sumologic.CseCustomInsight
Explore with Pulumi AI
Provides a Sumo Logic CSE Custom Insight.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as sumologic from "@pulumi/sumologic";
const customInsight = new sumologic.CseCustomInsight("custom_insight", {
    description: "Insight description",
    enabled: true,
    ordered: true,
    name: "Custom Insight Example",
    ruleIds: [
        "MATCH-S00001",
        "THRESHOLD-U00005",
    ],
    severity: "HIGH",
    signalMatchStrategy: "ENTITY",
    dynamicSeverities: [{
        minimumSignalSeverity: 8,
        insightSeverity: "CRITICAL",
    }],
    signalNames: [
        "Some Signal Name",
        "Wildcard Signal Name *",
    ],
    tags: ["_mitreAttackTactic:TA0009"],
});
import pulumi
import pulumi_sumologic as sumologic
custom_insight = sumologic.CseCustomInsight("custom_insight",
    description="Insight description",
    enabled=True,
    ordered=True,
    name="Custom Insight Example",
    rule_ids=[
        "MATCH-S00001",
        "THRESHOLD-U00005",
    ],
    severity="HIGH",
    signal_match_strategy="ENTITY",
    dynamic_severities=[{
        "minimum_signal_severity": 8,
        "insight_severity": "CRITICAL",
    }],
    signal_names=[
        "Some Signal Name",
        "Wildcard Signal Name *",
    ],
    tags=["_mitreAttackTactic:TA0009"])
package main
import (
	"github.com/pulumi/pulumi-sumologic/sdk/go/sumologic"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := sumologic.NewCseCustomInsight(ctx, "custom_insight", &sumologic.CseCustomInsightArgs{
			Description: pulumi.String("Insight description"),
			Enabled:     pulumi.Bool(true),
			Ordered:     pulumi.Bool(true),
			Name:        pulumi.String("Custom Insight Example"),
			RuleIds: pulumi.StringArray{
				pulumi.String("MATCH-S00001"),
				pulumi.String("THRESHOLD-U00005"),
			},
			Severity:            pulumi.String("HIGH"),
			SignalMatchStrategy: pulumi.String("ENTITY"),
			DynamicSeverities: sumologic.CseCustomInsightDynamicSeverityArray{
				&sumologic.CseCustomInsightDynamicSeverityArgs{
					MinimumSignalSeverity: pulumi.Int(8),
					InsightSeverity:       pulumi.String("CRITICAL"),
				},
			},
			SignalNames: pulumi.StringArray{
				pulumi.String("Some Signal Name"),
				pulumi.String("Wildcard Signal Name *"),
			},
			Tags: pulumi.StringArray{
				pulumi.String("_mitreAttackTactic:TA0009"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using SumoLogic = Pulumi.SumoLogic;
return await Deployment.RunAsync(() => 
{
    var customInsight = new SumoLogic.CseCustomInsight("custom_insight", new()
    {
        Description = "Insight description",
        Enabled = true,
        Ordered = true,
        Name = "Custom Insight Example",
        RuleIds = new[]
        {
            "MATCH-S00001",
            "THRESHOLD-U00005",
        },
        Severity = "HIGH",
        SignalMatchStrategy = "ENTITY",
        DynamicSeverities = new[]
        {
            new SumoLogic.Inputs.CseCustomInsightDynamicSeverityArgs
            {
                MinimumSignalSeverity = 8,
                InsightSeverity = "CRITICAL",
            },
        },
        SignalNames = new[]
        {
            "Some Signal Name",
            "Wildcard Signal Name *",
        },
        Tags = new[]
        {
            "_mitreAttackTactic:TA0009",
        },
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sumologic.CseCustomInsight;
import com.pulumi.sumologic.CseCustomInsightArgs;
import com.pulumi.sumologic.inputs.CseCustomInsightDynamicSeverityArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var customInsight = new CseCustomInsight("customInsight", CseCustomInsightArgs.builder()
            .description("Insight description")
            .enabled(true)
            .ordered(true)
            .name("Custom Insight Example")
            .ruleIds(            
                "MATCH-S00001",
                "THRESHOLD-U00005")
            .severity("HIGH")
            .signalMatchStrategy("ENTITY")
            .dynamicSeverities(CseCustomInsightDynamicSeverityArgs.builder()
                .minimumSignalSeverity(8)
                .insightSeverity("CRITICAL")
                .build())
            .signalNames(            
                "Some Signal Name",
                "Wildcard Signal Name *")
            .tags("_mitreAttackTactic:TA0009")
            .build());
    }
}
resources:
  customInsight:
    type: sumologic:CseCustomInsight
    name: custom_insight
    properties:
      description: Insight description
      enabled: true
      ordered: true
      name: Custom Insight Example
      ruleIds:
        - MATCH-S00001
        - THRESHOLD-U00005
      severity: HIGH
      signalMatchStrategy: ENTITY
      dynamicSeverities:
        - minimumSignalSeverity: 8
          insightSeverity: CRITICAL
      signalNames:
        - Some Signal Name
        - Wildcard Signal Name *
      tags:
        - _mitreAttackTactic:TA0009
Create CseCustomInsight Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CseCustomInsight(name: string, args: CseCustomInsightArgs, opts?: CustomResourceOptions);@overload
def CseCustomInsight(resource_name: str,
                     args: CseCustomInsightArgs,
                     opts: Optional[ResourceOptions] = None)
@overload
def CseCustomInsight(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     description: Optional[str] = None,
                     enabled: Optional[bool] = None,
                     ordered: Optional[bool] = None,
                     severity: Optional[str] = None,
                     tags: Optional[Sequence[str]] = None,
                     dynamic_severities: Optional[Sequence[CseCustomInsightDynamicSeverityArgs]] = None,
                     name: Optional[str] = None,
                     rule_ids: Optional[Sequence[str]] = None,
                     signal_match_strategy: Optional[str] = None,
                     signal_names: Optional[Sequence[str]] = None)func NewCseCustomInsight(ctx *Context, name string, args CseCustomInsightArgs, opts ...ResourceOption) (*CseCustomInsight, error)public CseCustomInsight(string name, CseCustomInsightArgs args, CustomResourceOptions? opts = null)
public CseCustomInsight(String name, CseCustomInsightArgs args)
public CseCustomInsight(String name, CseCustomInsightArgs args, CustomResourceOptions options)
type: sumologic:CseCustomInsight
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CseCustomInsightArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CseCustomInsightArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CseCustomInsightArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CseCustomInsightArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CseCustomInsightArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var cseCustomInsightResource = new SumoLogic.CseCustomInsight("cseCustomInsightResource", new()
{
    Description = "string",
    Enabled = false,
    Ordered = false,
    Severity = "string",
    Tags = new[]
    {
        "string",
    },
    DynamicSeverities = new[]
    {
        new SumoLogic.Inputs.CseCustomInsightDynamicSeverityArgs
        {
            InsightSeverity = "string",
            MinimumSignalSeverity = 0,
        },
    },
    Name = "string",
    RuleIds = new[]
    {
        "string",
    },
    SignalMatchStrategy = "string",
    SignalNames = new[]
    {
        "string",
    },
});
example, err := sumologic.NewCseCustomInsight(ctx, "cseCustomInsightResource", &sumologic.CseCustomInsightArgs{
	Description: pulumi.String("string"),
	Enabled:     pulumi.Bool(false),
	Ordered:     pulumi.Bool(false),
	Severity:    pulumi.String("string"),
	Tags: pulumi.StringArray{
		pulumi.String("string"),
	},
	DynamicSeverities: sumologic.CseCustomInsightDynamicSeverityArray{
		&sumologic.CseCustomInsightDynamicSeverityArgs{
			InsightSeverity:       pulumi.String("string"),
			MinimumSignalSeverity: pulumi.Int(0),
		},
	},
	Name: pulumi.String("string"),
	RuleIds: pulumi.StringArray{
		pulumi.String("string"),
	},
	SignalMatchStrategy: pulumi.String("string"),
	SignalNames: pulumi.StringArray{
		pulumi.String("string"),
	},
})
var cseCustomInsightResource = new CseCustomInsight("cseCustomInsightResource", CseCustomInsightArgs.builder()
    .description("string")
    .enabled(false)
    .ordered(false)
    .severity("string")
    .tags("string")
    .dynamicSeverities(CseCustomInsightDynamicSeverityArgs.builder()
        .insightSeverity("string")
        .minimumSignalSeverity(0)
        .build())
    .name("string")
    .ruleIds("string")
    .signalMatchStrategy("string")
    .signalNames("string")
    .build());
cse_custom_insight_resource = sumologic.CseCustomInsight("cseCustomInsightResource",
    description="string",
    enabled=False,
    ordered=False,
    severity="string",
    tags=["string"],
    dynamic_severities=[{
        "insight_severity": "string",
        "minimum_signal_severity": 0,
    }],
    name="string",
    rule_ids=["string"],
    signal_match_strategy="string",
    signal_names=["string"])
const cseCustomInsightResource = new sumologic.CseCustomInsight("cseCustomInsightResource", {
    description: "string",
    enabled: false,
    ordered: false,
    severity: "string",
    tags: ["string"],
    dynamicSeverities: [{
        insightSeverity: "string",
        minimumSignalSeverity: 0,
    }],
    name: "string",
    ruleIds: ["string"],
    signalMatchStrategy: "string",
    signalNames: ["string"],
});
type: sumologic:CseCustomInsight
properties:
    description: string
    dynamicSeverities:
        - insightSeverity: string
          minimumSignalSeverity: 0
    enabled: false
    name: string
    ordered: false
    ruleIds:
        - string
    severity: string
    signalMatchStrategy: string
    signalNames:
        - string
    tags:
        - string
CseCustomInsight Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CseCustomInsight resource accepts the following input properties:
- Description string
- The description of the generated Insights
- Enabled bool
- Whether the Custom Insight should generate Insights
- Ordered bool
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- Severity string
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- List<string>
- The tags of the generated Insights - The following attributes are exported: 
- DynamicSeverities List<Pulumi.Sumo Logic. Inputs. Cse Custom Insight Dynamic Severity> 
- The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- Name string
- The name of the Custom Insight and the generated Insights
- RuleIds List<string>
- The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- SignalMatch stringStrategy 
- The signal match strategy to use when generating insights (ENTITY, STRICT)
- SignalNames List<string>
- The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- Description string
- The description of the generated Insights
- Enabled bool
- Whether the Custom Insight should generate Insights
- Ordered bool
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- Severity string
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- []string
- The tags of the generated Insights - The following attributes are exported: 
- DynamicSeverities []CseCustom Insight Dynamic Severity Args 
- The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- Name string
- The name of the Custom Insight and the generated Insights
- RuleIds []string
- The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- SignalMatch stringStrategy 
- The signal match strategy to use when generating insights (ENTITY, STRICT)
- SignalNames []string
- The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- description String
- The description of the generated Insights
- enabled Boolean
- Whether the Custom Insight should generate Insights
- ordered Boolean
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- severity String
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- List<String>
- The tags of the generated Insights - The following attributes are exported: 
- dynamicSeverities List<CseCustom Insight Dynamic Severity> 
- The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- name String
- The name of the Custom Insight and the generated Insights
- ruleIds List<String>
- The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- signalMatch StringStrategy 
- The signal match strategy to use when generating insights (ENTITY, STRICT)
- signalNames List<String>
- The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- description string
- The description of the generated Insights
- enabled boolean
- Whether the Custom Insight should generate Insights
- ordered boolean
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- severity string
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- string[]
- The tags of the generated Insights - The following attributes are exported: 
- dynamicSeverities CseCustom Insight Dynamic Severity[] 
- The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- name string
- The name of the Custom Insight and the generated Insights
- ruleIds string[]
- The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- signalMatch stringStrategy 
- The signal match strategy to use when generating insights (ENTITY, STRICT)
- signalNames string[]
- The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- description str
- The description of the generated Insights
- enabled bool
- Whether the Custom Insight should generate Insights
- ordered bool
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- severity str
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- Sequence[str]
- The tags of the generated Insights - The following attributes are exported: 
- dynamic_severities Sequence[CseCustom Insight Dynamic Severity Args] 
- The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- name str
- The name of the Custom Insight and the generated Insights
- rule_ids Sequence[str]
- The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- signal_match_ strstrategy 
- The signal match strategy to use when generating insights (ENTITY, STRICT)
- signal_names Sequence[str]
- The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- description String
- The description of the generated Insights
- enabled Boolean
- Whether the Custom Insight should generate Insights
- ordered Boolean
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- severity String
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- List<String>
- The tags of the generated Insights - The following attributes are exported: 
- dynamicSeverities List<Property Map>
- The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- name String
- The name of the Custom Insight and the generated Insights
- ruleIds List<String>
- The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- signalMatch StringStrategy 
- The signal match strategy to use when generating insights (ENTITY, STRICT)
- signalNames List<String>
- The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
Outputs
All input properties are implicitly available as output properties. Additionally, the CseCustomInsight resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing CseCustomInsight Resource
Get an existing CseCustomInsight resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CseCustomInsightState, opts?: CustomResourceOptions): CseCustomInsight@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        description: Optional[str] = None,
        dynamic_severities: Optional[Sequence[CseCustomInsightDynamicSeverityArgs]] = None,
        enabled: Optional[bool] = None,
        name: Optional[str] = None,
        ordered: Optional[bool] = None,
        rule_ids: Optional[Sequence[str]] = None,
        severity: Optional[str] = None,
        signal_match_strategy: Optional[str] = None,
        signal_names: Optional[Sequence[str]] = None,
        tags: Optional[Sequence[str]] = None) -> CseCustomInsightfunc GetCseCustomInsight(ctx *Context, name string, id IDInput, state *CseCustomInsightState, opts ...ResourceOption) (*CseCustomInsight, error)public static CseCustomInsight Get(string name, Input<string> id, CseCustomInsightState? state, CustomResourceOptions? opts = null)public static CseCustomInsight get(String name, Output<String> id, CseCustomInsightState state, CustomResourceOptions options)resources:  _:    type: sumologic:CseCustomInsight    get:      id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Description string
- The description of the generated Insights
- DynamicSeverities List<Pulumi.Sumo Logic. Inputs. Cse Custom Insight Dynamic Severity> 
- The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- Enabled bool
- Whether the Custom Insight should generate Insights
- Name string
- The name of the Custom Insight and the generated Insights
- Ordered bool
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- RuleIds List<string>
- The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- Severity string
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- SignalMatch stringStrategy 
- The signal match strategy to use when generating insights (ENTITY, STRICT)
- SignalNames List<string>
- The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- List<string>
- The tags of the generated Insights - The following attributes are exported: 
- Description string
- The description of the generated Insights
- DynamicSeverities []CseCustom Insight Dynamic Severity Args 
- The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- Enabled bool
- Whether the Custom Insight should generate Insights
- Name string
- The name of the Custom Insight and the generated Insights
- Ordered bool
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- RuleIds []string
- The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- Severity string
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- SignalMatch stringStrategy 
- The signal match strategy to use when generating insights (ENTITY, STRICT)
- SignalNames []string
- The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- []string
- The tags of the generated Insights - The following attributes are exported: 
- description String
- The description of the generated Insights
- dynamicSeverities List<CseCustom Insight Dynamic Severity> 
- The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- enabled Boolean
- Whether the Custom Insight should generate Insights
- name String
- The name of the Custom Insight and the generated Insights
- ordered Boolean
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- ruleIds List<String>
- The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- severity String
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- signalMatch StringStrategy 
- The signal match strategy to use when generating insights (ENTITY, STRICT)
- signalNames List<String>
- The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- List<String>
- The tags of the generated Insights - The following attributes are exported: 
- description string
- The description of the generated Insights
- dynamicSeverities CseCustom Insight Dynamic Severity[] 
- The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- enabled boolean
- Whether the Custom Insight should generate Insights
- name string
- The name of the Custom Insight and the generated Insights
- ordered boolean
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- ruleIds string[]
- The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- severity string
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- signalMatch stringStrategy 
- The signal match strategy to use when generating insights (ENTITY, STRICT)
- signalNames string[]
- The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- string[]
- The tags of the generated Insights - The following attributes are exported: 
- description str
- The description of the generated Insights
- dynamic_severities Sequence[CseCustom Insight Dynamic Severity Args] 
- The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- enabled bool
- Whether the Custom Insight should generate Insights
- name str
- The name of the Custom Insight and the generated Insights
- ordered bool
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- rule_ids Sequence[str]
- The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- severity str
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- signal_match_ strstrategy 
- The signal match strategy to use when generating insights (ENTITY, STRICT)
- signal_names Sequence[str]
- The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- Sequence[str]
- The tags of the generated Insights - The following attributes are exported: 
- description String
- The description of the generated Insights
- dynamicSeverities List<Property Map>
- The severity of the generated Insight that is based on the severity of the Signals that trigger the Insight.
- enabled Boolean
- Whether the Custom Insight should generate Insights
- name String
- The name of the Custom Insight and the generated Insights
- ordered Boolean
- Whether the signals matching the rule IDs/signal names must be in the same chronological order as they are listed in the Custom Insight
- ruleIds List<String>
- The Rule IDs to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- severity String
- The severity of the generated Insights (CRITICAL, HIGH, MEDIUM, or LOW)
- signalMatch StringStrategy 
- The signal match strategy to use when generating insights (ENTITY, STRICT)
- signalNames List<String>
- The Signal names to match to generate an Insight (exactly one of rule_ids or signal_names must be specified)
- List<String>
- The tags of the generated Insights - The following attributes are exported: 
Supporting Types
CseCustomInsightDynamicSeverity, CseCustomInsightDynamicSeverityArgs          
- InsightSeverity string
- The severity of the generated Insight (CRITICAL, HIGH, MEDIUM, or LOW)
- MinimumSignal intSeverity 
- minimum Signal severity as the threshold for an Insight severity level
- InsightSeverity string
- The severity of the generated Insight (CRITICAL, HIGH, MEDIUM, or LOW)
- MinimumSignal intSeverity 
- minimum Signal severity as the threshold for an Insight severity level
- insightSeverity String
- The severity of the generated Insight (CRITICAL, HIGH, MEDIUM, or LOW)
- minimumSignal IntegerSeverity 
- minimum Signal severity as the threshold for an Insight severity level
- insightSeverity string
- The severity of the generated Insight (CRITICAL, HIGH, MEDIUM, or LOW)
- minimumSignal numberSeverity 
- minimum Signal severity as the threshold for an Insight severity level
- insight_severity str
- The severity of the generated Insight (CRITICAL, HIGH, MEDIUM, or LOW)
- minimum_signal_ intseverity 
- minimum Signal severity as the threshold for an Insight severity level
- insightSeverity String
- The severity of the generated Insight (CRITICAL, HIGH, MEDIUM, or LOW)
- minimumSignal NumberSeverity 
- minimum Signal severity as the threshold for an Insight severity level
Import
Custom Insights can be imported using the field id, e.g.:
hcl
$ pulumi import sumologic:index/cseCustomInsight:CseCustomInsight custom_insight id
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Sumo Logic pulumi/pulumi-sumologic
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the sumologicTerraform Provider.