Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

GET /config/event_sources/log_source_management/protocol_types/{id}

SUMMARY Retrieves a protocol type by ID. Requires the System Administrator, Security Admin, or Manage Log Sources permission.

Table 1: GET /config/event_sources/log_source_management/protocol_types/{id} resource details:

GET /config/event_sources/log_source_management/protocol_types/{id} resource details

MIME Type

application/json

Table 2: GET /config/event_sources/log_source_management/protocol_types/{id} request parameter details:

GET /config/event_sources/log_source_management/protocol_types/{id} request parameter details

Parameter Type Optionality Data Type MIME Type Description

id

path

Required

Number (Integer)

text/plain

The ID of the protocol type to retrieve.

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 3: GET /config/event_sources/log_source_management/protocol_types/{id} response codes:

GET /config/event_sources/log_source_management/protocol_types/{id} response codes

HTTP Response Code Unique Code Description

200

The protocol type was retrieved successfully.

404

1002

The protocol type ID was not found.

500

1020

An error occurred during the attempt to retrieve the protocol.

Response Description

The protocol type after it is retrieved. A protocol type contains the following fields:
  • id - Long - The ID of the protocol type.
  • name - String - The unique name of the protocol type.
  • version - String - The version of the protocol type component.
  • latest_version - String - The latest available version of the protocol type component.
  • gateway_supported - Boolean - If this protocol type can be configured for a gateway log source, the condition is set to 'true'; otherwise, the condition is set to 'false'. A gateway log source is a stand-alone protocol configuration. The log source receives no events itself, and serves as a host for a protocol configuration that retrieves event data to feed other log sources. It acts as a "gateway" for events from multiple systems to enter the event pipeline. Not all protocol types can be used as a gateway if they don't support collecting event data from multiple sources.
  • inbound - Boolean - Indicates whether this is an inbound protocol.
  • parameters - Array - The parameters of this protocol type.
  • parameter_groups - Array - The parameter groups of this protocol type.
  • testing_capabilities - Object - The testing capabilities of this protocol type. These describe the capabilities of the Log Source Testing API for Log Sources using this Protocol Type.
A parameter contains the following fields:
  • id - Long - The ID of the parameter.
  • name - String - The name of the parameter.
  • type - Enumeration - The type of the parameter. Possible values are: STRING, TEXT, INTEGER, REAL, BOOLEAN, DATE, TIME, DATETIME, INTERVAL, HOST, PASSWORD, REGEX
  • group_id - Number - The ID of the protocol parameter group that this parameter belongs to. The group_id is optional.
  • required - Boolean - If the parameter is mandatory, the condition is set to 'true'; otherwise, the condition is set to 'false'.
  • min_length - Integer - The minimum length of the parameter value for the following parameter types: STRING, TEXT, HOST, PASSWORD, REGEX. The min_length is optional.
  • max_length - Integer - The maximum length of the parameter value for the following parameter types: STRING, TEXT, HOST, PASSWORD, REGEX. The max_length is optional.
  • min_value - String - The minimum of the parameter value for the following parameter types: INTEGER, REAL, DATE, TIME, DATETIME, INTERVAL. The min_value is optional.
  • max_value - String - The maximum of the parameter value for the following parameter types: INTEGER, REAL, DATE, TIME, DATETIME, INTERVAL. The max_value is optional.
  • default_value - String - The optional default parameter value.
  • pattern - String - An optional Java regex pattern restriction on the parameter value for the following parameter types: STRING, TEXT, HOST, PASSWORD.
  • pattern_error_message - String - An optional message to display when the 'pattern' restriction fails.
  • allowed_values - Array - An optional restrictive list of allowed parameter values that is used to implement an enumeration parameter.
  • rules - Array - Parameter rules manage different parameter conditions (for example, Option A is only available when Option B is set to 'true', Option C is required whenever Option A is set to 'false', and so on.)
A parameter allowed value contains the following fields:
  • name - String - The name of the allowed value.
  • value - String - The allowed value.
A parameter rule contains the following fields:
  • parameter_id - String - The ID of the parameter affected by the rule.
  • trigger_parameter_id - Long - The ID of the trigger parameter.
  • trigger_pattern - String - The pattern that triggers the rule. For example, if the value of trigger_parameter_id matches the regular expression of this field, the rule triggers.
  • affected_property - String - The affected property. Possible values are:
    • AVAILABLE: Indicates that the parameter's availability will be affected by this rule
    • REQUIRED: Indicates that the required state of the parameter will be affected by this rule
    • DEFAULT: Indicates that the default value of the parameter will be affected by this rule.
  • affected_property_value - String - The value to be applied to the affected parameter when the rule is triggered. The following list explains how this field is interpreted based on the affected property::
    • AVAILABLE: This will be a boolean value indicating whether the affected parameter should be available. Since all fields are always available by default, setting this to 'true' does not make much sense.
    • REQUIRED: This will be a boolean value indicating whether the affected parameter should be required.
    • DEFAULT: This will be the default value to be used by the affected parameter.
A parameter group contains the following fields:
  • id - Long - The ID of the protocol parameter group.
  • name - String - The name of the protocol parameter group
  • required - Boolean - If at least one parameter in this group must be set, the condition is set to 'true'; otherwise, the condition is set to 'false'.
Testing capabilities contain the following fields:
  • testable - Boolean - Indicates whether the protocol type is testable.
  • can_collect_events - Boolean - Indicates whether the protocol type can collect test events.
  • can_accept_sample_events - Boolean - Indicates whether the protocol type can accept sample events (only applicable to inbound protocol types).

Response Sample