Splunk Event Schema Documentation
LogEntry
Title: LogEntry
Type | object |
Required | No |
Additional properties | [Any type: allowed] |
Description: The customer-facing log format for the Equinix Observability Service.
Example:
{
"stream": {
"streamId": "b47f2eaf-d5c6-485c-a081-5d12333aa2e2",
"streamName": "Example Stream"
},
"source": {
"category": "validation",
"type": "validation_request",
"service": "metal",
"organizationId": "a2337a57-4ad0-4708-abc6-c0973055c91e"
},
"schema": "v1",
"timestamp": "2024-04-16T14:58:21.442334Z",
"level": "INFO",
"eventId": "e6de0ec4-027e-4733-aeb4-058c1fc53493",
"event": {
"eventName": "instance_provision_requested",
"status": "unauthorized",
"auth": {
"authType": "user",
"user": {
"userId": "1bec4119-a889-4809-89e9-c4572dc002ec",
"userName": "jdoe@equinix.com"
},
"role": {
"roleName": "collaborator"
}
},
"httpRequest": {
"host": "api.equinix.com",
"method": "PUT",
"path": "/metal/v1/projects/99f8e7f1-fe4a-441a-ade9-687743f080f6",
"scheme": "https",
"statusCode": 200,
"userAgent": "metal-cli/metal equinix-sdk-go/0.30.0",
"sourceIpAddress": "111.111.111.11"
},
"response": {}
}
}
Property | Pattern | Type | Deprecated | Definition | Title/Description |
---|---|---|---|---|---|
+ stream | No | object | No | - | Stream |
+ source | No | object | No | - | Source |
+ schema | No | enum (of string) | No | - | Indicates the schema version of this log entry. |
+ timestamp | No | string | No | - | The timestamp at which this log entry was produced, in ISO8601 format. |
+ level | No | string | No | - | A human-readable indication of the severity level of this log entry. |
+ eventId | No | string | No | - | Unique identifier for this log event. |
+ event | No | object | No | - | Event |
1. Property LogEntry > stream
Title: Stream
Type | object |
Required | Yes |
Additional properties | [Any type: allowed] |
Description: Provides metadata about the observability stream that produced this log entry; can be used to differentiate data sources in situations where multiple streams are writing to the same destination.
Example:
{
"streamId": "e55f79d4-0d8a-4460-a566-ff93af4f90e4",
"streamName": "Example Stream"
}
Property | Pattern | Type | Deprecated | Definition | Title/Description |
---|---|---|---|---|---|
+ streamId | No | string | No | - | Unique identifier of the observability stream that produced this log entry. |
+ streamName | No | string | No | - | Name of the observability stream that produced this log entry. |
1.1. Property LogEntry > stream > streamId
Type | string |
Required | Yes |
Format | uuid |
Description: Unique identifier of the observability stream that produced this log entry.
1.2. Property LogEntry > stream > streamName
Type | string |
Required | Yes |
Description: Name of the observability stream that produced this log entry.
Example:
"Example Stream"
2. Property LogEntry > source
Title: Source
Type | object |
Required | Yes |
Additional properties | [Any type: allowed] |
Description: Provides metadata about the source from which this log entry originated.
Example:
{
"category": "audit",
"type": "api_request",
"service": "metal",
"organizationId": "0e714017-6d9c-4dc5-828d-b8a156502496"
}
Property | Pattern | Type | Deprecated | Definition | Title/Description |
---|---|---|---|---|---|
+ category | No | enum (of string) | No | - | Groups logs into high-level application categories. |
+ type | No | enum (of string) | No | - | Differentiates types of log events withing a particular category. |
+ service | No | enum (of string) | No | - | Indicates the service that produced this log entry. |
+ organizationId | No | string | No | - | Indicates the customer Organization ID with which this log entry is associated. |
- projectId | No | string | No | - | Indicates the customer Project ID with which this log entry is associated. |
2.1. Property LogEntry > source > category
Type | enum (of string) |
Required | Yes |
Description: Groups logs into high-level application categories.
Must be one of:
- "audit"
- "validation"
2.2. Property LogEntry > source > type
Type | enum (of string) |
Required | Yes |
Description: Differentiates types of log events withing a particular category.
Must be one of:
- "api_request"
- "validation_request"
2.3. Property LogEntry > source > service
Type | enum (of string) |
Required | Yes |
Description: Indicates the service that produced this log entry.
Must be one of:
- "metal"
2.4. Property LogEntry > source > organizationId
Type | string |
Required | Yes |
Format | uuid |
Description: Indicates the customer Organization ID with which this log entry is associated.
2.5. Property LogEntry > source > projectId
Type | string |
Required | No |
Format | uuid |
Description: Indicates the customer Project ID with which this log entry is associated.
3. Property LogEntry > schema
Type | enum (of string) |
Required | Yes |
Description: Indicates the schema version of this log entry.
Must be one of:
- "v1"
4. Property LogEntry > timestamp
Type | string |
Required | Yes |
Format | date-time |
Description: The timestamp at which this log entry was produced, in ISO8601 format.
Example:
"2024-04-16T14:58:21.442334Z"
5. Property LogEntry > level
Type | string |
Required | Yes |
Description: A human-readable indication of the severity level of this log entry.
Example:
"INFO"
6. Property LogEntry > eventId
Type | string |
Required | Yes |
Format | uuid |
Description: Unique identifier for this log event.
7. Property LogEntry > event
Title: Event
Type | object |
Required | Yes |
Additional properties | [Any type: allowed] |
Description: The application-specific log event payload. In the future the specific format will vary based on the source category and type, but for now we use a single log event schema.
Example:
{
"eventName": "project_updated",
"status": "unauthorized",
"auth": {
"authType": "user",
"user": {
"userId": "1bec4119-a889-4809-89e9-c4572dc002ec",
"userName": "jdoe@equinix.com"
},
"role": {
"roleName": "collaborator"
}
},
"httpRequest": {
"host": "api.equinix.com",
"method": "PUT",
"path": "/metal/v1/projects/99f8e7f1-fe4a-441a-ade9-687743f080f6",
"scheme": "http",
"statusCode": 200,
"userAgent": "metal-cli/metal equinix-sdk-go/0.30.0",
"sourceIpAddress": "111.111.111.11"
},
"resource": {},
"response": {}
}
Property | Pattern | Type | Deprecated | Definition | Title/Description |
---|---|---|---|---|---|
+ eventName | No | string | No | - | An application-provided name for the event. Event names should be fixed by the application (i.e. should not vary based on request parameters) to enable filtering/querying by the customer, and should carry meaning to the customer. In the case of API request logs, this would correspond to an operation name. |
+ status | No | string | No | - | An indication of the status associated with the event, e.g. request success/failure. |
+ auth | No | object | No | - | AuthInfo |
+ httpRequest | No | object | No | - | HttpRequest |
- resource | No | object | No | - | The resource associated with the request (for future use) |
- request | No | object | No | - | Detailed request parameters (for future use) |
- response | No | object | No | - | Detailed response body (for future use) |
7.1. Property LogEntry > event > eventName
Type | string |
Required | Yes |
Description: An application-provided name for the event. Event names should be fixed by the application (i.e. should not vary based on request parameters) to enable filtering/querying by the customer, and should carry meaning to the customer. In the case of API request logs, this would correspond to an operation name.
Examples:
"project_updated"
"instance_provision_requested"
7.2. Property LogEntry > event > status
Type | string |
Required | Yes |
Description: An indication of the status associated with the event, e.g. request success/failure.
Examples:
"success"
"failed"
"unauthorized"
7.3. Property LogEntry > event > auth
Title: AuthInfo
Type | object |
Required | Yes |
Additional properties | [Any type: allowed] |
Description: Provides authentication and authorization information about the principal associated with the log event. In most cases, this will be the one who made the request.
Example:
{
"authType": "user",
"user": {
"userId": "1bec4119-a889-4809-89e9-c4572dc002ec",
"userName": "jdoe@equinix.com"
},
"role": {
"roleName": "collaborator"
}
}
Property | Pattern | Type | Deprecated | Definition | Title/Description |
---|---|---|---|---|---|
+ authType | No | enum (of string) | No | - | Indicates the type of entity for the principal associated with the request. |
+ user | No | object | No | - | User |
+ role | No | object | No | - | Role |
7.3.1. Property LogEntry > event > auth > authType
Type | enum (of string) |
Required | Yes |
Description: Indicates the type of entity for the principal associated with the request.
Must be one of:
- "user"
7.3.2. Property LogEntry > event > auth > user
Title: User
Type | object |
Required | Yes |
Additional properties | [Any type: allowed] |
Description: Provides identifying information about the user associated with the log event.
Example:
{
"userId": "1bec4119-a889-4809-89e9-c4572dc002ec",
"userName": "jdoe@equinix.com"
}
Property | Pattern | Type | Deprecated | Definition | Title/Description |
---|---|---|---|---|---|
+ userId | No | string | No | - | Unique user identifier; this is an opaque system-assigned ID that is not expected to be recognizable to people. |
+ userName | No | string | No | - | Provides a more human-friendly display name for the user. |
7.3.2.1. Property LogEntry > event > auth > user > userId
Type | string |
Required | Yes |
Description: Unique user identifier; this is an opaque system-assigned ID that is not expected to be recognizable to people.
Example:
"1bec4119-a889-4809-89e9-c4572dc002ec"
7.3.2.2. Property LogEntry > event > auth > user > userName
Type | string |
Required | Yes |
Description: Provides a more human-friendly display name for the user.
Example:
"jdoe@equinix.com"
7.3.3. Property LogEntry > event > auth > role
Title: Role
Type | object |
Required | Yes |
Additional properties | [Any type: allowed] |
Description: Provides information about the role associated with the log event, which determines what permissions are allowed. If the principal has access to multiple roles, this indicates the one they assumed when making the request.
Example:
{
"roleName": "collaborator"
}
Property | Pattern | Type | Deprecated | Definition | Title/Description |
---|---|---|---|---|---|
+ roleName | No | string | No | - | The human-friendly display name for the role. |
7.3.3.1. Property LogEntry > event > auth > role > roleName
Type | string |
Required | Yes |
Description: The human-friendly display name for the role.
Example:
"collaborator"
7.4. Property LogEntry > event > httpRequest
Title: HttpRequest
Type | object |
Required | Yes |
Additional properties | [Any type: allowed] |
Description: Provides details about the HTTP request associated with the log event, if there is one (for now, there will always be one).
Example:
{
"host": "api.equinix.com",
"method": "PUT",
"path": "/metal/v1/projects/99f8e7f1-fe4a-441a-ade9-687743f080f6",
"scheme": "http",
"statusCode": 200,
"userAgent": "metal-cli/metal equinix-sdk-go/0.30.0",
"sourceIpAddress": "111.111.111.11"
}
Property | Pattern | Type | Deprecated | Definition | Title/Description |
---|---|---|---|---|---|
+ host | No | string | No | - | The hostname to which the original HTTP request was made. |
+ method | No | string | No | - | The HTTP request method. |
+ path | No | string | No | - | The path portion of the original HTTP request URL. |
+ scheme | No | enum (of string) | No | - | The HTTP request scheme |
+ statusCode | No | integer | No | - | The HTTP status code that resulted from the processing of the request. |
+ userAgent | No | string | No | - | The user-agent that issued the request, as reported by the HTTP client. |
+ sourceIpAddress | No | string | No | - | The IP address from which the HTTP request was sent. |
7.4.1. Property LogEntry > event > httpRequest > host
Type | string |
Required | Yes |
Description: The hostname to which the original HTTP request was made.
Example:
"api.equinix.com"
7.4.2. Property LogEntry > event > httpRequest > method
Type | string |
Required | Yes |
Description: The HTTP request method.
Example:
"PUT"
7.4.3. Property LogEntry > event > httpRequest > path
Type | string |
Required | Yes |
Description: The path portion of the original HTTP request URL.
Example:
"/metal/v1/projects/99f8e7f1-fe4a-441a-ade9-687743f080f6"
7.4.4. Property LogEntry > event > httpRequest > scheme
Type | enum (of string) |
Required | Yes |
Description: The HTTP request scheme
Must be one of:
- "http"
- "https"
7.4.5. Property LogEntry > event > httpRequest > statusCode
Type | integer |
Required | Yes |
Description: The HTTP status code that resulted from the processing of the request.
Example:
200
7.4.6. Property LogEntry > event > httpRequest > userAgent
Type | string |
Required | Yes |
Description: The user-agent that issued the request, as reported by the HTTP client.
Example:
"metal-cli/metal equinix-sdk-go/0.30.0"
7.4.7. Property LogEntry > event > httpRequest > sourceIpAddress
Type | string |
Required | Yes |
Description: The IP address from which the HTTP request was sent.
Example:
"111.111.111.11"
7.5. Property LogEntry > event > resource
Type | object |
Required | No |
Additional properties | [Any type: allowed] |
Description: The resource associated with the request (for future use)
Example:
{}
7.6. Property LogEntry > event > request
Type | object |
Required | No |
Additional properties | [Any type: allowed] |
Description: Detailed request parameters (for future use)
Example:
{}
7.7. Property LogEntry > event > response
Type | object |
Required | No |
Additional properties | [Any type: allowed] |
Description: Detailed response body (for future use)
Example:
{}
Generated using json-schema-for-humans on 2024-07-19 at 16:25:20 -0500