Inheritance diagram for GulpPluginParams:

Collaboration diagram for GulpPluginParams:

[legend]

Public Member Functions
dict	to_dict (self)

	to_py_dict (cls, str\|dict data)

Static Public Member Functions
"GulpPluginParams"	from_dict (dict d)

Static Public Attributes
Optional	config_override

Optional	extra = Field({}, description="any extra custom options, i.e. the ones listed in plugin.options().")

Optional	ignore_mapping_ingest

Optional	ignore_mapping_sigma_query

Optional	mapping_file

Optional	mapping_id

dict	model_config

SkipValidation	pipeline

SkipValidation	record_to_gulp_document_fun

Optional	timestamp_field

Detailed Description

parameters for a plugin, to be passed to ingest and query API

Definition at line 7 of file plugin_internal.py.

Member Function Documentation

◆ from_dict()

"GulpPluginParams" from_dict ( dict d )

static

Definition at line 73 of file plugin_internal.py.

    def from_dict(d: dict) -> "GulpPluginParams":
        return GulpPluginParams(
            mapping_file=d.get("mapping_file", None),
            mapping_id=d.get("mapping_id", None),
            timestamp_field=d.get("timestamp_field", None),
            ignore_mapping_ingest=d.get("ignore_mapping_ingest", False),
            ignore_mapping_sigma_query=d.get("ignore_mapping_sigma_query", False),
            config_override=d.get("config_override", {}),
            extra=d.get("extra", {}),
            record_to_gulp_document_fun=d.get("record_to_gulp_document_fun", []),
            pipeline=d.get("pipeline", None),
        )
 

◆ to_dict()

dict to_dict ( self )

Definition at line 58 of file plugin_internal.py.

    def to_dict(self) -> dict:
        d = {
            "mapping_file": self.mapping_file,
            "mapping_id": self.mapping_id,
            "config_override": self.config_override,
            "ignore_mapping_ingest": self.ignore_mapping_ingest,
            "ignore_mapping_sigma_query": self.ignore_mapping_sigma_query,
            "extra": self.extra,
            "timestamp_field": self.timestamp_field,
            "record_to_gulp_document_fun": self.record_to_gulp_document_fun,
            "pipeline": self.pipeline,
        }
        return d
 

Here is the call graph for this function:

◆ to_py_dict()

to_py_dict	(		cls,
		str \| dict	data )

Definition at line 88 of file plugin_internal.py.

    def to_py_dict(cls, data: str | dict):
        if data is None:
            return {}
 
        if isinstance(data, dict):
            return data
        return json.loads(data)
 
 

Member Data Documentation

◆ config_override

Optional config_override

static

Initial value:

=  Field(
        {}, description="allow to override gulp configuration parameters."
    )

Definition at line 22 of file plugin_internal.py.

◆ extra

Optional extra = Field({}, description="any extra custom options, i.e. the ones listed in plugin.options().")

static

Definition at line 45 of file plugin_internal.py.

◆ ignore_mapping_ingest

Optional ignore_mapping_ingest

static

Initial value:

=  Field(
        False,
        description="ignore mapping when ingesting (to be compatible with OpenSearch Security Analytics).",
    )

Definition at line 25 of file plugin_internal.py.

◆ ignore_mapping_sigma_query

Optional ignore_mapping_sigma_query

static

Initial value:

=  Field(
        False,
        description="ignore mapping when querying using Sigma rules.",
    )

Definition at line 29 of file plugin_internal.py.

◆ mapping_file

Optional mapping_file

static

Initial value:

=  Field(
        None,
        description='mapping file name (in gulp/mapping_files directory) to read "mappings" array from, if any.',
    )

Definition at line 12 of file plugin_internal.py.

◆ mapping_id

Optional mapping_id

static

Initial value:

=  Field(
        None,
        description="mapping identifier, i.e. to select this mapping via GulpMappingOptions.",
    )

Definition at line 17 of file plugin_internal.py.

◆ model_config

dict model_config

static

Initial value:

=  {
        "json_schema_extra": {
            "example": {
                "mapping_file": "my_mapping.json",
                "mapping_id": "my_mapping_id",
                "config_override": {"parallel_processes_respawn_after_tasks": 500},
                "extra": {"my_custom_option": "my_custom_value"},
            }
        }
    }

Definition at line 47 of file plugin_internal.py.

◆ pipeline

SkipValidation pipeline

static

Initial value:

=  Field(
        None,
        description="INTERNAL USAGE ONLY, the sigma ProcessingPipeline to get mapping from.",
    )

Definition at line 41 of file plugin_internal.py.

◆ record_to_gulp_document_fun

SkipValidation record_to_gulp_document_fun

static

Initial value:

=  Field(
        [],
        description="INTERNAL USAGE ONLY, to get mapping from (for stacked plugins).",
    )

Definition at line 37 of file plugin_internal.py.

◆ timestamp_field

Optional timestamp_field

static

Initial value:

=  Field(
        None,
        description="The timestamp field (for, i.e. use the a generic plugin without any mapping)",
    )

Definition at line 33 of file plugin_internal.py.

The documentation for this class was generated from the following file:

src/gulp/plugin_internal.py

Public Member Functions

Static Public Member Functions

Static Public Attributes

Detailed Description

Member Function Documentation

◆ from_dict()

◆ to_dict()

◆ to_py_dict()

Member Data Documentation

◆ config_override

◆ extra

◆ ignore_mapping_ingest

◆ ignore_mapping_sigma_query

◆ mapping_file

◆ mapping_id

◆ model_config

◆ pipeline

◆ record_to_gulp_document_fun

◆ timestamp_field