Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

GET /config/event_sources/log_source_management/protocol_types

Retrieves the list of protocol types. Requires the System Administrator, Security Admin, or Manage Log Sources permission.

Table 1: GET /config/event_sources/log_source_management/protocol_types Resource Details

MIME Type

application/json

Table 2: GET /config/event_sources/log_source_management/protocol_types Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

filter

query

Optional

String

text/plain

Optional - This parameter is used to restrict the elements in a list base on the contents of various fields.

Range

header

Optional

String

text/plain

Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero.

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 3: GET /config/event_sources/log_source_management/protocol_types Response Codes

HTTP Response Code

Unique Code

Description

200

 

The protocol types were retrieved successfully.

500

1020

An error occurred during the attempt to retrieve the protocols.

Response Description

The list of all protocol types. A protocol type contains the following fields:

  • id - Long - The ID of the protocol type.

  • name - String - The unique name of the protocol type.

  • version - String - The version of the protocol type component.

  • latest_version - String - The latest available version of the protocol type component.

  • gateway_supported - Boolean - If this protocol type can be configured for a gateway log source, the condition is set to 'true'; otherwise, the condition is set to 'false'. A gateway log source is a stand-alone protocol configuration. The log source receives no events itself, and serves as a host for a protocol configuration that retrieves event data to feed other log sources. It acts as a "gateway" for events from multiple systems to enter the event pipeline. Not all protocol types can be used as a gateway if they don't support collecting event data from multiple sources.

  • inbound - Boolean - Indicates whether this is an inbound protocol.

  • parameters - Array - The parameters of this protocol type.

  • parameter_groups - Array - The parameter groups of this protocol type.

  • testing_capabilities - Object - The testing capabilities of this protocol type. These describe the capabilities of the Log Source Testing API for Log Sources using this Protocol Type.

A parameter contains the following fields:

  • id - Long - The ID of the parameter.

  • name - String - The name of the parameter.

  • type - Enumeration - The type of the parameter. Possible values are: STRING, TEXT, INTEGER, REAL, BOOLEAN, DATE, TIME, DATETIME, INTERVAL, HOST, PASSWORD, REGEX

  • group_id - Number - The ID of the protocol parameter group that this parameter belongs to. The group_id is optional.

  • required - Boolean - If the parameter is mandatory, the condition is set to 'true'; otherwise, the condition is set to 'false'.

  • min_length - Integer - The minimum length of the parameter value for the following parameter types: STRING, TEXT, HOST, PASSWORD, REGEX. The min_length is optional.

  • max_length - Integer - The maximum length of the parameter value for the following parameter types: STRING, TEXT, HOST, PASSWORD, REGEX. The max_length is optional.

  • min_value - String - The minimum of the parameter value for the following parameter types: INTEGER, REAL, DATE, TIME, DATETIME, INTERVAL. The min_value is optional.

  • max_value - String - The maximum of the parameter value for the following parameter types: INTEGER, REAL, DATE, TIME, DATETIME, INTERVAL. The max_value is optional.

  • default_value - String - The optional default parameter value.

  • pattern - String - An optional Java regex pattern restriction on the parameter value for the following parameter types: STRING, TEXT, HOST, PASSWORD.

  • pattern_error_message - String - An optional message to display when the 'pattern' restriction fails.

  • allowed_values - Array - An optional restrictive list of allowed parameter values that is used to implement an enumeration parameter.

  • rules - Array - Parameter rules manage different parameter conditions (for example, Option A is only available when Option B is set to 'true', Option C is required whenever Option A is set to 'false', and so on.)

A parameter allowed value contains the following fields:

  • name - String - The name of the allowed value.

  • value - String - The allowed value.

A parameter rule contains the following fields:

  • parameter_id - String - The ID of the parameter affected by the rule.

  • trigger_parameter_id - Long - The ID of the trigger parameter.

  • trigger_pattern - String - The pattern that triggers the rule. For example, if the value of trigger_parameter_id matches the regular expression of this field, the rule triggers.

  • affected_property - String - The affected property. Possible values are:

    • AVAILABLE: Indicates that the parameter's availability will be affected by this rule

    • REQUIRED: Indicates that the required state of the parameter will be affected by this rule

    • DEFAULT: Indicates that the default value of the parameter will be affected by this rule.

  • affected_property_value - String - The value to be applied to the affected parameter when the rule is triggered. The following list explains how this field is interpreted based on the affected property::

    • AVAILABLE: This will be a boolean value indicating whether the affected parameter should be available. Since all fields are always available by default, setting this to 'true' does not make much sense.

    • REQUIRED: This will be a boolean value indicating whether the affected parameter should be required.

    • DEFAULT: This will be the default value to be used by the affected parameter.

A parameter group contains the following fields:

  • id - Long - The ID of the protocol parameter group.

  • name - String - The name of the protocol parameter group

  • required - Boolean - If at least one parameter in this group must be set, the condition is set to 'true'; otherwise, the condition is set to 'false'.

Testing capabilities contain the following fields:

  • testable - Boolean - Indicates whether the protocol type is testable.

  • can_collect_events - Boolean - Indicates whether the protocol type can collect test events.

  • can_accept_sample_events - Boolean - Indicates whether the protocol type can accept sample events (only applicable to inbound protocol types).

Response Sample