + allOf: + - $ref: '#/components/schemas/LogSearchQueryTimeRangeBaseExceptParsingMode' + - required: + - timezone + type: object + properties: + timezone: + type: string + description: | + Time zone to get the estimated usage details. Follow the format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). + example: America/Los_Angeles + EstimatedUsageDetailsWithTier: + type: object + properties: + tier: + type: string + description: "Name of the data tier. Supported Values are Continuous, Frequent,\ + \ Infrequent" + example: Continuous + dataScannedInBytes: + type: integer + description: "Amount of data scanned in bytes, to run the query." + format: int64 + example: 114086541 + LogSearchEstimatedUsageByMeteringTypeDefinition: + allOf: + - $ref: '#/components/schemas/LogSearchEstimatedUsageRequestV3' + - required: + - estimatedUsageDetails + type: object + properties: + estimatedUsageDetails: + type: array + items: + $ref: '#/components/schemas/EstimatedUsageDetailsWithMeteringType' + LogSearchEstimatedUsageRequestV3: + allOf: + - $ref: '#/components/schemas/LogSearchQueryEstimationQueryDefinition' + - required: + - timezone + type: object + properties: + timezone: + type: string + description: | + Time zone to get the estimated usage details. Follow the format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). + example: America/Los_Angeles + emulateSearchContext: + $ref: '#/components/schemas/EmulateSearchContext' + LogSearchQueryEstimationQueryDefinition: + description: Definition of the log search with query and timerange. + allOf: + - $ref: '#/components/schemas/LogSearchQueryEstimationBaseDefinition' + - type: object + properties: + runByReceiptTime: + type: boolean + description: This has the value `true` if the search is to be run by receipt + time and `false` if it is to be run by message time. + example: false + default: false + LogSearchQueryEstimationBaseDefinition: + required: + - queryString + - timeRange + type: object + properties: + queryString: + maxLength: 15000 + type: string + description: Log search Query to compute the estimated volume of data scanned. + example: "error {{sourceCategory}}| count by _sourceCategory" + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + queryParameters: + maxLength: 50 + type: array + description: "Values for search template used in the search query. Learn\ + \ more about the search templates here : https://help.sumologic.com/docs/search/get-started-with-search/build-search/search-templates/" + items: + $ref: '#/components/schemas/LogSearchQueryParameterSyncDefinitionBase' + intervalTimeType: + pattern: ^(messageTime|receiptTime|searchableTime)$ + type: string + description: "This parameter defines whether you want to run the search\ + \ by messageTime, receiptTime, or searchableTime. By default, the search\ + \ will run by messageTime. If both runByReceiptTime and intervalTimeType\ + \ parameters are present then the preference will be given to the intervalTimeType." + example: messageTime + default: messageTime + x-pattern-message: should be either 'messageTime' or 'receiptTime' or 'searchableTime' + description: Base definition of the log search with query and timerange (without + runByReceiptTime). + EmulateSearchContext: + type: object + properties: + roleIds: + type: array + description: List of role IDs to emulate the search context for. + example: + - 000000000000000C + items: + type: string + userId: + type: string + description: User ID to emulate the search context for. + example: 000000000000019F + description: | + Contains keys like "roleIds" with a list of role IDs or "userId" as a string. + EstimatedUsageDetailsWithMeteringType: + type: object + properties: + meteringType: + type: string + description: | + Name of the metering type. Metering type indicates how the data scanned within a particular data tier is actually metered and billed. Supported Values are Continuous, Frequent, Infrequent, ContinuousSecurity and FlexSecurity. + example: Continuous + dataScannedInBytes: + type: integer + description: "Amount of data scanned in bytes, to run the query." + format: int64 + example: 114086541 + tier: + type: string + description: "Name of the data tier. Supported Values are Continuous, Frequent,\ + \ Infrequent and Flex." + example: Continuous + scanCreditAccounted: + type: boolean + description: | + Whether particular metering type is accounted against a customer's credit on a per scan basis. e.g Data belonging to "Flex" and "Infrequent" metering type is accounted for credits on per scan basis. For other metering types, eg. "Continuous" it's charged upfront during ingestion. + example: false + description: Estimated Usage details for the given log search query with the + above timerange. + LogSearchEstimatedUsageByViewDefinition: + allOf: + - $ref: '#/components/schemas/LogSearchEstimatedUsageRequestV3' + - required: + - estimatedUsageDetails + type: object + properties: + estimatedUsageDetails: + type: array + items: + $ref: '#/components/schemas/EstimatedUsageDetailsPerView' + EstimatedUsageDetailsPerView: + required: + - usageDetails + - viewName + type: object + properties: + viewName: + type: string + description: Name of the view for which usage is estimated. + usageDetails: + type: array + description: The scanning and data retrieval usages to run the query per + view. + items: + $ref: '#/components/schemas/EstimatedUsageDetailsWithMeteringType' + BulkLogSearchEstimatedUsageResponse: + required: + - data + type: object + properties: + data: + type: array + description: Array of estimated usage results corresponding to each input + query. + items: + $ref: '#/components/schemas/BulkLogSearchEstimatedUsageResponseItem' + BulkLogSearchEstimatedUsageResponseItem: + required: + - id + type: object + properties: + id: + type: string + description: Unique identifier matching the request query ID. + example: query-1 + estimatedUsageDetails: + type: array + description: Estimated usage details per metering type. Null if query estimation + failed. + items: + $ref: '#/components/schemas/EstimatedUsageDetailsWithMeteringType' + error: + $ref: '#/components/schemas/ErrorDescription' + BulkLogSearchEstimatedUsageRequest: + required: + - data + - timezone + type: object + properties: + data: + maxItems: 100 + minItems: 1 + type: array + description: Array of log search queries for estimated usage computation. + items: + $ref: '#/components/schemas/BulkLogSearchEstimatedUsageRequestItem' + emulateSearchContext: + $ref: '#/components/schemas/EmulateSearchContext' + timezone: + type: string + description: | + Time zone to get the estimated usage details. Follow the format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). + example: America/Los_Angeles + BulkLogSearchEstimatedUsageRequestItem: + allOf: + - $ref: '#/components/schemas/LogSearchQueryEstimationBaseDefinition' + - required: + - id + type: object + properties: + id: + maxLength: 64 + type: string + description: Unique identifier for the query to correlate request with + response. + example: query-1 + ScheduledSearchEstimatedUsageResponse: + type: object + properties: + scanEstimates: + type: array + description: Scan estimate detail for a particular tier. + items: + $ref: '#/components/schemas/ScanEstimateDetails' + ScanEstimateDetails: + type: object + properties: + tier: + type: string + description: Name of the tier for which usage is estimated. + example: Flex + perScanInBytes: + type: integer + description: "Amount of data scanned in bytes, to run the schedule search\ + \ once." + format: int64 + example: 114086541 + perDayInBytes: + type: integer + description: "Amount of data scanned in bytes, to run the schedule search\ + \ each day." + format: int64 + example: 3140865413 + perYearInBytes: + type: integer + description: "Amount of data scanned in bytes, to run the schedule search\ + \ each year." + format: int64 + example: 51408654155 + ScheduledSearchEstimatedUsageRequest: + required: + - queryString + - scheduleType + - timeRange + - timeZone + type: object + properties: + queryString: + maxLength: 15000 + type: string + description: The text of a logs search query. + example: "error {{sourceCategory}}| count by _sourceCategory" + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + cronSchedule: + type: string + description: "Cron-like expression specifying the search's schedule. Field\ + \ scheduleType must be set to \"Custom\", otherwise, scheduleType takes\ + \ precedence over cronSchedule." + example: 0 0/15 * * * ? * + scheduleType: + pattern: ^(RealTime|15Minutes|1Hour|2Hours|4Hours|6Hours|8Hours|12Hours|1Day|1Week|Custom)$ + type: string + description: |- + Run schedule of the scheduled search. Set to "Custom" to specify the schedule with a CRON expression. Please note that with Custom, 1Day and 1Week schedule types you need to provide the corresponding cron expression to determine when to actually run the search. e.g. Sample Valid Cron for 1Day is "0 0 16 ? * 2-6 *". Possible schedule types are: + - `RealTime` + - `15Minutes` + - `1Hour` + - `2Hours` + - `4Hours` + - `6Hours` + - `8Hours` + - `12Hours` + - `1Day` + - `1Week` + - `Custom` + x-pattern-message: "must be one of the following: `RealTime`, `15Minutes`,\ + \ `1Hour`, `2Hours`, `4Hours`, `6Hours`, `8Hours`, `12Hours`, `1Day`,\ + \ `1Week`, `Custom`" + byReceiptTime: + type: boolean + description: "Set it to true to run the search using receipt time. By default,\ + \ searches do not run by receipt time." + default: false + queryParameters: + type: array + description: An array of search query parameter objects. + items: + $ref: '#/components/schemas/QueryParameterSyncDefinition' + timeZone: + type: string + description: "Time zone identifier for the estimates. Follow the format\ + \ in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + PaginatedDashboards: + required: + - dashboards + type: object + properties: + dashboards: + type: array + description: List of dashboards. + items: + $ref: '#/components/schemas/Dashboard' + next: + type: string + description: Next continuation token. `next` is set to null when no more + pages are left. + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + Dashboard: + allOf: + - $ref: '#/components/schemas/DashboardRequest' + - type: object + properties: + id: + type: string + description: | + Unique identifier for the dashboard. This id is used to get detailed information about the dashboard, such as panels, variables and the layout. + example: B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2 + contentId: + type: string + description: | + Content identifier for the dashboard. This id is used to connect to the Sumo Content Library and get general metadata about the dashboard. Use this id if you want to search for dashboards in Sumo folders. + example: "1" + scheduleId: + type: string + description: | + Scheduled report identifier for the dashboard. Only most recently modified report schedule is rerun per dashboard. This id is used to manage the schedule details through the scheduled report API. + example: RdQHYPh2jxoS90DXtKfA7nAJV2rsQ9BncpfY7IkjNzQWi52ug85W7r6Rrmtd + scheduleCount: + type: integer + description: Count of report schedules for the dashboard. + format: int32 + example: 10 + DashboardRequest: + required: + - timeRange + - title + type: object + properties: + title: + maxLength: 255 + minLength: 1 + type: string + description: Title of the dashboard. + example: Kubernetes Dashboard + description: + type: string + description: Description of the dashboard. + example: "A view of pods, namespaces and nodes of your cluster." + folderId: + type: string + description: | + The identifier of the folder to save the dashboard in. By default it is saved in your personal folder. + example: 000000000C1C17C6 + topologyLabelMap: + $ref: '#/components/schemas/TopologyLabelMap' + domain: + type: string + description: "If set denotes that the dashboard concerns a given domain\ + \ (e.g. `aws`, `k8s`, `app`)." + example: aws + default: "" + hierarchies: + maxItems: 20 + type: array + description: If set to non-empty array denotes that the dashboard concerns + given hierarchies. + example: + - Kubernetes Node View + items: + type: string + default: [] + refreshInterval: + type: integer + description: | + Interval of time (in seconds) to automatically refresh the dashboard. A value of 0 means we never automatically refresh the dashboard. Allowed values are `0`, `30`, `60`, `120`, `300`, `900`, `1800`, `3600`, `7200`, `86400`. + format: int32 + example: 30 + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + panels: + type: array + description: Panels in the dashboard. + items: + $ref: '#/components/schemas/Panel' + layout: + $ref: '#/components/schemas/Layout' + variables: + type: array + description: Variables to apply to the panels. + items: + $ref: '#/components/schemas/Variable' + theme: + pattern: ^(light|dark|Light|Dark)$ + type: string + description: Theme for the dashboard. Either `Light` or `Dark`. + example: light + default: Light + x-pattern-message: "Must be `Light`, or `Dark`" + isPublic: + type: boolean + description: Is the dashboard public + default: false + highlightViolations: + type: boolean + description: Whether to highlight threshold violations. + default: false + organizations: + $ref: '#/components/schemas/Organizations' + Organizations: + type: object + properties: + defaultOrgIds: + type: array + description: The default list of organization IDs to run the dashboard by + items: + $ref: '#/components/schemas/OrgId' + description: The organization details to run the dashboard by + OrgId: + maxLength: 23 + minLength: 19 + type: string + description: The unique identifier of an organization. It consists of the deployment + ID and the hexadecimal account ID separated by a dash `-` character. + example: us2-00000000FF42A0C3 + PublicDashboard: + allOf: + - $ref: '#/components/schemas/Dashboard' + - type: object + properties: + dashboardPolicy: + $ref: '#/components/schemas/DashboardPolicy' + DashboardPolicy: + type: object + properties: + dashboardAutoRefresh: + type: object + properties: + minRefreshInterval: + type: integer + format: int32 + example: 30 + description: Dashboard Auto-Refresh policy settings. + dashboardAutoRun: + type: object + properties: + enabled: + type: boolean + example: true + description: Dashboard Auto-Run policy settings. + description: dashboard policy settings. + DashboardMigrationRequest: + required: + - contentIds + type: object + properties: + contentIds: + maxItems: 50 + type: array + description: Content identifiers of the Legacy dashboards. + items: + type: string + description: Content identifier of the Legacy dashboard. + example: 00000000000001C8 + MigrationPreviewResponse: + required: + - count + type: object + properties: + count: + type: integer + description: Count of dashboards to be migrated. + example: 5 + description: Preview of the dashboard migration. + DashboardMigrationResult: + required: + - data + - status + type: object + properties: + data: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: | + A mapping of Legacy Dashboard Content Ids to migrated Dashboard(New) Content Ids. Only successful migration are shown here, see errors field for failed migrations and the failure reason. + example: + "1": 64 + richData: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/MigratedDashboardInfo' + description: | + A mapping of Legacy Dashboard Content Ids to migrated Dashboard(New) info. Only successful migration are shown here, see errors field for failed migrations and the failure reason. + status: + $ref: '#/components/schemas/DashboardMigrationStatus' + errors: + maxProperties: 1000 + type: object + additionalProperties: + type: array + items: + $ref: '#/components/schemas/ErrorDescription' + description: A mapping of Legacy Dashboards Content Identifiers that failed + validation to the failure reason(s). + warnings: + maxProperties: 1000 + type: object + additionalProperties: + type: array + items: + $ref: '#/components/schemas/ErrorDescription' + description: A mapping of Legacy Dashboards Content Identifiers to warnings. + MigratedDashboardInfo: + required: + - id + - name + type: object + properties: + id: + type: string + description: The id of the Dashboard(New) + example: jgiJLiFP9dX6YdNG0u9t0yqUVOF0iIlNcX0usw2Uy6g8BYTgBj0vYVeiRjRj + name: + type: string + description: The name of the Dashboard(New) + example: New Dashboard + DashboardMigrationStatus: + required: + - failedCount + - successCount + - totalCount + type: object + properties: + successCount: + type: integer + description: A successful migration to Dashboard(New). + example: 3 + failedCount: + type: integer + description: A failed migration to Dashboard(New). + example: 1 + totalCount: + type: integer + description: The total number of Legacy Dashboards to migrate. + example: 10 + PaginatedReportSchedules: + required: + - reportSchedules + type: object + properties: + reportSchedules: + type: array + description: List of dashboard report schedules. + items: + $ref: '#/components/schemas/ReportSchedule' + next: + type: string + description: Next continuation token. `token` is set to null when no more + pages are left. + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + ReportSchedule: + allOf: + - $ref: '#/components/schemas/ReportScheduleRequest' + - type: object + properties: + scheduleId: + type: string + description: Identifier of the dashboard report schedule. + example: RdQHYPh2jxoS90DXtKfA7nAJV2rsQ9BncpfY7IkjNzQWi52ug85W7r6Rrmtd + ReportScheduleRequest: + required: + - dashboardId + - emailNotification + - reportFormat + - scheduleType + - timeZone + type: object + properties: + dashboardId: + type: string + description: Identifier of dashboard the schedule will generate report for. + example: B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2 + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + variableValues: + $ref: '#/components/schemas/VariablesValuesData' + reportFormat: + pattern: ^(Pdf|Png)$ + type: string + description: File format of the report. Can be `Pdf` or `Png`. `Pdf` is + portable document format. `Png` is portable graphics image format. + example: Pdf + x-pattern-message: "should be one of the following: 'Pdf', 'Png'" + scheduleType: + type: string + description: |- + Run schedule of the scheduled report. Set to "Custom" to specify the schedule with a CRON expression. Possible schedule types are: + - `RealTime` + - `15Minutes` + - `1Hour` + - `2Hours` + - `4Hours` + - `6Hours` + - `8Hours` + - `12Hours` + - `1Day` + - `1Week` + - `Custom` + example: 1Day + cronExpression: + type: string + description: "Cron-like expression specifying the report's schedule. Field\ + \ scheduleType must be set to \"Custom\", otherwise, scheduleType takes\ + \ precedence over cronExpression." + example: 0 0/15 * * * ? * + timeZone: + maxLength: 1024 + minLength: 1 + type: string + description: "Time zone identifier for time specification. Either an abbreviation\ + \ such as \"PST\", a full name such as \"America/Los_Angeles\", or a custom\ + \ ID such as \"GMT-8:00\". Note that the support of abbreviations is for\ + \ JDK 1.1.x compatibility only and full names should be used." + example: America/Los_Angeles + emailNotification: + $ref: '#/components/schemas/Email' + isActive: + type: boolean + description: Is the dashboard report schedule active + default: true + PaginatedMetricsSearches: + required: + - metricsSearches + type: object + properties: + metricsSearches: + type: array + description: List of metrics search pages. + items: + $ref: '#/components/schemas/MetricsSearchResponse' + next: + type: string + description: Next continuation token. `token` is set to null when no more + pages are left. + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + MetricsSearchResponse: + allOf: + - $ref: '#/components/schemas/MetricsSearchRequest' + - type: object + properties: + id: + type: string + description: Unique identifier for the metrics search page. + example: B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2 + MetricsSearchRequest: + allOf: + - $ref: '#/components/schemas/MetricsSearch' + - type: object + properties: + folderId: + type: string + description: | + The identifier of the folder to save the metrics search in. By default it is saved in your personal folder. + example: 000000000C1C17C6 + MetricsSearch: + required: + - queries + - timeRange + - title + type: object + properties: + title: + maxLength: 255 + minLength: 1 + pattern: ^\s*\S.*$ + type: string + description: Title of the metrics search page. + x-pattern-message: must contain at least 1 non-whitespace character + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + description: + type: string + description: Description of the metrics search page. + queries: + type: array + description: Queries of the metrics search page. + items: + $ref: '#/components/schemas/Query' + visualSettings: + type: string + description: Visual settings of the metrics search page. + MonitorUsageInfo: + type: array + description: The usage info of logs and metrics monitors. + items: + $ref: '#/components/schemas/MonitorUsage' + MonitorUsage: + properties: + monitorType: + type: string + description: The type of monitor usage info (Logs or Metrics). + example: Logs + enum: + - Logs + - Metrics + usage: + type: integer + description: Current number of active Logs/Metrics monitors. + example: 100 + limit: + type: integer + description: The limit of active Logs/Metrics monitors. + example: 100 + total: + type: integer + description: The total number of monitors created. (Including both active + and disabled Logs/Metrics monitors) + example: 100 + description: The usage info of monitors. + QueriesParametersResult: + type: object + properties: + isValid: + type: boolean + description: Whether or not if queries are valid. + example: false + errors: + type: array + description: Error messages from validation. + example: + - "Field fieldName not found, please check the spelling and try again." + items: + type: string + default: [] + logsOutlier: + $ref: '#/components/schemas/LogsOutlier' + metricsOutlier: + $ref: '#/components/schemas/MetricsOutlier' + description: Queries validation and extracted parameters result. + LogsOutlier: + type: object + properties: + trimmedQuery: + type: string + description: The query string after trimming out the outlier clause. + example: _sourceCategory=search error | timeslice 1m | count by _timeslice + window: + type: integer + description: Sets the trailing number of data points to calculate mean and + sigma. + format: int64 + example: 15 + default: 10 + consecutive: + type: integer + description: Sets the required number of consecutive indicator data points + (outliers) to trigger a violation. + format: int64 + example: 3 + default: 1 + direction: + $ref: '#/components/schemas/OutlierDirection' + threshold: + type: number + description: Sets the number of standard deviations for calculating violations. + format: double + example: 10.0 + default: 3.0 + field: + type: string + description: The name of the field that the trigger condition will alert + on. + example: _count + description: The parameters extracted from the logs outlier query. + OutlierDirection: + type: string + description: |- + Specifies which direction should trigger violations. Valid values: + 1. `Both`: Both positive and negative deviations + 2. `Up`: Positive deviations only + 3. `Down`: Negative deviations only + example: "Up" pattern: "^(Both|Up|Down)$" default: "Both" x-pattern-message: "should be one of the following: 'Both', 'Up', 'Down'" + MetricsOutlier: + type: object + properties: + trimmedQuery: + type: string + description: The query string after trimming out the outlier clause. + example: _sourceHost=prod-search-1 metric=CPU_User + baselineWindow: + type: string + description: The time range used to compute the baseline. + example: 10m + default: 5m + baselineTimeRangeWindow: + $ref: '#/components/schemas/ResolvableTimeRange' + direction: + $ref: '#/components/schemas/OutlierDirection' + threshold: + type: number + description: How much should the indicator be different from the baseline + for each datapoint. + format: double + example: 10.0 + default: 3.0 + description: The parameters extracted from the metrics outlier query. + MonitorQueries: + required: + - monitorType + - queries + - timeRange + type: object + properties: + monitorType: + pattern: ^(Logs|Metrics)$ + type: string + description: |- + The type of monitor. Valid values: + 1. `Logs`: A logs query monitor. + 2. `Metrics`: A metrics query monitor. + example: Logs + x-pattern-message: should be either 'Logs' or 'Metrics' + timeRange: + type: string + description: "The relative time range of the monitor. Valid values of time\ + \ ranges are `5m`, `10m`, `15m`, `30m`, `1h`, `3h`, `6h`, `12h`, or `24h`." + example: 15m + queries: + type: array + description: Queries to be validated. + items: + $ref: '#/components/schemas/UnvalidatedMonitorQuery' + description: Queries to be validated. + UnvalidatedMonitorQuery: + required: + - query + - rowId + type: object + properties: + rowId: + type: string + description: "The unique identifier of the row. Defaults to sequential capital\ + \ letters, `A`, `B`, `C`, etc." + example: A + query: + type: string + description: The logs or metrics query that defines the stream of data the + monitor runs on. + example: "_sourceCategory=search error | timeslice 1m | count by _timeslice\ + \ | outlier _count window=5,threshold=3,consecutive=2,direction=+" + description: A search query. + SeriesData: + required: + - dataPoints + - name + - seriesAxisRange + type: object + properties: + name: + type: string + description: Name of the series. + example: monitor-manager-cpu-1 + dataPoints: + type: array + description: Data points of the series. + items: + $ref: '#/components/schemas/DataPoint' + seriesAxisRange: + $ref: '#/components/schemas/SeriesAxisRange' + aggregateInfo: + $ref: '#/components/schemas/VisualAggregateData' + seriesMetadata: + $ref: '#/components/schemas/SeriesMetadata' + description: The data for visualizing monitor chart. + DataPoint: + type: object + properties: + dataPointType: + pattern: ^(OutlierSeriesData|StaticSeriesData)$ + type: string + description: Type of the data point. + example: OutlierSeriesData + description: Data for visualizing monitor chart. + discriminator: + propertyName: dataPointType + mapping: + OutlierSeriesData: '#/components/schemas/OutlierSeriesDataPoint' + StaticSeriesData: '#/components/schemas/StaticSeriesDataPoint' + OutlierDataValue: + type: object + properties: + baseline: + $ref: '#/components/schemas/OutlierBound' + critical: + $ref: '#/components/schemas/OutlierBound' + warning: + $ref: '#/components/schemas/OutlierBound' + value: + type: number + description: The value of outlier data point. + format: double + example: 70.0 + violation: + pattern: ^(CriticalUpperViolation|CriticalLowerViolation|WarningUpperViolation|WarningLowerViolation|NoViolation)$ + type: string + description: The type of violation. + example: CriticalUpperViolation + x-pattern-message: "should be one of the following: 'CriticalUpperViolation',\ + \ 'CriticalLowerViolation', 'WarningUpperViolation', 'WarningLowerViolation',\ + \ 'NoViolation'" + description: Data value and bounds of outlier data point. + OutlierBound: + type: object + properties: + lower: + type: number + description: Lower bond value. + format: double + example: 50.0 + upper: + type: number + description: Upper bond value. + format: double + example: 100.0 + description: The upper and lower bound of outlier/baseline. + SeriesAxisRange: + type: object + properties: + x: + $ref: '#/components/schemas/AxisRange' + "y": + $ref: '#/components/schemas/AxisRange' + description: The axis limitation for chart data. + AxisRange: + type: object + properties: + min: + type: integer + description: minimum limit of x or y axis. + format: int64 + example: 50 + max: + type: integer + description: maximum limit of x or y axis. + format: int64 + example: 100 + description: "The min and max of the x,y axis of the monitor chart." + SeriesMetadata: + type: object + properties: + rowId: + type: string + description: Row ID of the query this time series belongs to. + example: A + dimensions: + type: array + description: Dimensions for the time series. + items: + $ref: '#/components/schemas/DimensionKeyValue' + description: The metadata of time series for chart. + DimensionKeyValue: + type: object + properties: + key: + type: string + description: The key of the metric dimension. + example: region + value: + type: string + description: The value of the metric dimension. + example: us-east-1 + description: The key and value pair for each metric dimension. + MonitorQuery: + required: + - query + - rowId + type: object + properties: + rowId: + type: string + description: "The unique identifier of the row. Defaults to sequential capital\ + \ letters, `A`, `B`, `C`, etc." + example: A + query: + type: string + description: The logs or metrics query that defines the stream of data the + monitor runs on. + example: _sourceCategory=search error + description: A search query. + LogSearchQuery: + required: + - queryString + type: object + properties: + queryString: + type: string + description: Query string for which to get log fields. + example: _sourceCategory=service + description: Query for which to get log fields. + GroupFieldsResponse: + required: + - groupFields + - isQueryAggregate + type: object + properties: + groupFields: + type: array + description: List of group fields + items: + type: string + isQueryAggregate: + type: boolean + description: Whether or not the queries are aggregate. + example: false + default: false + description: Group fields for the monitor + GroupFieldsRequest: + required: + - monitorType + - queries + type: object + properties: + queries: + uniqueItems: true + type: array + description: All queries from the monitor. + items: + $ref: '#/components/schemas/MonitorQuery' + monitorType: + pattern: ^(Logs|Metrics)$ + type: string + description: |- + The type of monitor. Valid values: + 1. `Logs`: A logs query monitor. + 2. `Metrics`: A metrics query monitor. + example: Logs + description: Monitor type and queries + DisableMonitorResponse: + type: object + properties: + monitors: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/MonitorsLibraryMonitorResponse' + description: A map between an identifier and its monitor. + warnings: + type: array + description: Warnings from the operation. + items: + $ref: '#/components/schemas/DisableMonitorWarning' + description: Response for disabling monitors. + DisableMonitorWarning: + type: object + properties: + code: + type: string + description: A code for the warning message. + example: content:not_found + message: + type: string + description: A short message with details about the warning. + example: Monitor id=0000000000000001 not found. + description: Warning object from the operation providing details such as when + a given monitor to disable does not exist. + MonitorSubscriptionsListResponse: + required: + - exhaustive + - subscriptions + type: object + properties: + subscriptions: + type: array + description: List of existing subscriptions. + items: + $ref: '#/components/schemas/MonitorSubscription' + exhaustive: + type: boolean + description: "If true, the list contains all existing subscriptions." + example: true + description: List of existing subscriptions. + MonitorSubscription: + type: object + properties: + targetId: + type: string + description: The id of the subscription target. It can be either a monitor + or a folder id. + example: 000000000000676F + description: The monitor subscription. Alerts can be filtered by a monitor subscription + status. + MonitorSubscriptionsTargetsInput: + maxItems: 100 + minItems: 1 + type: array + description: Input array with ids of monitors or monitor folders. + items: + type: string + MonitorSubscriptionsStatus: + required: + - status + - targetId + type: object + properties: + targetId: + type: string + description: Id of the subscription target. + example: 000000000000676F + status: + pattern: ^(Subscribed|SubscribedByAncestor|NotSubscribed)$ + type: string + description: Status of the subscription. + example: Subscribed + x-pattern-message: "should be one of the following: 'Subscribed', 'SubscribedByAncestor',\ + \ 'NotSubscribed'" + description: Subscription status of the element. + MutingInformationResponse: + required: + - isMuted + type: object + properties: + id: + type: string + description: Identifier of the monitor. + example: "0000000000000001" + isMuted: + type: boolean + description: Flag to indicate the monitor muted or not. + example: true + default: false + mutingEndTime: + type: integer + description: Timestamp in Epoch that this monitor is currently muted until. + format: int64 + example: 1678084636 + mutingSchedules: + type: array + description: Array of muting schedules that this monitor is associated with. + items: + $ref: '#/components/schemas/MutingScheduleResponse' + adhocMuting: + $ref: '#/components/schemas/AdhocMutingResponse' + description: Muting information fields for the monitor. + MutingScheduleResponse: + required: + - id + type: object + properties: + id: + type: string + description: Id of the muting schedule in hex. + example: 000000000000676F + description: Muting information fields for the monitor. + AdhocMutingResponse: + required: + - startTime + type: object + properties: + startTime: + type: integer + description: Start time of adhoc muting period in Epoch. + format: int64 + example: 1678118000 + endTime: + type: integer + description: "End time of the adhoc muting period in Epoch.If muting indefinitely,\ + \ this will be empty." + format: int64 + example: 1678118025 + description: Muting information fields for the monitor. + IdToMutingInformationResponseMap: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/MutingInformationResponse' + DataPointCount: + required: + - count + type: object + properties: + count: + type: integer + description: The number of data points + format: int32 + example: 20 + description: The number of anomaly data points in the monitor window. + AnomalyDataPointsCountRequest: + required: + - queries + - relativeTimeRange + type: object + properties: + relativeTimeRange: + type: string + description: "The relative time range of the monitor. Valid values of time\ + \ ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`, `-12h`,\ + \ or `-24h`." + example: -15m + queries: + uniqueItems: true + type: array + description: All queries from the monitor. + items: + $ref: '#/components/schemas/MonitorQuery' + monitorType: + pattern: ^(Logs|Metrics)$ + type: string + description: The type of anomaly monitor (Logs or Metrics). + default: Logs + x-pattern-message: should be either 'Logs' or 'Metrics' + description: Monitor query and time range to calculate the number of data points. + MonitorGroupInfo: + type: object + properties: + keys: + type: array + description: The monitor group keys. + example: + - _host + - _sourceCategory + items: + type: string + description: The monitor group key info for all monitors. + MonitorScanEstimatesResponse: + type: object + properties: + scanEstimates: + type: array + description: array of scan estimates + items: + $ref: '#/components/schemas/TierEstimate' + description: Monitor scan estimates + TierEstimate: + type: object + properties: + tier: + type: string + description: Name of the data tier + example: Flex + perScanInBytes: + type: integer + description: estimate data scanned per monitor scan in bytes + format: int64 + perDayInBytes: + type: integer + description: estimate data scanned per day in bytes + format: int64 + perYearInBytes: + type: integer + description: estimate data scanned per year in bytes + format: int64 + trainingScanInBytes: + type: integer + description: one-time scan for log anomaly monitor + format: int64 + description: estimate for a tier + MonitorScanEstimatesRequest: + required: + - query + - timezone + - triggers + type: object + properties: + query: + maxLength: 15000 + type: string + description: The logs query that defines the stream of data the monitor + runs on. + example: _sourceCategory=remix + triggers: + type: array + description: Defines the conditions of when to send notifications. + items: + $ref: '#/components/schemas/TriggerCondition' + timezone: + type: string + description: "Time zone for the monitor [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + description: Request object to get monitor scan estimates + MonitorPlaybooksList: + type: array + description: The list of monitor playbooks. + items: + $ref: '#/components/schemas/MonitorPlaybook' + MonitorPlaybook: + required: + - description + - name + - playbookId + - type + - versionId + type: object + properties: + description: + type: string + description: The description of the monitor playbook. + example:

30 Seconds API Will Take To Respond

+ playbookId: + type: string + description: The id of the playbook. + example: "1" + name: + type: string + description: The name of the playbook. + example: Test + versionId: + type: string + description: The version id of the playbook. + example: "1" + type: + type: string + description: The type of the playbook. + example: Analytics + description: The single monitor playbook. + MonitorContentSyncDefinition: + required: + - name + - type + type: object + properties: + type: + type: string + description: "The type of the item. Valid values are `MonitorFolderDefinition`,\ + \ `MonitorWithDependenciesDefinition`." + name: + type: string + description: The name of the item. + discriminator: + propertyName: type + NextInstancesResponse: + type: object + properties: + nextInstances: + type: array + description: list of next instances in epoch + items: + type: integer + description: epoch in millisecond + format: int64 + example: 1689119100000 + NextInstancesRequest: + required: + - rrule + - startDate + - startTime + - timezone + type: object + properties: + timezone: + type: string + description: "Time zone for the schedule per [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + startDate: + type: string + description: Schedule start date in the format of `yyyy-mm-dd` + startTime: + type: string + description: Schedule start time in the format of `hh:mm` + rrule: + type: string + description: RRule (Recurrence Rule) + ListAlertsLibraryAlertResponse: + type: array + description: List of Alerts. + items: + $ref: '#/components/schemas/AlertsLibraryAlertResponse' + RelatedAlertsLibraryAlertResponse: + type: object + properties: + data: + type: array + description: All alerts related to the given alert and their relationship + tags. + items: + $ref: '#/components/schemas/RelatedAlert' + description: List of related Alerts. + RelatedAlert: + type: object + properties: + alert: + $ref: '#/components/schemas/AlertsLibraryAlertResponse' + relations: + type: array + description: Tags describing the relationship between the two alerts. + items: + $ref: '#/components/schemas/RelationTypeTag' + description: An alert and how it is related to the given alert + RelationTypeTag: + pattern: ^(Time|Entity)$ + type: string + description: |- + The nature of the relationship between alerts. Valid values: + 1. `Time`: Alerts are related by their time of creation. + 2. `Entity`: Alerts are related by the entities linked to their queries. + example: Time + x-pattern-message: should be either 'Time' or 'Entity' + AlertsListPageResponse: + type: object + properties: + data: + type: array + description: List of alerts summaries. + items: + $ref: '#/components/schemas/AlertsListPageObject' + description: List of Alert list page objects. + AlertsListPageObject: + type: object + properties: + id: + type: string + description: Identifier of the alert. + example: 000000000000000A + name: + type: string + description: Name of the alert. + example: CPU Total above 90 + severity: + pattern: ^(Critical|Warning|MissingData)$ + type: string + description: |- + The severity of the Alert. Valid values: + 1. `Critical` + 2. `Warning` + 3. `MissingData` + example: Warning + x-pattern-message: "should be either 'Critical', 'Warning' or 'MissingData'" + status: + pattern: ^(Active|Resolved)$ + type: string + description: |- + The status of the Alert. Valid values: + 1. `Active` + 2. `Resolved` + example: Active + x-pattern-message: should be either 'Active' or 'Resolved' + entitiesInfo: + type: array + description: | + List of AlertEntityInfo for primary entities. The primary entity is the most concrete entity (e.g. k8s container) that can be assigned per time series or log group, secondary entities are the less specific ones (e.g. k8s cluster or EC2 host). + items: + $ref: '#/components/schemas/AlertEntityInfo' + secondaryEntitiesInfo: + type: array + description: | + List of secondary AlertEntityInfo for primary entities. Primary/secondary entities are explained in description for `entitiesInfo`. + items: + $ref: '#/components/schemas/AlertEntityInfo' + violationCount: + type: string + description: The number of unique result groups that have met the alert + condition. + example: "2" + lastViolation: + type: string + description: The condition from the last alert violation. + example: greater than 90.0 for all of the last 5 minutes + duration: + type: string + description: The current duration of the alert. + example: 2 hours + createdAt: + type: string + description: The creation time of the alert. + example: "11:11 AM August 25, 2021" + lastUpdated: + type: string + description: The time when this alert was updated with the most recent violation. + example: "1:11 PM August 25, 2021" + isMuted: + type: boolean + description: True if the ARP was created while the monitor was muted + example: true + default: false + description: Alert list page object. + AlertChartDataResult: + required: + - metadata + - series + type: object + properties: + series: + type: array + description: List of time series of the alert chart data. + items: + $ref: '#/components/schemas/SeriesData' + metadata: + $ref: '#/components/schemas/AlertChartMetadata' + description: Response for alert response chart data visualization. + AlertChartMetadata: + type: object + properties: + abnormalityStartTime: + type: integer + description: The time stamp at which abnomarlity started. + format: int64 + example: 1630017549842 + abnormalityEndTime: + type: integer + description: The time stamp at which abnomarlity ended. + format: int64 + example: 1630017549842 + evaluationDelay: + type: integer + description: The delay duration for evaluating the monitor (relative to + current time). The timerange of monitor will be shifted in the past by + this delay time. + format: int64 + example: 1630017549842 + alertCreatedAt: + type: integer + description: The time stamp at which the alert response page is created. + format: int64 + example: 1630017549842 + alertResolvedAt: + type: integer + description: The time stamp at which the alert response page is resolved. + format: int64 + example: 1630017549842 + description: The metadata timestamps of alert chart data + ActiveCount: + type: integer + description: The number of currently active alerts. + format: int32 + example: 205 + PlaybookExecutionResponse: + type: object + properties: + runningId: + type: string + description: The id of the playbook which is running. + playbookExecutedId: + type: string + description: The id of the playbook when it is executed. + description: The response for executing the playbook. + PlaybookExecutionParameters: + required: + - alertId + - playbookId + type: object + properties: + playbookId: + type: string + description: The id of the playbook which needs to run. + example: "1" + alertId: + type: string + description: The alert id which needs to run the playbook. + description: The parameters for executing the playbook. + PlaybookRunningResultList: + type: array + items: + $ref: '#/components/schemas/PlaybookRunningResult' + PlaybookRunningResult: + required: + - id + - isChild + - name + - playbookId + - status + - statusCode + type: object + properties: + startDate: + type: string + description: The running start date time of the playbook. + format: date-time + example: 2018-10-16T09:10:00Z + endDate: + type: string + description: The running end date time of the playbook. + format: date-time + example: 2018-10-16T09:10:00Z + id: + type: string + description: The id of the playbook running. + playbookId: + type: string + description: The id of the playbook. + isChild: + type: boolean + description: The isChild of other playbook. + default: false + name: + type: string + description: The name of the playbook running. + status: + type: string + description: The status of the playbook running. + statusCode: + type: integer + description: The status code of the playbook running. + format: int32 + example: 200 + PlaybookRunningListRequest: + required: + - alertId + type: object + properties: + alertId: + type: string + description: The alert id. + example: "0000000000000001" + description: The request parameters for getting all running playbooks' status. + CompliancePeriodRef: + required: + - complianceRefType + type: object + properties: + complianceRefType: + pattern: ^(Relative)$ + type: string + description: Type of reference to the compliance period. Must be `Relative`. + example: Relative + x-pattern-message: Must be `Relative` + relativeShift: + type: integer + description: Relative shift of compliance period from the latest/current + compliance period. + example: -1 + description: Reference to the compliance period of the SLO. + DashboardSearchResult: + required: + - axes + - series + - status + type: object + properties: + status: + $ref: '#/components/schemas/DashboardSearchStatus' + axes: + $ref: '#/components/schemas/VisualDataAxes' + series: + type: array + description: The series returned from a search. + items: + $ref: '#/components/schemas/VisualDataSeries' + errors: + type: array + description: Errors returned by backend. + items: + $ref: '#/components/schemas/ErrorDescription' + timeRange: + $ref: '#/components/schemas/BeginBoundedTimeRange' + requestToken: + type: string + description: A user-generated string to uniquely identify the search request. + This field can be safely ignored if you don't intend to identify a search + request. + fieldOrdering: + type: array + description: | + The expected ordering of the column fields in tabular format. If null or empty, the ordering is unknown or indeterminate. + example: + - _timeslice + - _sourceHost + items: + type: string + infrequentScannedBytes: + type: number + description: The total number of scanned bytes from infrequent tier data + for the query in bytes. + format: int64 + example: 350000 + scannedBytes: + $ref: '#/components/schemas/ScannedBytes' + backfillPercent: + type: number + description: The backfill percentage of a continuous query. + format: float + DashboardSearchStatus: + required: + - state + type: object + properties: + state: + type: string + description: Current state of the search. + percentCompleted: + maximum: 100 + minimum: 0 + type: integer + description: Percentage of search completed. + format: int32 + VisualDataAxes: + required: + - x + - "y" + type: object + properties: + x: + type: array + description: The data of the primary x axis. + items: + $ref: '#/components/schemas/VisualAxisData' + "y": + type: array + description: The data of the primary y axis. + items: + $ref: '#/components/schemas/VisualAxisData' + x2: + type: array + description: The data of the secondary x axis. + items: + $ref: '#/components/schemas/VisualAxisData' + y2: + type: array + description: The data of the secondary y axis. + items: + $ref: '#/components/schemas/VisualAxisData' + VisualAxisData: + type: object + properties: + index: + type: integer + description: The value of the axis labels. + format: int32 + example: 0 + VisualDataSeries: + required: + - dataPoints + - name + - queryId + type: object + properties: + queryId: + type: string + description: The id of the query. + example: A + name: + type: string + description: | + The meaning of 'name' depends on the series type. + - For results of type 'timeseries', it is the value of the 'metric' key. + - For results of type 'nontimeseries', it is the name of one of the fields that is not part of 'xAxisKeys'. + - For results of type 'table', it is the comma-separated string of names of all fields. + example: max(Disk_Used) + dataPoints: + type: array + description: A list of data points in the visual series. + items: + $ref: '#/components/schemas/VisualPointData' + aggregateInfo: + $ref: '#/components/schemas/VisualAggregateData' + metaData: + $ref: '#/components/schemas/VisualMetaData' + seriesType: + pattern: ^(timeseries|nontimeseries|table)$|^$ + type: string + description: Type of the visual series. + example: timeseries + xAxisKeys: + type: array + description: Keys that will be plotted as a point on the x axis. + example: + - _sourceCategory + - _sourceHost + items: + type: string + valueType: + type: string + description: Value that represents if the series values are String or Double + example: Double + source: + pattern: ^(Logs|Metrics)$|^$ + type: string + description: Source of the visual series. + example: Logs + xAxisKeyTypes: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Keys that will be plotted as a point on the x axis and their + data type + example: + _sourceCategory: String + default: {} + queryInfo: + $ref: '#/components/schemas/MetricsQueryResultInfo' + VisualPointData: + required: + - "y" + type: object + properties: + x: + type: number + description: Value that represents a point on the x axis. + format: double + example: 1.0 + "y": + type: string + description: Value that represents a point on the y axis. + example: "12.3" + isFilled: + type: boolean + description: Whether the field is interpolated or extrapolated - not derived + from underlying data. + example: false + default: false + xAxisValues: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Values that represents a point on the x axis. + example: + _sourceCategory: collector + _collector: stag-index-7 + default: {} + outlierData: + $ref: '#/components/schemas/VisualOutlierData' + VisualOutlierData: + required: + - baseline + - isOutlier + - lowerBound + - unit + - upperBound + type: object + properties: + baseline: + type: number + description: The estimated value of the data point. + format: double + example: 1.2 + unit: + type: number + description: The variation in the estimated value of the data point. + format: double + example: 5.6 + lowerBound: + type: number + description: The lower bound of the outlier band + format: double + example: 5.3 + upperBound: + type: number + description: The upper bound of the outlier band + format: double + example: 6.3 + isOutlier: + type: boolean + description: Indicates if the data point is outlier or not. + example: false + VisualAggregateData: + required: + - avg + - latest + - max + - min + - sum + type: object + properties: + max: + type: number + description: The maximum value in the series. + format: double + example: 10.0 + min: + type: number + description: The minimum value in the series. + format: double + example: 1.2 + avg: + type: number + description: The average value in the series. + format: double + example: 5.6 + sum: + type: number + description: The sum of all the values in the series. + format: double + example: 123.4 + latest: + type: number + description: The last value in the series. + format: double + example: 23.4 + count: + type: number + description: The number of values in the series. + format: double + example: 600 + VisualMetaData: + required: + - data + type: object + properties: + data: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: The value of the metadata. + example: + deployment: dev + cluster: frontend + instance: frontend-12 + default: {} + MetricsQueryResultInfo: + type: object + properties: + rowId: + type: string + description: Metrics Query row id. + resultContext: + $ref: '#/components/schemas/MetricsQueryResultContext' + ScannedBytes: + type: object + properties: + infrequent: + type: integer + description: The total number of scanned bytes from infrequent tier data + for the query in bytes. + format: int64 + example: 350000 + continuous: + type: integer + description: The total number of scanned bytes from continuous tier data + for the query in bytes. + format: int64 + example: 350000 + frequent: + type: integer + description: The total number of scanned bytes from frequent tier data for + the query in bytes. + format: int64 + example: 350000 + security: + type: integer + description: The total number of scanned bytes from security tier data for + the query in bytes. + format: int64 + example: 350000 + tracing: + type: integer + description: The total number of scanned bytes from tracing tier data for + the query in bytes. + format: int64 + example: 350000 + upfront: + type: integer + description: The total number of scanned bytes from upfront tier data for + the query in bytes. + format: int64 + example: 350000 + metered: + type: integer + description: The total number of scanned bytes from metered tier data for + the query in bytes. + format: int64 + example: 350000 + rce: + type: integer + description: The total number of scanned bytes from rce tier data for the + query in bytes. + format: int64 + example: 350000 + flex: + type: integer + description: The total number of scanned bytes from flex tier data for the + query in bytes. + format: int64 + example: 350000 + continuousSecurity: + type: integer + description: The total number of scanned bytes from continuous security + tier data for the query in bytes. + format: int64 + example: 350000 + flexSecurity: + type: integer + description: The total number of scanned bytes from flex security tier data + for the query in bytes. + format: int64 + example: 350000 + flexUpfront: + type: integer + description: The total number of scanned bytes from flex upfront tier data + for the query in bytes. + format: int64 + example: 350000 + flexMetered: + type: integer + description: The total number of scanned bytes from flex metered tier data + for the query in bytes. + format: int64 + example: 350000 + description: | + The total number of scanned bytes from tiered data sources (ex. infrequent, continuous, frequent). See https://help.sumologic.com/docs/manage/partitions-data-tiers/data-tiers/ for a more detailed explaination. + CompliancePeriods: + required: + - periods + - timezone + type: object + properties: + timezone: + type: string + description: "Time zone for the compliance periods as per the [IANA Time\ + \ Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + periods: + type: array + description: List of CompliancePeriodProgress. + items: + $ref: '#/components/schemas/CompliancePeriodProgress' + description: Compliance periods along with SLO data availability progress. + CompliancePeriodProgress: + required: + - endTime + - irrecoverableError + - progress + - relativeReference + - startTime + type: object + properties: + relativeReference: + type: integer + description: Relative shift of compliance period from the latest/current + compliance period. + example: -1 + startTime: + type: string + description: Start time of the compliance period. + format: date-time + example: 2018-10-16T09:10:00Z + endTime: + type: string + description: End time of the compliance period. + format: date-time + example: 2018-10-16T09:10:00Z + progress: + maximum: 100.0 + minimum: 0.0 + type: number + description: SLO data availability progress. + format: double + example: 50.0 + irrecoverableError: + type: boolean + description: Whether a permanent error is encountered and no further progress + is expected. + description: SLO data availability progress of a compliance period. + SliQueriesValidationResult: + type: object + properties: + isValid: + type: boolean + description: Whether or not if queries are valid. + example: false + message: + type: string + description: Message from validation. + example: "Field fieldName not found, please check the spelling and try again." + default: "" + description: Validation result for the SLI queries. + SliQueries: + required: + - queryGroup + - queryType + type: object + properties: + queryGroup: + $ref: '#/components/schemas/SliQueryGroup' + queryType: + pattern: ^(Logs|Metrics)$ + type: string + description: Type of queries for SLI (Logs/Metrics). + example: Logs + x-pattern-message: Must be `Logs` or `Metrics` + evaluationType: + pattern: ^(Window|Request|Monitor)$ + type: string + description: SLI evaluation type. + example: Window + x-pattern-message: Must be `Window` or `Request` or `Monitor` + windowSize: + type: string + description: Size of the SLI aggregation window (valid only for `Window` + evaluation type). + example: 15m + IdToSliStatusMap: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/SliStatus' + description: Map of SLO identifier to SliStatus object. + SliStatus: + required: + - status + type: object + properties: + status: + pattern: ^(Success|Error|InProgress)$ + type: string + description: Whether the SLI computation is complete / had an error / is + in progress. + example: Success + sliPercentage: + type: number + description: SLI percentage for the compliance period. Available if `status` + is `Success`. + format: double + example: 95.14 + errorBudgetRemainingPercentage: + type: number + description: Percentage of error budget remaining for the compliance period. + Available if `status` is `Success`. + format: double + absoluteErrorBudgetRemaining: + type: string + description: "Formatted string for the absolute error budget remaining (time\ + \ duration for window-based SLIs, request count for request-based SLIs).\ + \ Available if `status` is `Success`." + example: "1h56m, -3h45m, -241.3k req, 1.5k req" + progressPercentage: + type: number + description: SLI computation progress. + format: double + description: "Status of the SLI computation. If the status is successful, also\ + \ contains the SLI value and error budget remaining for the current compliance\ + \ period." + SloUsageInfo: + type: array + description: The usage info of logs and metrics SLOs. + items: + $ref: '#/components/schemas/SloUsage' + SloUsage: + properties: + sliType: + pattern: ^(Logs|Metrics|Monitors)$ + type: string + description: The type of SLO usage info (Logs/Metrics/Monitor based). + example: Logs + x-pattern-message: Either `Logs` or `Metrics` or `Monitors`. + usage: + type: integer + description: Current number of active Logs/Metrics/Monitors SLOs. + example: 100 + limit: + type: integer + description: The limit of active Logs/Metrics/Monitors SLOs. + example: 100 + description: The usage info of SLOs. + SloScanEstimatesResponse: + type: object + properties: + scanEstimates: + type: array + description: Scan estimates by data tier for the SLO configuration. + items: + $ref: '#/components/schemas/TierEstimate_1' + description: SLO scan estimates. + TierEstimate_1: + type: object + properties: + tier: + type: string + description: Name of the data tier + example: Flex + perDayInBytes: + type: integer + description: estimate data scanned per day in bytes + format: int64 + perYearInBytes: + type: integer + description: estimate data scanned per year in bytes + format: int64 + description: estimate for a tier + PasswordPolicy: + type: object + properties: + minLength: + maximum: 128 + minimum: 8 + type: integer + description: The minimum length of the password. + format: int32 + example: 8 + default: 8 + maxLength: + maximum: 128 + minimum: 128 + type: integer + description: The maximum length of the password. (Setting this to any value + other than 128 is no longer supported; this field may be deprecated in + the future.) + format: int32 + example: 128 + default: 128 + mustContainLowercase: + type: boolean + description: If the password must contain lower case characters. + example: true + default: true + mustContainUppercase: + type: boolean + description: If the password must contain upper case characters. + example: true + default: true + mustContainDigits: + type: boolean + description: If the password must contain digits. + example: true + default: true + mustContainSpecialChars: + type: boolean + description: If the password must contain special characters. + example: true + default: true + maxPasswordAgeInDays: + maximum: 365 + minimum: -1 + type: integer + description: Maximum number of days that a password can be used before user + is required to change it. Put -1 if the user should not have to change + their password. + format: int32 + example: 365 + default: 365 + minUniquePasswords: + maximum: 12 + minimum: 4 + type: integer + description: The minimum number of unique new passwords that a user must + use before an old password can be reused. + format: int32 + example: 10 + default: 10 + accountLockoutThreshold: + maximum: 10 + minimum: 3 + type: integer + description: Number of failed login attempts allowed before account is locked-out. + format: int32 + example: 6 + default: 6 + failedLoginResetDurationInMins: + maximum: 10 + minimum: 1 + type: integer + description: The duration of time in minutes that must elapse from the first + failed login attempt after which failed login count is reset to 0. + format: int32 + example: 10 + default: 10 + accountLockoutDurationInMins: + maximum: 120 + minimum: 30 + type: integer + description: The duration of time in minutes that a locked-out account remained + locked before getting unlocked automatically. + format: int32 + example: 30 + default: 30 + requireMfa: + type: boolean + description: "If MFA should be required to log in. By default, this field\ + \ is set to `false`." + example: false + default: false + rememberMfa: + type: boolean + description: If MFA should be remembered on the browser. + example: true + default: true + disallowWeakPasswords: + type: boolean + description: "If weak passwords should be disallowed. By default, this field\ + \ is set to `false`." + example: false + default: false + description: Password Policy + Path: + required: + - path + - pathItems + type: object + properties: + pathItems: + type: array + description: Elements of the path. + items: + $ref: '#/components/schemas/PathItem' + path: + type: string + description: String representation of the path. + PathItem: + required: + - id + - name + type: object + properties: + id: + type: string + description: Identifier of the path element. + name: + type: string + description: Name of the path element. + description: + type: string + description: Description of the path element. + ContentCopyParams: + required: + - parentId + type: object + properties: + parentId: + type: string + description: Identifier of the parent folder to copy to. + name: + type: string + description: Optionally provide a new name. + description: + type: string + description: Optionally provide a new description. + ConfidenceScoreResponse: + required: + - confidenceScore + type: object + properties: + confidenceScore: + type: string + description: List of confidence scores to the CSE Insights. + description: CSE insight confidence score. + CseInsightConfidenceRequest: + required: + - cseInsight + type: object + properties: + cseInsight: + type: string + description: List of CSE Insight Created logs for which the confidence score + should be calculated. + example: "\"[{\\\"timestamp\\\":\\\"1605562085024\\\",\\\"type\\\":\\\"\ + event\\\",\\\"name\\\":\\\"insight_closed\\\",\\\"tenant_hash\\\":\\\"\ + d130a603dea563686c911aa5d3f196881b1e6e7a\\\",\\\"created\\\":1605550459107,\\\ + \"id\\\":\\\"ef444d0e-b1f0-351e-aae6-b608d2a4769c\\\",\\\"insight_threshold\\\ + \":12,\\\"insight_lookback_days\\\":14,\\\"resolution\\\":\\\"Resolved\\\ + \",\\\"source\\\":\\\"RULE\\\",\\\"entity_id\\\":\\\"2254232b-d7b4-567b-b4ce-61466b79e491\\\ + \",\\\"entity_type\\\":\\\"username\\\",\\\"rule_ids\\\":[\\\"MATCH-U00018\\\ + \"],\\\"mitre_tactics\\\":[\\\"Initial Access\\\"],\\\"signals\\\":[{\\\ + \"rule_id\\\":\\\"MATCH-U00018\\\",\\\"mitre_tactic\\\":\\\"Initial Access\\\ + \",\\\"timestamp\\\":\\\"1605549391000\\\",\\\"name_hash\\\":\\\"091d66fc35b6ad361d7525238d37319b06ff0bd5\\\ + \",\\\"severity\\\":5,\\\"vendors\\\":[\\\"Proofpoint\\\"],\\\"products\\\ + \":[\\\"Targeted Attack Protection\\\"],\\\"vendor_products\\\":[\\\"\ + Proofpoint Targeted Attack Protection\\\"],\\\"object_types\\\":[\\\"\ + Email\\\"]}]}]\"" + description: CSE insight JSON object. + PaginatedListEndpoints: + required: + - data + type: object + properties: + data: + type: array + description: An array of endpoints. + items: + $ref: '#/components/schemas/EndpointResponse' + next: + type: string + description: Next continuation token. + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + description: List of open analytics endpoints. + EndpointResponse: + required: + - id + - inputSchema + - name + - outputSchema + - url + properties: + id: + type: string + description: Identifier of endpoint. + example: 00000000000001A5 + name: + type: string + description: Unique name of endpoint. + example: linear_regression + url: + type: string + description: Address of endpoint. + example: http://my-aws-lambda/linear-regression/predict + inputSchema: + type: string + description: Schema of the input table to endpoint. + example: "[]" + outputSchema: + type: string + description: Schema of the output table from endpoint. + example: "[]" + description: Endpoint response object. + EndpointDefinition: + required: + - headers + - inputSchema + - name + - outputSchema + - url + properties: + name: + type: string + description: Unique name of endpoint. + example: linear_regression + url: + type: string + description: Address of endpoint. + example: http://my-aws-lambda/linear-regression/predict + inputSchema: + type: string + description: Schema of the input table to endpoint. + example: "[\"field1\", \"field2\"]" + outputSchema: + type: string + description: Schema of the output table from endpoint. + example: "[\"field1\", \"field2\", \"score\"]" + headers: + type: string + description: HTTP headers for endpoint. + example: "[{\"awsRegion\": \"us-west-2\"}, {\"serviceName\": \"execute-api\"\ + }, {\"accessKey\": \"myAccessKey\"}, {\"secretKey\": \"mySecretKey\"}]" + description: Endpoint creation request object. + SignalsRequest: + required: + - signalContext + - signalTypes + type: object + properties: + signalTypes: + maxItems: 1 + minItems: 1 + type: array + description: | + A list of signal types to compute. Can be `LogFluctuation`, `DimensionalityExplanation`, `GisBenchmark` or `Anomalies` + items: + pattern: ^(LogFluctuation|DimensionalityExplanation|GisBenchmark|Anomalies)$|^$ + type: string + x-pattern-message: "Must be `LogFluctuation`, `DimensionalityExplanation`,\ + \ `GisBenchmark` or `Anomalies`" + signalContext: + $ref: '#/components/schemas/SignalContext' + description: Signal Request object. + SignalContext: + required: + - contextType + type: object + properties: + contextType: + pattern: ^(Alert)$|^$ + type: string + description: Type of context of the request object. + x-pattern-message: Must be `Alert` + discriminator: + propertyName: contextType + mapping: + Alert: '#/components/schemas/AlertSignalContext' + SignalsJobResult: + required: + - isComplete + - signals + - warnings + type: object + properties: + isComplete: + type: boolean + description: Whether the signal computing job finished. + example: true + signals: + type: array + description: Sequence of computed signals. + items: + $ref: '#/components/schemas/SignalsResponse' + warnings: + type: array + description: List of warnings while computing signals. + items: + $ref: '#/components/schemas/WarningDetails' + description: "The job result containing the job status, computed signals and\ + \ any warnings." + SignalsResponse: + required: + - endTime + - openInQueries + - payload + - signalId + - signalType + - startTime + - summary + type: object + properties: + signalType: + pattern: ^(LogFluctuation|DimensionalityExplanation|GisBenchmark|Anomalies)$|^$ + type: string + description: | + The type of the signal to compute. Can be `LogFluctuation`, `DimensionalityExplanation`, `GisBenchmark` or `Anomalies` + x-pattern-message: "Must be `LogFluctuation`, `DimensionalityExplanation`,\ + \ `GisBenchmark` or `Anomalies`" + signalId: + type: string + description: The id for the signal result in hex format. + example: 00000000F5000634 + startTime: + type: string + description: Start time of the signal. + format: date-time + example: 2018-10-16T09:10:00Z + endTime: + type: string + description: End time of the signal. + format: date-time + example: 2018-10-16T09:10:00Z + summary: + type: string + description: Description of the payload. + example: Variation in the logs + payload: + type: string + description: Json string for computed signal. + openInQueries: + type: array + description: Raw data queries for the computed signal. + items: + $ref: '#/components/schemas/OpenInQuery' + description: Signal response object. + OpenInQuery: + required: + - endTime + - query + - startTime + type: object + properties: + query: + $ref: '#/components/schemas/Query' + startTime: + type: string + description: Start time of the query. + format: date-time + example: 2018-10-16T09:10:00Z + endTime: + type: string + description: End time of the query. + format: date-time + example: 2018-10-16T09:10:00Z + description: Raw data query for the computed signal. + WarningDetails: + required: + - code + - detail + - message + type: object + properties: + code: + type: string + description: Warning code. + message: + type: string + description: Warning message. + detail: + type: string + description: Details related to warning. + description: Warning while computing signals. + ListServiceAccountModelsResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of service accounts. + items: + $ref: '#/components/schemas/ServiceAccountModel' + ServiceAccountModel: + type: object + allOf: + - $ref: '#/components/schemas/CreateServiceAccountDefinition' + - $ref: '#/components/schemas/MetadataModel' + - required: + - id + properties: + id: + type: string + description: Unique identifier for the service account. + example: 000000000FE20FE2 + isActive: + type: boolean + description: True if the service account is active. + example: true + CreateServiceAccountDefinition: + required: + - email + - name + - roleIds + type: object + properties: + name: + maxLength: 128 + minLength: 0 + type: string + description: Name of the service account. + example: Service Account + email: + maxLength: 255 + type: string + description: Email address of the service account. + format: email + example: johndoe@acme.com + roleIds: + type: array + description: List of roleIds associated with the service account. + example: + - 00000000000001DF + - 00000000000002D2 + items: + type: string + UpdateServiceAccountDefinition: + type: object + properties: + name: + maxLength: 128 + minLength: 0 + type: string + description: Name of the service account. + example: Service Account + isActive: + type: boolean + description: This has the value `true` if the service account is active + and `false` if it has been deactivated. + example: true + roleIds: + type: array + description: List of role identifiers associated with the service account. + example: + - 00000000000001DF + - 00000000000002D2 + items: + type: string + email: + maxLength: 255 + type: string + description: New email address of the service account. + format: email + example: johndoe@acme.com + PaginatedListOAuthConsentsResult: + required: + - data + type: object + properties: + data: + type: array + description: An array of OAuth consents. + items: + $ref: '#/components/schemas/OAuthConsent' + next: + type: string + description: Next continuation token. + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + description: List of OAuth consents. + OAuthConsent: + required: + - authorizedAt + - authorizedUser + - clientId + - clientName + - id + - scopes + type: object + properties: + id: + type: string + description: Unique identifier for the consent. + example: 0000000006743FDE + clientId: + type: string + description: The ID of the registered client that was used in granting consent. + example: zVplCFHcpTDwtktBIQmFI2K6s9HEo4HAtcQD1f1M5eQ + clientName: + type: string + description: The name of the registered client that was used in granting + consent. + example: My OAuth App + authorizedAt: + type: string + description: Timestamp when the consent was authorized in UTC in RFC3339 + format. + format: date-time + example: 2018-10-16T09:10:00Z + authorizedUser: + type: string + description: Identifier of the user who authorized the consent. + example: 0000000006743FDD + lastUsedAt: + type: string + description: Timestamp when the consent was last used to grant an access + token in UTC in RFC3339 format. Null if never used. + format: date-time + example: 2018-10-16T09:10:00Z + scopes: + type: array + description: The scopes that were granted in the consent. + example: + - manageUsersAndRoles + - viewCollectors + items: + type: string + description: An OAuth consent granted by a user. + ListSCIMUserModelsResponse: + type: object + properties: + totalResults: + type: integer + description: Total number of users that match the filter criteria + example: 100 + startIndex: + minimum: 0 + type: integer + description: The index of the first returned result + format: int32 + example: 0 + default: 0 + itemsPerPage: + type: integer + description: The number of results returned in this page + example: 10 + Resources: + type: array + description: List of SCIM user resources + items: + $ref: '#/components/schemas/SCIMUserModel' + SCIMUserModel: + type: object + allOf: + - $ref: '#/components/schemas/SCIMCreateUserDefinition' + - required: + - id + properties: + id: + type: string + description: Unique SCIM identifier for the user + example: 000000000FE20FE2 + active: + type: boolean + description: True if the user is active + example: true + meta: + $ref: '#/components/schemas/ResourceData' + SCIMCreateUserDefinition: + required: + - emails + - name + - roles + - schemas + - userName + type: object + properties: + schemas: + type: array + description: Defines the SCIM schemas for the user + example: + - urn:ietf:params:scim:schemas:core:2.0:User + items: + type: string + userName: + maxLength: 64 + type: string + description: Unique identifier for the user (email) + example: jdoe@example.com + name: + $ref: '#/components/schemas/NameInfo' + emails: + type: array + description: Sumo logic accepts only one email address + items: + type: object + properties: + value: + type: string + format: email + example: jdoe@example.com + type: + type: string + example: work + primary: + type: boolean + example: true + default: true + roles: + type: array + description: roles should exactly match with role names within sumologic. + `roles` can be either `Array of strings` or `Array of objects` as shown + in the payload. `primary` always set to 'true' as sumologic doesn't have + a concept of primary/secondary roles + example: + - - role1 + - role2 + - - value: role1 + primary: true + - value: role2 + primary: true + items: {} + NameInfo: + required: + - familyName + - givenName + type: object + properties: + givenName: + type: string + description: Given name of the user (firstName) + example: John + familyName: + type: string + description: Family name of the user (lastName) + example: Doe + ResourceData: + type: object + properties: + resourceType: + type: string + description: The name of the resource type of the resource + example: User + created: + type: string + description: Creation timestamp in date-time format + format: date-time + example: 2024-01-01T12:00:00Z + lastModified: + type: string + description: Last modification timestamp in date-time format + format: date-time + example: 2024-01-01T12:00:00Z + description: Resource meta data of a user + ErrorResponseScim: + required: + - schemas + - status + type: object + properties: + status: + type: integer + description: The HTTP status code. + example: 409 + schemas: + type: array + description: Defines the SCIM schemas for the user + example: + - urn:ietf:params:scim:schemas:core:2.0:User + items: + type: string + scimType: + type: string + description: A SCIM detail error keyword. + example: uniqueness + detail: + type: string + description: An optional fuller English-language description of the error. + example: "Your password was 5 characters long, the minimum length is 12\ + \ characters. See http://example.com/password for more information." + SCIMUpdateUserDefinition: + required: + - active + - emails + - name + - roles + - schemas + type: object + properties: + schemas: + type: array + description: Defines the SCIM schemas for the user + example: + - urn:ietf:params:scim:schemas:core:2.0:User + items: + type: string + name: + $ref: '#/components/schemas/NameInfo' + active: + type: boolean + description: Indicates if the user is active + example: true + emails: + type: array + description: Sumo logic accepts only one email address + items: + type: object + properties: + value: + type: string + format: email + example: jdoe@example.com + type: + type: string + example: work + primary: + type: boolean + example: true + default: true + roles: + type: array + description: roles should exactly match with role names within sumologic. + `roles` can be either `Array of strings` or `Array of objects` as shown + in the payload. `primary` always set to 'true' as sumologic doesn't have + a concept of primary/secondary roles + example: + - - role1 + - role2 + - - value: role1 + primary: true + - value: role2 + primary: true + items: {} + SCIMPatchUserDefinition: + required: + - Operations + - schemas + type: object + properties: + schemas: + type: array + description: Defines the SCIM schemas for the patch operation + example: + - urn:ietf:params:scim:api:messages:2.0:PatchOp + items: + type: string + Operations: + type: array + description: Updates one or more attributes of a SCIM resource using a sequence + of operations + items: + type: object + properties: + op: + pattern: (?i)^(replace|add|remove)$ + type: string + description: "Supports 'add', 'replace' and 'remove' operations" + example: replace + x-pattern-message: "`replace`, `add`, `remove`" + path: + type: string + description: Attribute path to modify + example: name.familyName + value: + type: object + allOf: + - type: object + properties: + value: + type: string + - type: object + properties: + value: + type: array + items: + type: string + MetricsQueryResponse: + required: + - errors + - queryResults + type: object + properties: + queryResult: + type: array + description: A list of the time series returned by metric query. + items: + $ref: '#/components/schemas/TimeSeriesRow' + errors: + type: object + description: "Errors, warnings, and information logged for the query." + example: + id: AXDUI-DGH5I-TJ045 + errors: + - code: metrics:incomplete_results + message: Incomplete results + allOf: + - $ref: '#/components/schemas/ErrorResponse' + TimeSeriesRow: + required: + - rowId + - timeSeriesList + type: object + properties: + rowId: + type: string + description: Row id for the query row as specified in the request. + example: A + timeSeriesList: + $ref: '#/components/schemas/TimeSeriesList' + TimeSeriesList: + required: + - timeSeries + type: object + properties: + timeSeries: + type: array + description: A list of timeseries returned by corresponding query. + items: + $ref: '#/components/schemas/TimeSeries' + unit: + type: string + description: Unit of the query. + example: 1/second + timeShiftLabel: + type: string + description: Time shift value if specified in request in human readable + format. + example: -1h + resultContext: + $ref: '#/components/schemas/MetricsQueryResultContext' + TimeSeries: + required: + - metricDefinition + - points + type: object + properties: + metricDefinition: + $ref: '#/components/schemas/MetricDefinition' + points: + $ref: '#/components/schemas/Points' + MetricDefinition: + type: object + properties: + metric: + type: string + description: Name of the metric returning the timeseries. + example: CPU_Total + dimensions: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Metric dimensions / metadata related to each timeseries. + example: + _sourceHost: us2-alert-1 + _sourceCategory: alert + Points: + required: + - timestamps + - values + type: object + properties: + timestamps: + type: array + description: Array of timestamps of datapoints in milliseconds. + items: + type: integer + format: int64 + example: 1623258710000 + values: + type: array + description: Array of values of datapoints corresponding to timestamp array. + items: + type: number + format: double + example: 1.5 + description: "The `values` and `timestamps` are of the same length, and points\ + \ are sorted by time ascending." + MetricsQueryResultContext: + type: object + properties: + quantizationGranularity: + type: integer + description: Quantization granularity. Size of the quantization bucket/quant + in milliseconds. + format: int64 + example: 30000 + rollup: + pattern: ^(Avg|Sum|Min|Max|Count|Rate)$|^$ + type: string + description: "We use the term rollup to refer to the aggregation function\ + \ Sumo Logic uses when quantizing metrics. Can be `Avg`, `Sum`, `Min`,\ + \ `Max`, `Count` or `Rate`." + example: Avg + actualQueryTimeRange: + $ref: '#/components/schemas/Iso8601TimeRange' + MetricsQueryRequest: + required: + - queries + - timeRange + type: object + properties: + queries: + minItems: 1 + type: array + description: A list of metrics queries. + items: + $ref: '#/components/schemas/MetricsQueryRow' + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + description: A list of metrics queries to run along with the time range for + the query. + MetricsQueryRow: + required: + - query + - rowId + type: object + properties: + rowId: + pattern: "[A-Z]" + type: string + description: "Row id for the query row, A to Z letter." + example: A + x-pattern-message: Row id must be one character long and must be an upper + case letter between A and Z + query: + maxLength: 3000 + minLength: 3 + type: string + description: |- + A metric query consists of a metric, one or more filters and optionally, one or more [Metrics Operators](https://help.sumologic.com/?cid=10144). Strictly speaking, both filters and operators are optional. + + Most of the [Metrics Operators](https://help.sumologic.com/?cid=10144) are allowed in the query string except `fillmissing`, `outlier`, `quantize` and `timeshift`. + + * `fillmissing`: Not supported in API. + * `outlier`: Not supported in API. + * `quantize`: Only supported through `quantization` param. + * `timeshift`: Only supported through `timeshift` param. + + + In practice, your metric queries will almost always contain filters that narrow the scope of your query. For more information about the query language see [Metrics Queries](https://help.sumologic.com/?cid=1079). + example: metric=CPU_Idle + quantization: + minimum: 1 + type: integer + description: "Segregates time series data by time period. This allows you\ + \ to create aggregated results in buckets of fixed intervals (for example,\ + \ 5-minute intervals). The value is in milliseconds." + format: int64 + example: 60000 + rollup: + pattern: ^(Count|Min|Max|Sum|Avg|None)$|^$ + type: string + description: "We use the term rollup to refer to the aggregation function\ + \ Sumo Logic uses when quantizing metrics. Can be `Avg`, `Sum`, `Min`,\ + \ `Max`, `Count` or `None`." + example: Avg + x-pattern-message: "Must be `Avg`, `Sum`, `Min`, `Max`, `Count` or `None`" + timeshift: + type: integer + description: Shifts the time series from your metrics query by the specified + amount of time. This can help when comparing a time series across multiple + time periods. Specified as a signed duration in milliseconds. + format: int64 + example: -3600000 + CreateTraceQueryResponse: + required: + - queryId + type: object + properties: + queryId: + type: string + description: Id of the created query + example: cafaebf2f4f8320f + AsyncTraceQueryRequest: + required: + - queryRows + - timeRange + type: object + properties: + queryRows: + type: array + description: A list of trace queries. + items: + $ref: '#/components/schemas/AsyncTraceQueryRow' + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + AsyncTraceQueryRow: + required: + - query + - rowId + type: object + properties: + query: + $ref: '#/components/schemas/TraceQueryExpression' + rowId: + maxLength: 16 + type: string + description: "An identifier used to reference this particular row of the\ + \ query request while fetching a query result. Within a query, row ids\ + \ must have distinct values." + example: '#A' + orderBy: + $ref: '#/components/schemas/OrderBy' + OrderBy: + required: + - fieldName + - order + type: object + properties: + fieldName: + maxLength: 32 + minLength: 1 + type: string + description: "Field based on which results should be sorted. When not provided,\ + \ the default behavior is to sort by timestamp descending. Sortable fields\ + \ values: `trace_id`, `start_timestamp`, `duration`, `spans_number`, `errors`,\ + \ `status_code`." + example: start_timestamp + order: + pattern: ^(Asc|Desc)$ + type: string + description: Type of sorting values - descending or ascending. + example: Asc + default: Desc + x-pattern-message: should be either 'Asc' or 'Desc' + TraceQueryStatusResponse: + required: + - queryRows + - status + type: object + properties: + queryRows: + type: array + description: A list of trace queries. + items: + $ref: '#/components/schemas/TraceQueryRowStatus' + status: + pattern: ^(Processing|Finished|Error|Canceled)$ + type: string + description: "Status of the query. Possible values: `Processing`, `Finished`,\ + \ `Error`, `Canceled`." + example: Processing + x-pattern-message: "Should be either `Processing`, `Finished`, `Error`,\ + \ `Canceled`." + TraceQueryRowStatus: + required: + - count + - rowId + - status + type: object + properties: + rowId: + type: string + description: A unique identifier of the query. + example: A + status: + pattern: ^(Processing|Finished|Error|Canceled)$ + type: string + description: "Status of the query. Possible values: `Processing`, `Finished`,\ + \ `Error`, `Canceled`." + example: Processing + x-pattern-message: "Should be either `Processing`, `Finished`, `Error`,\ + \ `Canceled`." + statusMessage: + type: string + description: Descriptive message of the status + example: Finished successfully + count: + minimum: 0 + type: integer + description: Number of results matching the query + format: int64 + example: 3215 + TraceQueryResultResponse: + required: + - results + type: object + properties: + results: + type: array + description: List of traces matching the query. + items: + $ref: '#/components/schemas/TraceDetail' + next: + type: string + description: Next continuation token. + example: "10001" + TraceDetail: + required: + - id + type: object + properties: + id: + type: string + description: Trace identifier. + example: 00000000000120CB + rootService: + type: string + description: "Root service which started the trace. Examples: `user-service`,\ + \ `authentication-service`, `payment-service`, `/shopping-cart`" + example: user-service + rootResource: + type: string + description: "Root resource on which the trace was started. Examples: `db.query`,\ + \ `http.request`, `rpc.call`, `container`" + example: http.request + rootStatus: + $ref: '#/components/schemas/TraceSpanStatus' + rootOperationName: + type: string + description: The name of the operation given to the root span. + example: retrieveAccount + metrics: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/DoubleTracingValue' + description: Calculated trace metrics. + example: + _duration: 143984411 + startedAt: + type: string + description: "Date and time the trace was started in [ISO 8601 / RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2019-11-22T09:00:00Z + criticalPathServiceBreakdownSummary: + $ref: '#/components/schemas/CriticalPathServiceBreakdownSummary' + TraceSpanStatus: + required: + - code + type: object + properties: + code: + type: string + description: "Status code of the span. Possible values: `OK`, `ERROR`, `UNKNOWN`." + example: OK + message: + type: string + description: "Optional descriptive message about the status, could be an\ + \ http status code or the kind of an error, e.g. OSError." + example: "404" + CriticalPathServiceBreakdownSummary: + required: + - elements + - idleTime + - otherServicesDuration + type: object + properties: + elements: + type: array + description: List of the elements representing the critical path service + duration breakdown - contains the first few services with the longest + overall duration of the spans contributing to the critical path. + items: + $ref: '#/components/schemas/CriticalPathServiceBreakdownElementBase' + otherServicesDuration: + type: integer + description: Overall processing time in nanoseconds consumed by the rest + of the spans in the critical path (a sum of the duration times of the + spans' critical path segments). + format: int64 + example: 12957153 + idleTime: + type: integer + description: Overall time in nanoseconds when no particular operation was + in progress. + format: int64 + example: 60000000 + CriticalPathServiceBreakdownElementBase: + required: + - duration + type: object + properties: + service: + type: string + description: The name of the service. + example: user-service + serviceColor: + type: string + description: Color hex code assigned to the service. + example: '#fa41c6' + duration: + type: integer + description: Overall processing time in nanoseconds consumed by the spans + belonging to this service in the critical path (a sum of the duration + times of the spans' critical path segments). + format: int64 + example: 12957153 + TraceMetricsResponse: + required: + - metrics + type: object + properties: + metrics: + type: array + description: List of trace metrics. + items: + $ref: '#/components/schemas/TraceMetricDetail' + TraceMetricDetail: + required: + - metric + - type + type: object + properties: + metric: + type: string + description: Trace metric name. In trace queries it can be used in `MetricTracingFilter.metric`. + example: _duration + description: + type: string + description: Short description of the metric. + example: The duration of a trace in nanoseconds. + type: + type: string + description: "The type the values of this field will have. Possible values:\ + \ `DoubleTracingValue`, `IntegerTracingValue`." + example: IntegerTracingValue + TraceFieldsResponse: + required: + - fields + type: object + properties: + fields: + type: array + description: List of filter fields. + items: + $ref: '#/components/schemas/TraceFieldDetail' + TraceFieldDetail: + required: + - field + - fieldType + - type + type: object + properties: + field: + type: string + description: Filter field name. + example: operation + fieldType: + pattern: ^(SpanAttribute|SpanEventAttribute)$ + type: string + description: "Indicates the kind of a field. Possible values: `SpanAttribute`,\ + \ `SpanEventAttribute`." + example: SpanEventAttribute + default: SpanAttribute + x-pattern-message: "Should be one of: `SpanAttribute`, `SpanEventAttribute`." + valueListing: + type: boolean + description: Indicates whether values for this field can be listed. + example: false + description: + type: string + description: Short description of the field. + example: A piece of the workflow represented by a span + type: + type: string + description: "The type the values of this field will have. Possible values:\ + \ `DoubleTracingValue`, `IntegerTracingValue`, `StringTracingValue`, `DateTimeTracingValue`." + example: StringTracingValue + noValuesReason: + $ref: '#/components/schemas/NoTraceFieldValuesReason' + NoTraceFieldValuesReason: + required: + - code + - message + type: object + properties: + code: + pattern: ^(HighCardinalityField|AutocompleteDisabled)$ + type: string + description: "A code uniquely identifying the reason for the lack of trace\ + \ field values. Possible values: `HighCardinalityField`, `AutocompleteDisabled`." + example: HighCardinalityField + x-pattern-message: "Should be either `HighCardinalityField`, `AutocompleteDisabled`." + message: + type: string + description: A short English-language description of the reason. + example: Autocomplete has been disabled for this field due to high cardinality. + TraceFieldValuesResponse: + required: + - fieldValues + - totalCount + type: object + properties: + fieldValues: + type: array + description: List of filter field values. + items: + type: string + totalCount: + type: integer + description: Total number of values for a field matching the query. Can + be approximated when it's above 3000. + format: int64 + example: 1234 + next: + type: string + description: Next continuation token. + example: Mi93V0ZqTTBzaW89 + CreateCpcQueryResponse: + required: + - queryId + type: object + properties: + queryId: + type: string + description: The id of the created query. + example: cafaebf2f4f8320f + CpcQueryRequest: + required: + - queryRows + - timeRange + type: object + properties: + queryRows: + type: array + description: A list of cpc queries. + items: + $ref: '#/components/schemas/CpcQueryRow' + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + CpcQueryRow: + required: + - query + - rowId + type: object + properties: + query: + $ref: '#/components/schemas/TraceQueryExpression' + rowId: + maxLength: 16 + type: string + description: "An identifier used to reference this particular row of the\ + \ query request while fetching a query result. Within a query, row ids\ + \ must have distinct values." + example: '#A' + CpcQueryStatusResponse: + required: + - queryRows + - status + type: object + properties: + queryRows: + type: array + description: A list of statuses on a per query row basis. + items: + $ref: '#/components/schemas/CpcQueryRowStatus' + status: + pattern: ^(Processing|Finished|Error|Canceled)$ + type: string + description: "Status of the query. Possible values: `Processing`, `Finished`,\ + \ `Error`, `Canceled`." + example: Processing + x-pattern-message: "Should be either `Processing`, `Finished`, `Error`,\ + \ `Canceled`." + CpcQueryRowStatus: + required: + - buckets + - rowId + - status + type: object + properties: + rowId: + type: string + description: A unique identifier of the query. + example: A + buckets: + type: array + description: A list of CPC query statuses on a per time bucket basis. Each + status corresponds to the status of calculating aggregated CPC data from + a sample of traces matching search criteria falling within a specific + time slice. + items: + $ref: '#/components/schemas/CpcQueryBucketStatus' + status: + pattern: ^(Processing|Finished|Error|Canceled)$ + type: string + description: "Status of the query. Possible values: `Processing`, `Finished`,\ + \ `Error`, `Canceled`." + example: Processing + x-pattern-message: "Should be either `Processing`, `Finished`, `Error`,\ + \ `Canceled`." + CpcQueryBucketStatus: + required: + - bucketId + - status + type: object + properties: + bucketId: + type: string + description: A unique identifier of the bucket. + example: A + status: + pattern: ^(Processing|Finished|Error|Canceled)$ + type: string + description: "Status of the query. Possible values: `Processing`, `Finished`,\ + \ `Error`, `Canceled`." + example: Processing + x-pattern-message: "Should be either `Processing`, `Finished`, `Error`,\ + \ `Canceled`." + statusMessage: + type: string + description: Descriptive message of the status. + example: Finished successfully + CpcQueryResultResponse: + required: + - buckets + type: object + properties: + buckets: + type: array + description: A list of CPC query results on a per time bucket basis. Each + bucket result corresponds to the aggregated CPC data from a sample of + traces matching search criteria falling within a specific time slice. + items: + $ref: '#/components/schemas/CpcQueryBucketResult' + CpcQueryBucketResult: + required: + - avgTraceDuration + - bucketId + - idleTimeCpcSummary + - length + - otherServicesCpcSummary + - perServiceCpcSummaries + - startTimestamp + - totalNumOfTraces + type: object + properties: + bucketId: + type: string + description: A unique identifier of a time bucket. + example: bucket1 + startTimestamp: + type: string + description: "A start of the time bucket in the [ISO 8601 / RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2021-04-19T17:36:57.47623Z + length: + type: integer + description: The length of a time bucket expressed in milliseconds. + format: int64 + example: 60000 + totalNumOfTraces: + type: integer + description: The total number of traces matching the search criteria based + on which the CPC data is aggregated. + format: int64 + example: 500 + avgTraceDuration: + type: number + description: The average duration in nanoseconds of the traces matching + the search criteria based on which the CPC data is aggregated. + format: double + example: 5000 + perServiceCpcSummaries: + type: array + description: The summary of aggregated Critical Path Contribution data on + a per service basis. Each element of the array corresponds to a summary + for a specific service. + items: + $ref: '#/components/schemas/CpcServiceSummary' + otherServicesCpcSummary: + $ref: '#/components/schemas/CpcSummary' + idleTimeCpcSummary: + $ref: '#/components/schemas/CpcSummary' + CpcServiceSummary: + required: + - color + - cpcSummary + - service + type: object + properties: + service: + type: string + description: The name of the service. + example: user-service + color: + type: string + description: The color hex code assigned to the service. + example: '#fa41c6' + cpcSummary: + $ref: '#/components/schemas/CpcSummary' + CpcSummary: + required: + - avgPercentageInTrace + - avgTimeInTrace + - numOfTraces + - totalTimeTaken + type: object + properties: + numOfTraces: + type: integer + description: The total number of traces matching the search criteria for + a given service based on which the CPC data is aggregated. + format: int64 + example: 200 + avgPercentageInTrace: + type: number + description: The total fraction (value between 0.0 and 1.0) of the trace + duration time consumed by a given service (or a group of services) in + the critical path of analyzed traces. + format: double + example: 0.24 + avgTimeInTrace: + type: number + description: The average time in nanoseconds spent by a given service (or + a group of services) in the critical path of analyzed traces. + format: double + example: 520000 + totalTimeTaken: + type: integer + description: The total time in nanoseconds spent by a given service (or + a group of services) in the critical path of analyzed traces. + format: int64 + example: 600000 + CpcQueryResultRequest: + required: + - bucketIds + type: object + properties: + bucketIds: + type: array + description: A list of the identifiers of CPC query buckets for which aggregated + Critical Path Contribution data should be fetched. + example: + - bucket1 + - bucket2 + items: + type: string + CreateAggregationQueryResponse: + required: + - queryId + type: object + properties: + queryId: + type: string + description: The id of the created query. + example: cafaebf2f4f8320f + AggregationQueryRequest: + required: + - queryRows + - timeRange + - xAxisGroupByAttribute + type: object + properties: + queryRows: + type: array + description: A list of tracing queries. + items: + $ref: '#/components/schemas/AggregationQueryRow' + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + xAxisGroupByAttribute: + $ref: '#/components/schemas/AggregationGroupByAttribute' + AggregationQueryRow: + required: + - query + - rowId + type: object + properties: + query: + $ref: '#/components/schemas/TraceQueryExpression' + rowId: + maxLength: 16 + type: string + description: "An identifier used to reference this particular row of the\ + \ query request while fetching a query result. Within a query, row ids\ + \ must have distinct values." + example: '#A' + AggregationGroupByAttribute: + required: + - attributeType + type: object + properties: + attributeType: + type: string + description: Attribute type of the object model. + description: Base group by attribute object. + discriminator: + propertyName: attributeType + AggregationQueryStatusResponse: + required: + - queryRows + - status + type: object + properties: + queryRows: + type: array + description: A list of statuses on a per query row basis. + items: + $ref: '#/components/schemas/AggregationQueryRowStatus' + status: + pattern: ^(Processing|Finished|Error|Canceled)$ + type: string + description: "Status of the query. Possible values: `Processing`, `Finished`,\ + \ `Error`, `Canceled`." + example: Processing + x-pattern-message: "Should be either `Processing`, `Finished`, `Error`,\ + \ `Canceled`." + statusMessage: + type: string + description: Descriptive message of the status. + example: Finished successfully + AggregationQueryRowStatus: + required: + - rowId + - status + type: object + properties: + rowId: + type: string + description: A unique identifier of the query. + example: A + status: + pattern: ^(Processing|Finished|Error|Canceled)$ + type: string + description: "Status of the query. Possible values: `Processing`, `Finished`,\ + \ `Error`, `Canceled`." + example: Processing + x-pattern-message: "Should be either `Processing`, `Finished`, `Error`,\ + \ `Canceled`." + statusMessage: + type: string + description: Descriptive message of the status. + example: Finished successfully + AggregationQueryResultResponse: + required: + - buckets + type: object + properties: + buckets: + type: array + description: A list of an aggregation query results on a per bucket basis. Each + bucket result corresponds to the number of trace query results falling + into the bucket. + items: + $ref: '#/components/schemas/AggregationQueryBucketResult' + AggregationQueryBucketResult: + required: + - bucketKey + - bucketValue + type: object + properties: + bucketKey: + $ref: '#/components/schemas/BucketKey' + bucketValue: + $ref: '#/components/schemas/BucketValue' + BucketKey: + required: + - bucketKeyType + type: object + properties: + bucketKeyType: + type: string + description: Bucket value type of the object model. + description: Base bucket key object. + discriminator: + propertyName: bucketKeyType + BucketValue: + required: + - bucketValueType + - traceCount + type: object + properties: + bucketValueType: + type: string + description: Bucket value type of the object model. + traceCount: + type: integer + description: The number of traces per bucket. + format: int64 + example: 42 + description: Base bucket value object. + discriminator: + propertyName: bucketValueType + TraceExistsResponse: + required: + - exists + type: object + properties: + exists: + type: boolean + description: Indicates whether the trace with the given trace id exists. + example: true + url: + type: string + description: A path to the trace view page in Sumo Logic UI. + example: '#/trace/00000000000120CB' + TraceSpansResponse: + required: + - spans + - totalCount + type: object + properties: + spanPage: + type: array + description: List of trace spans. + items: + $ref: '#/components/schemas/TraceSpan' + totalCount: + type: integer + description: Total count of spans for this trace. + format: int64 + example: 1234 + next: + type: string + description: Next continuation token. + example: dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI + TraceSpan: + required: + - duration + - id + - operationName + - startedAt + - status + type: object + properties: + id: + type: string + description: Identifier of the span. + example: 00000000002317A9 + parentId: + type: string + description: "Identifier of the parent span, if any. If the span has no\ + \ parent it's considered a root span." + example: 000000000003C7BE + operationName: + type: string + description: The name of the operation given to the span. + example: retrieveAccount + resource: + type: string + description: The name of the resource attached to the span. + example: http.request + service: + type: string + description: The name of the service this span is part of. + example: user-service + serviceColor: + type: string + description: Color hex code assigned to the service. + example: '#fa41c6' + serviceType: + $ref: '#/components/schemas/ServiceType' + duration: + type: integer + description: Number of nanoseconds the span lasted. + format: int64 + example: 212957153 + startedAt: + type: string + description: "Date and time the span was started in the [ISO 8601 / RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2019-11-22T09:00:00Z + status: + $ref: '#/components/schemas/TraceSpanStatus' + kind: + pattern: ^(CLIENT|SERVER|PRODUCER|CONSUMER|INTERNAL)$ + type: string + description: "Span kind describes the relationship between the Span, its\ + \ parents, and its children in a Trace. Possible values: `CLIENT`, `SERVER`,\ + \ `PRODUCER`, `CONSUMER`, `INTERNAL`." + example: SERVER + x-pattern-message: "Should be either `CLIENT`, `SERVER`, `PRODUCER`, `CONSUMER`\ + \ or `INTERNAL`." + remoteService: + type: string + description: Name of the possible remote span's service. + example: external-service + remoteServiceColor: + type: string + description: Color hex code assigned to the remote service. + example: '#fa41c6' + remoteServiceType: + $ref: '#/components/schemas/ServiceType' + info: + $ref: '#/components/schemas/TraceSpanInfo' + numberOfLinks: + type: integer + description: Number of span links in this span. + format: int32 + example: 2 + ServiceType: + pattern: ^(Db|HTTP|MQ|Web|Mixed|Unknown|Cpp|DotNET|Erlang|Go|Java|NodeJS|Php|Python|Ruby|WebJS|Swift|MSSQL|MySQL|Oracle|Db2|PostgreSQL|Redshift|Hive|Cloudscape|HSQLDB|Progress|MaxDB|HANADB|Ingres|FirstSQL|EnterpriseDB|Cache|Adabas|Firebird|ApacheDerby|FileMaker|Informix|InstantDB|InterBase|MariaDB|Netezza|PervasivePSQL|PointBase|SQLite|Sybase|Teradata|Vertica|H2|ColdFusion|Cassandra|HBase|MongoDB|Redis|Couchbase|CouchDB|CosmosDB|DynamoDB|Neo4j|Geode|Elasticsearch|Memcached|CockroachDB|RPC|gRPC|JavaRMI|DotNETWCF|ApacheDubbo)$ + type: string + description: Defines type of service. + example: HTTP + x-pattern-message: "Should be either `Db`, `HTTP`, `MQ`, `Web`, `Mixed`, `Unknown`,\ + \ `Cpp`, `DotNET`, `Erlang`, `Go`, `Java`, `NodeJS`, `Php`, `Python`, `Ruby`,\ + \ `WebJS`, `Swift`, `MSSQL`, `MySQL`, `Oracle`, `Db2`, `PostgreSQL`, `Redshift`,\ + \ `Hive`, `Cloudscape`, `HSQLDB`, `Progress`, `MaxDB`, `HANADB`, `Ingres`,\ + \ `FirstSQL`, `EnterpriseDB`, `Cache`, `Adabas`, `Firebird`, `ApacheDerby`,\ + \ `FileMaker`, `Informix`, `InstantDB`, `InterBase`, `MariaDB`, `Netezza`,\ + \ `PervasivePSQL`, `PointBase`, `SQLite`, `Sybase`, `Teradata`, `Vertica`,\ + \ `H2`, `ColdFusion`, `Cassandra`, `HBase`, `MongoDB`, `Redis`, `Couchbase`,\ + \ `CouchDB`, `CosmosDB`, `DynamoDB`, `Neo4j`, `Geode`, `Elasticsearch`, `Memcached`,\ + \ `CockroachDB`, `RPC`, `gRPC`, `JavaRMI`, `DotNETWCF` or `ApacheDubbo`" + TraceSpanInfo: + required: + - type + type: object + properties: + type: + type: string + description: "Type of this span. Possible values: `TraceHttpSpanInfo`, `TraceDbSpanInfo`,\ + \ `TraceMessageBusSpanInfo`." + example: TraceHttpSpanInfo + discriminator: + propertyName: type + TagsReversedIndexResponse: + type: object + properties: + tagsIndices: + maxItems: 1000 + minItems: 0 + type: array + description: List of spans tag values indices. + items: + $ref: '#/components/schemas/TagReversedIndex' + attributesIndices: + maxItems: 1000 + minItems: 0 + type: array + description: List of spans attribute values indices. + items: + $ref: '#/components/schemas/AttributeReversedIndex' + next: + type: string + description: Next continuation token. + example: dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI + TagReversedIndex: + required: + - tagName + - tagValueStatistics + type: object + properties: + tagName: + maxLength: 128 + minLength: 1 + type: string + description: Name of the tag. + example: k8s.container.name + tagValueStatistics: + maxItems: 1000 + minItems: 1 + type: array + description: List of value statistics of the given tag. + items: + $ref: '#/components/schemas/TagValueReversedIndex' + TagValueReversedIndex: + required: + - spanIds + - tagValue + type: object + properties: + tagValue: + maxLength: 128 + minLength: 1 + type: string + description: Value of the tag. + example: web-proxy + spanIds: + maxItems: 1000 + minItems: 1 + type: array + description: List of span ids which have the given tag and value. + example: + - 52c3f60425aba353 + - 432630b74ac37c60 + items: + type: string + AttributeReversedIndex: + required: + - attributeName + - attributeValueStatistics + type: object + properties: + attributeName: + maxLength: 128 + minLength: 1 + type: string + description: Name of the attribute. + example: service + attributeValueStatistics: + maxItems: 1000 + minItems: 1 + type: array + description: List of value statistics of the given attribute. + items: + $ref: '#/components/schemas/AttributeValueReversedIndex' + AttributeValueReversedIndex: + required: + - attributeValue + - spanIds + type: object + properties: + attributeValue: + maxLength: 128 + minLength: 1 + type: string + description: Value of the attribute. + example: rest-soa + spanIds: + maxItems: 1000 + minItems: 1 + type: array + description: List of span ids which have the given attribute and value. + example: + - 52c3f60425aba343 + - 432630b74ac37c50 + items: + type: string + TraceLightEventsResponse: + type: object + properties: + spanEvents: + maxProperties: 1000 + type: object + additionalProperties: + type: array + items: + $ref: '#/components/schemas/LightSpanEvent' + description: "Map of span ids to lists of their events, without their attributes." + next: + type: string + description: Next continuation token. + example: dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI + LightSpanEvent: + required: + - name + - timestamp + type: object + properties: + timestamp: + type: string + description: "Time when an event happened in the [ISO 8601 / RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2021-04-19T17:36:57.47623Z + name: + type: string + description: Name of the event. + example: domContentLoadedEventStart + description: "Light version of Span Event, without the attributes." + CriticalPathResponse: + required: + - segments + type: object + properties: + segments: + type: array + description: List of span segments from the critical path. + items: + $ref: '#/components/schemas/SpanPathSegment' + next: + type: string + description: Next continuation token. + example: Mi93V0ZqTTBzaW89 + SpanPathSegment: + required: + - duration + - ratio + - spanId + - startOffset + type: object + properties: + spanId: + type: string + description: Span identifier. + example: 00000000000120CB + service: + type: string + description: The name of the service this span is part of. + example: user-service + serviceColor: + type: string + description: Color hex code assigned to the service. + example: '#fa41c6' + startOffset: + type: integer + description: Number of nanoseconds from the span startedAt the segment started. + format: int64 + example: 311285715 + duration: + type: integer + description: Number of nanoseconds the span segment lasted. + format: int64 + example: 12957153 + fraction: + type: number + description: The fraction (value between 0.0 and 1.0) from the trace duration + time this segment took. + format: double + example: 0.4 + CriticalPathServiceBreakdownResponse: + required: + - elements + - idleTime + type: object + properties: + elements: + type: array + description: List of elements representing the critical path service breakdown. + items: + $ref: '#/components/schemas/CriticalPathServiceBreakdownElementDetail' + idleTime: + type: integer + description: Overall time in nanoseconds when no particular operation was + in progress. + format: int64 + example: 60000000 + CriticalPathServiceBreakdownElementDetail: + allOf: + - $ref: '#/components/schemas/CriticalPathServiceBreakdownElementBase' + - required: + - longestSegmentDuration + - numSpans + type: object + properties: + numSpans: + type: integer + description: Number of spans that are part of this service. + format: int32 + example: 12957153 + longestSegmentDuration: + type: integer + description: Number of nanoseconds the longest span segment in the critical + path lasted. + format: int64 + example: 12957153 + TraceSpanDetail: + allOf: + - $ref: '#/components/schemas/TraceSpan' + - type: object + properties: + errorMessage: + type: string + description: "Produced error message (could be a stack trace, database\ + \ error code, ..)" + example: | + Exception in thread "local[9]" java.lang.OutOfMemoryError: Java heap space + at my.app.force.fields.SpaceShipForceField.main(SpaceShipForceField.java:17) + fields: + type: object + additionalProperties: + $ref: '#/components/schemas/TracingValue' + description: Fields attached to this span. + example: + component: + type: StringTracingValue + value: http + http.request.method: + type: StringTracingValue + value: GET + url.full: + type: StringTracingValue + value: https://example.com/v1/users/123 + http.response.status_code: + type: StringTracingValue + value: "200" + criticalPathContribution: + $ref: '#/components/schemas/TraceSpanCriticalPathContribution' + logs: + type: array + description: Logs attached to this span. + example: + - "[19/Dec/2019:10:58:21 +0000] 'GET /v1/users/123 HTTP/1.1' 200 8215\ + \ 'http://111.111.11.1/' 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_11_1)\ + \ AppleWebKit/111.11 (KHTML, like Gecko) Chrome/11.1.1111.11 Safari/111.11'" + - "[19/Dec/2019:10:58:24 +0000] 'GET /logo.png HTTP/1.1' 404 555 'http://111.111.11.1/'\ + \ 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_11_1) AppleWebKit/111.11\ + \ (KHTML, like Gecko) Chrome/11.1.1111.11 Safari/111.11'" + items: + type: string + events: + type: array + description: Events attached to this span. + items: + $ref: '#/components/schemas/SpanEvent' + links: + type: array + description: List of casually related spans. + items: + $ref: '#/components/schemas/SpanLink' + TraceSpanCriticalPathContribution: + required: + - duration + - fraction + type: object + properties: + duration: + type: integer + description: Overall processing time in nanoseconds consumed by this span + in the critical path of its trace (a sum of the duration times of this + span's critical path segments). + format: int64 + example: 12957153 + fraction: + type: number + description: The total fraction (value between 0.0 and 1.0) of the trace + duration time consumed by this span in the critical path of its trace. + format: double + example: 0.4 + SpanEvent: + description: Span event containing all information (in particular attributes). + allOf: + - $ref: '#/components/schemas/LightSpanEvent' + - type: object + properties: + attributes: + type: array + description: Span event attributes. + items: + $ref: '#/components/schemas/SpanEventAttribute' + SpanEventAttribute: + type: object + properties: + attributeName: + type: string + description: Name of the attribute. + example: message_details + attributeValue: + $ref: '#/components/schemas/EventAttributeValue' + SpanLink: + required: + - spanId + - traceId + type: object + properties: + traceId: + type: string + description: Trace identifier of the linked span. + example: 00000000002317A9 + spanId: + type: string + description: Span identifier of the linked span. + example: 000000000003C7BE + description: Details of the linked span. + TraceSpanBillingInfo: + required: + - billedBytes + - billedFormat + type: object + properties: + billedBytes: + type: integer + description: Number of bytes that were charged for the span. + example: 529 + billedFormat: + type: string + description: Billing format of the span. Number of bytes of this representation + of the span is equal to `billedBytes`. + example: traceId=2ff9c457b1aa00f4;spanId=97872e33215c4275;parentSpanId=98bcdfc5da874c40;operation=spanId-97872e33215c4275;startTimestamp=1603283111874000000;endTimestamp=1603283112268000000;service=ServiceA;status.code=ERROR;status.message=ERROR;kind=SERVER;custom-tag-2=value2;_sourcehost=127.0.0.1;url.full=https://example.com/api/operation-x;message=Some + error message;_sourcecategory=Http Input;custom-tag-1=value1;error=true;_sourcename=Http + Input;error.kind=InvalidInput;_collector=trace-generator-collector;http.request.method=GET; + SpanQueryResponse: + required: + - queryId + - queryRows + type: object + properties: + queryId: + type: string + description: Id of the created query + queryRows: + type: array + description: A list of row responses with details about individual queries. + items: + $ref: '#/components/schemas/SpanQueryRowResponse' + hasErrors: + type: boolean + description: Indicates whether there was an error while executing the query. + example: true + default: false + timeRange: + $ref: '#/components/schemas/BeginBoundedTimeRange' + SpanQueryRowResponse: + required: + - isAggregation + - rowId + type: object + properties: + rowId: + type: string + description: A unique identifier of the query. + example: A + errors: + type: array + description: List of errors which occured when executing the query + items: + $ref: '#/components/schemas/SpanQueryRowError' + isAggregation: + type: boolean + description: Indicates whether this query is an aggregation + example: true + default: false + executedQuery: + type: string + description: The executed query after rewriting + example: _index=_trace_spans traceId=00000000002317A9 + SpanQueryRowError: + required: + - code + - message + type: object + properties: + code: + type: string + description: The error code. + example: spanquery:query_validation_error + message: + type: string + description: Short description of the occured error. + example: Query A was invalid + details: + type: string + description: Details about the occured error. + example: "[1.78] failure: '(' expected but ')' found." + SpanQueryRequest: + required: + - queryRows + - timeRange + type: object + properties: + queryRows: + type: array + description: A list of span analytics queries. + items: + $ref: '#/components/schemas/SpanQueryRow' + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + timeZone: + type: string + description: "Time zone for the query time ranges. Follow the format in\ + \ the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + default: UTC + SpanQueryRow: + required: + - queryString + - rowId + type: object + properties: + queryString: + type: string + description: Query string using the log search syntax. + rowId: + pattern: "^[a-zA-Z0-9_]*$" + type: string + description: "An identifier used to reference this particular row of the\ + \ query request. Within a query, row ids must have distinct values." + example: A + SpanQueryStatusResponse: + required: + - queryRows + - status + type: object + properties: + queryRows: + type: array + description: A list of span analytics queries. + items: + $ref: '#/components/schemas/SpanQueryRowStatus' + status: + pattern: ^(Processing|Finished|Error|Paused)$ + type: string + description: "Status of the query. Possible values: `Processing`, `Finished`,\ + \ `Error`, `Paused`" + example: Processing + x-pattern-message: "Should be either `Processing`, `Finished`, `Error`,\ + \ `Paused`." + SpanQueryRowStatus: + required: + - count + - rowId + - status + type: object + properties: + rowId: + type: string + description: A unique identifier of the query. + example: A + status: + pattern: ^(Processing|Finished|Error|Paused)$ + type: string + description: "Status of the query. Possible values: `Processing`, `Finished`,\ + \ `Error`, `Paused`." + example: Processing + x-pattern-message: "Should be either `Processing`, `Finished`, `Error`,\ + \ `Paused`." + statusMessage: + type: string + description: Descriptive message of the status. + example: Finished successfully + count: + minimum: 0 + type: integer + description: Number of results matching the query + format: int64 + example: 3215 + approximatedFieldCounts: + type: boolean + description: Indicates whether facet field cardinality counts are approximated + or not. + example: false + facetsCompleted: + type: boolean + description: Indicates whether facets calculation has completed. + example: false + SpanQueryResultSpansResponse: + required: + - spanPage + type: object + properties: + spanPage: + type: array + description: List of trace spans. + items: + $ref: '#/components/schemas/SpanQuerySpanData' + next: + type: string + description: Next continuation token. + example: Mi93V0ZqTTBzaW89 + SpanQuerySpanData: + required: + - duration + - startedAt + type: object + properties: + spanId: + type: string + description: Identifier of the span. + example: 00000000002317A9 + traceId: + type: string + description: Identifier of the trace. + example: 1BB004A0005213C2 + parentSpanId: + type: string + description: "Identifier of the parent span, if any. If the span has no\ + \ parent it's considered a root span." + example: 000000000003C7BE + operationName: + type: string + description: The name of the operation given to the span. + example: retrieveAccount + service: + type: string + description: The name of the service this span is part of. + example: user-service + remoteService: + type: string + description: Name of the possible remote span's service. + example: external-service + duration: + type: integer + description: Number of nanoseconds the span lasted. + format: int64 + example: 212957153 + startedAt: + type: string + description: "Date and time the span was started in [ISO 8601 / RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2019-11-22T09:00:00Z + status: + $ref: '#/components/schemas/TraceSpanStatus' + kind: + pattern: ^(CLIENT|SERVER|PRODUCER|CONSUMER|INTERNAL)$ + type: string + description: "Span kind describes the relationship between the Span, its\ + \ parents, and its children in a Trace. Possible values: `CLIENT`, `SERVER`,\ + \ `PRODUCER`, `CONSUMER`, `INTERNAL`." + example: SERVER + x-pattern-message: "Should be either `CLIENT`, `SERVER`, `PRODUCER`, `CONSUMER`\ + \ or `INTERNAL`." + tagsJSON: + type: string + description: Tags attached to this span as JSON. + example: |- + { + "http.host":"http://example.com", + "http.request.method":"GET" + } + metadata: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Metadata attached to the span. + example: + _sourceCategory: account-backend + SpanQueryResultFacetsResponse: + required: + - facets + type: object + properties: + facets: + type: array + description: List of facets. + items: + $ref: '#/components/schemas/SpanQueryRowFacet' + SpanQueryRowFacet: + required: + - cardinality + - dataType + - name + type: object + properties: + name: + type: string + description: Name of the field facet. + example: _sourceHost + cardinality: + type: integer + description: The number of unique values this field occured. + format: int32 + example: 3 + dataType: + pattern: ^(String|Int|Long|Double|Boolean)$ + type: string + description: Data type of the field. + example: String + x-pattern-message: "Should be either `String`, `Int`, `Long`, `Double` or\ + \ `Boolean`." + inSchema: + type: boolean + description: Indicates whether the field is available in the span schema. + example: false + valueFrequency: + maxProperties: 1000 + type: object + additionalProperties: + type: integer + format: int64 + description: Map of field value frequencies. + example: + _sourceHost: 34099 + SpanQueryAggregateResponse: + required: + - result + type: object + properties: + result: + $ref: '#/components/schemas/SpanQueryAggregateResult' + SpanQueryAggregateResult: + required: + - series + - status + type: object + properties: + status: + pattern: ^(Processing|Finished|Error|Paused)$ + type: string + description: "Status of the query. Possible values: `Processing`, `Finished`,\ + \ `Error`, `Paused`." + example: Processing + x-pattern-message: "Should be either `Processing`, `Finished`, `Error`,\ + \ `Paused`." + statusMessage: + type: string + description: Descriptive message of the status + example: Finished successfully + series: + type: array + description: The series returned from a search. + items: + $ref: '#/components/schemas/SpanQueryAggregateDataSeries' + SpanQueryAggregateDataSeries: + required: + - dataPoints + - name + - queryId + type: object + properties: + queryId: + type: string + description: The id of the query. + example: A + name: + type: string + description: | + The meaning of 'name' depends on the series type. + - For results of type 'timeseries', it is the value of the x axis 'field' key. + - For results of type 'nontimeseries', it is the name of one of the fields that is not part of 'xAxisKeys'. + - For results of type 'table', it is the comma-separated string of names of all fields. + example: max(Disk_Used) + dataPoints: + type: array + description: A list of data points in the series. + items: + $ref: '#/components/schemas/SpanQueryAggregatePointData' + aggregateInfo: + $ref: '#/components/schemas/SpanQueryAggregateAggregateData' + metaData: + $ref: '#/components/schemas/SpanQueryAggregateMetaData' + seriesType: + pattern: ^(TIMESERIES|NONTIMESERIES|TABLE)$ + type: string + description: Type of the visual series. + example: TIMESERIES + x-pattern-message: "Should be either `TIMESERIES`, `NONTIMESERIES`, `TABLE`." + xAxisKeys: + type: array + description: Keys that will be plotted as a point on the x axis. + example: + - _sourceCategory + - _sourceHost + items: + type: string + valueType: + pattern: ^(STRING|DOUBLE)$ + type: string + description: Type of the values in the series. + example: DOUBLE + x-pattern-message: "Should be either `STRING`, `DOUBLE`." + SpanQueryAggregatePointData: + required: + - "y" + type: object + properties: + x: + type: number + description: Value that represents a point on the x axis. + format: double + example: 1.0 + "y": + type: string + description: Value that represents a point on the y axis. + example: "12.3" + xAxisValues: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Values that represents a point on the x axis. + example: + operation: /get/accounts + service: accountService + default: {} + SpanQueryAggregateAggregateData: + required: + - avg + - latest + - max + - min + - sum + type: object + properties: + max: + type: number + description: The maximum value in the series. + format: double + example: 10.0 + min: + type: number + description: The minimum value in the series. + format: double + example: 1.2 + avg: + type: number + description: The average value in the series. + format: double + example: 5.6 + sum: + type: number + description: The sum of all the values in the series. + format: double + example: 123.4 + latest: + type: number + description: The last value in the series. + format: double + example: 23.4 + count: + type: number + description: The number of values in the series. + format: double + example: 600 + SpanQueryAggregateMetaData: + required: + - data + type: object + properties: + data: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: The value of the metadata. + example: + deployment: dev + cluster: frontend + instance: frontend-12 + default: {} + SpanQueryFieldsResponse: + required: + - fields + type: object + properties: + fields: + type: array + description: List of span fields. + items: + $ref: '#/components/schemas/SpanQueryFieldDetail' + SpanQueryFieldDetail: + allOf: + - $ref: '#/components/schemas/TraceFieldDetail' + - required: + - inSchema + type: object + properties: + inSchema: + type: boolean + description: Indicates whether the field is available in the schema. + example: false + ServiceMapResponse: + required: + - edges + - nodes + type: object + properties: + nodes: + type: array + description: List of service map nodes. + items: + $ref: '#/components/schemas/ServiceMapNode' + edges: + type: array + description: List of service map edges. + items: + $ref: '#/components/schemas/ServiceMapEdge' + ServiceMapNode: + required: + - isRemote + - lastSeenAt + - serviceName + - serviceType + type: object + properties: + serviceName: + type: string + description: Name of a service in a service map. + example: service_name_1 + serviceColor: + type: string + description: Color hex code assigned to the service. + example: '#fa41c6' + lastSeenAt: + type: string + description: The last time in UTC a service has been seen. Formatted as + defined by date-time - RFC3339. + format: date-time + example: 2019-11-22T09:00:00Z + isRemote: + type: boolean + description: Indicates whether node comes from inferred remote service or + instrumented one. + example: true + serviceType: + $ref: '#/components/schemas/ServiceType' + ServiceMapEdge: + required: + - lastSeenAt + - source + - target + type: object + properties: + source: + type: string + description: Name of a source service. Edge is directed from source to target. + example: service_name_1 + target: + type: string + description: Name of a target service. Edge is directed from source to target. + example: service_name_2 + lastSeenAt: + type: string + description: The last time in UTC an edge has been seen. Formatted as defined + by date-time - RFC3339. + format: date-time + example: 2019-11-22T09:00:00Z + DatastoreStatusResponse: + required: + - diskSize + - indicatorCount + - indicatorLimit + - sourceStatus + type: object + properties: + diskSize: + type: integer + description: Total DB size in terms of disk bytes + format: int64 + example: 1024 + indicatorCount: + type: integer + description: Total number of indicators in the DB + format: int64 + example: 100 + indicatorLimit: + type: integer + description: Limit number of indicators supported in the DB + format: int64 + example: 10000000 + sourceStatus: + type: array + description: A list of sources and their individual DB sizes and indicator + counts + items: + $ref: '#/components/schemas/DatastoreSourceStatusResponse' + DatastoreSourceStatusResponse: + required: + - source + type: object + properties: + source: + type: string + description: The source name + example: unit42_source + description: + type: string + description: The source description + example: This is a stix1.2 indicators source + diskSize: + type: integer + description: Disk utilization in bytes estimate for the indicator source + format: int64 + example: 1024 + indicatorCount: + type: integer + description: Number of indicators for the indicator source + format: int64 + example: 1024 + sumoProvided: + type: boolean + description: True if sumo provided source + example: false + supportsCat: + type: boolean + description: True if can be used in cat operator + example: false + enabled: + type: boolean + description: True if enabled + example: true + description: DB sizes and indicator counts for an individual source + DatastoreRetentionPeriod: + required: + - retentionPeriod + type: object + properties: + retentionPeriod: + type: integer + description: Retention period in days. + format: int64 + example: 120 + UploadNormalizedIndicatorRequest: + required: + - indicators + type: object + properties: + indicators: + type: array + description: The list of normalized threat intel indicators to upload. + items: + $ref: '#/components/schemas/NormalizedIndicator' + NormalizedIndicator: + required: + - confidence + - id + - indicator + - source + - threatType + - type + - validFrom + type: object + properties: + id: + type: string + description: ID of the indicator + example: indicator--d81f86b9-975b-4c0b-875e-810c5ad45a4f + indicator: + type: string + description: Value of the indicator + example: 182.158.1.1 + type: + type: string + description: Type of indicator + example: ipv4-addr + source: + type: string + description: User-provided text to identify the source of the indicator + example: FreeTAXII + updated: + type: string + description: "When this indicator was most recently updated in Sumo. Timestamp\ + \ in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339) format." + format: date-time + example: 2023-03-21T12:00:00Z + validFrom: + type: string + description: "Beginning time this indicator is valid. Timestamp in UTC in\ + \ [RFC3339](https://tools.ietf.org/html/rfc3339) format." + format: date-time + example: 2023-03-21T12:00:00Z + validUntil: + type: string + description: "Time at which this indicator expires. If not set, the indicator\ + \ never expires. . Timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2023-03-21T12:00:00Z + confidence: + maximum: 100 + minimum: 1 + type: integer + description: "Confidence that the creator has in the correctness of their\ + \ data, where 100 is highest" + threatType: + type: string + description: Type of indicator ( https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html#_cvhfwe3t9vuo + ) + example: benign + actors: + type: string + description: Actors as a comma separated list. + example: "actor1,actor2" + killChain: + type: string + description: Kill Chain as a comma separated list. + example: "KC1,KC2" + fields: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Flattened fields from the original indicator object (e.g. flattened + STIX fields) + UploadStixIndicatorsResponse: + required: + - invalidIndicators + type: object + properties: + invalidIndicators: + type: array + description: A list of invalid indicator IDs that were not ingested + example: + - indicator--foo + - indicator--bar + items: + type: string + UploadStixIndicatorsRequest: + required: + - indicators + - source + type: object + properties: + source: + type: string + description: User-provided text to identify the source of the indicator + example: FreeTAXII + indicators: + type: array + description: The list of stix threat intel indicators to upload. + items: + $ref: '#/components/schemas/StixIndicator' + StixIndicator: + required: + - created + - id + - modified + - pattern + - pattern_type + - spec_version + - type + - valid_from + type: object + properties: + type: + type: string + description: The type property identifies the type of STIX Object. + example: indicator + spec_version: + type: string + description: The STIX version + example: "2.1" + id: + type: string + description: The ID of the indicator + example: acme:indicator-bf8bc5d5-c7e6-46b0-8d22-7500fea77196 + created: + type: string + description: The time from which this Indicator is considered a valid indicator + of the behaviors it is related or represents. + format: date-time + example: 2023-03-21T12:00:00Z + modified: + type: string + description: The time from which this Indicator is considered a valid indicator + of the behaviors it is related or represents. + format: date-time + example: 2023-03-21T12:00:00Z + created_by_ref: + type: string + description: Identifier of type identity + example: identity--f431f809-377b-45e0-aa1c-6a4751cae5ff + revoked: + type: boolean + description: The revoked property is only used by STIX Objects that support + versioning and indicates whether the object has been revoked. + labels: + type: array + description: The labels property specifies a set of terms used to describe + this object. The terms are user-defined or trust-group defined and their + meaning is outside the scope of this specification and MAY be ignored. + example: + - heartbleed + - has-logo + items: + type: string + confidence: + maximum: 100 + minimum: 1 + type: integer + description: "Confidence that the creator has in the correctness of their\ + \ data, where 100 is highest" + lang: + type: string + description: "The lang property identifies the language of the text content\ + \ in this object. When present, it MUST be a language code conformant\ + \ to [RFC5646]. If the property is not present, then the language of the\ + \ content is en (English)" + example: en + external_references: + type: array + description: "A list of external references which refer to non-STIX information.\ + \ This property MAY be used to provide one or more Vulnerability identifiers,\ + \ such as a CVE ID" + items: + $ref: '#/components/schemas/ExternalReference' + object_marking_refs: + type: array + description: The object_marking_refs property specifies a list of id properties + of marking-definition objects that apply to this object. + example: + - marking-definition--089a6ecb-cc15-43cc-9494-767639779123 + items: + type: string + granular_markings: + type: array + description: The granular_markings property specifies a list of granular + markings applied to this object + items: + $ref: '#/components/schemas/GranularMarkingType' + extensions: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/Extension' + description: "Specifies any extensions of the object, as a dictionary" + name: + type: string + description: The name of the object + description: + type: string + description: A human readable description + indicator_types: + type: array + description: A set of categorizations for this indicator. + example: + - malicious-activity + items: + type: string + pattern: + type: string + description: The detection pattern for this Indicator expressed as a STIX + patter. + example: "[ipv4-addr:value = '1.2.3.4']" + pattern_type: + type: string + description: The type of pattern + example: stix + pattern_version: + type: string + description: The version of the pattern language that is used for the data + in the pattern property which MUST match the type of pattern data included + in the pattern property. + valid_from: + type: string + description: The time from which this Indicator is considered a valid indicator + of the behaviors it is related or represents. + format: date-time + example: 2023-03-21T12:00:00Z + valid_until: + type: string + description: The time at which this Indicator should no longer be considered + a valid indicator of the behaviors it is related to or represents. + format: date-time + example: 2023-03-21T12:00:00Z + kill_chain_phases: + type: array + description: The list of Kill Chain Phases for which this Attack Pattern + is used + items: + $ref: '#/components/schemas/KillChainPhase' + ExternalReference: + required: + - source_name + type: object + properties: + source_name: + type: string + description: The name of the source that the external-reference is defined + within + example: system + description: + type: string + description: A human readable description + url: + type: string + description: A URL reference to an external resource + example: https://github.com/vz-risk/0001AA7F-C601-424A-B2B8-BE6C9F5164E7.json + hashes: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Specifies a dictionary of hashes for the contents of the url + example: + SHA-256: 6db12788c37247f2316052e142f42f4b259d6561751e5f401a1ae2a6df9c674b + external_id: + type: string + description: An identifier for the external reference content + example: 0001AA7F-C601-424A-B2B8-BE6C9F5164E7 + GranularMarkingType: + required: + - selectors + type: object + properties: + lang: + type: string + description: The lang property identifies the language of the text identified + by this marking + example: en + marking_ref: + type: string + description: The marking_ref property specifies the ID of the marking-definition + object that describes the marking + example: marking-definition--089a6ecb-cc15-43cc-9494-767639779123 + selectors: + type: array + description: The selectors property specifies a list of selectors for content + contained within the STIX Object in which this property appears + example: + - description + - labels + items: + type: string + Extension: + required: + - created + - created_by_ref + - extension_types + - id + - modified + - name + - schema + - spec_version + - type + - version + type: object + properties: + type: + type: string + description: The type property identifies the type of object + example: indicator + spec_version: + type: string + description: The STIX version + example: "2.1" + id: + type: string + description: The ID of the indicator + example: acme:indicator-bf8bc5d5-c7e6-46b0-8d22-7500fea77196 + created: + type: string + description: The time from which this Indicator is considered a valid indicator + of the behaviors it is related or represents. + format: date-time + example: 2023-03-21T12:00:00Z + modified: + type: string + description: The time from which this Indicator is considered a valid indicator + of the behaviors it is related or represents. + format: date-time + example: 2023-03-21T12:00:00Z + created_by_ref: + type: string + description: Identifier of type identity + example: identity--f431f809-377b-45e0-aa1c-6a4751cae5ff + revoked: + type: boolean + description: The revoked property is only used by STIX Objects that support + versioning and indicates whether the object has been revoked. + labels: + type: array + description: The labels property specifies a set of terms used to describe + this object. The terms are user-defined or trust-group defined and their + meaning is outside the scope of this specification and MAY be ignored. + example: + - heartbleed + - has-logo + items: + type: string + external_references: + type: array + description: "A list of external references which refer to non-STIX information.\ + \ This property MAY be used to provide one or more Vulnerability identifiers,\ + \ such as a CVE ID" + items: + $ref: '#/components/schemas/ExternalReference' + object_marking_refs: + type: array + description: The object_marking_refs property specifies a list of id properties + of marking-definition objects that apply to this object. + example: + - marking-definition--089a6ecb-cc15-43cc-9494-767639779123 + items: + type: string + granular_markings: + type: array + description: The granular_markings property specifies a list of granular + markings applied to this object + items: + $ref: '#/components/schemas/GranularMarkingType' + name: + type: string + description: The name of the object + description: + type: string + description: A human readable description + schema: + type: string + description: "The normative definition of the extension, either as a URL\ + \ or as plain text explaining the definition" + example: https://www.example.com/schema-my-favorite-sdo-1/v1 + version: + type: string + description: The version of this extension + extension_types: + type: array + description: This property specifies one or more extension types contained + within this extension + items: + type: string + enum: + - new-sdo + - new-sco + - new-sro + - property-extension + - toplevel-property-extension + extension_properties: + type: array + description: This property contains the list of new property names that + are added to an object by an extension + items: + type: string + KillChainPhase: + required: + - kill_chain_name + type: object + properties: + kill_chain_name: + type: string + description: The name of the kill chain. The value of this property SHOULD + be all lowercase and SHOULD use hyphens instead of spaces or underscores + as word separators + example: lockheed-martin-cyber-kill-chain + phase_name: + type: string + description: The name of the phase in the kill chain. The value of this + property SHOULD be all lowercase and SHOULD use hyphens instead of spaces + or underscores as word separators + example: reconnaissance + RemoveIndicatorsRequest: + required: + - indicatorIds + - source + type: object + properties: + source: + type: string + description: The source of the indicator ID to match against + example: Crowdstrike + indicatorIds: + type: array + description: The list of indicator IDs to match against + example: + - indicator--abcd + - indicator--ef012 + items: + type: string + DataSourceProperties: + type: object + properties: + enabled: + type: boolean + description: True if enabled. + example: true + description: + type: string + description: The data source description. + example: This is a stix1.2 data source. + ListTagResult: + required: + - result + type: object + properties: + result: + type: array + description: List of Tag Dictionary Values (e.g. Tag Keys or Tag Values). + example: + - aTagKeyOrValue01 + - aTagKeyOrValue02 + items: + type: string + OTCollector: + required: + - createdAt + - createdBy + - id + - modifiedAt + - modifiedBy + - name + - systemInfo + - version + type: object + properties: + id: + type: string + description: Unique identifier of the OT Collector. + example: 0000000005F5E105 + name: + type: string + description: Name of the OT Collector. + example: test OT Collector + version: + required: + - currentVersion + type: object + properties: + currentVersion: + type: string + description: Current version of the OT Collector. + latestAvailableVersion: + type: string + description: Latest available version of the OT Collector. + description: Version information of the OT Collector. + category: + type: string + description: Category of the OT Collector. + example: apache + description: + type: string + description: Description of the OT Collector. + tags: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Tags associated with the OT Collector. + example: + team: app-dev + showIcon: true + healthIncidentsTracker: + type: object + properties: + errorsCount: + type: integer + description: Number of errors associated with the OT Collector. + format: int32 + example: 0 + warningsCount: + type: integer + description: Number of warnings associated with the OT Collector. + format: int32 + example: 1 + description: Health incident information. + ephemeral: + type: boolean + description: Ephemeral Status of the OT Collector. + example: false + alive: + type: boolean + description: Alive Status of the OT Collector based on heartbeat. + example: true + isRemotelyManaged: + type: boolean + description: Management Status of the OT Collector based on if it is remotely + or locally managed. + example: true + effectiveConfig: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Config map that includes Base 64 Encoded Effective Configuration + Yaml of the Remotely managed OT Collector. + example: + "00000000000000A3": ZGVtbyBjb25maWc= + "00000000000000D5": XFVtbfe34tgcvefv= + systemInfo: + type: object + properties: + hostName: + type: string + description: Host name of the OT Collector. + example: app.test.com + hostOsName: + type: string + description: Host OS name of the OT Collector. + example: Linux + hostOsVersion: + type: string + description: Host OS version of the OT Collector. + example: 5.4.144-69.257.amzn2.x86_64 + hostIpAddress: + type: string + description: Host IP address of the OT Collector. + example: 19.123.24.66 + hostEnv: + type: string + description: Host environment of the OT Collector. + example: EKS-1.20.2 + description: System information of the OT Collector. + timeZone: + type: string + description: timezone of the collector + example: UTC + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2018-10-16T09:10:00Z + createdBy: + type: string + description: Identifier of the user who created the resource. + example: 0000000006A5C7A2 + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + example: 2018-10-16T09:10:00Z + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + example: 0000000006A5C7A2 + sourceTemplateLinkedCount: + type: integer + description: Count of the source templates linked to a collector + example: 1 + description: An OT Collector definition. + OtTag: + required: + - key + - values + type: object + properties: + key: + type: string + description: key of the given tag. + example: key1 + values: + type: array + description: values of the given tag. + items: + type: string + example: value1 + VersionRange: + type: object + properties: + minVersion: + pattern: "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(-sumo.+)?$" + type: string + description: Minimum version of otCollector. + maxVersion: + pattern: "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(-sumo.+)?$" + type: string + description: Maximum version of the collector. + rangeType: + type: string + description: "Specifies how filtering should be applied when `minVersion`\ + \ and `maxVersion` are defined. - `Within`: Filtering includes the specified\ + \ range. - `Outside`: Filtering excludes the specified range. By default,\ + \ filtering includes the specified range." + description: Version range for otCollector. + SourceTemplateListResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of source templates. + items: + $ref: '#/components/schemas/SourceTemplateDefinition' + SourceTemplateDefinition: + type: object + properties: + schemaRef: + $ref: '#/components/schemas/SchemaRef' + id: + type: string + description: id of source template. + example: 0000000003343FDD + inputJson: + maxProperties: 1000 + type: object + additionalProperties: true + description: inputJson of source template + example: {} + config: + type: string + description: configuration of source template + example: apache.yaml.example + selector: + $ref: '#/components/schemas/Selector' + totalCollectorLinked: + type: integer + description: count of total collector linked with this source template. + format: int32 + default: 0 + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2018-10-16T09:10:00Z + modifiedAt: + type: string + description: "Modification timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2018-10-16T09:10:00Z + createdBy: + type: string + description: Id of the user who created source template + example: 0000000006743FDD + modifiedBy: + type: string + description: Id of the user who last modified the source template + example: 0000000006243FDD + status: + type: string + description: Status of Source template + enum: + - enable + - disable + isEnabled: + type: boolean + description: A boolean parameter to get if the source template is enabled. + example: true + default: true + description: response definition of source template. + SchemaRef: + required: + - type + type: object + properties: + type: + type: string + description: type of source template. + example: Apache + description: schema reference for source template. + Selector: + type: object + properties: + tags: + type: array + description: tags filter for agents + items: + type: array + items: + $ref: '#/components/schemas/OtTag' + names: + type: array + description: names to select custom agents + items: + type: string + example: demo_macOS + description: Agent selector conditions + CollectorCompatibility: + type: object + properties: + os: + type: string + description: Name of the Operating System. + example: linux + collectorVersionRange: + $ref: '#/components/schemas/CollectorVersionRange' + CollectorVersionRange: + type: object + properties: + minVersion: + type: string + description: Minimum compatible version of otCollector. + maxVersion: + type: string + description: "Maximum compatible version of the otcollector. if this is\ + \ null, then latest otcollector is also compatible." + nullable: true + example: + minVersion: v0.89.0 + maxVersion: v0.90.0 + SourceTemplateRequest: + required: + - inputJson + - schemaRef + type: object + properties: + schemaRef: + $ref: '#/components/schemas/SchemaRef' + inputJson: + maxProperties: 1000 + required: + - name + - receivers + type: object + properties: + name: + type: string + description: name of source template. + example: apache_test_source_template + receivers: + type: object + description: receiver information of source template + example: {} + description: + type: string + description: description of source template + example: Demo Description for Source Template + processors: + type: object + description: processors for source template + example: {} + additionalProperties: true + description: inputJson of source template + selector: + $ref: '#/components/schemas/Selector' + isEnabled: + type: boolean + description: "Indicates whether the source template is enabled - **Create\ + \ operation:** Defaults to `true` (the template is enabled when created).\ + \ - **Update operation:** If omitted, the existing status is preserved." + example: true + description: request body for creating source template. + SourceTemplateUpdateRequest: + required: + - inputJson + - schemaRef + type: object + properties: + schemaRef: + $ref: '#/components/schemas/SchemaRef' + inputJson: + maxProperties: 1000 + required: + - name + - receivers + type: object + properties: + name: + type: string + description: Name of source template. + example: apache_test_source_template + receivers: + type: object + description: Receiver information of source template + example: {} + description: + type: string + description: Description of source template + example: Demo Description for source template + processors: + type: object + description: Processors for source template + example: {} + additionalProperties: true + description: InputJson of source template + selector: + $ref: '#/components/schemas/Selector' + isEnabled: + type: boolean + description: "Indicates whether the source template is enabled. If omitted,\ + \ the existing status is preserved." + example: true + description: Request body for updating source template. + SourceTemplateStatusUpdateRequest: + required: + - status + type: object + properties: + status: + type: string + description: status to set for the source template (enable or disable). + enum: + - enable + - disable + example: + status: enable + SourceTemplateUpgradeRequest: + required: + - inputJson + - schemaRef + type: object + properties: + schemaRef: + $ref: '#/components/schemas/UpgradeSchemaRef' + inputJson: + maxProperties: 1000 + required: + - name + - receivers + type: object + properties: + name: + type: string + description: name of source template. + example: apache_test_source_template + receivers: + type: object + description: receiver information of source template + example: + hostmetrics: + receiverType: hostmetrics + collection_interval: 5m + description: + type: string + description: description of source template + example: Demo Description for source template + processors: + type: object + description: processors for source template + example: + resource: + processorType: resource + additionalProperties: true + description: inputJson of source template + description: request body for creating source template. + UpgradeSchemaRef: + required: + - type + - version + type: object + properties: + type: + type: string + description: type of source template. + example: Apache + version: + type: string + description: version of source template. + example: 1.0.0 + description: schema reference for upgrade source template request. + LinkedSourceTemplatesUpdateResponse: + required: + - collectorId + type: object + properties: + collectorId: + type: string + description: otCollector id for which tags are edited. + example: 00005AF3107BF0D6 + addedSourceTemplates: + type: array + description: list of sourceTemplates which are linked to otCollector. + items: + $ref: '#/components/schemas/LinkingUpdatedSourceTemplateDetails' + removedSourceTemplates: + type: array + description: list of sourceTemplates which are removed from otCollector + linking. + items: + $ref: '#/components/schemas/LinkingUpdatedSourceTemplateDetails' + description: linked source template details based on the ot-collector tags user + wants to update. + LinkingUpdatedSourceTemplateDetails: + required: + - reasonTags + - sourceTemplateDefinition + type: object + properties: + sourceTemplateDefinition: + $ref: '#/components/schemas/SourceTemplateDefinition' + reasonTags: + type: array + description: tags which are responsible for source template and collector + linking impact. + items: + type: array + items: + $ref: '#/components/schemas/CollectorTag' + description: source template details with tags responsible for otCollector Linking + update. + CollectorTag: + required: + - key + - values + type: object + properties: + key: + type: string + description: Key of the given tag. + example: key1 + value: + type: string + description: Values of the given tag. + example: value1 + LinkedSourceTemplatesUpdateRequest: + required: + - collectorId + type: object + properties: + collectorId: + type: string + description: otCollector id for which tags are edited. + example: 00005AF3107BF0D6 + tags: + maxProperties: 50 + type: object + additionalProperties: + type: string + description: JSON map of key-value metadata to apply to the otCollector. + example: + environment: production + location: us-west-2 + default: {} + updatedName: + type: string + description: Updated Name of the otCollector. + example: demo_macOS + ListSchemaBaseTypeToVersionsResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of maps containing the mappings schema type -> versions. + items: + $ref: '#/components/schemas/SchemaBaseTypeToVersionsResponse' + SchemaBaseTypeToVersionsResponse: + required: + - type + - versions + type: object + properties: + type: + type: string + description: The type of the schema. + example: Okta + versions: + type: array + description: List of schema base identities sorted by latest version for + a specific schema type. + items: + $ref: '#/components/schemas/SchemaBaseComplete' + description: Map of the schema base type to its list of schema base identities. + SchemaBaseComplete: + type: object + allOf: + - $ref: '#/components/schemas/SchemaBaseIdentityWithMetadata' + - $ref: '#/components/schemas/SchemaBaseTemplateYaml' + SchemaBaseIdentityWithMetadata: + type: object + allOf: + - $ref: '#/components/schemas/SchemaBaseIdentity' + - required: + - id + - type + - version + properties: + id: + type: string + description: Unique identifier of the schema. + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2018-10-16T09:10:00Z + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + example: 2018-10-16T09:10:00Z + SchemaBaseIdentity: + required: + - family + - schema + - type + - version + type: object + properties: + type: + maxLength: 128 + minLength: 1 + type: string + description: The type of the integration. + example: Okta + version: + maxLength: 128 + minLength: 5 + pattern: "^([0-9]+)\\.([0-9]+)\\.([0-9]+)$" + type: string + description: The version (or image tag) of the integration. Follows the + Major.Minor.Patch semantic versioning format. + example: 1.0.0 + x-pattern-message: "must follow semantic versioning: https://semver.org/" + description: + maxLength: 1024 + minLength: 0 + type: string + description: The description of the integration. + example: An Okta integration that collects Okta event logs into Sumo Logic. + manifest: + maxProperties: 1000 + type: object + additionalProperties: true + description: The manifest of the integration. + schema: + maxProperties: 1000 + type: object + additionalProperties: true + description: The schema in JSON Schema specification. + family: + type: string + description: The family to which schema belong. + enum: + - OTC_Source_Template + SchemaBaseTemplateYaml: + type: object + properties: + templateYaml: + maxLength: 10960 + minLength: 1 + type: string + description: The template yaml of schema. + example: example templateYaml + EventContext: + required: + - eventContextType + type: object + properties: + eventContextType: + pattern: ^(SearchQueryContext)$ + type: string + description: Context for which correlated events are to be fetched. + example: SearchQueryContext + discriminator: + propertyName: eventContextType + mapping: + SearchQueryContext: '#/components/schemas/SearchQueryContext' + CorrelatedEvents: + required: + - correlationFinished + - events + type: object + properties: + correlationFinished: + type: boolean + description: Flag indicating correlation completion. + example: true + events: + type: array + description: List of events. + items: + $ref: '#/components/schemas/CorrelatedEvent' + CorrelatedEvent: + required: + - eventPriority + - eventSource + - eventType + - name + - startTimeMs + type: object + properties: + name: + type: string + description: The name of the event. + example: monitor-manager deployed. + description: + type: string + description: Description of the events. + example: 2 containers in monitor-manager were upgraded. + eventType: + type: string + description: The type of event. + example: Deploy + eventPriority: + type: string + description: The priority of event. + example: High + eventSource: + type: string + description: The source of the event. + example: Jenkins + startTimeMs: + type: integer + description: The start time of the event. + format: int64 + example: 16794589390 + metadataJson: + type: string + description: JSON string containing metadata of the event. + description: Object specifying an event. + ListEventExtractionRulesResponse: + required: + - data + type: object + properties: + data: + type: array + description: List of event extraction rules. + items: + $ref: '#/components/schemas/EventExtractionRuleWithDetails' + EventExtractionRuleWithDetails: + type: object + description: Event extraction rule object. + allOf: + - $ref: '#/components/schemas/EventExtractionRule' + - required: + - id + type: object + properties: + id: + type: string + description: Id of the event extraction rule. + example: "0000000001213227" + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + createdBy: + type: string + description: Identifier of the user who created the resource. + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: date-time + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + enabled: + type: boolean + description: Flag indicating whether the event extraction rule is enabled + or disabled. + example: true + disableReason: + type: string + description: "Reason for disabling the event extraction rule, if applicable." + example: Event Extraction Rule output exceeded maximum allowed rate of + 1000 events per hour in last 24 hours. + EventExtractionRule: + required: + - configuration + - name + - query + type: object + properties: + name: + maxLength: 256 + minLength: 1 + type: string + description: Name of event extraction rule. + example: foo + description: + maxLength: 1024 + type: string + description: Description of event extraction rule. + example: foo + query: + type: string + description: | + Query string for the Event Extraction Rule. Logs matching this query are periodically ingested into the `sumologic_userdata_events` index (**Events**). + + Guidelines for creating the query: + - Optimize the query to limit the number of returned log messages (intended for special logs only). + - The query runs in `Manual` mode, explicitly parse and extract only the necessary fields for event correlation and visualization. + - Use the `fields` operator to restrict the output to required fields. + example: _sourceCategory=eventSource + correlationExpression: + required: + - eventFieldName + - queryFieldName + - stringMatchingAlgorithm + type: object + properties: + queryFieldName: + type: string + description: Name of the query field returned by a log search query. + example: _sourcecategory + eventFieldName: + type: string + description: Name of the field from event query output. + example: foo + stringMatchingAlgorithm: + pattern: ^(ExactMatch)$ + type: string + description: Type of string matching algorithm which tells how to match + eventFieldName and queryFieldName. + example: ExactMatch + description: "Correlation Expression specifies how to determine related\ + \ events for a log search query. \nThe value of `eventFieldName` from\ + \ Events is compared with the values of `queryFieldName` from the log\ + \ search query output using the defined stringMatchingAlgorithm. Events\ + \ that match according to this algorithm are considered correlated.\n" + configuration: + maxProperties: 1000 + required: + - eventName + - eventPriority + - eventSource + - eventType + type: object + additionalProperties: + $ref: '#/components/schemas/FieldMapping' + description: | + Configuration for the Event Extraction Rule. + + This object defines how event fields are mapped to their corresponding values. + Each field specifies a `valueSource`, which provides the actual value, and an optional `mappingType`, + indicating the value is hardcoded. + + The following fields are **required**: + - `eventType`: Type of the event. Accepted values are `Deployment`, `Feature Flag Change`, `Configuration Change` or `Infrastructure Change`. + - `eventPriority`: Indicates the priority of the event. Accepted values are `High`, `Medium`, or `Low`. + - `eventSource`: Source system or component where the event originated (e.g., "Jenkins"). + - `eventName`: Descriptive name of the event (e.g., "monitor-manager deployed."). + + The following fields are **optional**: + - `eventDescription`: Additional context or details about the event. + + Custom fields can also be added as needed to capture domain-specific event data. + example: + eventType: + valueSource: Deploy + mappingType: HardCoded + eventPriority: + valueSource: High + mappingType: HardCoded + eventSource: + valueSource: Jenkins + mappingType: HardCoded + eventName: + valueSource: monitor-manager deployed. + mappingType: HardCoded + eventDescription: + valueSource: 2 containers in monitor-manager were upgraded. + mappingType: HardCoded + FieldMapping: + required: + - valueSource + type: object + properties: + valueSource: + maxLength: 256 + type: string + description: The actual value or field reference for the mapping. + example: Knobs Changes + mappingType: + pattern: ^(HardCoded)$ + type: string + description: Specifies valueSource is hardcoded. + example: HardCoded + x-pattern-message: Must be `HardCoded` + EventExtractionRulesQuotaUsage: + required: + - quota + - remaining + type: object + properties: + quota: + type: integer + description: Maximum number of EventExtractionRules allowed. + format: int32 + example: 200 + remaining: + type: integer + description: Remaining number of EventExtractionRules allowed. + format: int32 + example: 121 + ScanBudgetList: + required: + - data + type: object + properties: + data: + type: array + description: List of scan budgets. + items: + $ref: '#/components/schemas/ScanBudget' + next: + type: string + description: Next continuation token. + ScanBudget: + allOf: + - $ref: '#/components/schemas/ScanBudgetDefinition' + - required: + - createdAt + - createdBy + - id + - modifiedAt + - modifiedBy + - orgId + - resetDateOfMonth + - resetDayOfWeek + - resetTime + - resetTimeZone + type: object + properties: + id: + type: string + description: Id of the budget. + orgId: + type: string + description: Org Id of the org for the budget. + resetTime: + maxLength: 5 + minLength: 5 + type: string + description: Reset time of the time based scan budget in HH:MM format + example: 23:30 + default: 00:00 + resetTimeZone: + type: string + description: "Time zone of the reset time for the time based scan budget.\ + \ Follow the format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)." + example: America/Los_Angeles + default: Etc/UTC + resetDayOfWeek: + pattern: ^(MONDAY|TUESDAY|WEDNESDAY|THURSDAY|FRIDAY|SATURDAY|SUNDAY)$ + type: string + description: "The day of the week when the budget resets, applicable for\ + \ time based budgets with a Weekly window. Must be a valid day of the\ + \ week." + default: MONDAY + resetDateOfMonth: + maximum: 28 + minimum: 1 + type: integer + description: "The date of the month when the budget resets, applicable\ + \ for time based budgets with a Monthly window. Must be a valid day\ + \ of the month (1-28)." + format: int32 + default: 1 + createdAt: + type: string + description: Date & time when budget was created. + format: date-time + createdBy: + type: string + description: Id of the user who created the budget. + modifiedAt: + type: string + description: Date & time when budget was last modified. + format: date-time + modifiedBy: + type: string + description: Id of the user who last modified the budget. + ScanBudgetDefinition: + required: + - action + - applicableOn + - budgetType + - capacity + - groupBy + - name + - scope + - unit + - window + type: object + properties: + name: + type: string + description: Name of the budget. + capacity: + type: integer + description: Capacity of the budget. + format: int64 + unit: + pattern: ^(GB|MB|TB|KB)$ + type: string + description: Unit of the budget. + example: GB + budgetType: + $ref: '#/components/schemas/BudgetType' + scope: + $ref: '#/components/schemas/ScanBudgetScope' + window: + pattern: ^(Query|Daily|Weekly|Monthly)$ + type: string + description: Window of the budget. Use Daily/Weekly/Monthly for creating + a time based budget (beta) + example: Query + applicableOn: + pattern: ^(PerEntity|Sum)$ + type: string + description: Grouping of the budget. + example: PerEntity + groupBy: + pattern: ^(User)$ + type: string + description: Grouping Entity of the budget. + example: User + action: + pattern: ^(StopForeGroundScan|Warn)$ + type: string + description: Action to be taken if the budget is breached + example: Warn + status: + pattern: ^(active|inactive)$ + type: string + description: Signifies the state of the budget. (Active/Inactive) + example: active + BudgetType: + pattern: ^(ScanBudget)$ + type: string + description: Type of the budget. + example: ScanBudget + ScanBudgetScope: + required: + - excludedRoles + - excludedUsers + - includedRoles + - includedUsers + type: object + properties: + includedUsers: + type: array + description: List of userIds included in the budget. + example: + - 00000000000001DF + - 00000000000002D2 + items: + type: string + excludedUsers: + type: array + description: List of userIds excluded in the budget. + example: + - 00000000000001DF + - 00000000000002D2 + items: + type: string + includedRoles: + type: array + description: List of roleIds included in the budget. + example: + - 00000000000001DF + - 00000000000002D2 + items: + type: string + excludedRoles: + type: array + description: List of roleIds excluded in the budget. + example: + - 00000000000001DF + - 00000000000002D2 + items: + type: string + ScanBudgetUsageList: + required: + - data + type: object + properties: + data: + type: array + description: List of budget usages + items: + $ref: '#/components/schemas/ScanBudgetUsage' + next: + type: string + description: Next continuation token. + ScanBudgetUsage: + required: + - budgetId + - usage + - usagePercentage + type: object + properties: + budgetId: + type: string + description: Budget id. + usage: + type: integer + description: Budget usage (in bytes). + format: int64 + usagePercentage: + type: integer + description: Budget usage percentage. + format: int64 + ContentSyncResponse: + required: + - jobId + type: object + properties: + jobId: + type: string + description: Content Sync Job Id. + example: 68B6D772B616DC06 + ContentSyncRequest: + required: + - contentList + - destinationChildOrgInfo + - sourceChildOrgInfo + type: object + properties: + sourceChildOrgInfo: + $ref: '#/components/schemas/ChildOrgInfo' + destinationChildOrgInfo: + $ref: '#/components/schemas/DestinationChildOrgInfo' + contentList: + type: array + description: List of Content and Configuration Information. + items: + $ref: '#/components/schemas/Content_1' + ChildOrgInfo: + required: + - orgId + type: object + properties: + orgId: + type: string + description: Organization Identifier. + example: us2-0000000000000006 + orgName: + type: string + description: Organization Name. + example: Test Org Name + DestinationChildOrgInfo: + required: + - excluded + - included + type: object + properties: + included: + type: array + description: Organization Info which needs to be included in Destination + Organisation List. + items: + $ref: '#/components/schemas/ChildOrgInfo' + excluded: + type: array + description: Organization Info which needs to be excluded from Destination + Organisation List. + items: + $ref: '#/components/schemas/ChildOrgInfo' + Content_1: + required: + - id + - options + - type + type: object + properties: + id: + type: string + description: Identifier of Content or Configuration + example: MATCH-S00574 + type: + type: string + description: Type Of Content. + example: CSE_RULE + enum: + - CSE_RULE + - CSE_TUNING_EXPRESSION + - LIBRARY_FOLDER + - DASHBOARD + - SEARCH + - SCHEDULED_SEARCH + - MONITOR + - MONITOR_FOLDER + - SOURCE_TEMPLATE + - LOOKUP_TABLE + name: + type: string + description: Name of Content or Configuration + example: Test CSE Rule + options: + maxProperties: 100 + type: object + additionalProperties: + type: string + description: Advance Settings required for syncing content or configuration. + example: + includeCSERule: true + default: {} + ContentSyncStatusResponse: + required: + - progress + - status + type: object + properties: + status: + type: string + description: Content Sync Job status. + example: Success + progress: + type: integer + description: Content Sync Job progress percentage. + example: 100 + RetryOptions: + type: string + description: "Determines retry scope -> \"ALL_CONTENTS\" (default) retries all,\ + \ \"NON_SUCCESS_CONTENTS\" retries only failed ones." + enum: + - ALL_CONTENTS + - NON_SUCCESS_CONTENTS + default: ALL_CONTENTS + ContentSyncResult: + required: + - contentList + type: object + properties: + contentList: + type: array + description: List of content sync items with details. + items: + $ref: '#/components/schemas/ContentSyncItemResult' + ContentSyncItemResult: + required: + - childOrganization + - contentId + - message + type: object + properties: + contentId: + type: string + description: Identifier of Content or Configuration + example: MATCH-S00574 + message: + type: string + description: Message Passed while processing content or configuration sync. + example: "Sync Failed due to an Internal Error, Please check with support\ + \ team for more details." + childOrganization: + $ref: '#/components/schemas/ChildOrgInfo' + ContentSyncJobInfo: + required: + - contentList + - destinationChildOrgInfo + - sourceChildOrgInfo + type: object + properties: + sourceChildOrgInfo: + $ref: '#/components/schemas/ChildOrgInfo' + destinationChildOrgInfo: + $ref: '#/components/schemas/DestinationChildOrgInfo' + contentList: + type: array + description: List of Content and Configuration Information. + items: + $ref: '#/components/schemas/Content_1' + CreateJobResponse: + type: object + properties: + warning: + type: string + description: Warnings value contains the detailed information about the + warning while creating the search job. + id: + type: string + description: The search job identifier. + link: + $ref: '#/components/schemas/Link' + Link: + type: object + properties: + rel: + type: string + description: Relation. + href: + type: string + description: URL of the search job. + CreateJobRequest: + required: + - from + - query + - timezone + - to + type: object + properties: + query: + type: string + description: | + The actual search expression. Ensure your query follows [RFC 8259](https://datatracker.ietf.org/doc/html/rfc8259) and is valid JSON format, you may need to escape certain characters to follow the [RFC 8259](https://datatracker.ietf.org/doc/html/rfc8259). + example: _sourceCategory=service + from: + maxLength: 20 + type: string + description: | + The start date and time of the search. This follows the [ISO 8601](https://www.w3.org/TR/NOTE-datetime) date and time format. + example: 2017-07-26T00:00:00 + to: + maxLength: 20 + type: string + description: | + The end date and time of the search. This follows the [ISO 8601](https://www.w3.org/TR/NOTE-datetime) date and time format. + example: 2017-07-26T00:00:00 + timezone: + type: string + description: "The time zone if from/to is not in milliseconds. See this\ + \ [Wikipedia article](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones)\ + \ for a list of time zone codes." + default: UTC + autoParsingMode: + pattern: ^(Manual|AutoParse)$ + type: string + description: | + Define the parsing mode to scan the JSON format log messages. Possible values are: + + AutoParse - System automatically figures out the fields to parse based on the search query. + + Manual - No fields are parsed out automatically. For more information, refer to the [Dynamic Parsing](https://help.sumologic.com/docs/manage/field-extractions/create-field-extraction-rule/). + example: Manual + default: Manual + x-pattern-message: should be either 'Manual' or 'AutoParse' + requiresRawMessages: + type: string + description: | + On enabling this field, the log messages applicable to the search are returned. Maximum value is 100,000. This is only applicable for aggregate queries. + default: "false" + maxRawRecords: + type: string + description: Maximum number of raw records to finish the search. + intervalTimeType: + pattern: ^(messageTime|receiptTime|searchableTime)$ + type: string + description: "This parameter defines whether you want to run the search\ + \ by messageTime, receiptTime or searchableTime." + example: messageTime + default: messageTime + x-pattern-message: should be either 'messageTime' or 'receiptTime' or 'searchableTime' + SearchJobStatusResponse: + type: object + properties: + warning: + type: string + description: Warnings value contains the detailed information about the + warning while obtaining the current status of a search job. + state: + type: string + description: Search job state. + example: DONE GATHERING RESULTS + histogramBuckets: + type: array + description: Histogram buckets for the query. + items: + $ref: '#/components/schemas/HistogramBucket' + messageCount: + type: integer + description: Number of messages found or produced so far. + format: int64 + recordCount: + type: integer + description: Number of records found or produced so far. + format: int64 + pendingWarnings: + type: array + description: Pending warnings that have accumulated since the last time + the status was requested. + items: + type: string + pendingErrors: + type: array + description: Pending errors that have accumulated since the last time the + status was requested. + items: + type: string + usageDetails: + type: object + properties: + dataScannedInBytes: + type: integer + description: Data Scanned in Bytes. + format: int64 + description: Usage details about the search job api. It includes data scanned + in bytes during the search. + HistogramBucket: + required: + - count + - length + - startTimestamp + type: object + properties: + startTimestamp: + type: integer + description: Start time of the bucket. + format: int64 + length: + type: integer + description: "Length is in milliseconds, tells the width of the bucket." + format: int64 + count: + type: integer + description: Count of messages in this bucket. + SearchJobDeleteResponse: + type: object + properties: + warning: + type: string + description: Warnings value contains the detailed information about the + warning while deleting a search job. + jobId: + type: string + description: The Id of the search job which is deleted. + SearchQueryPaginatedMessages: + required: + - fields + - messages + - warning + type: object + properties: + warning: + type: string + description: Detailed information about the warning while paging through + the messages found by a search job. + fields: + type: array + description: List of all the fields defined for each of the messages returned. + items: + $ref: '#/components/schemas/Field' + messages: + type: array + description: Map of the field names to the field values. + items: + $ref: '#/components/schemas/Message' + Field: + required: + - fieldType + - keyField + - name + type: object + properties: + name: + type: string + description: Name of the field. + fieldType: + type: string + description: Type of the field. + example: long + keyField: + type: boolean + description: Flag if the field is a key field. + Message: + type: object + properties: + map: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Map message values. + SearchQueryPaginatedRecords: + required: + - fields + - messages + type: object + properties: + warning: + type: string + description: Detailed information about the warning while paging through + the records found by a search job. + fields: + type: array + description: List of all the fields defined for each of the records returned. + items: + $ref: '#/components/schemas/Field' + records: + type: array + description: Map of the field names to the field values. + items: + $ref: '#/components/schemas/Record' + Record: + type: object + properties: + map: + maxProperties: 1000 + type: object + additionalProperties: + type: string + description: Map Records values. + PaginatedMacros: + required: + - macros + type: object + properties: + data: + type: array + description: List of macros. + items: + $ref: '#/components/schemas/Macro' + next: + type: string + description: Next continuation token. `token` is set to null when no more + pages are left. + example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc + Macro: + allOf: + - $ref: '#/components/schemas/MacroRequest' + - required: + - createdAt + - createdBy + - id + type: object + properties: + id: + type: string + description: | + Unique identifier for the macro. This id is used to get detailed information about the macro, such as name, definition, arguments and argument validations. + example: C03E086C137F38B4 + createdAt: + type: string + description: "Creation timestamp of the macro in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: date-time + example: 2024-10-01T09:10:00Z + createdBy: + type: string + description: The identifier of the user who created the macro. + example: 0000000006743FDD + MacroRequest: + allOf: + - $ref: '#/components/schemas/BaseMacroRequest' + - required: + - name + type: object + properties: + name: + maxLength: 128 + minLength: 1 + type: string + description: Name of the macro. + example: MacroGeoLookup + macroCreationSuggestionId: + type: string + description: "Identifier if the suggestion comes from an macro creation\ + \ suggestion. This id is used to track macro creation suggestions, and\ + \ to delete the suggestion once the macro is created." + example: ABC12 + BaseMacroRequest: + required: + - definition + type: object + properties: + description: + maxLength: 4000 + type: string + description: Description of the macro. + example: Macro for geo lookup. + definition: + type: string + description: The definition of the macro. Use a valid Sumo Log Search expression. + example: | + lookup latitude, longitude from geo://location on ip = {{ip_field}} | count by latitude, longitude | sort _count" + enabled: + type: boolean + description: If the macro is enabled or not (default True) + default: true + arguments: + type: array + description: Arguments used in the macro. + items: + $ref: '#/components/schemas/Argument' + argumentValidations: + type: array + description: Validation expressions for the arguments. + items: + $ref: '#/components/schemas/ArgumentValidation' + Argument: + required: + - name + type: object + properties: + name: + type: string + description: Argument name for the macro. + example: ip_field + type: + pattern: ^(String|Any|Number|Keyword)$ + type: string + description: The type of the macro. + example: String + default: String + x-pattern-message: "Must be `String`, `Any`, `Number or `Keyword`." + ArgumentValidation: + required: + - errorMessage + - evalExpression + type: object + properties: + evalExpression: + type: string + description: The expression to validate a macro argument. + example: isValidIp(ip_field) + errorMessage: + type: string + description: Error message to be shown if the macro argument validation + fails. + example: You need to enter a field name which is a valid ip. + IdToMonitorsLibraryBaseResponseMap: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/MonitorsLibraryBaseResponse' + ListMonitorsLibraryItemWithPath: + type: array + description: Multi-type list of types monitor or folder. + items: + $ref: '#/components/schemas/MonitorsLibraryItemWithPath' + MonitorsLibraryItemWithPath: + required: + - item + - path + type: object + properties: + item: + $ref: '#/components/schemas/MonitorsLibraryBaseResponse' + path: + type: string + description: Path of the monitor or folder. + example: /Monitors/SampleFolder/TestMonitor + IdToMutingSchedulesLibraryBaseResponseMap: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse' + ListMutingSchedulesLibraryItemWithPath: + type: array + description: Multi-type list of types mutingschedule or folder. + items: + $ref: '#/components/schemas/MutingSchedulesLibraryItemWithPath' + MutingSchedulesLibraryItemWithPath: + required: + - item + - path + type: object + properties: + item: + $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse' + path: + type: string + description: Path of the mutingschedule or folder. + example: /MutingSchedules/SampleFolder/TestMutingschedule + IdToAlertsLibraryBaseResponseMap: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/AlertsLibraryBaseResponse' + ListAlertsLibraryItemWithPath: + type: array + description: Multi-type list of types alert or folder. + items: + $ref: '#/components/schemas/AlertsLibraryItemWithPath' + AlertsLibraryItemWithPath: + required: + - item + - path + type: object + properties: + item: + $ref: '#/components/schemas/AlertsLibraryBaseResponse' + path: + type: string + description: Path of the alert or folder. + example: /Alerts/SampleFolder/TestAlert + IdToSlosLibraryBaseResponseMap: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/SlosLibraryBaseResponse' + ListSlosLibraryItemWithPath: + type: array + description: Multi-type list of types slo or folder. + items: + $ref: '#/components/schemas/SlosLibraryItemWithPath' + SlosLibraryItemWithPath: + required: + - item + - path + type: object + properties: + item: + $ref: '#/components/schemas/SlosLibraryBaseResponse' + path: + type: string + description: Path of the slo or folder. + example: /Slos/SampleFolder/TestSlo + IdToMonitorTemplatesLibraryBaseResponseMap: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/MonitorTemplatesLibraryBaseResponse' + ListMonitorTemplatesLibraryItemWithPath: + type: array + description: Multi-type list of types monitortemplate or folder. + items: + $ref: '#/components/schemas/MonitorTemplatesLibraryItemWithPath' + MonitorTemplatesLibraryItemWithPath: + required: + - item + - path + type: object + properties: + item: + $ref: '#/components/schemas/MonitorTemplatesLibraryBaseResponse' + path: + type: string + description: Path of the monitortemplate or folder. + example: /MonitorTemplates/SampleFolder/TestMonitortemplate + OperatorData: + required: + - operatorName + - parameters + type: object + properties: + operatorName: + type: string + description: The name of the metrics operator. + example: avg + parameters: + type: array + description: A list of operator parameters for the operator data. + items: + $ref: '#/components/schemas/OperatorParameter' + description: The operator data for metrics query. + example: + operatorName: avg + parameters: + - key: aggregator + value: max + - key: operation + value: "" + - key: value + value: 50 + OperatorParameter: + required: + - key + - value + type: object + properties: + key: + type: string + description: The key of the operator parameter. + example: operation + value: + type: string + description: The value of the operator parameter. + example: '>' + description: The operator parameter for operator data. + example: + key: aggregator + value: max + TracesQueryData: + required: + - filters + type: object + properties: + filters: + type: array + description: A list of filters for the traces query. + items: + $ref: '#/components/schemas/TracesFilter' + description: The data format describing a basic traces query. + TracesFilter: + required: + - type + type: object + properties: + type: + pattern: ^(FieldDescriptor|DurationMetricDescriptor|NumericMetricDescriptor|CPCOfFilterDescriptor|MaxCPCOfFilterDescriptor|MaxCPCFilterDescriptor)$|^$ + type: string + description: The type of the filter. + example: FieldDescriptor + x-pattern-message: "Must be `FieldDescriptor`, `DurationMetricDescriptor`,\ + \ `NumericMetricDescriptor`, `CPCOfFilterDescriptor`, `MaxCPCOfFilterDescriptor`\ + \ or `MaxCPCFilterDescriptor`" + description: The filter for traces query. + discriminator: + propertyName: type + SpansFilter: + required: + - fieldName + - type + type: object + properties: + type: + pattern: ^(StandaloneKey|KeyValuePair)$ + type: string + description: The spans filter type. + example: StandaloneKey + x-pattern-message: Must be `StandaloneKey` or `KeyValuePair`. + fieldName: + type: string + description: The name of the filtering field. + example: service + discriminator: + propertyName: type + mapping: + StandaloneKey: '#/components/schemas/SpansFilterStandaloneKey' + KeyValuePair: '#/components/schemas/SpansFilterKeyValuePair' + SpansVisualization: + required: + - name + - type + type: object + properties: + type: + pattern: ^(count|calculation)$ + type: string + description: The visualization type. + example: count + x-pattern-message: Must be `count` or `calculation` + name: + type: string + description: A unique name of the visualization. + example: duration_pct_95 + discriminator: + propertyName: type + mapping: + count: '#/components/schemas/SpansCountVisualization' + calculation: '#/components/schemas/SpansCalculationVisualization' + SpansGroupBy: + required: + - type + type: object + properties: + type: + pattern: ^(time|field)$ + type: string + description: The type of the group-by clause. + example: time + x-pattern-message: Must be `time` or `field` + discriminator: + propertyName: type + mapping: + time: '#/components/schemas/SpansTimeGroupBy' + field: '#/components/schemas/SpansFieldGroupBy' + SpansLimitItem: + required: + - direction + - limitValue + type: object + properties: + direction: + pattern: ^(asc|desc)$ + type: string + description: Describes whether the results should be sorted in an ascending + or a descending order. + example: asc + x-pattern-message: Must be `asc` or `desc` + limitValue: + type: integer + description: | + The number of aggregated results returned, e.g. if 10 is requested, then only the first 10 aggregated results are returned. + format: int32 + example: 10 + description: | + A representation of the limit operator which reduces the number of aggregate results returned: either the top k results or bottom k results. + LinkedDashboard: + required: + - id + type: object + properties: + id: + type: string + description: Identifier of the linked dashboard. + example: B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2 + relativePath: + type: string + description: Relative path of the linked dashboard to the dashboard of the + linking panel. + example: ./subdirectory/LinkedDashboard + includeTimeRange: + type: boolean + description: Include time range from the current dashboard to the linked + dashboard. + example: true + default: true + includeVariables: + type: boolean + description: Include variables from the current dashboard to the linked + dashboard. + example: true + default: true + VariableValuesData: + required: + - variableValues + type: object + properties: + variableValues: + type: array + description: Values for the variable. + example: + - myCluster + items: + type: string + status: + $ref: '#/components/schemas/DashboardSearchStatus' + variableType: + pattern: ^(LogQueryVariableSourceDefinition|MetadataVariableSourceDefinition|CsvVariableSourceDefinition|FilterSourceDefinition)$ + type: string + description: The type of the variable. + example: LogQueryVariableSourceDefinition + x-pattern-message: "Must be `LogQueryVariableSourceDefinition`, `MetadataVariableSourceDefinition`\ + \ `CsvVariableSourceDefinition` or `FilterSourceDefinition`." + valueType: + type: string + description: | + The type of value of the variable. Allowed values are `String`, Any`, `Numeric`, `Integer`, `Long`, `Double`, `Boolean`. - `String` considers as a single phrase and will wrap in double-quotes. - `Any` is all characters. - `Numeric` consists of a numeric value for variables, it will be displayed differently in the UI. - `Integer` is a variable with an `Int` value. - `Long` is a variable with a `Long` value. - `Double` is a variable with a `Double` value. - `Boolean` is a variable with a `Boolean` value. + example: Any + default: Any + allowMultiSelect: + type: boolean + description: Allow multiple selections in the values dropdown. + example: false + default: false + variableKey: + type: string + description: The key of the variable. + example: _source + errors: + type: array + description: Generic errors returned by backend from downstream assemblies. + More specific errors will be thrown in the future. + items: + $ref: '#/components/schemas/ErrorDescription' + description: "Variable values, status, type and errors for the variable values\ + \ search." + ParameterAutoCompleteSyncDefinition: + required: + - autoCompleteType + type: object + properties: + autoCompleteType: + type: string + description: |- + The autocomplete parameter type. Supported values are: + 1. `SKIP_AUTOCOMPLETE` + 2. `CSV_AUTOCOMPLETE` + 3. `AUTOCOMPLETE_KEY` + 4. `VALUE_ONLY_AUTOCOMPLETE` + 5. `VALUE_ONLY_LOOKUP_AUTOCOMPLETE` + 6. `LABEL_VALUE_LOOKUP_AUTOCOMPLETE` + autoCompleteKey: + type: string + description: The autocomplete key to be used to fetch autocomplete values. + example: Ephemeral-3644138589235809747-1583470806220-parameter + autoCompleteValues: + type: array + description: The array of values of the corresponding autocomplete parameter. + items: + $ref: '#/components/schemas/AutoCompleteValueSyncDefinition' + lookupFileName: + type: string + description: The lookup file to use as a source for autocomplete values. + lookupLabelColumn: + type: string + description: The column from the lookup file to use for autocomplete labels. + lookupValueColumn: + type: string + description: The column from the lookup file to fill the actual value when + a particular label is selected. + AutoCompleteValueSyncDefinition: + required: + - label + - value + type: object + properties: + label: + type: string + description: The label of the autocomplete value. + value: + type: string + description: The value of the autocomplete value. + MetricsQuerySyncDefinition: + required: + - query + - rowId + type: object + properties: + query: + type: string + description: The text of a metrics query. + rowId: + type: string + description: A label referring to the query; used if other metrics queries + reference this one. + ReportAutoParsingInfo: + type: object + properties: + mode: + pattern: ^(intelligent|performance)$|^$ + type: string + description: Can be `intelligent` or `performance` + example: performance + default: performance + description: Auto-parsing information for the panel. This information tells + us whether automatic field extraction from JSON log messages is enabled or + not + ReportScheduleSyncDefinition: + required: + - emailNotification + - reportFormat + - scheduleType + - timeZone + type: object + properties: + timeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + variableValues: + $ref: '#/components/schemas/VariablesValuesData' + reportFormat: + pattern: ^(Pdf|Png)$ + type: string + description: File format of the report. Can be `Pdf` or `Png`. `Pdf` is + portable document format. `Png` is portable graphics image format. + example: Pdf + x-pattern-message: "should be one of the following: 'Pdf', 'Png'" + scheduleType: + type: string + description: |- + Run schedule of the scheduled report. Set to "Custom" to specify the schedule with a CRON expression. Possible schedule types are: + - `RealTime` + - `15Minutes` + - `1Hour` + - `2Hours` + - `4Hours` + - `6Hours` + - `8Hours` + - `12Hours` + - `1Day` + - `1Week` + - `Custom` + example: 1Day + cronExpression: + type: string + description: "Cron-like expression specifying the report's schedule. Field\ + \ scheduleType must be set to \"Custom\", otherwise, scheduleType takes\ + \ precedence over cronExpression." + example: 0 0/15 * * * ? * + timeZone: + maxLength: 1024 + minLength: 1 + type: string + description: "Time zone identifier for time specification. Either an abbreviation\ + \ such as \"PST\", a full name such as \"America/Los_Angeles\", or a custom\ + \ ID such as \"GMT-8:00\". Note that the support of abbreviations is for\ + \ JDK 1.1.x compatibility only and full names should be used." + example: America/Los_Angeles + emailNotification: + $ref: '#/components/schemas/Email' + isActive: + type: boolean + description: Is the dashboard report schedule active + default: true + SavedSearchSyncDefinitionBase: + required: + - byReceiptTime + - queryParameters + - queryText + type: object + properties: + queryText: + type: string + description: The text of a Sumo Logic query. + byReceiptTime: + type: boolean + description: "Set it to true to run the search using receipt time. By default,\ + \ searches do not run by receipt time." + default: false + viewName: + type: string + description: The name of the Scheduled View that has indexed the data you + want to search. + viewStartTime: + type: string + description: Start timestamp of the Scheduled View in UTC format. + format: date-time + queryParameters: + type: array + description: An array of search query parameter objects. + items: + $ref: '#/components/schemas/QueryParameterSyncDefinition' + parsingMode: + type: string + description: |- + Define the parsing mode to scan the JSON format log messages. Possible values are: + 1. `AutoParse` + 2. `Manual` + In AutoParse mode, the system automatically figures out fields to parse based on the search query. While in the Manual mode, no fields are parsed out automatically. For more information see [Dynamic Parsing](https://help.sumologic.com/?cid=0011). + example: AutoParse + default: Manual + intervalTimeType: + pattern: ^(messageTime|receiptTime|searchableTime)$ + type: string + description: "This parameter defines whether you want to run the search\ + \ by messageTime, receiptTime, or searchableTime. By default, the search\ + \ will run by messageTime. If both runByReceiptTime and intervalTimeType\ + \ parameters are present then the preference will be given to the intervalTimeType.\ + \ This is available in beta only(Contact your sumologic representative\ + \ to enable this feature)." + example: messageTime + default: messageTime + x-pattern-message: "must be one of the following: `messageTime`, `receiptTime`,\ + \ `searchableTime`" + SearchScheduleWithDependencySyncDefinition: + type: object + properties: + searchSchedule: + $ref: '#/components/schemas/SearchScheduleSyncDefinition' + dependencyDetail: + $ref: '#/components/schemas/ScheduleDependencyDetail' + lookupTableDependencies: + type: array + description: Lookup tables that this search schedule depends on + items: + $ref: '#/components/schemas/LookupTableSyncDefinition' + ScheduleDependencyDetail: + required: + - endpointDetail + type: object + properties: + endpointDetail: + $ref: '#/components/schemas/ConnectionDefinition' + MetricsSavedSearchQuerySyncDefinition: + required: + - query + - rowId + type: object + properties: + rowId: + type: string + description: Row id. All rows ids are represented by subsequent upper case + letters starting with `A`. + example: A + query: + type: string + description: Metrics query. + example: my_metric | avg + description: Definition of a metrics query. + ResourceIdentity: + required: + - id + - type + type: object + properties: + id: + type: string + description: The unique identifier of the resource. + example: C03E086C137F38B4 + name: + type: string + description: The name of the resource. + example: "S3 Source, Scheduled View name." + default: Unknown + type: + type: string + description: "-> Resource type. Supported types are - `Collector`, `Source`,\ + \ `IngestBudget` and `Organisation`." + example: Collector + discriminator: + propertyName: type + mapping: + Collector: '#/components/schemas/CollectorResourceIdentity' + Source: '#/components/schemas/SourceResourceIdentity' + IngestBudget: '#/components/schemas/IngestBudgetResourceIdentity' + Organisation: '#/components/schemas/OrgIdentity' + LogsToMetricsRule: '#/components/schemas/LogsToMetricsRuleIdentity' + ScheduledView: '#/components/schemas/ScheduledViewResourceIdentity' + TrackerIdentity: + required: + - description + - error + - trackerId + type: object + properties: + trackerId: + type: string + description: Name that uniquely identifies the health event. It focuses + on what happened rather than why. + error: + type: string + description: Description of the underlying reason for the event change. + example: Access denied to Amazon S3 bucket + description: + type: string + description: A more elaborate description of why the event occurred. + example: S3 collection is not working as expected because of access issues. + discriminator: + propertyName: description + DataIngestAffectedTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + S3CollectionErrorTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + FileCollectionErrorTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + AwsCloudWatchCollectionErrorTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + AwsInventoryCollectionErrorTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + CSEWindowsErrorTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + CSEWindowsAccessErrorTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + CSEWindowsSensorOutOfStorageTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + CSEWindowsParsingErrorTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + CSEWindowsExcessiveBacklogTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + MetricsMetadataKeyLengthLimitExceededTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker' + MetricsMetadataLimitsExceededTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + MetricsMetadataValueLengthLimitExceededTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker' + MetricsMetadataKeyValuePairsLimitExceededTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker' + MetricsMetadataTotalMetadataSizeLimitExceededTracker: + allOf: + - $ref: '#/components/schemas/TrackerIdentity' + - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker' + MetricNameErrorTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + OTCReceiverErrorTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + OTCExporterErrorTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + OTCProcessErrorTracker: + type: object + properties: + eventType: + type: string + description: Event type. + discriminator: + propertyName: eventType + Action: + required: + - connectionType + type: object + properties: + connectionType: + pattern: ^(Email|AWSLambda|AzureFunctions|Datadog|HipChat|Jira|NewRelic|Opsgenie|PagerDuty|Slack|MicrosoftTeams|ServiceNow|SumoCloudSOAR|Webhook)$ + type: string + description: |- + Connection type of the connection. Valid values: + 1. `Email` + 2. `AWSLambda` + 3. `AzureFunctions` + 4. `Datadog` + 5. `HipChat` + 6. `Jira` + 7. `NewRelic` + 8. `Opsgenie` + 9. `PagerDuty` + 10. `Slack` + 11. `MicrosoftTeams` + 12. `ServiceNow` + 13. `SumoCloudSOAR` + 14. `Webhook` + x-pattern-message: "should be one of the following: 'Email', 'AWSLambda',\ + \ 'AzureFunctions', 'Datadog', 'HipChat', 'Jira', 'NewRelic', 'Opsgenie',\ + \ 'PagerDuty', 'Slack', 'MicrosoftTeams', 'ServiceNow', 'SumoCloudSOAR'\ + \ and 'Webhook'" + description: The base class of all connection types. + discriminator: + propertyName: connectionType + StaticThreshold: + type: number + description: The data value for the condition. This defines the threshold for + when to trigger. Threshold value is not applicable for `MissingData` and `ResolvedMissingData` + triggerTypes and will be ignored if specified. + format: double + example: 50.0 + default: 0.0 + StaticThresholdType: + pattern: ^(LessThan|GreaterThan|LessThanOrEqual|GreaterThanOrEqual)$ + type: string + description: |- + The comparison type for the `threshold` evaluation. This defines how you want the data value compared. Valid values: + 1. `LessThan`: Less than than the configured threshold. + 2. `GreaterThan`: Greater than the configured threshold. + 3. `LessThanOrEqual`: Less than or equal to the configured threshold. + 4. `GreaterThanOrEqual`: Greater than or equal to the configured threshold. + ThresholdType value is not applicable for `MissingData` and `ResolvedMissingData` triggerTypes and will be ignored if specified. + example: GreaterThanOrEqual + default: GreaterThanOrEqual + x-pattern-message: "should be one of the following: 'LessThan', 'GreaterThan',\ + \ 'LessThanOrEqual', or 'GreaterThanOrEqual'" + OccurrenceType: + pattern: ^(AtLeastOnce|Always|ResultCount|MissingData)$ + type: string + description: |- + The criteria to evaluate the threshold and thresholdType in the given time range. Valid values: + 1. `AtLeastOnce`: Trigger if the threshold is met at least once. (NOTE: This is the only valid value if monitorType is `Metrics`.) + 2. `Always`: Trigger if the threshold is met continuously. (NOTE: This is the only valid value if monitorType is `Metrics`.) + 3. `ResultCount`: Trigger if the threshold is met against the count of results. (NOTE: This is the only valid value if monitorType is `Logs`.) + 4. `MissingData`: Trigger if the data is missing. (NOTE: This is valid for both `Logs` and `Metrics` monitorTypes) + example: ResultCount + x-pattern-message: "should be one of the following: 'AtLeastOnce', 'Always',\ + \ 'ResultCount' or 'MissingData'" + TriggerSource: + pattern: ^(AllTimeSeries|AnyTimeSeries|AllResults)$ + type: string + description: |- + Determines which time series from queries to use for Metrics MissingData and ResolvedMissingData triggers Valid values: + 1. `AllTimeSeries`: Evaluate the condition against all time series. (NOTE: This option is only valid if monitorType is `Metrics`) + 2. `AnyTimeSeries`: Evaluate the condition against any time series. (NOTE: This option is only valid if monitorType is `Metrics`) + 3. `AllResults`: Evaluate the condition against results from all queries. (NOTE: This option is only valid if monitorType is `Logs`) + example: AllResults + x-pattern-message: "should be one of the following: 'AllTimeSeries', 'AnyTimeSeries',\ + \ or 'AllResults'" + OutlierDirection_1: + pattern: ^(Both|Up|Down)$ + type: string + description: Specifies which direction should trigger violations. + example: Up + default: Both + x-pattern-message: "should be one of the following: 'Both', 'Up', 'Down'" + BurnRate: + required: + - burnRateThreshold + - timeRange + type: object + properties: + burnRateThreshold: + type: number + description: The error budget depletion percentage. + format: double + example: 90 + timeRange: + type: string + description: The relative time range for measuring error budget depletion. + example: -2h + description: Object containing error budget depletion and alert time range. + MonitorDependency: + required: + - endpointDetail + type: object + properties: + endpointDetail: + $ref: '#/components/schemas/ConnectionDefinition' + logs-data-forwarding-rule-management: + type: object + LogSearchScheduleSyncDefinition: + required: + - notification + - parseableTimeRange + - scheduleType + - timeZone + type: object + properties: + cronExpression: + type: string + description: "Cron-like expression specifying the search's schedule. Field\ + \ scheduleType must be set to \"Custom\", otherwise, scheduleType takes\ + \ precedence over cronExpression." + example: 0 0/15 * * * ? * + displayableTimeRange: + type: string + description: "A human-friendly text describing the query time range. For\ + \ e.g. \"-2h\", \"last three days\", \"team default time\". This value\ + \ can not be set via API." + example: -2h + parseableTimeRange: + $ref: '#/components/schemas/ResolvableTimeRange' + timeZone: + type: string + description: "Time zone identifier for time specification. Either an abbreviation\ + \ such as \"PST\", a full name such as \"America/Los_Angeles\", or a custom\ + \ ID such as \"GMT-8:00\". Note that the support of abbreviations is for\ + \ JDK 1.1.x compatibility only and full names should be used. The GMT\ + \ time zone is chosen if the given time zone cannot be identified." + threshold: + $ref: '#/components/schemas/LogSearchNotificationThresholdSyncDefinition' + notification: + $ref: '#/components/schemas/ScheduleNotificationSyncDefinition' + scheduleType: + pattern: ^(RealTime|15Minutes|1Hour|2Hours|4Hours|6Hours|8Hours|12Hours|1Day|1Week|Custom)$ + type: string + description: |- + Run schedule of the scheduled search. Set to "Custom" to specify the schedule with a CRON expression.Please note that with Custom, 1Day and 1Week schedule types you need to provide the corresponding cron expression to determine when to actually run the search. e.g. Sample Valid Cron for 1Day is "0 0 16 ? * 2-6 *". Possible schedule types are: + - `RealTime` + - `15Minutes` + - `1Hour` + - `2Hours` + - `4Hours` + - `6Hours` + - `8Hours` + - `12Hours` + - `1Day` + - `1Week` + - `Custom` + muteErrorEmails: + type: boolean + description: "If enabled, emails are not sent out in case of errors with\ + \ the search." + parameters: + maxLength: 50 + type: array + description: "A list of scheduled search template parameters to be used\ + \ while executing the query. This is different from the queryParameters\ + \ field in parent object as this field will be used for execution as\ + \ per the schedule. The parent object field is for search itself, not\ + \ part of execution. Learn more about the search templates here : https://help.sumologic.com/docs/search/get-started-with-search/build-search/search-templates/" + items: + $ref: '#/components/schemas/ScheduleSearchParameterSyncDefinition' + LogSearchNotificationThresholdSyncDefinition: + required: + - count + - operator + type: object + properties: + thresholdType: + pattern: ^(message|group)$ + type: string + description: |- + This property is deprecated. The system will automatically infer the value of this field from the query going forward, so the user-specified value will no longer be honored. + Threshold type. Possible values are: + 1. `message` + 2. `group` + + Use `group` as threshold type if the search query is of aggregate type. For non-aggregate queries, set it to `message`. + operator: + pattern: ^(eq|gt|ge|lt|le)$ + type: string + description: |- + Criterion to be applied when comparing actual result count with expected count. Possible values are: + 1. `eq` + 2. `gt` + 3. `ge` + 4. `lt` + 5. `le` + count: + type: integer + description: Expected result count. + Metadata: + required: + - createdAt + - createdBy + - modifiedAt + - modifiedBy + type: object + properties: + createdAt: + type: string + description: "Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format." + format: dateTime + createdBy: + type: string + description: Identifier of the user who created the resource. + modifiedAt: + type: string + description: Last modification timestamp in UTC. + format: dateTime + modifiedBy: + type: string + description: Identifier of the user who last modified the resource. + TopologyLabelMap: + required: + - data + type: object + properties: + data: + maxProperties: 1000 + type: object + additionalProperties: + $ref: '#/components/schemas/TopologyLabelValuesList' + description: Map from topology labels to `TopologyLabelValuesList`. + description: | + Map of the topology labels. Each label has a key and a list of values. If a value is `*`, it means the label will match content for all values of its key. + example: + data: + service: + - kube-scheduler + - kube-dns + TopologyLabelValuesList: + type: array + description: List of values corresponding to a key of a label. + example: + - kube-scheduler + items: + type: string + description: Value of the label. + Iso8601TimeRange: + required: + - end + - start + type: object + properties: + start: + type: string + description: "Start time in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format" + format: date-time + example: 2018-10-16T09:10:00Z + end: + type: string + description: "End time in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)\ + \ format" + format: date-time + example: 2018-10-16T09:20:00Z + description: | + A simple time range class, where the start and end points are specified in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339) format + securitySchemes: + basicAuth: + type: http + scheme: basic +x-tagGroups: +- name: Archive Management + tags: + - archiveManagement +- name: Health Events + tags: + - healthEvents +- name: Infrequent Data Tier + tags: + - logSearchesEstimatedUsage +- name: Ingest Budgets Management V2 + tags: + - ingestBudgetManagementV2 +- name: Library Management + tags: + - appManagement + - appManagementV2 + - contentManagement + - dashboardManagement + - folderManagement + - lookupManagement + - contentPermissions + - logSearchesManagement + - parsersLibraryManagement +- name: Metrics + tags: + - metricsSearchesManagement + - transformationRuleManagement + - metricsQuery + - metricsSearchesManagementV2 +- name: Security Management + tags: + - accessKeyManagement + - oauthManagement + - accountManagement + - passwordPolicy + - policiesManagement + - samlConfigurationManagement + - serviceAllowlistManagement + - serviceAccountManagement + - scimUserManagement +- name: Organizations Management + tags: + - orgsManagement +- name: Settings Management + tags: + - connectionManagement + - dynamicParsingRuleManagement + - extractionRuleManagement + - fieldManagementV1 + - partitionManagement + - scheduledViewManagement + - logsDataForwardingManagement + - dataDeletionRules +- name: Tokens Management + tags: + - tokensLibraryManagement +- name: Tracing + tags: + - traces + - spanAnalytics + - serviceMap +- name: Users and Roles Management + tags: + - roleManagement + - roleManagementV2 + - userManagement +- name: Threat Intel Ingest Management + tags: + - threatIntelIngest + - threatIntelIngestProducer +- name: OpenTelemetry Collector Management + tags: + - otCollectorManagementExternal +- name: Source Template Management + tags: + - sourceTemplateManagementExternal +- name: Schema Base Management + tags: + - schemaBaseManagement +- name: Event Analytics Management + tags: + - eventAnalytics +- name: Budget Management + tags: + - budgetManagement +- name: Macro Management + tags: + - macroManagement +- name: Monitor Management + tags: + - monitorsLibraryManagement +- name: Muting Schedules Management + tags: + - mutingSchedulesLibraryManagement +- name: SLO Management + tags: + - slosLibraryManagement diff --git a/yarn.lock b/yarn.lock index 218024174d..0ec8da6928 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1343,6 +1343,11 @@ resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.28.4.tgz#a70226016fabe25c5783b2f22d3e1c9bc5ca3326" integrity sha512-Q/N6JNWvIvPnLDvjlE1OUBLPQHH6l3CltCEsHIujp45zQUSSh8K+gHnaEX45yAT1nyngnINhvWtzN+Nb9D8RAQ== +"@babel/runtime@^7.17.8": + version "7.29.2" + resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.29.2.tgz#9a6e2d05f4b6692e1801cd4fb176ad823930ed5e" + integrity sha512-JiDShH45zKHWyGe4ZNVRrCjBz8Nh9TMmZG1kh4QTK8hCBTWBi8Da+i7s1fJw7/lYpM4ccepSNfqzZ/QvABBi5g== + "@babel/runtime@^7.18.3", "@babel/runtime@^7.5.5", "@babel/runtime@^7.8.7": version "7.26.10" resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.26.10.tgz#a07b4d8fa27af131a633d7b3524db803eb4764c2" @@ -2431,6 +2436,13 @@ resolved "https://registry.yarnpkg.com/@emotion/hash/-/hash-0.9.2.tgz#ff9221b9f58b4dfe61e619a7788734bd63f6898b" integrity sha512-MyqliTZGuOm3+5ZRSaaBGP3USLw6+EGykkwZns2EPC5g8jJ4z9OrdZY9apkl3+UP9+sdz76YYkwCKP5gh8iY3g== +"@emotion/is-prop-valid@1.4.0": + version "1.4.0" + resolved "https://registry.yarnpkg.com/@emotion/is-prop-valid/-/is-prop-valid-1.4.0.tgz#e9ad47adff0b5c94c72db3669ce46de33edf28c0" + integrity sha512-QgD4fyscGcbbKwJmqNvUMSE02OsHUa+lAWKdEUIJKgqe5IwRSKd7+KhibEWdaKwgjLj0DRSHA9biAIqGBk05lw== + dependencies: + "@emotion/memoize" "^0.9.0" + "@emotion/is-prop-valid@^1.2.2": version "1.2.2" resolved "https://registry.yarnpkg.com/@emotion/is-prop-valid/-/is-prop-valid-1.2.2.tgz#d4175076679c6a26faa92b03bb786f9e52612337" @@ -2583,6 +2595,11 @@ resolved "https://registry.yarnpkg.com/@eslint/js/-/js-8.57.0.tgz#a5417ae8427873f1dd08b70b3574b453e67b5f7f" integrity sha512-Ys+3g2TaW7gADOJzPt83SJtCDhMjndcDMFVQ/Tj9iA1BfJzFKD9mAUXT3OenpuPHbI6P/myECxRJrofUsDx/5g== +"@exodus/schemasafe@^1.0.0-rc.2": + version "1.3.0" + resolved "https://registry.yarnpkg.com/@exodus/schemasafe/-/schemasafe-1.3.0.tgz#731656abe21e8e769a7f70a4d833e6312fe59b7f" + integrity sha512-5Aap/GaRupgNx/feGBwLLTVv8OQFfv3pq2lPRzPg9R+IOBnDgghTGW7l7EuVXOvg5cc/xSAlRW8rBrjIC3Nvqw== + "@floating-ui/core@^1.7.4": version "1.7.4" resolved "https://registry.yarnpkg.com/@floating-ui/core/-/core-1.7.4.tgz#4a006a6e01565c0f87ba222c317b056a2cffd2f4" @@ -3110,6 +3127,11 @@ resolved "https://registry.yarnpkg.com/@noble/hashes/-/hashes-1.4.0.tgz#45814aa329f30e4fe0ba49426f49dfccdd066426" integrity sha512-V1JJ1WTRUqHHrOSh597hURcMqVKVGL/ea3kv0gSnEdsEZ0/+VyPghM1lMNGc00z7CIQorSvbKpuJkxvuHbvdbg== +"@nodable/entities@^2.1.0": + version "2.1.0" + resolved "https://registry.yarnpkg.com/@nodable/entities/-/entities-2.1.0.tgz#f543e5c6446720d4cf9e498a83019dd159973bc2" + integrity sha512-nyT7T3nbMyBI/lvr6L5TyWbFJAI9FTgVRakNoBqCD+PmID8DzFrrNdLLtHMwMszOtqZa8PAOV24ZqDnQrhQINA== + "@nodelib/fs.scandir@2.1.5": version "2.1.5" resolved "https://registry.yarnpkg.com/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz#7619c2eb21b25483f6d167548b4cfd5a7488c3d5" @@ -3316,6 +3338,68 @@ unbzip2-stream "^1.4.3" yargs "^17.7.2" +"@redocly/ajv@8.11.2": + version "8.11.2" + resolved "https://registry.yarnpkg.com/@redocly/ajv/-/ajv-8.11.2.tgz#46e1bf321ec0ac1e0fd31dea41a3d1fcbdcda0b5" + integrity sha512-io1JpnwtIcvojV7QKDUSIuMN/ikdOUd1ReEnUnMKGfDVridQZ31J0MmIuqwuRjWDZfmvr+Q0MqCcfHM2gTivOg== + dependencies: + fast-deep-equal "^3.1.1" + json-schema-traverse "^1.0.0" + require-from-string "^2.0.2" + uri-js-replace "^1.0.1" + +"@redocly/ajv@^8.11.0": + version "8.18.3" + resolved "https://registry.yarnpkg.com/@redocly/ajv/-/ajv-8.18.3.tgz#a925753d9a33375219f1b2ba91aef320f9929577" + integrity sha512-l42u0of3hY98sN2A+M4qTX1O/KrpgGH32Hu9kP2GtHyD5Dfqq86PKFLe5dwaD8DEnNmlOlll2BAmeEtf0DaySg== + dependencies: + fast-deep-equal "^3.1.3" + fast-uri "^3.0.1" + json-schema-traverse "^1.0.0" + require-from-string "^2.0.2" + +"@redocly/config@0.22.0": + version "0.22.0" + resolved "https://registry.yarnpkg.com/@redocly/config/-/config-0.22.0.tgz#b2454f472f9d2b217d56f82e4f28d346901f3242" + integrity sha512-gAy93Ddo01Z3bHuVdPWfCwzgfaYgMdaZPcfL7JZ7hWJoK9V0lXDbigTWkhiPFAaLWzbOJ+kbUQG1+XwIm0KRGQ== + +"@redocly/config@^0.6.0": + version "0.6.3" + resolved "https://registry.yarnpkg.com/@redocly/config/-/config-0.6.3.tgz#0dab6278721abd5aae6b375deee97665005b0472" + integrity sha512-hGWJgCsXRw0Ow4rplqRlUQifZvoSwZipkYnt11e3SeH1Eb23VUIDBcRuaQOUqy1wn0eevXkU2GzzQ8fbKdQ7Mg== + +"@redocly/openapi-core@1.16.0": + version "1.16.0" + resolved "https://registry.yarnpkg.com/@redocly/openapi-core/-/openapi-core-1.16.0.tgz#95afcf822890af3fe8f1bde97018370b5cadb8ca" + integrity sha512-z06h+svyqbUcdAaePq8LPSwTPlm6Ig7j2VlL8skPBYnJvyaQ2IN7x/JkOvRL4ta+wcOCBdAex5JWnZbKaNktJg== + dependencies: + "@redocly/ajv" "^8.11.0" + "@redocly/config" "^0.6.0" + colorette "^1.2.0" + https-proxy-agent "^7.0.4" + js-levenshtein "^1.1.6" + js-yaml "^4.1.0" + lodash.isequal "^4.5.0" + minimatch "^5.0.1" + node-fetch "^2.6.1" + pluralize "^8.0.0" + yaml-ast-parser "0.0.43" + +"@redocly/openapi-core@^1.4.0": + version "1.34.14" + resolved "https://registry.yarnpkg.com/@redocly/openapi-core/-/openapi-core-1.34.14.tgz#3b3ba0a6febe65e6a4f108af37da9ca97df0d678" + integrity sha512-y+xFx+Zz54Xhr8jUdnLENYnt7Y7GEDL6Q03ga7rTtX8DVwefX9H+hQEPgJp1nda7vdH+wJ9/HBVvyfBuW9x6rA== + dependencies: + "@redocly/ajv" "8.11.2" + "@redocly/config" "0.22.0" + colorette "1.4.0" + https-proxy-agent "7.0.6" + js-levenshtein "1.1.6" + js-yaml "4.1.1" + minimatch "5.1.9" + pluralize "8.0.0" + yaml-ast-parser "0.0.43" + "@rspack/binding-darwin-arm64@1.5.8": version "1.5.8" resolved "https://registry.yarnpkg.com/@rspack/binding-darwin-arm64/-/binding-darwin-arm64-1.5.8.tgz#a50909f7bad21de27ea770a86e0e3c85006d95e9" @@ -4312,7 +4396,7 @@ dependencies: "@types/istanbul-lib-report" "*" -"@types/json-schema@*", "@types/json-schema@^7.0.15", "@types/json-schema@^7.0.8", "@types/json-schema@^7.0.9": +"@types/json-schema@*", "@types/json-schema@^7.0.15", "@types/json-schema@^7.0.7", "@types/json-schema@^7.0.8", "@types/json-schema@^7.0.9": version "7.0.15" resolved "https://registry.yarnpkg.com/@types/json-schema/-/json-schema-7.0.15.tgz#596a1747233694d50f6ad8a7869fcb6f56cf5841" integrity sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA== @@ -5507,6 +5591,11 @@ call-bound@^1.0.2, call-bound@^1.0.3: call-bind-apply-helpers "^1.0.2" get-intrinsic "^1.3.0" +call-me-maybe@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/call-me-maybe/-/call-me-maybe-1.0.2.tgz#03f964f19522ba643b1b0693acb9152fe2074baa" + integrity sha512-HpX65o1Hnr9HH25ojC1YGs7HCQLq0GCOibSaWER0eNpgJ/Z1MZv2mTc7+xh6WOPxbRVcmgbv4hGU+uSQ/2xFZQ== + callsites@^3.0.0: version "3.1.0" resolved "https://registry.yarnpkg.com/callsites/-/callsites-3.1.0.tgz#b3630abd8943432f54b3f0519238e33cd7df2f73" @@ -5530,6 +5619,11 @@ camelcase@^7.0.1: resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-7.0.1.tgz#f02e50af9fd7782bc8b88a3558c32fd3a388f048" integrity sha512-xlx1yCK2Oc1APsPXDL2LdlNP6+uu8OCDdhOBSVT279M/S+y75O30C2VuD8T2ogdePBBl7PfPF4504tnLgX3zfw== +camelize@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/camelize/-/camelize-1.0.1.tgz#89b7e16884056331a35d6b5ad064332c91daa6c3" + integrity sha512-dU+Tx2fsypxTgtLoE36npi3UqcjSSMNYfkqgmoEhtZrraP5VWq0K7FkWVTYa8eMPtnU/G2txVsfdCJTn9uzpuQ== + caniuse-api@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/caniuse-api/-/caniuse-api-3.0.0.tgz#5e4d90e2274961d46291997df599e3ed008ee4c0" @@ -5666,6 +5760,11 @@ ci-info@^3.2.0: resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-3.9.0.tgz#4279a62028a7b1f262f3473fc9605f5e218c59b4" integrity sha512-NIxF55hv4nSqQswkAeiOi1r83xy8JldOFDTWiug55KBu9Jnblncd2U6ViHmYgHf01TPZS77NJBhBMKdWj9HQMQ== +classnames@^2.3.2: + version "2.5.1" + resolved "https://registry.yarnpkg.com/classnames/-/classnames-2.5.1.tgz#ba774c614be0f016da105c858e7159eae8e7687b" + integrity sha512-saHYOzhIQs6wy2sVxTM6bUDsQO4F50V9RQ22qBpEdCW+I+/Wmke2HOl6lS6dTpdxVhb88/I6+Hs+438c3lfUow== + clean-css@^5.2.2, clean-css@^5.3.3, clean-css@~5.3.2: version "5.3.3" resolved "https://registry.yarnpkg.com/clean-css/-/clean-css-5.3.3.tgz#b330653cd3bd6b75009cc25c714cae7b93351ccd" @@ -5732,7 +5831,7 @@ clone-response@^1.0.2: dependencies: mimic-response "^1.0.0" -clsx@^1.1.1: +clsx@^1.1.1, clsx@^1.2.1: version "1.2.1" resolved "https://registry.yarnpkg.com/clsx/-/clsx-1.2.1.tgz#0ddc4a20a549b59c93a4116bb26f5294ca17dc12" integrity sha512-EcR6r5a8bj6pu3ycsa/E/cKVGuTgZJZdsyUYHOksG/UHIiKfjxzRxYJpyVBwYaQeOvghal9fcc4PidlgzugAQg== @@ -5783,6 +5882,11 @@ colord@^2.9.3: resolved "https://registry.yarnpkg.com/colord/-/colord-2.9.3.tgz#4f8ce919de456f1d5c1c368c307fe20f3e59fb43" integrity sha512-jeC1axXpnb0/2nn/Y1LPuLdgXBLH7aDcHu4KEKfqw3CUhX7ZpfBSlPKyqXE6btIgEzfWtrX3/tyBCaCvXvMkOw== +colorette@1.4.0, colorette@^1.2.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/colorette/-/colorette-1.4.0.tgz#5190fbb87276259a86ad700bff2c6d6faa3fca40" + integrity sha512-Y2oEozpomLn7Q3HFP7dpww7AtMJplbM9lGZP6RDfHqmbeRjiwRg4n6VM6j4KLmRke85uWEI7JqF17f3pqdRA0g== + colorette@^2.0.10, colorette@^2.0.20: version "2.0.20" resolved "https://registry.yarnpkg.com/colorette/-/colorette-2.0.20.tgz#9eb793e6833067f7235902fcd3b09917a000a95a" @@ -6070,6 +6174,11 @@ css-blank-pseudo@^7.0.1: dependencies: postcss-selector-parser "^7.0.0" +css-color-keywords@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/css-color-keywords/-/css-color-keywords-1.0.0.tgz#fea2616dc676b2962686b3af8dbdbe180b244e05" + integrity sha512-FyyrDHZKEjXDpNJYvVsV960FiqQyXc/LlYmsxl2BcdMb2WPx0OGRVgTg55rPSyLSNMqP52R9r8geSp7apN3Ofg== + css-declaration-sorter@7.2.0: version "7.2.0" resolved "https://registry.yarnpkg.com/css-declaration-sorter/-/css-declaration-sorter-7.2.0.tgz#6dec1c9523bc4a643e088aab8f09e67a54961024" @@ -6142,6 +6251,15 @@ css-select@^5.1.0: domutils "^3.0.1" nth-check "^2.0.1" +css-to-react-native@3.2.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/css-to-react-native/-/css-to-react-native-3.2.0.tgz#cdd8099f71024e149e4f6fe17a7d46ecd55f1e32" + integrity sha512-e8RKaLXMOFii+02mOlqwjbD00KSEKqblnpO9e++1aXS1fPQOpS1YoqdVHBqPjHNoxeF2mimzVqawm2KCbEdtHQ== + dependencies: + camelize "^1.0.0" + css-color-keywords "^1.0.0" + postcss-value-parser "^4.0.2" + css-tree@2.3.1, css-tree@^2.3.1: version "2.3.1" resolved "https://registry.yarnpkg.com/css-tree/-/css-tree-2.3.1.tgz#10264ce1e5442e8572fc82fbe490644ff54b5c20" @@ -6247,7 +6365,7 @@ csso@5.0.5, csso@^5.0.5: dependencies: css-tree "~2.2.0" -csstype@^3.0.2, csstype@^3.1.3, csstype@^3.2.2: +csstype@3.2.3, csstype@^3.0.2, csstype@^3.1.3, csstype@^3.2.2: version "3.2.3" resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.2.3.tgz#ec48c0f3e993e50648c86da559e2610995cf989a" integrity sha512-z1HGKcYy2xA8AGQfwrn0PAy+PB7X/GSj3UVJW9qKyn43xWa+gl5nXmU4qqLMRzWVLFC8KusUX8T/0kCiOYpAIQ== @@ -6620,6 +6738,11 @@ debug@^4.3.5, debug@^4.3.6: dependencies: ms "^2.1.3" +decko@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/decko/-/decko-1.2.0.tgz#fd43c735e967b8013306884a56fbe665996b6817" + integrity sha512-m8FnyHXV1QX+S1cl+KPFDIl6NMkxtKsy6+U/aYyjrOqWMuwAwYWu7ePqrsUHtDR5Y8Yk2pi/KIDSgF+vT4cPOQ== + decode-named-character-reference@^1.0.0: version "1.2.0" resolved "https://registry.yarnpkg.com/decode-named-character-reference/-/decode-named-character-reference-1.2.0.tgz#25c32ae6dd5e21889549d40f676030e9514cc0ed" @@ -6794,6 +6917,14 @@ doctrine@^3.0.0: dependencies: esutils "^2.0.2" +docusaurus-plugin-redoc@2.5.0: + version "2.5.0" + resolved "https://registry.yarnpkg.com/docusaurus-plugin-redoc/-/docusaurus-plugin-redoc-2.5.0.tgz#d64756b2a8a794b2e9c635abc21b0a51a84a1bcc" + integrity sha512-44sDhuXvItHnUuPdKswF3cRhiN5UW3YZxmMBsQLSfCYKcYr9tgWF2qvDfQoZO9i1DwpaYbIZ/RKMrSgny/iWYA== + dependencies: + "@redocly/openapi-core" "1.16.0" + redoc "2.4.0" + docusaurus-plugin-sass@^0.2.1: version "0.2.5" resolved "https://registry.yarnpkg.com/docusaurus-plugin-sass/-/docusaurus-plugin-sass-0.2.5.tgz#6bfb8a227ac6265be685dcbc24ba1989e27b8005" @@ -6801,6 +6932,20 @@ docusaurus-plugin-sass@^0.2.1: dependencies: sass-loader "^10.1.1" +docusaurus-theme-redoc@2.5.0: + version "2.5.0" + resolved "https://registry.yarnpkg.com/docusaurus-theme-redoc/-/docusaurus-theme-redoc-2.5.0.tgz#b8d6f033a7d88485c0d86b3b28c0a98a5d7a8900" + integrity sha512-ykLmnnvE20Im3eABlIpUnXnT2gSHVAjgyy2fU2G8yecu7zqIE+G/SiBpBg/hrWMUycL31a8VSG7Ehkf3pg1u+A== + dependencies: + "@redocly/openapi-core" "1.16.0" + clsx "^1.2.1" + lodash "^4.17.21" + mobx "^6.12.4" + postcss "^8.4.45" + postcss-prefix-selector "^1.16.1" + redoc "2.4.0" + styled-components "^6.1.11" + docusaurus2-dotenv@^1.4.0: version "1.4.0" resolved "https://registry.yarnpkg.com/docusaurus2-dotenv/-/docusaurus2-dotenv-1.4.0.tgz#9ab900e29de9081f9f1f28f7224ff63760385641" @@ -6860,6 +7005,13 @@ domhandler@^5.0.2, domhandler@^5.0.3: dependencies: domelementtype "^2.3.0" +dompurify@^3.0.6: + version "3.4.5" + resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-3.4.5.tgz#bedc7d30a6007ae9a8937b952be6adb76a28e871" + integrity sha512-OrwIBKsdNSVEeubdJ1HBv/wNENRM9ytAVCv7YXt//A3vPdVMNuACRqK9mXCGCBW2ln7BT/A4X0jXHo2Gu89miA== + optionalDependencies: + "@types/trusted-types" "^2.0.7" + dompurify@^3.3.1: version "3.4.2" resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-3.4.2.tgz#f0ff81be682c485505097ba8195a058d8f575218" @@ -7164,6 +7316,11 @@ es-toolkit@^1.45.1: resolved "https://registry.yarnpkg.com/es-toolkit/-/es-toolkit-1.46.1.tgz#38ca27191a98a867fc544b81cf1477a68947fb06" integrity sha512-5eNtXOs3tbfxXOj04tjjseeWkRWaoCjdEI+96DgwzZoe6c9juL49pXlzAFTI72aWC9Y8p7168g6XIKjh7k6pyQ== +es6-promise@^3.2.1: + version "3.3.1" + resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.3.1.tgz#a08cdde84ccdbf34d027a1451bc91d4bcd28a613" + integrity sha512-SOp9Phqvqn7jtEUxPWdWfWoLmyt2VaJ6MpvP9Comy1MceMXqE6bxvaTu4iaxpYYPzhny28Lc+M87/c2cPK6lDg== + esast-util-from-estree@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/esast-util-from-estree/-/esast-util-from-estree-2.0.0.tgz#8d1cfb51ad534d2f159dc250e604f3478a79f1ad" @@ -7664,11 +7821,35 @@ fast-levenshtein@^2.0.6: resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917" integrity sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw== +fast-safe-stringify@^2.0.7: + version "2.1.1" + resolved "https://registry.yarnpkg.com/fast-safe-stringify/-/fast-safe-stringify-2.1.1.tgz#c406a83b6e70d9e35ce3b30a81141df30aeba884" + integrity sha512-W+KJc2dmILlPplD/H4K9l9LcAHAfPtP6BY84uVLXQ6Evcz9Lcg33Y2z1IVblT6xdY54PXYVHEv+0Wpq8Io6zkA== + fast-uri@^3.0.1: version "3.1.2" resolved "https://registry.yarnpkg.com/fast-uri/-/fast-uri-3.1.2.tgz#8af3d4fc9d3e71b11572cc2673b514a7d1a8c8ec" integrity sha512-rVjf7ArG3LTk+FS6Yw81V1DLuZl1bRbNrev6Tmd/9RaroeeRRJhAt7jg/6YFxbvAQXUCavSoZhPPj6oOx+5KjQ== +fast-xml-builder@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/fast-xml-builder/-/fast-xml-builder-1.2.0.tgz#abd2363145a7625d9789ad96da375fabe3cff28c" + integrity sha512-00aAWieqff+ZJhsXA4g1g7M8k+7AYoMUUHF+/zFb5U6Uv/P0Vl4QZo84/IcufzYalLuEj9928bXN9PbbFzMF0Q== + dependencies: + path-expression-matcher "^1.5.0" + xml-naming "^0.1.0" + +fast-xml-parser@^5.5.1: + version "5.8.0" + resolved "https://registry.yarnpkg.com/fast-xml-parser/-/fast-xml-parser-5.8.0.tgz#64d71f0f8d4bf23621dffd762aef7e98c1884fc1" + integrity sha512-6bIM7fsJxeo3uXv7OncQYsBAMPJ7V16Slahl/6M98C/i2q+vB1+4a0MtrvYwDFEUrwDSbAmeLDRXsOBwrL7yAg== + dependencies: + "@nodable/entities" "^2.1.0" + fast-xml-builder "^1.2.0" + path-expression-matcher "^1.5.0" + strnum "^2.3.0" + xml-naming "^0.1.0" + fastq@^1.6.0: version "1.19.1" resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.19.1.tgz#d50eaba803c8846a883c16492821ebcd2cda55f5" @@ -7836,6 +8017,11 @@ for-each@^0.3.3: dependencies: is-callable "^1.1.3" +foreach@^2.0.4: + version "2.0.6" + resolved "https://registry.yarnpkg.com/foreach/-/foreach-2.0.6.tgz#87bcc8a1a0e74000ff2bf9802110708cfb02eb6e" + integrity sha512-k6GAGDyqLe9JaebCsFCoudPPWfihKu8pylYXRlqP1J7ms39iPoTtk2fviNglIeQEwdh0bQeKJ01ZPyuyQvKzwg== + foreground-child@^3.1.0: version "3.2.1" resolved "https://registry.yarnpkg.com/foreground-child/-/foreground-child-3.2.1.tgz#767004ccf3a5b30df39bed90718bab43fe0a59f7" @@ -8625,6 +8811,11 @@ http-proxy@^1.18.1: follow-redirects "^1.0.0" requires-port "^1.0.0" +http2-client@^1.2.5: + version "1.3.5" + resolved "https://registry.yarnpkg.com/http2-client/-/http2-client-1.3.5.tgz#20c9dc909e3cc98284dd20af2432c524086df181" + integrity sha512-EC2utToWl4RKfs5zd36Mxq7nzHHBuomZboI0yYL6Y0RmBgT7Sgkq4rQ0ezFTYoIsSs7Tm9SJe+o2FcAg6GBhGA== + http2-wrapper@^1.0.0-beta.5.2: version "1.0.3" resolved "https://registry.yarnpkg.com/http2-wrapper/-/http2-wrapper-1.0.3.tgz#b8f55e0c1f25d4ebd08b3b0c2c079f9590800b3d" @@ -8641,7 +8832,7 @@ http2-wrapper@^2.1.10: quick-lru "^5.1.1" resolve-alpn "^1.2.0" -https-proxy-agent@^7.0.6: +https-proxy-agent@7.0.6, https-proxy-agent@^7.0.4, https-proxy-agent@^7.0.6: version "7.0.6" resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-7.0.6.tgz#da8dfeac7da130b05c2ba4b59c9b6cd66611a6b9" integrity sha512-vK9P5/iUfdl95AI+JVyUuIcVtd4ofvtrOr3HNtM2yxC9bnMbEdp3x01OhQNnjb8IJYi38VlTE3mBXwcfvywuSw== @@ -9283,11 +9474,23 @@ joi@^17.9.2: "@sideway/formula" "^3.0.1" "@sideway/pinpoint" "^2.0.0" +js-levenshtein@1.1.6, js-levenshtein@^1.1.6: + version "1.1.6" + resolved "https://registry.yarnpkg.com/js-levenshtein/-/js-levenshtein-1.1.6.tgz#c6cee58eb3550372df8deb85fad5ce66ce01d59d" + integrity sha512-X2BB11YZtrRqY4EnQcLX5Rh373zbK4alC1FW7D7MBhL2gtcC17cTnr6DmfHZeS0s2rTHjUTMMHfG7gO8SSdw+g== + "js-tokens@^3.0.0 || ^4.0.0", js-tokens@^4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499" integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ== +js-yaml@4.1.1: + version "4.1.1" + resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.1.tgz#854c292467705b699476e1a2decc0c8a3458806b" + integrity sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA== + dependencies: + argparse "^2.0.1" + js-yaml@^3.13.1: version "3.14.1" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.1.tgz#dae812fdb3825fa306609a8717383c50c36a0537" @@ -9328,6 +9531,13 @@ json-parse-even-better-errors@^2.3.0, json-parse-even-better-errors@^2.3.1: resolved "https://registry.yarnpkg.com/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz#7c47805a94319928e05777405dc12e1f7a4ee02d" integrity sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w== +json-pointer@0.6.2, json-pointer@^0.6.2: + version "0.6.2" + resolved "https://registry.yarnpkg.com/json-pointer/-/json-pointer-0.6.2.tgz#f97bd7550be5e9ea901f8c9264c9d436a22a93cd" + integrity sha512-vLWcKbOaXlO+jvRy4qNd+TI1QUPZzfJj1tpJ3vAXDych5XJf93ftpUKe5pKCrzyIIwgBJcOcCVRUfqQP25afBw== + dependencies: + foreach "^2.0.4" + json-schema-traverse@^0.4.1: version "0.4.1" resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660" @@ -9603,6 +9813,11 @@ lodash.debounce@^4.0.8: resolved "https://registry.yarnpkg.com/lodash.debounce/-/lodash.debounce-4.0.8.tgz#82d79bff30a67c4005ffd5e2515300ad9ca4d7af" integrity sha512-FT1yDzDYEoYWhnSGnpE/4Kj1fLZkDFyqRb7fNt6FdYOSxlUWAtp42Eh6Wb0rGIv/m9Bgo7x4GhQbm5Ys4SG5ow== +lodash.isequal@^4.5.0: + version "4.5.0" + resolved "https://registry.yarnpkg.com/lodash.isequal/-/lodash.isequal-4.5.0.tgz#415c4478f2bcc30120c22ce10ed3226f7d3e18e0" + integrity sha512-pDo3lu8Jhfjqls6GkMgpahsF9kCyayhgykjyLMNFTKWrpVdAQtYyB4muAMWozBB4ig/dtWAmsMxLEI8wuz+DYQ== + lodash.memoize@^4.1.2: version "4.1.2" resolved "https://registry.yarnpkg.com/lodash.memoize/-/lodash.memoize-4.1.2.tgz#bcc6c49a42a2840ed997f323eada5ecd182e0bfe" @@ -9688,6 +9903,16 @@ lru-cache@^7.14.1: resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-7.18.3.tgz#f793896e0fd0e954a59dfdd82f0773808df6aa89" integrity sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA== +lunr@^2.3.9: + version "2.3.9" + resolved "https://registry.yarnpkg.com/lunr/-/lunr-2.3.9.tgz#18b123142832337dd6e964df1a5a7707b25d35e1" + integrity sha512-zTU3DaZaF3Rt9rhN3uBMGQD3dD2/vFQqnvZCDv4dl5iOzq2IZQqTxu90r4E5J+nP70J3ilqVCrbho2eWaeW8Ow== + +mark.js@^8.11.1: + version "8.11.1" + resolved "https://registry.yarnpkg.com/mark.js/-/mark.js-8.11.1.tgz#180f1f9ebef8b0e638e4166ad52db879beb2ffc5" + integrity sha512-1I+1qpDt4idfgLQG+BNWmrqku+7/2bi5nLf4YwF8y8zXvmfiTBY3PV3ZibfrjBueCByROpuBjLLFCajqkgYoLQ== + markdown-extensions@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/markdown-extensions/-/markdown-extensions-2.0.0.tgz#34bebc83e9938cae16e0e017e4a9814a8330d3c4" @@ -9710,6 +9935,11 @@ marked@^16.3.0: resolved "https://registry.yarnpkg.com/marked/-/marked-16.4.2.tgz#4959a64be6c486f0db7467ead7ce288de54290a3" integrity sha512-TI3V8YYWvkVf3KJe1dRkpnjs68JUPyEa5vjKrp1XEEJUAOaQc+Qj+L1qWbPd0SJuAdQkFU0h73sXXqwDYxsiDA== +marked@^4.3.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/marked/-/marked-4.3.0.tgz#796362821b019f734054582038b116481b456cf3" + integrity sha512-PRsaiG84bK+AMvxziE/lCFss8juXjNaWzVbN5tXAm4XjeaS9NAHhop+PjQxz2A9h8Q4M/xGmzP8vqNwy6JeK0A== + math-intrinsics@^1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/math-intrinsics/-/math-intrinsics-1.1.0.tgz#a0dd74be81e2aa5c2f27e65ce283605ee4e2b7f9" @@ -10908,6 +11138,13 @@ minimatch@3.1.5: dependencies: brace-expansion "^1.1.7" +minimatch@5.1.9, minimatch@^5.0.1: + version "5.1.9" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-5.1.9.tgz#1293ef15db0098b394540e8f9f744f9fda8dee4b" + integrity sha512-7o1wEA2RyMP7Iu7GNba9vc0RWWGACJOCZBJX2GJWip0ikV+wcOsgVuY9uE8CPiyQhkGFSlhuSkZPavN7u1c2Fw== + dependencies: + brace-expansion "^2.0.1" + minimatch@^9.0.3: version "9.0.5" resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-9.0.5.tgz#d74f9dd6b57d83d8e98cfb82133b03978bc929e5" @@ -10937,6 +11174,25 @@ mitt@3.0.1: resolved "https://registry.yarnpkg.com/mitt/-/mitt-3.0.1.tgz#ea36cf0cc30403601ae074c8f77b7092cdab36d1" integrity sha512-vKivATfr97l2/QBCYAkXYDbrIWPM2IIKEl7YPhjCvKlG3kE2gm+uBo6nEXK3M5/Ffh/FLpKExzOQ3JJoJGFKBw== +mobx-react-lite@^4.1.1: + version "4.1.1" + resolved "https://registry.yarnpkg.com/mobx-react-lite/-/mobx-react-lite-4.1.1.tgz#725d74b025235f73dc2ab815766ffe010be2cf8a" + integrity sha512-iUxiMpsvNraCKXU+yPotsOncNNmyeS2B5DKL+TL6Tar/xm+wwNJAubJmtRSeAoYawdZqwv8Z/+5nPRHeQxTiXg== + dependencies: + use-sync-external-store "^1.4.0" + +mobx-react@^9.1.1: + version "9.2.1" + resolved "https://registry.yarnpkg.com/mobx-react/-/mobx-react-9.2.1.tgz#19b1036442d2515eeb6f5fbb2c9c770d81c32f80" + integrity sha512-WJNNm0FB2n0Z0u+jS1QHmmWyV8l2WiAj8V8I/96kbUEN2YbYCoKW+hbbqKKRUBqElu0llxM7nWKehvRIkhBVJw== + dependencies: + mobx-react-lite "^4.1.1" + +mobx@^6.12.4: + version "6.15.3" + resolved "https://registry.yarnpkg.com/mobx/-/mobx-6.15.3.tgz#9ba303d2220fcd4253e34f0702a2a266aa29871f" + integrity sha512-6+ZSYDs5zgH5CdGfEU2q2Lsa5PztVryL1ys7kAImTU25n2A9LAMj/yneVsQpd03MfwMLDQF+7kakJR9Z+cQxSw== + mri@^1.1.0: version "1.2.0" resolved "https://registry.yarnpkg.com/mri/-/mri-1.2.0.tgz#6721480fec2a11a4889861115a48b6cbe7cc8f0b" @@ -10984,6 +11240,11 @@ nanoid@^3.3.11, nanoid@^3.3.8: resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.3.11.tgz#4f4f112cefbe303202f2199838128936266d185b" integrity sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w== +nanoid@^3.3.12: + version "3.3.12" + resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.3.12.tgz#ab3d912e217a6d0a514f00a72a16543a28982c05" + integrity sha512-ZB9RH/39qpq5Vu6Y+NmUaFhQR6pp+M2Xt76XBnEwDaGcVAqhlvxrl3B2bKS5D3NH3QR76v3aSrKaF/Kiy7lEtQ== + natural-compare-lite@^1.4.0: version "1.4.0" resolved "https://registry.yarnpkg.com/natural-compare-lite/-/natural-compare-lite-1.4.0.tgz#17b09581988979fddafe0201e931ba933c96cbb4" @@ -11037,7 +11298,14 @@ node-emoji@^2.1.0: emojilib "^2.4.0" skin-tone "^2.0.0" -node-fetch@^2.6.7: +node-fetch-h2@^2.3.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/node-fetch-h2/-/node-fetch-h2-2.3.0.tgz#c6188325f9bd3d834020bf0f2d6dc17ced2241ac" + integrity sha512-ofRW94Ab0T4AOh5Fk8t0h8OBWrmjb0SSB20xh1H8YnPV9EJ+f5AMoYSUQ2zgJ4Iq2HAK0I2l5/Nequ8YzFS3Hg== + dependencies: + http2-client "^1.2.5" + +node-fetch@^2.6.1, node-fetch@^2.6.7: version "2.7.0" resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.7.0.tgz#d0f0fa6e3e2dc1d27efcd8ad99d550bda94d187d" integrity sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A== @@ -11049,6 +11317,13 @@ node-forge@^1.4.0: resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-1.4.0.tgz#1c7b7d8bdc2d078739f58287d589d903a11b2fc2" integrity sha512-LarFH0+6VfriEhqMMcLX2F7SwSXeWwnEAJEsYm5QKWchiVYVvJyV9v7UDvUv+w5HO23ZpQTXDv/GxdDdMyOuoQ== +node-readfiles@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/node-readfiles/-/node-readfiles-0.2.0.tgz#dbbd4af12134e2e635c245ef93ffcf6f60673a5d" + integrity sha512-SU00ZarexNlE4Rjdm83vglt5Y9yiQ+XI1XpflWlb7q7UTN1JUItm69xMeiQCTxtTfnzt+83T8Cx+vI2ED++VDA== + dependencies: + es6-promise "^3.2.1" + node-releases@^2.0.27: version "2.0.27" resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-2.0.27.tgz#eedca519205cf20f650f61d56b070db111231e4e" @@ -11115,6 +11390,52 @@ null-loader@^4.0.1: loader-utils "^2.0.0" schema-utils "^3.0.0" +oas-kit-common@^1.0.8: + version "1.0.8" + resolved "https://registry.yarnpkg.com/oas-kit-common/-/oas-kit-common-1.0.8.tgz#6d8cacf6e9097967a4c7ea8bcbcbd77018e1f535" + integrity sha512-pJTS2+T0oGIwgjGpw7sIRU8RQMcUoKCDWFLdBqKB2BNmGpbBMH2sdqAaOXUg8OzonZHU0L7vfJu1mJFEiYDWOQ== + dependencies: + fast-safe-stringify "^2.0.7" + +oas-linter@^3.2.2: + version "3.2.2" + resolved "https://registry.yarnpkg.com/oas-linter/-/oas-linter-3.2.2.tgz#ab6a33736313490659035ca6802dc4b35d48aa1e" + integrity sha512-KEGjPDVoU5K6swgo9hJVA/qYGlwfbFx+Kg2QB/kd7rzV5N8N5Mg6PlsoCMohVnQmo+pzJap/F610qTodKzecGQ== + dependencies: + "@exodus/schemasafe" "^1.0.0-rc.2" + should "^13.2.1" + yaml "^1.10.0" + +oas-resolver@^2.5.6: + version "2.5.6" + resolved "https://registry.yarnpkg.com/oas-resolver/-/oas-resolver-2.5.6.tgz#10430569cb7daca56115c915e611ebc5515c561b" + integrity sha512-Yx5PWQNZomfEhPPOphFbZKi9W93CocQj18NlD2Pa4GWZzdZpSJvYwoiuurRI7m3SpcChrnO08hkuQDL3FGsVFQ== + dependencies: + node-fetch-h2 "^2.3.0" + oas-kit-common "^1.0.8" + reftools "^1.1.9" + yaml "^1.10.0" + yargs "^17.0.1" + +oas-schema-walker@^1.1.5: + version "1.1.5" + resolved "https://registry.yarnpkg.com/oas-schema-walker/-/oas-schema-walker-1.1.5.tgz#74c3cd47b70ff8e0b19adada14455b5d3ac38a22" + integrity sha512-2yucenq1a9YPmeNExoUa9Qwrt9RFkjqaMAA1X+U7sbb0AqBeTIdMHky9SQQ6iN94bO5NW0W4TRYXerG+BdAvAQ== + +oas-validator@^5.0.8: + version "5.0.8" + resolved "https://registry.yarnpkg.com/oas-validator/-/oas-validator-5.0.8.tgz#387e90df7cafa2d3ffc83b5fb976052b87e73c28" + integrity sha512-cu20/HE5N5HKqVygs3dt94eYJfBi0TsZvPVXDhbXQHiEityDN+RROTleefoKRKKJ9dFAF2JBkDHgvWj0sjKGmw== + dependencies: + call-me-maybe "^1.0.1" + oas-kit-common "^1.0.8" + oas-linter "^3.2.2" + oas-resolver "^2.5.6" + oas-schema-walker "^1.1.5" + reftools "^1.1.9" + should "^13.2.1" + yaml "^1.10.0" + object-assign@^4.0.1, object-assign@^4.1.1: version "4.1.1" resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863" @@ -11251,6 +11572,15 @@ open@^8.4.0: is-docker "^2.1.1" is-wsl "^2.2.0" +openapi-sampler@^1.5.0: + version "1.7.3" + resolved "https://registry.yarnpkg.com/openapi-sampler/-/openapi-sampler-1.7.3.tgz#55c630d22e3ebe4cb4f9fc61b22951caeb3846bf" + integrity sha512-Qgy2+Z7xR3l7kXurtzi1PCtzAINkFKhBADBe/8cidC2fQrLUQTudLiJjQDnqJXoisWAR6zaHhC0hP6Hn5vja+g== + dependencies: + "@types/json-schema" "^7.0.7" + fast-xml-parser "^5.5.1" + json-pointer "0.6.2" + opener@^1.5.2: version "1.5.2" resolved "https://registry.yarnpkg.com/opener/-/opener-1.5.2.tgz#5d37e1f35077b9dcac4301372271afdeb2a13598" @@ -11462,6 +11792,11 @@ pascal-case@^3.1.2: no-case "^3.0.4" tslib "^2.0.3" +path-browserify@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/path-browserify/-/path-browserify-1.0.1.tgz#d98454a9c3753d5790860f16f68867b9e46be1fd" + integrity sha512-b7uo2UCUOYZcnF/3ID0lulOJi/bafxa1xPe7ZPsammBSpjSWQkjNxlt635YGS2MiR9GjvuXCtz2emr3jbsz98g== + path-data-parser@0.1.0, path-data-parser@^0.1.0: version "0.1.0" resolved "https://registry.yarnpkg.com/path-data-parser/-/path-data-parser-0.1.0.tgz#8f5ba5cc70fc7becb3dcefaea08e2659aba60b8c" @@ -11477,6 +11812,11 @@ path-exists@^5.0.0: resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-5.0.0.tgz#a6aad9489200b21fab31e49cf09277e5116fb9e7" integrity sha512-RjhtfwJOxzcFmNOi6ltcbcu4Iu+FL3zEj83dk4kAS+fVpTxXLO1b38RvJgT/0QwvV/L3aY9TAnyv0EOqW4GoMQ== +path-expression-matcher@^1.5.0: + version "1.5.0" + resolved "https://registry.yarnpkg.com/path-expression-matcher/-/path-expression-matcher-1.5.0.tgz#3b98545dc88ffebb593e2d8458d0929da9275f4a" + integrity sha512-cbrerZV+6rvdQrrD+iGMcZFEiiSrbv9Tfdkvnusy6y0x0GKBXREFg/Y65GhIfm0tnLntThhzCnfKwp1WRjeCyQ== + path-is-absolute@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" @@ -11547,6 +11887,11 @@ pend@~1.2.0: resolved "https://registry.yarnpkg.com/pend/-/pend-1.2.0.tgz#7a57eb550a6783f9115331fcf4663d5c8e007a50" integrity sha512-F3asv42UuXchdzt+xXqfW1OGlVBe+mxa2mqI0pg5yAHZPvFmY3Y6drSf/GQ1A86WgWEN9Kzh/WrgKa6iGcHXLg== +perfect-scrollbar@^1.5.5: + version "1.5.6" + resolved "https://registry.yarnpkg.com/perfect-scrollbar/-/perfect-scrollbar-1.5.6.tgz#f1aead2588ba896435ee41b246812b2080573b7c" + integrity sha512-rixgxw3SxyJbCaSpo1n35A/fwI1r2rdwMKOTCg/AcG+xOEyZcE8UHVjpZMFCVImzsFoCZeJTT+M/rdEIQYO2nw== + picocolors@^1.0.0, picocolors@^1.1.1: version "1.1.1" resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.1.1.tgz#3d321af3eab939b083c8f929a1d12cda81c26b6b" @@ -11591,6 +11936,11 @@ pkijs@^3.3.3: pvutils "^1.1.3" tslib "^2.8.1" +pluralize@8.0.0, pluralize@^8.0.0: + version "8.0.0" + resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-8.0.0.tgz#1a6fa16a38d12a1901e0320fa017051c539ce3b1" + integrity sha512-Nc3IT5yHzflTfbjgqWcCPpo7DaKy4FnpB0l/zCAW0Tc7jxAiuqSxHasntB3D7887LSrA93kDJ9IXovxJYxyLCA== + points-on-curve@0.2.0, points-on-curve@^0.2.0: version "0.2.0" resolved "https://registry.yarnpkg.com/points-on-curve/-/points-on-curve-0.2.0.tgz#7dbb98c43791859434284761330fa893cb81b4d1" @@ -11604,6 +11954,13 @@ points-on-path@^0.2.1: path-data-parser "0.1.0" points-on-curve "0.2.0" +polished@^4.2.2: + version "4.3.1" + resolved "https://registry.yarnpkg.com/polished/-/polished-4.3.1.tgz#5a00ae32715609f83d89f6f31d0f0261c6170548" + integrity sha512-OBatVyC/N7SCW/FaDHrSd+vn0o5cS855TOmYi4OkdWUMSJCET/xip//ch8xGUvtr3i44X9LVyWwQlRMTN3pwSA== + dependencies: + "@babel/runtime" "^7.17.8" + possible-typed-array-names@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/possible-typed-array-names/-/possible-typed-array-names-1.0.0.tgz#89bb63c6fada2c3e90adc4a647beeeb39cc7bf8f" @@ -11998,6 +12355,11 @@ postcss-place@^10.0.0: dependencies: postcss-value-parser "^4.2.0" +postcss-prefix-selector@^1.16.1: + version "1.16.1" + resolved "https://registry.yarnpkg.com/postcss-prefix-selector/-/postcss-prefix-selector-1.16.1.tgz#87a77523838b79c0e8aec29f173234b2987cdc04" + integrity sha512-Umxu+FvKMwlY6TyDzGFoSUnzW+NOfMBLyC1tAkIjgX+Z/qGspJeRjVC903D7mx7TuBpJlwti2ibXtWuA7fKMeQ== + postcss-preset-env@^10.2.1: version "10.4.0" resolved "https://registry.yarnpkg.com/postcss-preset-env/-/postcss-preset-env-10.4.0.tgz#fa6167a307f337b2bcdd1d125604ff97cdeb5142" @@ -12150,7 +12512,7 @@ postcss-unique-selectors@6.0.4, postcss-unique-selectors@^6.0.4: dependencies: postcss-selector-parser "^6.0.16" -postcss-value-parser@^4.1.0, postcss-value-parser@^4.2.0: +postcss-value-parser@^4.0.2, postcss-value-parser@^4.1.0, postcss-value-parser@^4.2.0: version "4.2.0" resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz#723c09920836ba6d3e5af019f92bc0971c02e514" integrity sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ== @@ -12169,6 +12531,15 @@ postcss@^8.4.21, postcss@^8.4.24, postcss@^8.4.33, postcss@^8.5.10, postcss@^8.5 picocolors "^1.1.1" source-map-js "^1.2.1" +postcss@^8.4.45: + version "8.5.15" + resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.5.15.tgz#d1eaf677a324e9ec02196da2d3fecf4a0b9a735c" + integrity sha512-FfR8sjd4em2T6fb3I2MwAJU7HWVMr9zba+enmQeeWFfCbm+UOC/0X4DS8XtpUTMwWMGbjKYP7xjfNekzyGmB3A== + dependencies: + nanoid "^3.3.12" + picocolors "^1.1.1" + source-map-js "^1.2.1" + prelude-ls@^1.2.1: version "1.2.1" resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.2.1.tgz#debc6489d7a6e6b0e7611888cec880337d316396" @@ -12231,7 +12602,7 @@ prompts@^2.4.2: kleur "^3.0.3" sisteransi "^1.0.5" -prop-types@^15.6.2, prop-types@^15.7.2, prop-types@^15.8.1: +prop-types@^15.5.0, prop-types@^15.6.2, prop-types@^15.7.2, prop-types@^15.8.1: version "15.8.1" resolved "https://registry.yarnpkg.com/prop-types/-/prop-types-15.8.1.tgz#67d87bf1a694f48435cf332c24af10214a3140b5" integrity sha512-oj87CgZICdulUohogVAR7AjlC0327U4el4L6eAvOqCeudMDVU0NThNaV+b9Df4dXgSP1gXMTnPdhfe/2qDH5cg== @@ -12502,6 +12873,14 @@ react-router@5.3.4, react-router@^5.3.4: tiny-invariant "^1.0.2" tiny-warning "^1.0.0" +react-tabs@^6.0.2: + version "6.1.1" + resolved "https://registry.yarnpkg.com/react-tabs/-/react-tabs-6.1.1.tgz#c56ff0f4e3efb09caa98e0ff456aee6cf87bf2b0" + integrity sha512-CPiuKoMFf89B7QlbFfdBD9XmUWiE3qudQputMVZB8GQvPJZRX/gqjDaDWOPDwGinEfpJKEuBCkGt83Tt4efeyA== + dependencies: + clsx "^2.0.0" + prop-types "^15.5.0" + react-transition-group@^4.4.5: version "4.4.5" resolved "https://registry.yarnpkg.com/react-transition-group/-/react-transition-group-4.4.5.tgz#e53d4e3f3344da8521489fbef8f2581d42becdd1" @@ -12600,6 +12979,41 @@ recma-stringify@^1.0.0: unified "^11.0.0" vfile "^6.0.0" +redoc@2.4.0: + version "2.4.0" + resolved "https://registry.yarnpkg.com/redoc/-/redoc-2.4.0.tgz#4a978c91bfec426038001b8b6c26d1ebb7c60bb4" + integrity sha512-rFlfzFVWS9XJ6aYAs/bHnLhHP5FQEhwAHDBVgwb9L2FqDQ8Hu8rQ1G84iwaWXxZfPP9UWn7JdWkxI6MXr2ZDjw== + dependencies: + "@redocly/openapi-core" "^1.4.0" + classnames "^2.3.2" + decko "^1.2.0" + dompurify "^3.0.6" + eventemitter3 "^5.0.1" + json-pointer "^0.6.2" + lunr "^2.3.9" + mark.js "^8.11.1" + marked "^4.3.0" + mobx-react "^9.1.1" + openapi-sampler "^1.5.0" + path-browserify "^1.0.1" + perfect-scrollbar "^1.5.5" + polished "^4.2.2" + prismjs "^1.29.0" + prop-types "^15.8.1" + react-tabs "^6.0.2" + slugify "~1.4.7" + stickyfill "^1.1.1" + swagger2openapi "^7.0.8" + url-template "^2.0.8" + +redocusaurus@^2.5.0: + version "2.5.0" + resolved "https://registry.yarnpkg.com/redocusaurus/-/redocusaurus-2.5.0.tgz#295b3c9a306a441668e78a0c55120ed05457c950" + integrity sha512-QWJX2hgnEfSDb7fZzS4iZe6aqdAvm/XLCsNv6RkgDw6Pl/lsTZKipP2n1r5QS1CC5hY8eAwsjVXeF7B03vkz2g== + dependencies: + docusaurus-plugin-redoc "2.5.0" + docusaurus-theme-redoc "2.5.0" + reflect-metadata@^0.2.2: version "0.2.2" resolved "https://registry.yarnpkg.com/reflect-metadata/-/reflect-metadata-0.2.2.tgz#400c845b6cba87a21f2c65c4aeb158f4fa4d9c5b" @@ -12618,6 +13032,11 @@ reflect.getprototypeof@^1.0.4: globalthis "^1.0.3" which-builtin-type "^1.1.3" +reftools@^1.1.9: + version "1.1.9" + resolved "https://registry.yarnpkg.com/reftools/-/reftools-1.1.9.tgz#e16e19f662ccd4648605312c06d34e5da3a2b77e" + integrity sha512-OVede/NQE13xBQ+ob5CKd5KyeJYU2YInb1bmV4nRoOfquZPkAkxuOXicSe1PvqIuZZ4kD13sPKBbR7UFDmli6w== + regenerate-unicode-properties@^10.2.2: version "10.2.2" resolved "https://registry.yarnpkg.com/regenerate-unicode-properties/-/regenerate-unicode-properties-10.2.2.tgz#aa113812ba899b630658c7623466be71e1f86f66" @@ -13317,6 +13736,50 @@ shelljs@^0.9.0: interpret "^1.0.0" rechoir "^0.6.2" +should-equal@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/should-equal/-/should-equal-2.0.0.tgz#6072cf83047360867e68e98b09d71143d04ee0c3" + integrity sha512-ZP36TMrK9euEuWQYBig9W55WPC7uo37qzAEmbjHz4gfyuXrEUgF8cUvQVO+w+d3OMfPvSRQJ22lSm8MQJ43LTA== + dependencies: + should-type "^1.4.0" + +should-format@^3.0.3: + version "3.0.3" + resolved "https://registry.yarnpkg.com/should-format/-/should-format-3.0.3.tgz#9bfc8f74fa39205c53d38c34d717303e277124f1" + integrity sha512-hZ58adtulAk0gKtua7QxevgUaXTTXxIi8t41L3zo9AHvjXO1/7sdLECuHeIN2SRtYXpNkmhoUP2pdeWgricQ+Q== + dependencies: + should-type "^1.3.0" + should-type-adaptors "^1.0.1" + +should-type-adaptors@^1.0.1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/should-type-adaptors/-/should-type-adaptors-1.1.0.tgz#401e7f33b5533033944d5cd8bf2b65027792e27a" + integrity sha512-JA4hdoLnN+kebEp2Vs8eBe9g7uy0zbRo+RMcU0EsNy+R+k049Ki+N5tT5Jagst2g7EAja+euFuoXFCa8vIklfA== + dependencies: + should-type "^1.3.0" + should-util "^1.0.0" + +should-type@^1.3.0, should-type@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/should-type/-/should-type-1.4.0.tgz#0756d8ce846dfd09843a6947719dfa0d4cff5cf3" + integrity sha512-MdAsTu3n25yDbIe1NeN69G4n6mUnJGtSJHygX3+oN0ZbO3DTiATnf7XnYJdGT42JCXurTb1JI0qOBR65shvhPQ== + +should-util@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/should-util/-/should-util-1.0.1.tgz#fb0d71338f532a3a149213639e2d32cbea8bcb28" + integrity sha512-oXF8tfxx5cDk8r2kYqlkUJzZpDBqVY/II2WhvU0n9Y3XYvAYRmeaf1PvvIvTgPnv4KJ+ES5M0PyDq5Jp+Ygy2g== + +should@^13.2.1: + version "13.2.3" + resolved "https://registry.yarnpkg.com/should/-/should-13.2.3.tgz#96d8e5acf3e97b49d89b51feaa5ae8d07ef58f10" + integrity sha512-ggLesLtu2xp+ZxI+ysJTmNjh2U0TsC+rQ/pfED9bUZZ4DKefP27D+7YJVVTvKsmjLpIi9jAa7itwDGkDDmt1GQ== + dependencies: + should-equal "^2.0.0" + should-format "^3.0.3" + should-type "^1.4.0" + should-type-adaptors "^1.0.1" + should-util "^1.0.0" + side-channel-list@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/side-channel-list/-/side-channel-list-1.0.0.tgz#10cb5984263115d3b7a0e336591e290a830af8ad" @@ -13434,6 +13897,11 @@ slice-ansi@^7.0.0: ansi-styles "^6.2.1" is-fullwidth-code-point "^5.0.0" +slugify@~1.4.7: + version "1.4.7" + resolved "https://registry.yarnpkg.com/slugify/-/slugify-1.4.7.tgz#e42359d505afd84a44513280868e31202a79a628" + integrity sha512-tf+h5W1IrjNm/9rKKj0JU2MDMruiopx0jjVA5zCdBtcGjfp0+c5rHw/zADLC3IeKlGHtVbHtpfzvYA0OYT+HKg== + smart-buffer@^4.2.0: version "4.2.0" resolved "https://registry.yarnpkg.com/smart-buffer/-/smart-buffer-4.2.0.tgz#6e1d71fa4f18c05f7d0ff216dd16a481d0e8d9ae" @@ -13601,6 +14069,11 @@ std-env@^3.7.0: resolved "https://registry.yarnpkg.com/std-env/-/std-env-3.9.0.tgz#1a6f7243b339dca4c9fd55e1c7504c77ef23e8f1" integrity sha512-UGvjygr6F6tpH7o2qyqR6QYpwraIjKSdtzyBdyytFOHmPZY917kwdwLG0RbOjWOnKmnm3PeHjaoLLMie7kPLQw== +stickyfill@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/stickyfill/-/stickyfill-1.1.1.tgz#39413fee9d025c74a7e59ceecb23784cc0f17f02" + integrity sha512-GCp7vHAfpao+Qh/3Flh9DXEJ/qSi0KJwJw6zYlZOtRYXWUIpMM6mC2rIep/dK8RQqwW0KxGJIllmjPIBOGN8AA== + streamx@^2.15.0, streamx@^2.21.0: version "2.22.0" resolved "https://registry.yarnpkg.com/streamx/-/streamx-2.22.0.tgz#cd7b5e57c95aaef0ff9b2aef7905afa62ec6e4a7" @@ -13799,6 +14272,11 @@ strip-outer@^2.0.0: resolved "https://registry.yarnpkg.com/strip-outer/-/strip-outer-2.0.0.tgz#c45c724ed9b1ff6be5f660503791404f4714084b" integrity sha512-A21Xsm1XzUkK0qK1ZrytDUvqsQWict2Cykhvi0fBQntGG5JSprESasEyV1EZ/4CiR5WB5KjzLTrP/bO37B0wPg== +strnum@^2.3.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/strnum/-/strnum-2.3.0.tgz#81bfbfef53db8c3217ea62a98c026886ec4a2761" + integrity sha512-ums3KNd42PGyx5xaoVTO1mjU1bH3NpY4vsrVlnv9PNGqQj8wd7rJ6nEypLrJ7z5vxK5RP0yMLo6J/Gsm62DI5Q== + strtok3@^7.0.0-alpha.9: version "7.1.1" resolved "https://registry.yarnpkg.com/strtok3/-/strtok3-7.1.1.tgz#f548fd9dc59d0a76d5567ff8c16be31221f29dfc" @@ -13828,6 +14306,16 @@ style-to-object@^0.4.1: dependencies: inline-style-parser "0.1.1" +styled-components@^6.1.11: + version "6.4.2" + resolved "https://registry.yarnpkg.com/styled-components/-/styled-components-6.4.2.tgz#2e92f7b8a1e49f5791c80c864eddf215dd1046c6" + integrity sha512-xZBhBJsMtGqb+aKcwKgaT+BtuFums9VynX2JRvXJGTx5UfZzN12rk5r4nVdhXYvRw+hE7yiYxVrOqJZaK2+Txg== + dependencies: + "@emotion/is-prop-valid" "1.4.0" + css-to-react-native "3.2.0" + csstype "3.2.3" + stylis "4.3.6" + stylehacks@6.1.1, stylehacks@^6.1.1: version "6.1.1" resolved "https://registry.yarnpkg.com/stylehacks/-/stylehacks-6.1.1.tgz#543f91c10d17d00a440430362d419f79c25545a6" @@ -13841,7 +14329,7 @@ stylis@4.2.0: resolved "https://registry.yarnpkg.com/stylis/-/stylis-4.2.0.tgz#79daee0208964c8fe695a42fcffcac633a211a51" integrity sha512-Orov6g6BB1sDfYgzWfTHDOxamtX1bE/zo104Dh9e6fqJ3PooipYyfJ0pUmrZO2wAvO8YbEyeFrkV91XTsGMSrw== -stylis@^4.3.6: +stylis@4.3.6, stylis@^4.3.6: version "4.3.6" resolved "https://registry.yarnpkg.com/stylis/-/stylis-4.3.6.tgz#7c7b97191cb4f195f03ecab7d52f7902ed378320" integrity sha512-yQ3rwFWRfwNUY7H5vpU0wfdkNSnvnJinhF9830Swlaxl03zsOjCfmX0ugac+3LtK0lYSgwL/KXc8oYL3mG4YFQ== @@ -13903,6 +14391,23 @@ svgo@3.3.3, svgo@^3.0.2, svgo@^3.2.0: picocolors "^1.0.0" sax "^1.5.0" +swagger2openapi@^7.0.8: + version "7.0.8" + resolved "https://registry.yarnpkg.com/swagger2openapi/-/swagger2openapi-7.0.8.tgz#12c88d5de776cb1cbba758994930f40ad0afac59" + integrity sha512-upi/0ZGkYgEcLeGieoz8gT74oWHA0E7JivX7aN9mAf+Tc7BQoRBvnIGHoPDw+f9TXTW4s6kGYCZJtauP6OYp7g== + dependencies: + call-me-maybe "^1.0.1" + node-fetch "^2.6.1" + node-fetch-h2 "^2.3.0" + node-readfiles "^0.2.0" + oas-kit-common "^1.0.8" + oas-resolver "^2.5.6" + oas-schema-walker "^1.1.5" + oas-validator "^5.0.8" + reftools "^1.1.9" + yaml "^1.10.0" + yargs "^17.0.1" + swc-loader@^0.2.3, swc-loader@^0.2.6: version "0.2.6" resolved "https://registry.yarnpkg.com/swc-loader/-/swc-loader-0.2.6.tgz#bf0cba8eeff34bb19620ead81d1277fefaec6bc8" @@ -14481,6 +14986,11 @@ update-notifier@^6.0.2: semver-diff "^4.0.0" xdg-basedir "^5.1.0" +uri-js-replace@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/uri-js-replace/-/uri-js-replace-1.0.1.tgz#c285bb352b701c9dfdaeffc4da5be77f936c9048" + integrity sha512-W+C9NWNLFOoBI2QWDp4UT9pv65r2w5Cx+3sTYFvtMdDBxkKt1syCqsUdSFAChbEe1uK5TfS04wt/nGwmaeIQ0g== + uri-js@^4.2.2: version "4.4.1" resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.4.1.tgz#9b1a52595225859e55f669d928f88c6c57f2a77e" @@ -14497,6 +15007,11 @@ url-loader@^4.1.1: mime-types "^2.1.27" schema-utils "^3.0.0" +url-template@^2.0.8: + version "2.0.8" + resolved "https://registry.yarnpkg.com/url-template/-/url-template-2.0.8.tgz#fc565a3cccbff7730c775f5641f9555791439f21" + integrity sha512-XdVKMF4SJ0nP/O7XIPB0JwAEuT9lDIYnNsK8yGVe43y0AWoKeJNdv3ZNWh7ksJ6KqQFjOO6ox/VEitLnaVNufw== + urlpattern-polyfill@10.0.0: version "10.0.0" resolved "https://registry.yarnpkg.com/urlpattern-polyfill/-/urlpattern-polyfill-10.0.0.tgz#f0a03a97bfb03cdf33553e5e79a2aadd22cac8ec" @@ -14971,6 +15486,11 @@ xml-js@^1.6.11: dependencies: sax "^1.2.4" +xml-naming@^0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/xml-naming/-/xml-naming-0.1.0.tgz#8ab7106c5b8d23caa2fabac1cadf17136379fbd8" + integrity sha512-k8KO9hrMyNk6tUWqUfkTEZbezRRpONVOzUTnc97VnCvyj6Tf9lyUR9EDAIeiVLv56jsMcoXEwjW8Kv5yPY52lw== + y18n@^5.0.5: version "5.0.8" resolved "https://registry.yarnpkg.com/y18n/-/y18n-5.0.8.tgz#7f4934d0f7ca8c56f95314939ddcd2dd91ce1d55" @@ -14986,6 +15506,11 @@ yallist@^3.0.2: resolved "https://registry.yarnpkg.com/yallist/-/yallist-3.1.1.tgz#dbb7daf9bfd8bac9ab45ebf602b8cbad0d5d08fd" integrity sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g== +yaml-ast-parser@0.0.43: + version "0.0.43" + resolved "https://registry.yarnpkg.com/yaml-ast-parser/-/yaml-ast-parser-0.0.43.tgz#e8a23e6fb4c38076ab92995c5dca33f3d3d7c9bb" + integrity sha512-2PTINUwsRqSd+s8XxKaJWQlUuEMHJQyEuh2edBbW8KNJz0SJPwUSD2zRWqezFEdN7IzAgeuYHFUCF7o8zRdZ0A== + yaml@^1.10.0: version "1.10.2" resolved "https://registry.yarnpkg.com/yaml/-/yaml-1.10.2.tgz#2301c5ffbf12b467de8da2333a459e29e7920e4b" @@ -15006,7 +15531,7 @@ yargs-parser@^21.1.1: resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-21.1.1.tgz#9096bceebf990d21bb31fa9516e0ede294a77d35" integrity sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw== -yargs@>=10.0.3, yargs@^17.7.2: +yargs@>=10.0.3, yargs@^17.0.1, yargs@^17.7.2: version "17.7.2" resolved "https://registry.yarnpkg.com/yargs/-/yargs-17.7.2.tgz#991df39aca675a192b816e1e0363f9d75d2aa269" integrity sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==