createCustomLogSource method
Adds a third-party custom source in Amazon Security Lake, from the Amazon Web Services Region where you want to create a custom source. Security Lake can collect logs and events from third-party custom sources. After creating the appropriate IAM role to invoke Glue crawler, use this API to add a custom source name in Security Lake. This operation creates a partition in the Amazon S3 bucket for Security Lake as the target location for log files from the custom source. In addition, this operation also creates an associated Glue table and an Glue crawler.
May throw AccessDeniedException.
May throw BadRequestException.
May throw ConflictException.
May throw InternalServerException.
May throw ResourceNotFoundException.
May throw ThrottlingException.
Parameter configuration :
The configuration used for the third-party custom source.
Parameter sourceName :
Specify the name for a third-party custom source. This must be a
Regionally unique value. The sourceName you enter here, is
used in the LogProviderRole name which follows the convention
AmazonSecurityLake-Provider-{name of the custom
source}-{region}. You must use a CustomLogSource name
that is shorter than or equal to 20 characters. This ensures that the
LogProviderRole name is below the 64 character limit.
Parameter eventClasses :
The Open Cybersecurity Schema Framework (OCSF) event classes which
describes the type of data that the custom source will send to Security
Lake. For the list of supported event classes, see the Amazon
Security Lake User Guide.
Parameter sourceVersion :
Specify the source version for the third-party custom source, to limit log
collection to a specific version of custom data source.
Implementation
Future<CreateCustomLogSourceResponse> createCustomLogSource({
required CustomLogSourceConfiguration configuration,
required String sourceName,
List<String>? eventClasses,
String? sourceVersion,
}) async {
final $payload = <String, dynamic>{
'configuration': configuration,
'sourceName': sourceName,
if (eventClasses != null) 'eventClasses': eventClasses,
if (sourceVersion != null) 'sourceVersion': sourceVersion,
};
final response = await _protocol.send(
payload: $payload,
method: 'POST',
requestUri: '/v1/datalake/logsources/custom',
exceptionFnMap: _exceptionFns,
);
return CreateCustomLogSourceResponse.fromJson(response);
}