Class: Aws::SecurityLake::Types::DataLakeSource

Inherits:

Struct

• Object
• Struct
• Aws::SecurityLake::Types::DataLakeSource

Includes:

Aws::Structure

Defined in:

lib/aws-sdk-securitylake/types.rb

Overview

Amazon Security Lake collects logs and events from supported Amazon Web Services services and custom sources. For the list of supported Amazon Web Services services, see the [Amazon Security Lake User Guide].

[1]: docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #account ⇒ String

  The ID of the Security Lake account for which logs are collected.

• #event_classes ⇒ Array<String>

  The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake.

• #source_name ⇒ String

  The supported Amazon Web Services services from which logs and events are collected.

• #source_statuses ⇒ Array<Types::DataLakeSourceStatus>

  The log status for the Security Lake account.

Instance Attribute Details

#account ⇒ String

The ID of the Security Lake account for which logs are collected.

Returns:

• (String)

# File 'lib/aws-sdk-securitylake/types.rb', line 919

class DataLakeSource < Struct.new(
  :account,
  :event_classes,
  :source_name,
  :source_statuses)
  SENSITIVE = []
  include Aws::Structure
end

#event_classes ⇒ Array<String>

The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake. The supported event classes are:

• ‘ACCESS_ACTIVITY`

• ‘FILE_ACTIVITY`

• ‘KERNEL_ACTIVITY`

• ‘KERNEL_EXTENSION`

• ‘MEMORY_ACTIVITY`

• ‘MODULE_ACTIVITY`

• ‘PROCESS_ACTIVITY`

• ‘REGISTRY_KEY_ACTIVITY`

• ‘REGISTRY_VALUE_ACTIVITY`

• ‘RESOURCE_ACTIVITY`

• ‘SCHEDULED_JOB_ACTIVITY`

• ‘SECURITY_FINDING`

• ‘ACCOUNT_CHANGE`

• ‘AUTHENTICATION`

• ‘AUTHORIZATION`

• ‘ENTITY_MANAGEMENT_AUDIT`

• ‘DHCP_ACTIVITY`

• ‘NETWORK_ACTIVITY`

• ‘DNS_ACTIVITY`

• ‘FTP_ACTIVITY`

• ‘HTTP_ACTIVITY`

• ‘RDP_ACTIVITY`

• ‘SMB_ACTIVITY`

• ‘SSH_ACTIVITY`

• ‘CONFIG_STATE`

• ‘INVENTORY_INFO`

• ‘EMAIL_ACTIVITY`

• ‘API_ACTIVITY`

• ‘CLOUD_API`

Returns:

• (Array<String>)

# File 'lib/aws-sdk-securitylake/types.rb', line 919

class DataLakeSource < Struct.new(
  :account,
  :event_classes,
  :source_name,
  :source_statuses)
  SENSITIVE = []
  include Aws::Structure
end

#source_name ⇒ String

The supported Amazon Web Services services from which logs and events are collected. Amazon Security Lake supports log and event collection for natively supported Amazon Web Services services.

Returns:

• (String)

# File 'lib/aws-sdk-securitylake/types.rb', line 919

class DataLakeSource < Struct.new(
  :account,
  :event_classes,
  :source_name,
  :source_statuses)
  SENSITIVE = []
  include Aws::Structure
end

#source_statuses ⇒ Array<Types::DataLakeSourceStatus>

The log status for the Security Lake account.

Returns:

• (Array<Types::DataLakeSourceStatus>)

# File 'lib/aws-sdk-securitylake/types.rb', line 919

class DataLakeSource < Struct.new(
  :account,
  :event_classes,
  :source_name,
  :source_statuses)
  SENSITIVE = []
  include Aws::Structure
end