| Interface | Description |
|---|---|
| EventFilterPayloadInterface |
Interface representing a payload filter
|
| Class | Description |
|---|---|
| Alert |
Payload parser for incoming alert events
|
| AmoDocker |
Payload parser for AMO docker logs
|
| ApacheCombined |
Payload parser for Apache combined log format
|
| Auth0 |
Payload parser for Auth0 logs
|
| BmoAudit |
Payload parser for BMO Mozlog audit data
|
| CfgTick |
Payload parser for configuration ticks
|
| Cloudtrail |
Payload parser for Cloudtrail events
|
| Duopull |
Payload parser for Duopull audit trail log data
|
| ETDBeta |
Payload parser for GCP ETD Finding data
|
| Event |
Represents a high level event after being processed by a
Parser. |
| EventFilter |
Event filtering and matching
|
| EventFilterPayload |
Can be associated with
EventFilterRule for payload matching |
| EventFilterPayloadDeserializer |
Custom deserialization for payload filter implementations
|
| EventFilterPayloadOr |
A special class of payload filter that supports applying OR logic to matching.
|
| EventFilterPayloadRange<T extends Comparable<T>> |
Numeric range comparison for use in
EventFilter |
| EventFilterRule |
Rule within an event filter
|
| FxaAuth |
Payload parser for FxA authentication server log data
|
| FxaContent |
Payload parser for FxA content server log data
|
| GcpAudit |
Payload parser for GCP audit log data.
|
| GcpVpcFlow |
Payload parser for GCP VPC flow logs
|
| GeoIP |
GeoIP resolution
|
| GeoIP.GeoIPData |
Helper class for storing GeoIP related attributes, and for resolving the attributes according
to the resolution mode.
|
| GLB |
Payload parser for Google Load Balancer log data.
|
| GuardDuty |
Payload parser for AWS GuardDuty Finding data
|
| IPrepdLog |
Payload parser for IPrepd logs
|
| KeyedEvent |
Represents an event keyed with a particular string
|
| Mozlog |
Mozlog event encapsulation
|
| Nginx |
Payload parser for nginx log data
|
| Normalized |
Normalized event data
|
| OpenSSH |
Payload parser for OpenSSH log data
|
| Parser |
Event parser
|
| ParserCfg |
Represents configuration data used to configure an instance of a
Parser |
| ParserDoFn |
DoFn applying simple event parsing operations |
| ParserMetrics |
Beam metrics generated by various parser functions
|
| ParserMultiDoFn |
Process an incoming raw event feed using multiple parser configurations
|
| Payload<T extends PayloadBase> |
Encapsulation for parsed payload data
|
| PayloadBase |
Base class for payloads
|
| Phabricator |
Payload parser for Phabricator audit logs
|
| PrivateRelay |
Payload parser for Private Relay logs
|
| Raw |
Raw payload data
|
| SourcePayloadBase |
Extension of
PayloadBase that unifies source address field handling |
| Taskcluster |
Payload parser for Taskcluster log data
|
| Enum | Description |
|---|---|
| AmoDocker.EventType | |
| BmoAudit.AuditType | |
| EventFilterPayload.IntegerProperty |
Properties match integers from various payload event types
|
| EventFilterPayload.StringProperty |
Properties match strings from various payload event types
|
| FxaAuth.EventSummary |
Event summary is determined based on source event fields
|
| FxaContent.RequestType |
Type of server.request.route event based on path
|
| GeoIP.GeoIPData.GeoResolutionMode |
The resolution mode for GeoIP attributes.
|
| Normalized.StatusTag |
Status tags is used to track processing state, for example if an event needs additional
analysis after the parsing step
|
| Normalized.Type |
Normalized event types
|
| Payload.PayloadType |
Type of payload data stored
|
| PrivateRelay.EventType |
Log event type
|
| Exception | Description |
|---|---|
| Parser.EventTooOldException |
Indicates the extracted event timestamp was too old
|
Copyright © 2022. All rights reserved.