Package software.amazon.awssdk.services.securitylake.model

Interface DataLakeSource.Builder

All Superinterfaces:
Buildable, CopyableBuilder<DataLakeSource.Builder,DataLakeSource>, SdkBuilder<DataLakeSource.Builder,DataLakeSource>, SdkPojo
Enclosing class:
DataLakeSource
public static interface DataLakeSource.Builder extends SdkPojo, CopyableBuilder<DataLakeSource.Builder,DataLakeSource>

  • Method Details

    • account

      DataLakeSource.Builder account(String account)

      The ID of the Security Lake account for which logs are collected.

      Parameters:
      account - The ID of the Security Lake account for which logs are collected.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • eventClasses

      DataLakeSource.Builder eventClasses(Collection<String> eventClasses)

      The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake. The supported event classes are:

      • ACCESS_ACTIVITY

      • FILE_ACTIVITY

      • KERNEL_ACTIVITY

      • KERNEL_EXTENSION

      • MEMORY_ACTIVITY

      • MODULE_ACTIVITY

      • PROCESS_ACTIVITY

      • REGISTRY_KEY_ACTIVITY

      • REGISTRY_VALUE_ACTIVITY

      • RESOURCE_ACTIVITY

      • SCHEDULED_JOB_ACTIVITY

      • SECURITY_FINDING

      • ACCOUNT_CHANGE

      • AUTHENTICATION

      • AUTHORIZATION

      • ENTITY_MANAGEMENT_AUDIT

      • DHCP_ACTIVITY

      • NETWORK_ACTIVITY

      • DNS_ACTIVITY

      • FTP_ACTIVITY

      • HTTP_ACTIVITY

      • RDP_ACTIVITY

      • SMB_ACTIVITY

      • SSH_ACTIVITY

      • CONFIG_STATE

      • INVENTORY_INFO

      • EMAIL_ACTIVITY

      • API_ACTIVITY

      • CLOUD_API

      Parameters:
      eventClasses - The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake. The supported event classes are:

      • ACCESS_ACTIVITY

      • FILE_ACTIVITY

      • KERNEL_ACTIVITY

      • KERNEL_EXTENSION

      • MEMORY_ACTIVITY

      • MODULE_ACTIVITY

      • PROCESS_ACTIVITY

      • REGISTRY_KEY_ACTIVITY

      • REGISTRY_VALUE_ACTIVITY

      • RESOURCE_ACTIVITY

      • SCHEDULED_JOB_ACTIVITY

      • SECURITY_FINDING

      • ACCOUNT_CHANGE

      • AUTHENTICATION

      • AUTHORIZATION

      • ENTITY_MANAGEMENT_AUDIT

      • DHCP_ACTIVITY

      • NETWORK_ACTIVITY

      • DNS_ACTIVITY

      • FTP_ACTIVITY

      • HTTP_ACTIVITY

      • RDP_ACTIVITY

      • SMB_ACTIVITY

      • SSH_ACTIVITY

      • CONFIG_STATE

      • INVENTORY_INFO

      • EMAIL_ACTIVITY

      • API_ACTIVITY

      • CLOUD_API

      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • eventClasses

      DataLakeSource.Builder eventClasses(String... eventClasses)

      The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake. The supported event classes are:

      • ACCESS_ACTIVITY

      • FILE_ACTIVITY

      • KERNEL_ACTIVITY

      • KERNEL_EXTENSION

      • MEMORY_ACTIVITY

      • MODULE_ACTIVITY

      • PROCESS_ACTIVITY

      • REGISTRY_KEY_ACTIVITY

      • REGISTRY_VALUE_ACTIVITY

      • RESOURCE_ACTIVITY

      • SCHEDULED_JOB_ACTIVITY

      • SECURITY_FINDING

      • ACCOUNT_CHANGE

      • AUTHENTICATION

      • AUTHORIZATION

      • ENTITY_MANAGEMENT_AUDIT

      • DHCP_ACTIVITY

      • NETWORK_ACTIVITY

      • DNS_ACTIVITY

      • FTP_ACTIVITY

      • HTTP_ACTIVITY

      • RDP_ACTIVITY

      • SMB_ACTIVITY

      • SSH_ACTIVITY

      • CONFIG_STATE

      • INVENTORY_INFO

      • EMAIL_ACTIVITY

      • API_ACTIVITY

      • CLOUD_API

      Parameters:
      eventClasses - The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake. The supported event classes are:

      • ACCESS_ACTIVITY

      • FILE_ACTIVITY

      • KERNEL_ACTIVITY

      • KERNEL_EXTENSION

      • MEMORY_ACTIVITY

      • MODULE_ACTIVITY

      • PROCESS_ACTIVITY

      • REGISTRY_KEY_ACTIVITY

      • REGISTRY_VALUE_ACTIVITY

      • RESOURCE_ACTIVITY

      • SCHEDULED_JOB_ACTIVITY

      • SECURITY_FINDING

      • ACCOUNT_CHANGE

      • AUTHENTICATION

      • AUTHORIZATION

      • ENTITY_MANAGEMENT_AUDIT

      • DHCP_ACTIVITY

      • NETWORK_ACTIVITY

      • DNS_ACTIVITY

      • FTP_ACTIVITY

      • HTTP_ACTIVITY

      • RDP_ACTIVITY

      • SMB_ACTIVITY

      • SSH_ACTIVITY

      • CONFIG_STATE

      • INVENTORY_INFO

      • EMAIL_ACTIVITY

      • API_ACTIVITY

      • CLOUD_API

      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • sourceName

      DataLakeSource.Builder sourceName(String sourceName)

      The supported Amazon Web Services from which logs and events are collected. Amazon Security Lake supports log and event collection for natively supported Amazon Web Services.

      Parameters:
      sourceName - The supported Amazon Web Services from which logs and events are collected. Amazon Security Lake supports log and event collection for natively supported Amazon Web Services.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • sourceStatuses

      DataLakeSource.Builder sourceStatuses(Collection<DataLakeSourceStatus> sourceStatuses)

      The log status for the Security Lake account.

      Parameters:
      sourceStatuses - The log status for the Security Lake account.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • sourceStatuses

      DataLakeSource.Builder sourceStatuses(DataLakeSourceStatus... sourceStatuses)

      The log status for the Security Lake account.

      Parameters:
      sourceStatuses - The log status for the Security Lake account.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • sourceStatuses

      DataLakeSource.Builder sourceStatuses(Consumer<DataLakeSourceStatus.Builder>... sourceStatuses)

      The log status for the Security Lake account.

      This is a convenience method that creates an instance of the DataLakeSourceStatus.Builder avoiding the need to create one manually via DataLakeSourceStatus.builder().

      When the Consumer completes, SdkBuilder.build() is called immediately and its result is passed to sourceStatuses(List<DataLakeSourceStatus>).

      Parameters:
      sourceStatuses - a consumer that will call methods on DataLakeSourceStatus.Builder
      Returns:
      Returns a reference to this object so that method calls can be chained together.
      See Also: