Class ParseToOCSF

java.lang.Object
software.amazon.awssdk.services.cloudwatchlogs.model.ParseToOCSF
All Implemented Interfaces:
Serializable, SdkPojo, ToCopyableBuilder<ParseToOCSF.Builder,ParseToOCSF>
@Generated("software.amazon.awssdk:codegen") public final class ParseToOCSF extends Object implements SdkPojo, Serializable, ToCopyableBuilder<ParseToOCSF.Builder,ParseToOCSF>

This processor converts logs into Open Cybersecurity Schema Framework (OCSF) events.

For more information about this processor including examples, see parseToOSCF in the CloudWatch Logs User Guide.

See Also:

  • Method Details

    • source

      public final String source()

      The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed.

      Returns:
      The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed.

    • eventSource

      public final EventSource eventSource()

      Specify the service or process that produces the log events that will be converted with this processor.

      If the service returns an enum value that is not available in the current SDK version, eventSource will return EventSource.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from eventSourceAsString().

      Returns:
      Specify the service or process that produces the log events that will be converted with this processor.
      See Also:

    • eventSourceAsString

      public final String eventSourceAsString()

      Specify the service or process that produces the log events that will be converted with this processor.

      If the service returns an enum value that is not available in the current SDK version, eventSource will return EventSource.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from eventSourceAsString().

      Returns:
      Specify the service or process that produces the log events that will be converted with this processor.
      See Also:

    • ocsfVersion

      public final OCSFVersion ocsfVersion()

      Specify which version of the OCSF schema to use for the transformed log events.

      If the service returns an enum value that is not available in the current SDK version, ocsfVersion will return OCSFVersion.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from ocsfVersionAsString().

      Returns:
      Specify which version of the OCSF schema to use for the transformed log events.
      See Also:

    • ocsfVersionAsString

      public final String ocsfVersionAsString()

      Specify which version of the OCSF schema to use for the transformed log events.

      If the service returns an enum value that is not available in the current SDK version, ocsfVersion will return OCSFVersion.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from ocsfVersionAsString().

      Returns:
      Specify which version of the OCSF schema to use for the transformed log events.
      See Also:

    • toBuilder

      public ParseToOCSF.Builder toBuilder()
      Description copied from interface: ToCopyableBuilder
      Take this object and create a builder that contains all of the current property values of this object.
      Specified by:
      toBuilder in interface ToCopyableBuilder<ParseToOCSF.Builder,ParseToOCSF>
      Returns:
      a builder for type T

    • builder

      public static ParseToOCSF.Builder builder()

    • serializableBuilderClass

      public static Class<? extends ParseToOCSF.Builder> serializableBuilderClass()

    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public final boolean equals(Object obj)
      Overrides:
      equals in class Object

    • equalsBySdkFields

      public final boolean equalsBySdkFields(Object obj)
      Description copied from interface: SdkPojo
      Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in an SdkPojo class, and is generated based on a service model.

      If an SdkPojo class does not have any inherited fields, equalsBySdkFields and equals are essentially the same.

      Specified by:
      equalsBySdkFields in interface SdkPojo
      Parameters:
      obj - the object to be compared with
      Returns:
      true if the other object equals to this object by sdk fields, false otherwise.

    • toString

      public final String toString()
      Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
      Overrides:
      toString in class Object

    • getValueForField

      public final <T> Optional<T> getValueForField(String fieldName, Class<T> clazz)

    • sdkFields

      public final List<SdkField<?>> sdkFields()
      Specified by:
      sdkFields in interface SdkPojo
      Returns:
      List of SdkField in this POJO. May be empty list but should never be null.

    • sdkFieldNameToField

      public final Map<String,SdkField<?>> sdkFieldNameToField()
      Specified by:
      sdkFieldNameToField in interface SdkPojo
      Returns:
      The mapping between the field name and its corresponding field.