Skip to content

Commit 52dcd6c

Browse files
sjain05sjain05
authored
Merge pull request #769 from SumoLogic/SUMO-259610_add-examples-with-different-alert-types-1
Add other examples of using the content resource
2 parents 681b681 + f03e746 commit 52dcd6c

File tree

2 files changed

+196
-3
lines changed

2 files changed

+196
-3
lines changed

CHANGELOG.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,9 @@ BUG FIXES:
77
* Fix the log mapping resource to no longer error out when empty strings are included in skipped_values
88
* Fix the log mapping resource to no longer default to a skipped_index of 0 when no skipped_index is specified
99

10+
DOCS:
11+
* Updated content docs to include examples of different alerts
12+
1013
## 3.0.9 (April 28, 2025)
1114

1215
FEATURES:

website/docs/r/content.html.markdown

Lines changed: 193 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,21 +10,21 @@ Provides a way to interact with Sumologic Content.
1010

1111
~> **NOTE:** If working with many content items it is recommended to reduce [Terraform Parallelism](https://www.terraform.io/docs/cli/commands/apply.html#parallelism-n) to 2 in order to not be rate limited.
1212

13-
## Example Usage
13+
## Example Scheduled Search with Email Notification
1414
```hcl
1515
data "sumologic_personal_folder" "personalFolder" {}
1616
1717
resource "sumologic_content" "test" {
1818
parent_id = "${data.sumologic_personal_folder.personalFolder.id}"
1919
config = jsonencode({
2020
"type": "SavedSearchWithScheduleSyncDefinition",
21-
"name": "test-333",
21+
"name": "Scheduled Search with Email Notificiation Test",
2222
"search": {
2323
"queryText": "\"warn\"",
2424
"defaultTimeRange": "-15m",
2525
"byReceiptTime": false,
2626
"viewName": "",
27-
"viewStartTime": "1970-01-01T00:00:00Z",
27+
"viewStartTime": "2025-01-01T00:00:00Z",
2828
"queryParameters": [],
2929
"parsingMode": "Manual"
3030
},
@@ -62,6 +62,196 @@ resource "sumologic_content" "test" {
6262
}
6363
```
6464

65+
## Example Scheduled Search with Webhook Notification
66+
```hcl
67+
data "sumologic_personal_folder" "personalFolder" {}
68+
resource "sumologic_connection" "connection" {
69+
type = "WebhookConnection"
70+
name = "test-connection"
71+
description = "My description"
72+
url = "https://connection-endpoint.com"
73+
headers = {
74+
"X-Header" : "my-header"
75+
}
76+
custom_headers = {
77+
"X-custom" : "my-custom-header"
78+
}
79+
default_payload = <<JSON
80+
{
81+
"client" : "Sumo Logic",
82+
"eventType" : "{{Name}}",
83+
"description" : "{{Description}}",
84+
"search_url" : "{{QueryUrl}}",
85+
"num_records" : "{{NumRawResults}}",
86+
"search_results" : "{{AggregateResultsJson}}"
87+
}
88+
JSON
89+
resolution_payload = <<JSON
90+
{
91+
"client" : "Sumo Logic",
92+
"eventType" : "{{Name}}",
93+
"description" : "{{Description}}",
94+
"search_url" : "{{QueryUrl}}"
95+
}
96+
JSON
97+
webhook_type = "Webhook"
98+
}
99+
resource "sumologic_content" "test" {
100+
parent_id = "${data.sumologic_personal_folder.personalFolder.id}"
101+
config = jsonencode({
102+
"type": "SavedSearchWithScheduleSyncDefinition",
103+
"name": "Scheduled Search with Webhook Notification Test",
104+
"search": {
105+
"queryText": "\"warn\"",
106+
"defaultTimeRange": "-15m",
107+
"byReceiptTime": false,
108+
"viewName": "",
109+
"viewStartTime": "2025-01-01T00:00:00Z",
110+
"queryParameters": [],
111+
"parsingMode": "Manual"
112+
},
113+
"searchSchedule": {
114+
"cronExpression": "0 0 * * * ? *",
115+
"displayableTimeRange": "-10m",
116+
"parseableTimeRange": {
117+
"type": "BeginBoundedTimeRange",
118+
"from": {
119+
"type": "RelativeTimeRangeBoundary",
120+
"relativeTime": "-50m"
121+
},
122+
"to": null
123+
},
124+
"timeZone": "America/Los_Angeles",
125+
"threshold": {
126+
"operator": "gt",
127+
"count": 0
128+
},
129+
"notification": {
130+
"taskType": "WebhookSearchNotificationSyncDefinition",
131+
"webhookId": "${sumologic_connection.connection.id}",
132+
"payload": "{}",
133+
"itemizeAlerts": false,
134+
"maxItemizedAlerts": 50
135+
},
136+
"scheduleType": "1Hour",
137+
"muteErrorEmails": false,
138+
"parameters": []
139+
},
140+
"description": "Runs every hour with timerange of 15m and sends a webhook notification"
141+
})
142+
}
143+
```
144+
145+
## Example Scheduled Search with Save To View/Index Notification
146+
```hcl
147+
data "sumologic_personal_folder" "personalFolder" {}
148+
resource "sumologic_content" "test" {
149+
parent_id = "${data.sumologic_personal_folder.personalFolder.id}"
150+
config = jsonencode({
151+
"type": "SavedSearchWithScheduleSyncDefinition",
152+
"name": "Scheduled Search with Save To View Notification Test",
153+
"search": {
154+
"queryText": "\"warn\"",
155+
"defaultTimeRange": "-15m",
156+
"byReceiptTime": false,
157+
"viewName": "",
158+
"viewStartTime": "2025-01-01T00:00:00Z",
159+
"queryParameters": [],
160+
"parsingMode": "Manual"
161+
},
162+
"searchSchedule": {
163+
"cronExpression": "0 0 * * * ? *",
164+
"displayableTimeRange": "-10m",
165+
"parseableTimeRange": {
166+
"type": "BeginBoundedTimeRange",
167+
"from": {
168+
"type": "RelativeTimeRangeBoundary",
169+
"relativeTime": "-50m"
170+
},
171+
"to": null
172+
},
173+
"timeZone": "America/Los_Angeles",
174+
"threshold": {
175+
"operator": "gt",
176+
"count": 0
177+
},
178+
"notification": {
179+
"taskType": "SaveToViewNotificationSyncDefinition",
180+
"viewName": "test_view",
181+
},
182+
"scheduleType": "1Hour",
183+
"muteErrorEmails": false,
184+
"parameters": []
185+
},
186+
"description": "Runs every hour with timerange of 15m and saves to a view"
187+
})
188+
}
189+
```
190+
191+
## Example Scheduled Search with Save To Lookup Notification
192+
```hcl
193+
data "sumologic_personal_folder" "personalFolder" {}
194+
variable "email" {
195+
description = "Email to be used in the library path"
196+
type = string
197+
default = "[email protected]"
198+
}
199+
resource "sumologic_lookup_table" "lookupTable" {
200+
name = "test_lookup_table"
201+
fields {
202+
field_name = "host"
203+
field_type = "string"
204+
}
205+
ttl = 100
206+
primary_keys = ["host"]
207+
parent_folder_id = "${data.sumologic_personal_folder.personalFolder.id}"
208+
size_limit_action = "DeleteOldData"
209+
description = "some description"
210+
}
211+
resource "sumologic_content" "test" {
212+
parent_id = "${data.sumologic_personal_folder.personalFolder.id}"
213+
config = jsonencode({
214+
"type": "SavedSearchWithScheduleSyncDefinition",
215+
"name": "Scheduled Search with Save To Lookup Notification Test",
216+
"search": {
217+
"queryText": "\"warn\" fields host",
218+
"defaultTimeRange": "-15m",
219+
"byReceiptTime": false,
220+
"viewName": "",
221+
"viewStartTime": "2025-01-01T00:00:00Z",
222+
"queryParameters": [],
223+
"parsingMode": "Manual"
224+
},
225+
"searchSchedule": {
226+
"cronExpression": "0 0 * * * ? *",
227+
"displayableTimeRange": "-10m",
228+
"parseableTimeRange": {
229+
"type": "BeginBoundedTimeRange",
230+
"from": {
231+
"type": "RelativeTimeRangeBoundary",
232+
"relativeTime": "-50m"
233+
},
234+
"to": null
235+
},
236+
"timeZone": "America/Los_Angeles",
237+
"threshold": {
238+
"operator": "gt",
239+
"count": 0
240+
},
241+
"notification": {
242+
"taskType": "SaveToLookupNotificationSyncDefinition",
243+
"lookupFilePath": "/Library/Users/${var.email}/test_lookup_table",
244+
"isLookupMergeOperation": false,
245+
},
246+
"scheduleType": "1Hour",
247+
"muteErrorEmails": false,
248+
"parameters": []
249+
},
250+
"description": "Runs every hour with timerange of 15m and saves to a lookup table."
251+
})
252+
}
253+
```
254+
65255
## Argument reference
66256

67257
The following arguments are supported:

0 commit comments

Comments
 (0)