extraction_rules

Overview

Name	`extraction_rules`
Type	Resource
Id	`sumologic.extraction_rules.extraction_rules`

Name	Datatype	Description
`id`	`string`	Unique identifier for the field extraction rule.
`name`	`string`	Name of the field extraction rule. Use a name that makes it easy to identify the rule.
`scope`	`string`	Scope of the field extraction rule. This could be a sourceCategory, sourceHost, or any other metadata that describes the data you want to extract from. Think of the Scope as the first portion of an ad hoc search, before the first pipe ( \| ). You'll use the Scope to run a search against the rule.
`modifiedAt`	`string`	Last modification timestamp in UTC.
`enabled`	`boolean`	Is the field extraction rule enabled.
`modifiedBy`	`string`	Identifier of the user who last modified the resource.
`createdAt`	`string`	Creation timestamp in UTC in RFC3339 format.
`createdBy`	`string`	Identifier of the user who created the resource.
`parseExpression`	`string`	Describes the fields to be parsed.
`fieldNames`	`array`	List of extracted fields from "parseExpression".

Name	Accessible by	Required Params	Description
`getExtractionRule`	`SELECT`	`id, region`	Get a field extraction rule with the given identifier.
`listExtractionRules`	`SELECT`	`region`	Get a list of all field extraction rules. The response is paginated with a default limit of 100 field extraction rules per page.
`createExtractionRule`	`INSERT`	`region`	Create a new field extraction rule.
`deleteExtractionRule`	`DELETE`	`id, region`	Delete a field extraction rule with the given identifier.
`updateExtractionRule`	`EXEC`	`id, region`	Update an existing field extraction rule. All properties specified in the request are replaced. Missing properties are set to their default values.