Splunk 事件架构文档
LogEntry
**标题:**日志条目
| Type | object |
| Required | No |
| Additional properties | [Any type: allowed] |
描述: Equinix 可观测性服务的面向客户的日志格式。
例子:
{
"stream": {
"streamId": "b47f2eaf-d5c6-485c-a081-5d12333aa2e2",
"streamName": "Example Stream"
},
"source": {
"category": "validation",
"type": "validation_request",
"service": "metal",
"organizationId": "a2337a57-4ad0-4708-abc6-c0973055c91e"
},
"schema": "v1",
"timestamp": "2024-04-16T14:58:21.442334Z",
"level": "INFO",
"eventId": "e6de0ec4-027e-4733-aeb4-058c1fc53493",
"event": {
"eventName": "instance_provision_requested",
"status": "unauthorized",
"auth": {
"authType": "user",
"user": {
"userId": "1bec4119-a889-4809-89e9-c4572dc002ec",
"userName": "jdoe@equinix.com"
},
"role": {
"roleName": "collaborator"
}
},
"httpRequest": {
"host": "api.equinix.com",
"method": "PUT",
"path": "/metal/v1/projects/99f8e7f1-fe4a-441a-ade9-687743f080f6",
"scheme": "https",
"statusCode": 200,
"userAgent": "metal-cli/metal equinix-sdk-go/0.30.0",
"sourceIpAddress": "111.111.111.11"
},
"response": {}
}
}
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + stream | No | object | No | - | Stream |
| + source | No | object | No | - | Source |
| + schema | No | enum (of string) | No | - | Indicates the schema version of this log entry. |
| + timestamp | No | string | No | - | The timestamp at which this log entry was produced, in ISO8601 format. |
| + level | No | string | No | - | A human-readable indication of the severity level of this log entry. |
| + eventId | No | string | No | - | Unique identifier for this log event. |
| + event | No | object | No | - | Event |
1. 属性 LogEntry > stream
标题: 流媒体
| Type | object |
| Required | Yes |
| Additional properties | [Any type: allowed] |
**描述:**提供有关生成此日志条目的可观测性流的元数据;可用于在多个流写入同一目标的情况下区分数据源。
例子:
{
"streamId": "e55f79d4-0d8a-4460-a566-ff93af4f90e4",
"streamName": "Example Stream"
}
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + streamId | No | string | No | - | Unique identifier of the observability stream that produced this log entry. |
| + streamName | No | string | No | - | Name of the observability stream that produced this log entry. |
1.1. 属性 LogEntry > stream > streamId
| Type | string |
| Required | Yes |
| Format | uuid |
描述: 生成此日志条目的可观测性流的唯一标识符。
1.2. 属性 LogEntry > stream > streamName
| Type | string |
| Required | Yes |
描述: 生成此日志条目的可观测性流的名称。
例子:
"Example Stream"
2. 属性 LogEntry > source
标题:来源
| Type | object |
| Required | Yes |
| Additional properties | [Any type: allowed] |
**描述:**提供有关此日志条目来源的元数据。
例子:
{
"category": "audit",
"type": "api_request",
"service": "metal",
"organizationId": "0e714017-6d9c-4dc5-828d-b8a156502496"
}
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + category | No | enum (of string) | No | - | Groups logs into high-level application categories. |
| + type | No | enum (of string) | No | - | Differentiates types of log events withing a particular category. |
| + service | No | enum (of string) | No | - | Indicates the service that produced this log entry. |
| + organizationId | No | string | No | - | Indicates the customer Organization ID with which this log entry is associated. |
| - projectId | No | string | No | - | Indicates the customer Project ID with which this log entry is associated. |
2.1. 属性 LogEntry > source > category
| Type | enum (of string) |
| Required | Yes |
描述: 将日志分组到高级应用程序类别中。
必须是以下之一:
- “审计”
- “验证”
2.2. 属性 LogEntry > source > type
| Type | enum (of string) |
| Required | Yes |
**描述:**区分特定类别内的日志事件类型。
必须是以下之一:
- "api_request"
- "validation_request"
2.3. 属性 LogEntry > source > service
| Type | enum (of string) |
| Required | Yes |
描述: 指示生成此日志条目的服务。
必须是以下之一:
- “金属”
2.4. 属性 LogEntry > source > organizationId
| Type | string |
| Required | Yes |
| Format | uuid |
描述: 指示与此日志条目关联的客户组织 ID。
2.5. 属性 LogEntry > source > projectId
| Type | string |
| Required | No |
| Format | uuid |
描述: 指示与此日志条目关联的客户项目 ID。
3. 属性 LogEntry > schema
| Type | enum (of string) |
| Required | Yes |
描述: 指示此日志条目的架构版本。
必须是以下之一:
- “v1”
4. 属性 LogEntry > timestamp
| Type | string |
| Required | Yes |
| Format | date-time |
描述: 此日志条目生成的时间戳,采用 ISO8601 格式。
例子:
"2024-04-16T14:58:21.442334Z"
5. 属性 LogEntry > level
| Type | string |
| Required | Yes |
描述: 以人类可读的方式指示此日志条目的严重级别。
例子:
"INFO"
6. 属性 LogEntry > eventId
| Type | string |
| Required | Yes |
| Format | uuid |
描述: 此日志事件的唯一标识符。
7. 属性 LogEntry > event
标题: 活动
| Type | object |
| Required | Yes |
| Additional properties | [Any type: allowed] |
**描述:**应用程序特定的日志事件有效负载。未来具体格式将根据……而有所不同。 来源类别和类型,但目前我们使用单一的日志事件模式。
例子:
{
"eventName": "project_updated",
"status": "unauthorized",
"auth": {
"authType": "user",
"user": {
"userId": "1bec4119-a889-4809-89e9-c4572dc002ec",
"userName": "jdoe@equinix.com"
},
"role": {
"roleName": "collaborator"
}
},
"httpRequest": {
"host": "api.equinix.com",
"method": "PUT",
"path": "/metal/v1/projects/99f8e7f1-fe4a-441a-ade9-687743f080f6",
"scheme": "http",
"statusCode": 200,
"userAgent": "metal-cli/metal equinix-sdk-go/0.30.0",
"sourceIpAddress": "111.111.111.11"
},
"resource": {},
"response": {}
}
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + eventName | No | string | No | - | An application-provided name for the event. Event names should be fixed by the application (i.e. should not vary based on request parameters) to enable filtering/querying by the customer, and should carry meaning to the customer. In the case of API request logs, this would correspond to an operation name. |
| + status | No | string | No | - | An indication of the status associated with the event, e.g. request success/failure. |
| + auth | No | object | No | - | AuthInfo |
| + httpRequest | No | object | No | - | HttpRequest |
| - resource | No | object | No | - | The resource associated with the request (for future use) |
| - request | No | object | No | - | Detailed request parameters (for future use) |
| - response | No | object | No | - | Detailed response body (for future use) |
7.1. 属性 LogEntry > event > eventName
| Type | string |
| Required | Yes |
**描述:**应用程序提供的事件名称。事件名称应由应用程序固定。 (即不应根据请求参数而变化)以便客户能够进行筛选/查询,并且应包含 对客户而言,这意味着什么。在 API 请求日志中,这对应于一个操作名称。
示例:
"project_updated"
"instance_provision_requested"
7.2. 属性 LogEntry > event > status
| Type | string |
| Required | Yes |
**描述:**指示与事件相关的状态,例如请求成功/失败。
示例:
"success"
"failed"
"unauthorized"
7.3. 属性 LogEntry > event > auth
标题: 身份验证信息
| Type | object |
| Required | Yes |
| Additional properties | [Any type: allowed] |
**描述:**提供有关与主体关联的身份验证和授权信息 记录事件。大多数情况下,这将是发出请求的人。
例子:
{
"authType": "user",
"user": {
"userId": "1bec4119-a889-4809-89e9-c4572dc002ec",
"userName": "jdoe@equinix.com"
},
"role": {
"roleName": "collaborator"
}
}
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + authType | No | enum (of string) | No | - | Indicates the type of entity for the principal associated with the request. |
| + user | No | object | No | - | User |
| + role | No | object | No | - | Role |
7.3.1. 属性 LogEntry > event > auth > authType
| Type | enum (of string) |
| Required | Yes |
描述: 指示与请求关联的主体的实体类型。
必须是以下之一:
- "user"
7.3.2. 属性 LogEntry > event > auth > user
标题:用户
| Type | object |
| Required | Yes |
| Additional properties | [Any type: allowed] |
描述: 提供与日志事件关联的用户的识别信息。
例子:
{
"userId": "1bec4119-a889-4809-89e9-c4572dc002ec",
"userName": "jdoe@equinix.com"
}
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + userId | No | string | No | - | Unique user identifier; this is an opaque system-assigned ID that is not expected to be recognizable to people. |
| + userName | No | string | No | - | Provides a more human-friendly display name for the user. |
7.3.2.1. 属性 LogEntry > event > auth > user > userId
| Type | string |
| Required | Yes |
描述: 唯一用户标识符;这是一个不透明的系统分配 ID,预计不会被人识别。
例子:
"1bec4119-a889-4809-89e9-c4572dc002ec"
7.3.2.2. 属性 LogEntry > event > auth > user > userName
| Type | string |
| Required | Yes |
描述: 为用户提供更易于理解的显示名称。
例子:
"jdoe@equinix.com"
7.3.3. 属性 LogEntry > event > auth > role
**标题:**角色
| Type | object |
| Required | Yes |
| Additional properties | [Any type: allowed] |
**描述:**提供有关与日志事件关联的角色信息,该角色决定了哪些权限 允许这样做。如果负责人拥有多个角色,则表示他们在创建页面时所扮演的角色。 要求。
例子:
{
"roleName": "collaborator"
}
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + roleName | No | string | No | - | The human-friendly display name for the role. |
7.3.3.1. 属性 LogEntry > event > auth > role > roleName
| Type | string |
| Required | Yes |
**描述:**该角色的易于理解的显示名称。
例子:
"collaborator"
7.4. 属性 LogEntry > event > httpRequest
标题: HTTP 请求
| Type | object |
| Required | Yes |
| Additional properties | [Any type: allowed] |
**描述:**提供有关与日志事件关联的 HTTP 请求的详细信息(如果有的话)(目前只有)。 (永远只有一个)。
例子:
{
"host": "api.equinix.com",
"method": "PUT",
"path": "/metal/v1/projects/99f8e7f1-fe4a-441a-ade9-687743f080f6",
"scheme": "http",
"statusCode": 200,
"userAgent": "metal-cli/metal equinix-sdk-go/0.30.0",
"sourceIpAddress": "111.111.111.11"
}
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + host | No | string | No | - | The hostname to which the original HTTP request was made. |
| + method | No | string | No | - | The HTTP request method. |
| + path | No | string | No | - | The path portion of the original HTTP request URL. |
| + scheme | No | enum (of string) | No | - | The HTTP request scheme |
| + statusCode | No | integer | No | - | The HTTP status code that resulted from the processing of the request. |
| + userAgent | No | string | No | - | The user-agent that issued the request, as reported by the HTTP client. |
| + sourceIpAddress | No | string | No | - | The IP address from which the HTTP request was sent. |
7.4.1. 属性 LogEntry > event > httpRequest > host
| Type | string |
| Required | Yes |
描述: 向其发出原始 HTTP 请求的主机名。
例子:
"api.equinix.com"
7.4.2. 属性 LogEntry > event > httpRequest > method
| Type | string |
| Required | Yes |
描述: HTTP 请求方法。
例子:
"PUT"
7.4.3. 属性 LogEntry > event > httpRequest > path
| Type | string |
| Required | Yes |
**描述:**原始HTTP请求URL的路径部分。
例子:
"/metal/v1/projects/99f8e7f1-fe4a-441a-ade9-687743f080f6"
7.4.4. 属性 LogEntry > event > httpRequest > scheme
| Type | enum (of string) |
| Required | Yes |
描述: HTTP 请求方案
必须是以下之一:
- "http"
- "https"
7.4.5. 属性 LogEntry > event > httpRequest > statusCode
| Type | integer |
| Required | Yes |
描述: 处理请求后产生的 HTTP 状态代码。
例子:
200
7.4.6. 属性 LogEntry > event > httpRequest > userAgent
| Type | string |
| Required | Yes |
描述: HTTP 客户端报告的发出请求的用户代理。
例子:
"metal-cli/metal equinix-sdk-go/0.30.0"
7.4.7. 属性 LogEntry > event > httpRequest > sourceIpAddress
| Type | string |
| Required | Yes |
描述: 发送 HTTP 请求的 IP 地址。
例子:
"111.111.111.11"
7.5. 属性 LogEntry > event > resource
| Type | object |
| Required | No |
| Additional properties | [Any type: allowed] |
**描述:**与请求关联的资源(供将来使用)
例子:
{}
7.6. 属性 LogEntry > event > request
| Type | object |
| Required | No |
| Additional properties | [Any type: allowed] |
描述: 详细的请求参数(供将来使用)
例子:
{}
7.7. 属性 LogEntry > event > response
| Type | object |
| Required | No |
| Additional properties | [Any type: allowed] |
描述: 详细回复正文(供将来使用)
例子:
{}
使用 json-schema-for-humans 于2024/07/19 16:25:20 -0500 生成