Class: Aws::SecurityLake::Types::DataLakeSource

Inherits:

Struct

• Object
• Struct
• Aws::SecurityLake::Types::DataLakeSource

Defined in:

gems/aws-sdk-securitylake/lib/aws-sdk-securitylake/types.rb

Overview

Amazon Security Lake collects logs and events from supported Amazon Web Services and custom sources. For the list of supported Amazon Web Services, see the Amazon Security Lake User Guide.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #account ⇒ String

  The ID of the Security Lake account for which logs are collected.

• #event_classes ⇒ Array<String>

  The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake.

• #source_name ⇒ String

  The supported Amazon Web Services from which logs and events are collected.

• #source_statuses ⇒ Array<Types::DataLakeSourceStatus>

  The log status for the Security Lake account.

Instance Attribute Details

#account ⇒ String

The ID of the Security Lake account for which logs are collected.

Returns:

• (String)

# File 'gems/aws-sdk-securitylake/lib/aws-sdk-securitylake/types.rb', line 913

class DataLakeSource < Struct.new(
  :account,
  :event_classes,
  :source_name,
  :source_statuses)
  SENSITIVE = []
  include Aws::Structure
end

#event_classes ⇒ Array<String>

The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake. The supported event classes are:

• ACCESS_ACTIVITY

• FILE_ACTIVITY

• KERNEL_ACTIVITY

• KERNEL_EXTENSION

• MEMORY_ACTIVITY

• MODULE_ACTIVITY

• PROCESS_ACTIVITY

• REGISTRY_KEY_ACTIVITY

• REGISTRY_VALUE_ACTIVITY

• RESOURCE_ACTIVITY

• SCHEDULED_JOB_ACTIVITY

• SECURITY_FINDING

• ACCOUNT_CHANGE

• AUTHENTICATION

• AUTHORIZATION

• ENTITY_MANAGEMENT_AUDIT

• DHCP_ACTIVITY

• NETWORK_ACTIVITY

• DNS_ACTIVITY

• FTP_ACTIVITY

• HTTP_ACTIVITY

• RDP_ACTIVITY

• SMB_ACTIVITY

• SSH_ACTIVITY

• CONFIG_STATE

• INVENTORY_INFO

• EMAIL_ACTIVITY

• API_ACTIVITY

• CLOUD_API

Returns:

• (Array<String>)

# File 'gems/aws-sdk-securitylake/lib/aws-sdk-securitylake/types.rb', line 913

class DataLakeSource < Struct.new(
  :account,
  :event_classes,
  :source_name,
  :source_statuses)
  SENSITIVE = []
  include Aws::Structure
end

#source_name ⇒ String

The supported Amazon Web Services from which logs and events are collected. Amazon Security Lake supports log and event collection for natively supported Amazon Web Services.

Returns:

• (String)

# File 'gems/aws-sdk-securitylake/lib/aws-sdk-securitylake/types.rb', line 913

class DataLakeSource < Struct.new(
  :account,
  :event_classes,
  :source_name,
  :source_statuses)
  SENSITIVE = []
  include Aws::Structure
end

#source_statuses ⇒ Array<Types::DataLakeSourceStatus>

The log status for the Security Lake account.

Returns:

• (Array<Types::DataLakeSourceStatus>)

# File 'gems/aws-sdk-securitylake/lib/aws-sdk-securitylake/types.rb', line 913

class DataLakeSource < Struct.new(
  :account,
  :event_classes,
  :source_name,
  :source_statuses)
  SENSITIVE = []
  include Aws::Structure
end