openapi: 3.0.0
info:
  title: Sumo Logic API
  description: "# Getting Started\nWelcome to the Sumo Logic API reference. You can\
    \ use these APIs to interact with the Sumo Logic platform. For information on\
    \ Collector and Search Job APIs, see our [API home page](https://help.sumologic.com/docs/api).\n\
    ## API Endpoints\nSumo Logic has several deployments in different geographic locations.\
    \ You'll need to use the Sumo Logic API endpoint corresponding to your geographic\
    \ location. See the table below for the different API endpoints by deployment.\
    \ For details determining your account's deployment, see [API endpoints](https://help.sumologic.com/?cid=3011).\n\
    \n  <table>\n    <tr>\n      <td> <strong>Deployment</strong> </td>\n      <td>\
    \ <strong>Endpoint</strong> </td>\n    </tr>\n    <tr>\n      <td> AU </td>\n\
    \      <td> https://api.au.sumologic.com/api/ </td>\n    </tr>\n    <tr>\n   \
    \   <td> CA </td>\n      <td> https://api.ca.sumologic.com/api/ </td>\n    </tr>\n\
    \    <tr>\n      <td> DE </td>\n      <td> https://api.de.sumologic.com/api/ </td>\n\
    \    </tr>\n    <tr>\n      <td> EU </td>\n      <td> https://api.eu.sumologic.com/api/\
    \ </td>\n    </tr>\n    <tr>\n      <td> FED </td>\n      <td> https://api.fed.sumologic.com/api/\
    \ </td>\n    </tr>\n    <tr>\n      <td> IN </td>\n      <td> https://api.in.sumologic.com/api/\
    \ </td>\n    </tr>\n    <tr>\n      <td> JP </td>\n      <td> https://api.jp.sumologic.com/api/\
    \ </td>\n    </tr>\n    <tr>\n      <td> KR </td>\n      <td> https://api.kr.sumologic.com/api/\
    \ </td>\n    </tr>\n    <tr>\n      <td> US1 </td>\n      <td> https://api.sumologic.com/api/\
    \ </td>\n    </tr>\n    <tr>\n      <td> US2 </td>\n      <td> https://api.us2.sumologic.com/api/\
    \ </td>\n    </tr>\n  </table>\n\n## Authentication\nSumo Logic supports the following\
    \ options for API authentication:\n- Access ID and Access Key\n- Base64 encoded\
    \ Access ID and Access Key\n\nSee [Access Keys](https://help.sumologic.com/docs/manage/security/access-keys)\
    \ to generate an Access Key. Make sure to copy the key you create, because it\
    \ is displayed only once.\nWhen you have an Access ID and Access Key you can execute\
    \ requests such as the following:\n  ```bash\n  curl -u \"<accessId>:<accessKey>\"\
    \ -X GET https://api.<deployment>.sumologic.com/api/v1/users\n  ```\n\nWhere `deployment`\
    \ is either `au`, `ca`, `de`, `eu`, `fed`, `in`, `jp`, `us1`, or `us2`. See [API\
    \ endpoints](#section/API-Endpoints) for details.\n\nIf you prefer to use basic\
    \ access authentication, you can do a Base64 encoding of your `<accessId>:<accessKey>`\
    \ to authenticate your HTTPS request. The following is an example request, replace\
    \ the placeholder `<encoded>` with your encoded Access ID and Access Key string:\n\
    \  ```bash\n  curl -H \"Authorization: Basic <encoded>\" -X GET https://api.<deployment>.sumologic.com/api/v1/users\n\
    \  ```\n\n\nRefer to [API Authentication](https://help.sumologic.com/?cid=3012)\
    \ for a Base64 example.\n\n## Status Codes\nGeneric status codes that apply to\
    \ all our APIs. See the [HTTP status code registry](https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml)\
    \ for reference.\n  <table>\n    <tr>\n      <td> <strong>HTTP Status Code</strong>\
    \ </td>\n      <td> <strong>Error Code</strong> </td>\n      <td> <strong>Description</strong>\
    \ </td>\n    </tr>\n    <tr>\n      <td> 301 </td>\n      <td> moved </td>\n \
    \     <td> The requested resource SHOULD be accessed through returned URI in Location\
    \ Header. See [troubleshooting](https://help.sumologic.com/docs/api/troubleshooting/#api---301-error---moved)\
    \ for details.</td>\n    </tr>\n    <tr>\n      <td> 401 </td>\n      <td> unauthorized\
    \ </td>\n      <td> Credential could not be verified.</td>\n    </tr>\n    <tr>\n\
    \      <td> 403 </td>\n      <td> forbidden </td>\n      <td> This operation is\
    \ not allowed for your account type or the user doesn't have the role capability\
    \ to perform this action. See [troubleshooting](https://help.sumologic.com/docs/api/troubleshooting/#api---401-error---credential-could-not-be-verified)\
    \ for details.</td>\n    </tr>\n    <tr>\n      <td> 404 </td>\n      <td> notfound\
    \ </td>\n      <td> Requested resource could not be found. </td>\n    </tr>\n\
    \    <tr>\n      <td> 405 </td>\n      <td> method.unsupported </td>\n      <td>\
    \ Unsupported method for URL. </td>\n    </tr>\n    <tr>\n      <td> 415 </td>\n\
    \      <td> contenttype.invalid </td>\n      <td> Invalid content type. </td>\n\
    \    </tr>\n    <tr>\n      <td> 429 </td>\n      <td> rate.limit.exceeded </td>\n\
    \      <td> The API request rate is higher than 4 request per second or inflight\
    \ API requests are higher than 10 request per second. </td>\n    </tr>\n    <tr>\n\
    \      <td> 500 </td>\n      <td> internal.error </td>\n      <td> Internal server\
    \ error. </td>\n    </tr>\n    <tr>\n      <td> 503 </td>\n      <td> service.unavailable\
    \ </td>\n      <td> Service is currently unavailable. </td>\n    </tr>\n  </table>\n\
    \n## Filtering\nSome API endpoints support filtering results on a specified set\
    \ of fields. Each endpoint that supports filtering will list the fields that can\
    \ be filtered. Multiple fields can be combined by using an ampersand `&` character.\n\
    \nExample: To get user with email `john@demo.com`:\n  ```bash\n  api.sumologic.com/v1/users?email=john@demo.com\n\
    \  ```\n\n## Sorting\nSome API endpoints support sorting fields by using the `sortBy`\
    \ query parameter. The default sort order is ascending. Prefix the field with\
    \ a minus sign `-` to sort in descending order.\n\nFor example, to get 20 users\
    \ sorted by their `email` in descending order:\n  ```bash\n  api.sumologic.com/v1/users?limit=20&sort=-email\n\
    \  ```\n\n## Asynchronous Request\nAsynchronous requests do not wait for results,\
    \ instead they immediately respond back with a job identifier while the job runs\
    \ in the background. You can use the job identifier to track the status of the\
    \ asynchronous job request. Here is a typical flow for an asynchronous request.\n\
    1. Start an asynchronous job. On success, a job identifier is returned. The job\
    \ identifier uniquely identifies\n  your asynchronous job.\n\n2. Once started,\
    \ use the job identifier from step 1 to track the status of your asynchronous\
    \ job. An asynchronous\n  request will typically provide an endpoint to poll for\
    \ the status of asynchronous job. A successful response\n  from the status endpoint\
    \ will have the following structure:\n  ```json\n  {\n      \"status\": \"Status\
    \ of asynchronous request\",\n      \"statusMessage\": \"Optional message with\
    \ additional information in case request succeeds\",\n      \"error\": \"Error\
    \ object in case request fails\"\n  }\n  ```\n  The `status` field can have one\
    \ of the following values:\n    1. `Success`: The job succeeded. The `statusMessage`\
    \ field might have additional information.\n    2. `InProgress`: The job is still\
    \ running.\n    3. `Failed`: The job failed. The `error` field in the response\
    \ will have more information about the failure.\n\n3. Some asynchronous APIs may\
    \ provide a third endpoint (like [export result](#operation/getAsyncExportResult))\n\
    \  to fetch the result of an asynchronous job.\n\n\n### Example\nLet's say we\
    \ want to export a folder with the identifier `0000000006A2E86F`. We will use\
    \ the [async export](#operation/beginAsyncExport) API to export all the content\
    \ under the folder with `id=0000000006A2E86F`.\n1. Start an export job for the\
    \ folder\n  ```bash\n  curl -X POST -u \"<accessId>:<accessKey>\" https://api.<deployment>.sumologic.com/api/v2/content/0000000006A2E86F/export\n\
    \  ```\n  See [authentication section](#section/Authentication) for more details\
    \ about `accessId`, `accessKey`, and\n  `deployment`.\n  On success, you will\
    \ get back a job identifier. In the response below, `C03E086C137F38B4` is the\
    \ job identifier.\n  ```bash\n  {\n      \"id\": \"C03E086C137F38B4\"\n  }\n \
    \ ```\n\n2. Now poll for the status of the asynchronous job with the [status](#operation/getAsyncExportStatus)\
    \ endpoint.\n  ```bash\n  curl -X GET -u \"<accessId>:<accessKey>\" https://api.<deployment>.sumologic.com/api/v2/content/0000000006A2E86F/export/C03E086C137F38B4/status\n\
    \  ```\n  You may get a response like\n  ```json\n  {\n      \"status\": \"InProgress\"\
    ,\n      \"statusMessage\": null,\n      \"error\": null\n  }\n  ```\n  It implies\
    \ the job is still in progress. Keep polling till the status is either `Success`\
    \ or `Failed`.\n\n3. When the asynchronous job completes (`status != \"InProgress\"\
    `), you can fetch the results with the\n  [export result](#operation/getAsyncExportResult)\
    \ endpoint.\n  ```bash\n  curl -X GET -u \"<accessId>:<accessKey>\" https://api.<deployment>.sumologic.com/api/v2/content/0000000006A2E86F/export/C03E086C137F38B4/result\n\
    \  ```\n\n  The asynchronous job may fail (`status == \"Failed\"`). You can look\
    \ at the `error` field for more details.\n  ```json\n  {\n      \"status\": \"\
    Failed\",\n      \"errors\": {\n          \"code\": \"content1:too_many_items\"\
    ,\n          \"message\": \"Too many objects: object count(1100) was greater than\
    \ limit 1000\"\n      }\n  }\n  ```\n\n\n## Rate Limiting\n* A rate limit of four\
    \ API requests per second (240 requests per minute) applies to all API calls from\
    \ a user.\n* A rate limit of 10 concurrent requests to any API endpoint applies\
    \ to an access key.\n\nIf a rate is exceeded, a rate limit exceeded 429 status\
    \ code is returned.\n\n## Generating Clients\nYou can use [OpenAPI Generator](https://openapi-generator.tech)\
    \ to generate clients from the YAML file to access the API.\n\n### Using [NPM](https://www.npmjs.com/get-npm)\n\
    1. Install [NPM package wrapper](https://github.com/openapitools/openapi-generator-cli)\
    \ globally, exposing the CLI\n  on the command line:\n  ```bash\n  npm install\
    \ @openapitools/openapi-generator-cli -g\n  ```\n  You can see detailed instructions\
    \ [here](https://openapi-generator.tech/docs/installation#npm).\n\n2. Download\
    \ the [YAML file](/docs/sumologic-api.yaml) and save it locally. Let's say the\
    \ file is saved as `sumologic-api.yaml`.\n3. Use the following command to generate\
    \ `python` client inside the `sumo/client/python` directory:\n  ```bash\n  openapi-generator\
    \ generate -i sumologic-api.yaml -g python -o sumo/client/python\n  ```\n\n\n\
    ### Using [Homebrew](https://brew.sh/)\n1. Install OpenAPI Generator\n  ```bash\n\
    \  brew install openapi-generator\n  ```\n\n2. Download the [YAML file](/docs/sumologic-api.yaml)\
    \ and save it locally. Let's say the file is saved as `sumologic-api.yaml`.\n\
    3. Use the following command to generate `python` client side code inside the\
    \ `sumo/client/python` directory:\n  ```bash\n  openapi-generator generate -i\
    \ sumologic-api.yaml -g python -o sumo/client/python\n  ```\n"
  version: 1.0.0
  x-logo:
    url: ./sumologic_logo.png
servers:
- url: https://api.au.sumologic.com/api/
  description: AU deployment API server
- url: https://api.ca.sumologic.com/api/
  description: CA deployment API server
- url: https://api.de.sumologic.com/api/
  description: DE deployment API server
- url: https://api.eu.sumologic.com/api/
  description: EU deployment API server
- url: https://api.fed.sumologic.com/api/
  description: FED deployment API server
- url: https://api.jp.sumologic.com/api/
  description: JP deployment API server
- url: https://api.kr.sumologic.com/api/
  description: KR deployment API server
- url: https://api.in.sumologic.com/api/
  description: IN deployment API server
- url: https://api.sumologic.com/api/
  description: US1 deployment API server
- url: https://api.us2.sumologic.com/api/
  description: US2 deployment API server
security:
- basicAuth: []
tags:
- name: accountManagement
  description: 'Account Management API.


    Manage the custom subdomain for the URL used to access your Sumo Logic account.
    For more information, see [Manage Organization](https://help.sumologic.com/docs/manage/manage-subscription/manage-org-settings).

    '
  x-displayName: Account
- name: orgsManagement
  description: Organizations Management API.
  x-displayName: Organizations Management
- name: appManagement
  description: 'App installation API.


    View and install Sumo Logic Applications that deliver out-of-the-box dashboards,
    saved searches, and field extraction for popular data sources. For more information,
    see [Sumo Logic Apps](https://help.sumologic.com/docs/integrations).

    '
  x-displayName: Apps (Beta)
- name: appManagementV2
  description: 'App installation API (V2).


    View and install Sumo Logic Applications that deliver out-of-the-box dashboards,
    saved searches, and field extraction for popular data sources. For more information,
    see [Sumo Logic Apps](https://help.sumologic.com/docs/integrations).

    '
  x-displayName: Apps V2 (Beta)
- name: connectionManagement
  description: 'Connection management API.


    Set up connections to send alerts to other tools. For more information, see [Connections
    and Integrations](https://help.sumologic.com/?cid=1044).

    '
  x-displayName: Connections
- name: contentManagement
  description: "Content management API.\n\nYou can export, import, delete and copy\
    \ content in your organization’s Library. For more information, see [Library](https://help.sumologic.com/?cid=5173).\
    \ You can perform the request as a Content Administrator by using the `isAdminMode`\
    \ parameter. For more information, see [Admin Mode](https://help.sumologic.com/docs/manage/content-sharing/admin-mode).\n\
    <br/> <br/>\n### Example\nThe following example uses API endpoints in the US1\
    \ deployment. Sumo Logic has several deployments that are assigned depending on\
    \ the geographic location and the date an account is created. For details determining\
    \ your account's deployment, see [API endpoints](https://help.sumologic.com/?cid=3011).\n\
    The [Content Import API](#operation/beginAsyncImport) can be used to create or\
    \ update a Search, Scheduled Search, or Dashboard. Here is an example creating\
    \ a Scheduled Search:\n1. Get the identifier of your `Personal` folder.\n  ```bash\n\
    \  curl -X GET -u \"<accessId>:<accessKey>\" https://api.sumologic.com/api/v2/content/folders/personal\n\
    \  ```\n\n  Find the identifier of your `Personal` folder in the response.\n \
    \ ```json\n  {\n      ...\n      \"id\": \"0000000006A2E86F\", <----\n      \"\
    name\": \"Personal\",\n      \"itemType\": \"Folder\",\n      ...\n  }\n  ```\n\
    \n  You can use [getFolder](#operation/getFolder), [getAdminRecommededFolder](#operation/getAdminRecommendedFolderAsync),\n\
    \  or [getGlobalFolder](#operation/getGlobalFolderAsync) endpoints to traverse\
    \ the content tree and find the identifier of any\n  folder you want to manage.\n\
    \n2. Use the [Content Import API](#operation/beginAsyncImport) to create a new\
    \ Scheduled Search inside your\n  `Personal` folder.\n  ```bash\n  curl -X POST\
    \ -u \"<accessId>:<accessKey>\" -H \"Content-Type: application/json\" -d @search.json\
    \ https://api.sumologic.com/api/v2/content/folders/0000000006A2E86F/import\n \
    \ ```\n\n  The data file `search.json` in the above command has the following\
    \ `SavedSearchWithScheduleSyncDefinition` object.\n  ```json\n  // file: search.json\n\
    \  {\n      \"type\": \"SavedSearchWithScheduleSyncDefinition\",\n      \"name\"\
    : \"demo-scheduled-search\",\n      \"description\": \"Runs every hour with timerange\
    \ of 15m and sends email notifications\",\n      \"search\": {\n          \"queryText\"\
    : \"\\\"error\\\" and \\\"warn\\\"\",\n          \"defaultTimeRange\": \"-15m\"\
    ,\n          \"byReceiptTime\": false,\n          \"viewName\": \"\",\n      \
    \    \"viewStartTime\": null,\n          \"queryParameters\": []\n      },\n \
    \     \"searchSchedule\": {\n          \"cronExpression\": \"0 0/15 * * * ? *\"\
    ,\n          \"displayableTimeRange\": \"-15m\",\n          \"parseableTimeRange\"\
    : {\n              \"from\": {\n                  \"relativeTime\": \"-15m\",\n\
    \                  \"type\": \"RelativeTimeRangeBoundary\"\n              },\n\
    \              \"to\": null,\n              \"type\": \"BeginBoundedTimeRange\"\
    \n          },\n          \"timeZone\": \"America/Los_Angeles\",\n          \"\
    threshold\": null,\n          \"notification\": {\n              \"taskType\"\
    : \"EmailSearchNotificationSyncDefinition\",\n              \"toList\": [\n  \
    \                \"ops@acme.org\"\n              ],\n              \"subjectTemplate\"\
    : \"Search Results: {{SearchName}}\",\n              \"includeQuery\": true,\n\
    \              \"includeResultSet\": true,\n              \"includeHistogram\"\
    : true,\n              \"includeCsvAttachment\": false\n          },\n       \
    \   \"muteErrorEmails\": false,\n          \"scheduleType\": \"1Hour\",\n    \
    \      \"parameters\": []\n      }\n  }\n  ```\n\n  The response of above request\
    \ will have the job identifier that you can use to track the status of the import\
    \ job.\n  ```json\n  {\n      \"id\": \"74DC17FA765C7443\"\n  }\n  ```\n\n3. Use\
    \ the job identifier from the import request to get the [status](#operation/getAsyncImportStatus)\
    \ of the\n  import job.\n  ```bash\n  curl -X GET -u \"<accessId>:<accessKey>\"\
    \ https://api.sumologic.com/api/v2/content/folders/0000000006A2E86F/import/74DC17FA765C7443/status\n\
    \  ```\n\n  If you are importing a large item, you might have to wait for the\
    \ import job to finish. The following is an\n  example response from a completed\
    \ job.\n  ```json\n  {\n      \"status\": \"Success\",\n      \"statusMessage\"\
    : null,\n      \"error\": null\n  }\n  ```\n"
  x-displayName: Content
- name: contentPermissions
  description: 'Content permissions API.


    You can share your folders, searches, and dashboards with specific users or roles.
    For more information, see [Share Content](https://help.sumologic.com/?cid=8675309).
    You can perform the request as a Content Administrator by using the `isAdminMode`
    parameter. For more information, see [Admin Mode](https://help.sumologic.com/docs/manage/content-sharing/admin-mode).

    '
  x-displayName: Permissions
- name: dashboardManagement
  description: 'Dashboard (New) management API.


    Dashboard (New) allows you to analyze metric and log data on the same dashboard,
    in a seamless view. This gives you control over the visual display of metric and
    log data. Dashboard (New) streamlines dashboard configurations and on-the-fly
    analytic visualizations with its new templating features. For more information,
    see [Dashboard (New)](https://help.sumologic.com/?cid=5500).

    '
  x-displayName: Dashboard (New)
- name: dataDeletionRules
  description: 'Data Deletion Rules (Beta) API.

    Data Deletion Rules allow creating and managing requests to delete log messages
    satisfying   parameters ( query, timerange, etc...). For more information,  see
    [Deletion Requests](https://help.sumologic.com/docs/manage/deletion-requests/)

    '
  x-displayName: Data Deletion Rules (Beta)
- name: dataMaskingManagement
  description: 'Data Masking Rules management API.


    Data Masking Rules allow you to define regex patterns that mask sensitive data
    in log messages at query time.

    '
  x-displayName: Data Masking Rules
- name: dynamicParsingRuleManagement
  description: 'Dynamic Parsing management API.


    Dynamic Parsing allows automatic field extraction from your log messages when
    you run a search. This allows you to view fields from logs without having to manually
    specify parsing logic. For more information, see [Dynamic Parsing](https://help.sumologic.com/?cid=20011).

    '
  x-displayName: Dynamic Parsing
- name: extractionRuleManagement
  description: 'Field Extraction Rule management API.


    Field Extraction Rules allow you to parse fields from your log messages at the
    time the messages are ingested eliminating the need to parse fields in your query.
    For more information, see [Manage Field Extraction](https://help.sumologic.com/?cid=5313).

    '
  x-displayName: Field Extraction Rules
- name: fieldManagementV1
  description: 'Field management API.


    Fields allow you to reference log data based on meaningful associations. They
    act as metadata tags that are assigned to your logs so you can search with them.
    Each field contains a key-value pair, where the field name is the key. Fields
    may be referred to as Log Metadata Fields. For more information, see [Fields](https://help.sumologic.com/?cid=10116).

    '
  x-displayName: Field Management
- name: logSearchesManagement
  description: 'Log Searches Management API.


    Whether you are running ad hoc searches during a forensic investigation or running
    standard searches for health checks, you can save any search to run again later.
    When you create a search that you would like to reuse, you can save it to the
    Library. From there you can run it again, share with others, edit the search,
    or create a Scheduled Search to run at a regularly scheduled time, and set up
    alerts. The saved search will also include any charts you have created in the
    Aggregates tab.

    '
  x-displayName: Log Searches
- name: folderManagement
  description: 'Folder management API.


    You can add folders and subfolders to the Library in order to organize your content
    for easy access or to share content. For more information, see [Add Folders to
    the Library](https://help.sumologic.com/?cid=5020). You can perform the request
    as a Content Administrator by using the `isAdminMode` parameter. For more information,
    see [Admin Mode](https://help.sumologic.com/docs/manage/content-sharing/admin-mode).

    '
  x-displayName: Folders
- name: ingestBudgetManagementV2
  description: 'Ingest Budget management API V2.


    Ingest Budgets V2 provide you the ability to create and assign budgets to your
    log data by Fields instead of using a Field Value. For more information, see [Metadata
    Ingest Budgets](https://help.sumologic.com/?cid=52352).

    '
  x-displayName: Ingest Budgets V2
- name: partitionManagement
  description: 'Partition management API.


    Creating a Partition allows you to improve search performance by searching over
    a smaller number of messages. For more information, see [Manage Partitions](https://help.sumologic.com/?cid=5231).

    '
  x-displayName: Partitions
- name: logsDataForwardingManagement
  description: 'Logs Data Forwarding management API.


    Logs Data Forwarding allows you to forward log data from a Partition or Scheduled
    View to an S3 bucket. For more information, see [Forwarding Data to S3](https://help.sumologic.com/docs/manage/data-forwarding/amazon-s3-bucket).

    '
  x-displayName: Logs Data Forwarding
- name: roleManagement
  description: 'Role management API.


    Roles determine the functions that users are able to perform in Sumo Logic. To
    manage roles, you must have an administrator role or your role must have been
    assigned the manage users and roles capability. For more information, see [Manage
    Roles](https://help.sumologic.com/?cid=5234).

    '
  x-displayName: Roles
- name: roleManagementV2
  description: 'Role management API (V2).

    Roles determine the functions that users are able to perform in Sumo Logic. It
    also allows to configure access on partitions. To manage roles, you must have
    an administrator role or your role must have been assigned the manage users and
    roles capability. For more information, see [Manage Roles](https://help.sumologic.com/?cid=5234).

    '
  x-displayName: Roles V2
- name: lookupManagement
  description: 'Lookup Table management API.


    A Lookup Table is a table of data hosted on Sumo Logic that you can use to enrich
    the log and event data received by Sumo Logic. You must create a table schema
    before you can populate the table. For more information, see [Lookup Tables](https://help.sumologic.com/?cid=10109).

    '
  x-displayName: Lookup Tables
- name: scheduledViewManagement
  description: 'Scheduled View management API.


    Scheduled Views speed the search process for small and historical subsets of your
    data by functioning as a pre-aggregated index. For more information, see [Manage
    Scheduled Views](https://help.sumologic.com/?cid=5128).

    '
  x-displayName: Scheduled Views
- name: tokensLibraryManagement
  description: 'Tokens management API.


    Tokens are associated with your organization to authorize specific operations.
    Currently, we support collector registration tokens, which can be used to register
    Installed Collectors. Managing tokens requires the Manage Tokens role capability.
    For more information, see [Installation Tokens](https://help.sumologic.com/?cid=0100).

    '
  x-displayName: Tokens
- name: transformationRuleManagement
  description: 'Transformation Rule management API.

    Metrics Transformation Rules allow you control how long raw metrics are retained.
    You can also aggregate metrics at collection time and specify a separate retention
    period for the aggregated metrics. For more information, see [Metrics Transformation
    Rules](https://help.sumologic.com/?cid=10117).

    '
  x-displayName: Transformation Rules
- name: userManagement
  description: 'User management API.


    To manage users, you must have the administrator role or your role must have been
    assigned the manage users and roles capability. For more information, see [Manage
    Users](https://help.sumologic.com/?cid=1006).

    '
  x-displayName: Users
- name: metricsSearchesManagement
  description: 'Metrics Search management API.


    Save metrics searches in the content library and organize them in a folder hierarchy.
    Share useful queries with users in your organization. For more information, see
    [Sharing Metric Charts](https://help.sumologic.com/docs/metrics/metric-charts/interacting-metric-charts).

    '
  x-displayName: Metrics Searches (Beta)
- name: metricsSearchesManagementV2
  description: 'New Metrics Searches Management API.

    Save metrics searches in the content library and organize them in a folder hierarchy.
    Allows you to list metrics searches under your personal folder.

    '
  x-displayName: Metrics Searches (New)
- name: metricsQuery
  description: 'Metrics Query API.


    The Metrics Query API allows you to execute queries on various metrics and retrieve
    multiple time-series (data-points) over time range(s). For more information, see
    [Metrics - Classic](https://help.sumologic.com/?cid=1079).

    '
  x-displayName: Metrics Query
- name: accessKeyManagement
  description: 'Access Key management API.


    Access Keys allow you to securely register new Collectors and access Sumo Logic
    APIs. For more information, see [Access Keys](https://help.sumologic.com/?cid=6690).

    '
  x-displayName: Access Keys
- name: samlConfigurationManagement
  description: 'SAML configuration management API


    Organizations with Enterprise accounts can provision Security Assertion Markup
    Language (SAML) 2.0 to enable Single Sign-On (SSO) for user access to Sumo Logic.
    For more information, see [SAML Configuration](https://help.sumologic.com/?cid=4016).

    '
  x-displayName: SAML Configuration
- name: serviceAllowlistManagement
  description: 'Service Allowlist management API


    Service Allowlist Settings allow you to explicitly grant access to specific IP
    addresses and/or CIDR notations for logins, APIs, and dashboard access. For more
    information, see [Service Allowlist Settings](https://help.sumologic.com/?cid=5454).

    '
  x-displayName: Service Allowlist
- name: serviceAccountManagement
  description: APIs to manage service accounts
  x-displayName: Service Accounts
- name: oauthManagement
  description: '** Only available to Beta customers. During Beta endpoints are subject
    to backwards incompatible changes. **


    APIs to manage OAuth Clients'
  x-displayName: OAuth Management (Beta)
- name: scimUserManagement
  description: APIs to manage scim based users.
  x-displayName: SCIM User Management
- name: healthEvents
  description: 'Health Events management API.


    Health Events allow you to keep track of the health of your Collectors and Sources.
    You can use them to find and investigate common errors and warnings that are known
    to cause collection issues. For more information, see [Health Events](https://help.sumologic.com/?cid=0020).

    '
  x-displayName: Health Events
- name: archiveManagement
  description: 'Archive Ingestion Management API.


    Archive Ingestion allows you to ingest data from Archive destinations. You can
    use this API to ingest data from your Archive with an existing AWS S3 Archive
    Source. You need the Manage or View Collectors role capability to manage or view
    ingestion jobs. For more information, see [Archive](https://help.sumologic.com/?cid=10011).'
  x-displayName: Archive Ingestion Management
- name: logSearchesEstimatedUsage
  description: 'Log Search Estimated Usage API.


    Gets the estimated volume of data that would be scanned for a given log search
    in the Infrequent data tier, over a particular time range. In the Infrequent Data
    Tier, you pay per query, based on the amount data scanned. You can use this endpoint
    to get an estimate of the total data that would be scanned before running a query,
    and refine your query to scan less data, as necessary. For more information, see
    [Infrequent data tier](https://help.sumologic.com/?cid=11987).

    '
  x-displayName: Log Search Estimated Usage
- name: parsersLibraryManagement
  description: 'Parsers Library Management API


    Customize the Parsers via this API. The Parsers Library contains the Parsers used
    in the "_parser" field for  collector, FER or query. For more information on customizing
    parsers, see  [Parser Editor](https://help.sumologic.com/docs/cse/schema/parser-editor/).

    '
  x-displayName: Parsers Library Management
- name: passwordPolicy
  description: 'Password Policy Management API


    The password policy controls how user passwords are managed. The "Manage Password
    Policy" role capability is required to update the password policy. For more information,
    see [how to set a password policy](https://help.sumologic.com/?cid=8595).

    '
  x-displayName: Password Policy
- name: policiesManagement
  description: 'Policies management API.


    Policies control the security and share settings of your organization. For more
    information, see [Security](https://help.sumologic.com/?cid=4041).

    '
  x-displayName: Policies
- name: traces
  description: 'Traces API


    The Traces API allows you to browse traces collected in the system. You can execute
    queries to find traces matching provided search criteria as well as gather detailed
    information about individual traces and spans. For more information, see [View
    and investigate traces](https://help.sumologic.com/docs/apm/traces/view-and-investigate-traces).

    '
  x-displayName: Traces
- name: spanAnalytics
  description: 'Span Analytics API


    The Span Analytics API allows you to browse spans collected in the system. You
    can execute queries to find individual spans matching provided search criteria
    as well as run aggregated span queries and retrieve their results. For more information,
    see [Spans](https://help.sumologic.com/docs/apm/traces/spans).

    '
  x-displayName: Span Analytics
- name: serviceMap
  description: 'Service Map API


    The Service Map API allows you to fetch a graph representation of the Services
    Map, which is a high-level view of your application environment, automatically
    derived from tracing data. For more information, see [Services Map](https://help.sumologic.com/docs/apm/traces/services-list-map/#services-map-view).

    '
  x-displayName: Service Map
- name: threatIntelIngest
  description: 'Threat Intel Datastore Management API


    The Threat Intel Datastore Management API allows you to:

    * Get information about the threat indicator datastore and sources.

    * Delete the threat indicator database.

    * View and set the retention period for threat intel indicators.


    For more information, see [Threat Intel Ingest Management](https://help.sumologic.com/Manage/Threat-Intel-Ingest)

    '
  x-displayName: Threat Intel Datastore Management
- name: threatIntelIngestProducer
  description: 'Threat Intel Ingestion API


    The Threat Intel Ingestion API allows you to:

    * Upload threat intel indicators in STIX 2.x or Sumo normalized format.

    * Delete indicators by ID or source.


    For more information, see [Threat Intel Ingest Management](https://help.sumologic.com/Manage/Threat-Intel-Ingest).

    '
  x-displayName: Threat Intel Ingestion
- name: otCollectorManagementExternal
  description: 'OT Collector Management API External.

    '
  x-displayName: OpenTelemetry Collector Management
- name: sourceTemplateManagementExternal
  description: 'Source Template Management APIs.

    '
  x-displayName: Source Template Management
- name: schemaBaseManagement
  description: 'Schema Base Management APIs.

    '
  x-displayName: Schema Base Management
- name: eventAnalytics
  description: 'Event Analytics (Beta) API.


    APIs for interacting with events in Sumo Logic.

    '
  x-displayName: Event Analytics (Beta)
- name: budgetManagement
  description: 'Budget Management API.

    '
  x-displayName: Budget Management
- name: macroManagement
  description: 'Macro Management APIs. Macros allow you to reference a predefined
    set of query language syntax across multiple queries. This enables reuse of commonly
    used logic, improves consistency, and reduces duplication. Macros can optionally
    accept arguments. When arguments are provided, the macro evaluates them dynamically
    and applies the resulting logic within the query. With the Macro Management APIs,
    you can create, update, retrieve, and delete macros to simplify and streamline
    your query writing process.

    For more information, see [Macros](https://www.sumologic.com/help/docs/manage/macro/).

    '
  x-displayName: Macro Management APIs
- name: mutingSchedulesLibraryManagement
  description: 'Muting Schedules Management API.



    Muting Schedule allows you to pause alert notifications from monitors. When a
    muting schedule is active on a monitor,

    the monitor will still generate alerts, but no notifications will be sent.

    For more information see [Muting Schedules](https://help.sumologic.com/docs/alerts/monitors/muting-schedules).

    '
  x-displayName: Muting Schedules
- name: slosLibraryManagement
  description: 'SLO Management API.


    SLOs are used to monitor and alert on KPIs for your most important services or
    user experience.

    '
  x-displayName: SLOs
- name: monitorsLibraryManagement
  description: 'Monitor Management API.



    Monitors continuously query your data to monitor and send notifications when specific
    events occur.

    For more information see [Monitors](https://help.sumologic.com/?cid=10020).

    '
  x-displayName: Monitors
paths:
  /v1/apps:
    get:
      tags:
      - appManagement
      summary: List Available Apps.
      description: Lists all available apps from the App Catalog.
      operationId: listApps
      responses:
        '200':
          description: List of all available apps.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListAppsResult'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/apps/{uuid}:
    get:
      tags:
      - appManagement
      summary: Get An App By UUID.
      description: Gets the app with the given universally unique identifier (UUID).
      operationId: getApp
      parameters:
      - name: uuid
        in: path
        description: The identifier of the app to retrieve.
        required: true
        schema:
          type: string
          format: uuid
      responses:
        '200':
          description: The retrieved app.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/App'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/apps/{uuid}/install:
    post:
      tags:
      - appManagement
      summary: Install An App By UUID.
      description: Installs the app with given UUID in the folder specified using
        destinationFolderId.
      operationId: installApp
      parameters:
      - name: uuid
        in: path
        description: UUID of the app to install.
        required: true
        schema:
          type: string
          format: uuid
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AppInstallRequest'
        required: true
      responses:
        '200':
          description: App install job has been scheduled.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BeginAsyncJobResponse'
        default:
          description: App installation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/apps/install/{jobId}/status:
    get:
      tags:
      - appManagement
      summary: App Install Job Status.
      description: Get the status of an asynchronous app install request for the given
        job identifier.
      operationId: getAsyncInstallStatus
      parameters:
      - name: jobId
        in: path
        description: The identifier of the asynchronous install job.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: The status of the app install job.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncJobStatus'
        default:
          description: App installation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/apps/{uuid}/install:
    post:
      tags:
      - appManagementV2
      summary: Start App Install Job
      description: 'Schedule an asynchronous job to install the app with the given
        UUID and version from the App Catalog. The app will be installed in ''Installed
        Apps'' folder in the Content Library.


        _You get back an identifier of asynchronous job in response to this endpoint.
        You can then use the [app install status API](#operation/getAsyncInstallAppStatus)
        to get the status of the installation request. See [Asynchronous-Request](#section/Getting-Started/Asynchronous-Request)
        section for more details on how to work with asynchronous request._'
      operationId: asyncInstallApp
      parameters:
      - name: uuid
        in: path
        description: UUID of the app to install.
        required: true
        schema:
          type: string
        example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5
      requestBody:
        description: Information about the app to install.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AsyncInstallAppRequest'
        required: true
      responses:
        '200':
          description: App installation job has been scheduled.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BeginAsyncJobResponseV2'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/apps/install/{jobId}/status:
    get:
      tags:
      - appManagementV2
      summary: App Install Job Status
      description: Get the status of an asynchronous app install request for the given
        job identifier.
      operationId: getAsyncInstallAppStatus
      parameters:
      - name: jobId
        in: path
        description: Identifier of the asynchronous job for installing the app.
        required: true
        schema:
          type: string
        example: C03E086C137F38B4
      responses:
        '200':
          description: Status of the app installation job.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncInstallAppJobStatus'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/apps/{uuid}/uninstall:
    post:
      tags:
      - appManagementV2
      summary: Start App Uninstall Job
      description: 'Schedule an asynchronous job to uninstall app with the given UUID.


        _You get back an identifier of asynchronous job in response to this endpoint.
        You can then use the [app uninstall status API](#operation/getAsyncUninstallAppStatus)
        to get the status of the uninstallation request. See [Asynchronous-Request](#section/Getting-Started/Asynchronous-Request)
        section for more details on how to work with asynchronous request._'
      operationId: asyncUninstallApp
      parameters:
      - name: uuid
        in: path
        description: UUID of the app to uninstall.
        required: true
        schema:
          type: string
        example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5
      responses:
        '200':
          description: App uninstall job has been scheduled.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BeginAsyncJobResponseV2'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/apps/uninstall/{jobId}/status:
    get:
      tags:
      - appManagementV2
      summary: App Uninstall Job Status
      description: Get the status of an asynchronous app uninstall request for the
        given job identifier.
      operationId: getAsyncUninstallAppStatus
      parameters:
      - name: jobId
        in: path
        description: Identifier of the asynchronous job for uninstalling the app.
        required: true
        schema:
          type: string
        example: C03E086C137F38B4
      responses:
        '200':
          description: Status of the app uninstall job.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncUninstallAppJobStatus'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/apps/{uuid}/upgrade:
    post:
      tags:
      - appManagementV2
      summary: Start App Upgrade Job
      description: 'Schedule an asynchronous job to upgrade the app with the given
        UUID and version from the App Catalog. The app will be installed in ''Installed
        Apps'' folder in the Content Library.


        _You get back an identifier of asynchronous job in response to this endpoint.
        You can then use the [app upgrade status API](#operation/getAsyncUpgradeAppStatus)
        to get the status of the upgrade request. See [Asynchronous-Request](#section/Getting-Started/Asynchronous-Request)
        section for more details on how to work with asynchronous request._'
      operationId: asyncUpgradeApp
      parameters:
      - name: uuid
        in: path
        description: UUID of the app to upgrade.
        required: true
        schema:
          type: string
        example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5
      requestBody:
        description: Information about the app to upgrade.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AsyncUpgradeAppRequest'
        required: true
      responses:
        '200':
          description: App upgrade job has been scheduled.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BeginAsyncJobResponseV2'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/apps/upgrade/{jobId}/status:
    get:
      tags:
      - appManagementV2
      summary: App Upgrade Job Status
      description: Get the status of an asynchronous app upgrade request for the given
        job identifier.
      operationId: getAsyncUpgradeAppStatus
      parameters:
      - name: jobId
        in: path
        description: Identifier of the asynchronous job for upgrading the app.
        required: true
        schema:
          type: string
        example: C03E086C137F38B4
      responses:
        '200':
          description: Status of the app upgrade job.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncUpgradeAppJobStatus'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/apps:
    get:
      tags:
      - appManagementV2
      summary: List Apps
      description: List all apps from the App Catalog.
      operationId: listAppsV2
      parameters:
      - name: name
        in: query
        description: Name of the app.
        required: false
        schema:
          type: string
        example: AWS%20CloudTrail
      - name: author
        in: query
        description: Author of the app.
        required: false
        schema:
          type: string
        example: Sumo%20Logic
      responses:
        '200':
          description: List of apps.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListAppsV2Response'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/apps/{uuid}/details:
    get:
      tags:
      - appManagementV2
      summary: Get Details Of An App Version.
      description: "Get details about an app with the given UUID and version. The\
        \ details include:\n\n  1. The base URL for all the resource for the app.\n\
        \  2. The app manifest"
      operationId: getAppDetails
      parameters:
      - name: uuid
        in: path
        description: UUID of the app.
        required: true
        schema:
          type: string
        example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5
      - name: version
        in: query
        description: Version of the app. The latest version is used if this is omitted
          or specified as "latest".
        required: false
        schema:
          type: string
        example: 1.0.0
      responses:
        '200':
          description: Information about the requested app.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetAppDetailsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/apps/{uuid}/subscription:
    get:
      tags:
      - appManagementV2
      summary: Get Subscription Status For The User
      description: Get Subscription status for the user for a specific app.  This
        will indicate whether the user has subscribed to the app or not.
      operationId: getAppNotificationSubscriptionStatus
      parameters:
      - name: uuid
        in: path
        description: UUID of the app.
        required: true
        schema:
          type: string
        example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5
      responses:
        '200':
          description: Information about user's subscription status for the app.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SubscriptionStatusResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - appManagementV2
      summary: Subscribe To An App Upgrade Notification
      description: Subscribe to an app upgrade notification. This will allow the user
        to receive notifications for the app updates.
      operationId: subscribeToAppNotification
      parameters:
      - name: uuid
        in: path
        description: UUID of the app to subscribe to.
        required: true
        schema:
          type: string
        example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5
      responses:
        '204':
          description: Successfully subscribed to the app notification.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - appManagementV2
      summary: Unsubscribe From An App Upgrade Notification
      description: Unsubscribe from an app. This will remove the user's subscription
        to notifications for the app.
      operationId: unsubscribeFromAppNotification
      parameters:
      - name: uuid
        in: path
        description: UUID of the app to unsubscribe from.
        required: true
        schema:
          type: string
        example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5
      responses:
        '204':
          description: App Notification unsubscription was successful.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/connections:
    get:
      tags:
      - connectionManagement
      summary: Get A List Of Connections.
      description: Get a list of all connections in the organization. The response
        is paginated with a default limit of 100 connections per page.
      operationId: listConnections
      parameters:
      - name: limit
        in: query
        description: Limit the number of connections returned in the response. The
          number of connections returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: A paginated list of connections in the organization.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListConnectionsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - connectionManagement
      summary: Create A New Connection.
      description: Create a new connection in the organization.
      operationId: createConnection
      parameters: []
      requestBody:
        description: Information about the new connection.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ConnectionDefinition'
        required: true
      responses:
        '200':
          description: The connection has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Connection'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/connections/test:
    post:
      tags:
      - connectionManagement
      summary: Test A New Connection Url.
      description: Test a new connection url is valid and can connect.
      operationId: testConnection
      parameters:
      - name: functionalities
        in: query
        description: 'A comma-separated functionalities of webhook payload to test.
          Acceptable values: `alert`, `resolution`.'
        style: form
        explode: false
        schema:
          type: array
          items:
            type: string
          default:
          - alert
        example: alert,resolution
      - name: connectionId
        in: query
        description: Unique identifier of an existing connection to test. It should
          be provided when the request body of an existing connection contains masked
          authorization headers. If not provided, the authorization headers will not
          be correctly unmasked, and the test may fail due to unauthorized access.
        required: false
        schema:
          type: string
        example: 0000000000123ABC
      requestBody:
        description: Information about the new connection.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ConnectionDefinition'
        required: true
      responses:
        '200':
          description: The connection url has been tested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TestConnectionResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/connections/incidentTemplates:
    post:
      tags:
      - connectionManagement
      summary: Get Incident Templates For CloudSOAR Connections.
      description: Get incident templates for CloudSOAR connections.
      operationId: getIncidentTemplates
      parameters: []
      requestBody:
        description: Information about the new connection.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GetIncidentTemplatesRequest'
        required: false
      responses:
        '200':
          description: A list of the incident templates for the given CloudSOAR account.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetIncidentTemplatesResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/connections/{id}:
    get:
      tags:
      - connectionManagement
      summary: Get A Connection.
      description: Get a connection with the given identifier.
      operationId: getConnection
      parameters:
      - name: id
        in: path
        description: Identifier of connection to return.
        required: true
        schema:
          type: string
      - name: type
        in: query
        description: Type of connection to return. Valid values are `WebhookConnection`,
          `ServiceNowConnection`.
        schema:
          type: string
          default: WebhookConnection
      responses:
        '200':
          description: Connection object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Connection'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - connectionManagement
      summary: Update A Connection.
      description: Update an existing connection.
      operationId: updateConnection
      parameters:
      - name: id
        in: path
        description: Identifier of the connection to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update about the connection.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ConnectionDefinition'
        required: true
      responses:
        '200':
          description: The connection was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Connection'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - connectionManagement
      summary: Delete A Connection.
      description: Delete a connection with the given identifier.
      operationId: deleteConnection
      parameters:
      - name: id
        in: path
        description: Identifier of the connection to delete.
        required: true
        schema:
          type: string
      - name: type
        in: query
        description: Type of connection to delete. Valid values are `WebhookConnection`,
          `ServiceNowConnection`.
        required: true
        schema:
          pattern: ^(WebhookConnection|ServiceNowConnection)$
          type: string
          x-pattern-message: must be either `WebhookConnection` or `ServiceNowConnection`
      responses:
        '204':
          description: Connection was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/scheduledViews:
    get:
      tags:
      - scheduledViewManagement
      summary: Get A List Of Scheduled Views.
      description: Get a list of all scheduled views in the organization. The response
        is paginated with a default limit of 100 scheduled views per page.
      operationId: listScheduledViews
      parameters:
      - name: limit
        in: query
        description: Limit the number of scheduled views returned in the response.
          The number of scheduled views returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: A paginated list of scheduled views in the organization.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListScheduledViewsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - scheduledViewManagement
      summary: Create A New Scheduled View.
      description: Creates a new scheduled view in the organization.
      operationId: createScheduledView
      parameters: []
      requestBody:
        description: Information about the new scheduled view.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateScheduledViewDefinition'
        required: true
      responses:
        '200':
          description: The scheduled view has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScheduledView'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-create: createScheduledView
  /v1/scheduledViews/{id}:
    get:
      tags:
      - scheduledViewManagement
      summary: Get A Scheduled View.
      description: Get a scheduled view with the given identifier.
      operationId: getScheduledView
      parameters:
      - name: id
        in: path
        description: Identifier of the scheduled view to fetch.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Scheduled view object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScheduledView'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-read: getScheduledView
    put:
      tags:
      - scheduledViewManagement
      summary: Update A Scheduled View.
      description: Update an existing scheduled view.
      operationId: updateScheduledView
      parameters:
      - name: id
        in: path
        description: Identifier of the scheduled view to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update about the scheduled view.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateScheduledViewDefinition'
        required: true
      responses:
        '200':
          description: The scheduled view was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScheduledView'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-update: updateScheduledView
  /v1/scheduledViews/{id}/disable:
    delete:
      tags:
      - scheduledViewManagement
      summary: Disable A Scheduled View.
      description: Disable a scheduled view with the given identifier.
      operationId: disableScheduledView
      parameters:
      - name: id
        in: path
        description: Identifier of the scheduled view to disable.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The scheduled view was disabled successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-delete: deleteScheduledView
  /v1/scheduledViews/{id}/pause:
    post:
      tags:
      - scheduledViewManagement
      summary: Pause A Scheduled View.
      description: Pause a scheduled view with the given identifier.
      operationId: pauseScheduledView
      parameters:
      - name: id
        in: path
        description: Identifier of the scheduled view to pause.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: The scheduled view was paused successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScheduledView'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/scheduledViews/{id}/start:
    post:
      tags:
      - scheduledViewManagement
      summary: Start A Scheduled View.
      description: Start a scheduled view with the given identifier.
      operationId: startScheduledView
      parameters:
      - name: id
        in: path
        description: Identifier of the scheduled view to start.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: The scheduled view was started successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScheduledView'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/scheduledViews/quota:
    get:
      tags:
      - scheduledViewManagement
      summary: Provides Information About Scheduled Views Quota.
      description: Every customer can use a limited number of scheduled views. This
        endpoint allows learning about these limitations and remaining quota.
      operationId: getScheduledViewsQuota
      responses:
        '200':
          description: Current state of scheduled views quota usage (limit and remaining).
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScheduledViewsQuotaUsage'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/lookupTables:
    post:
      tags:
      - lookupManagement
      summary: Create A Lookup Table.
      description: "Create a new lookup table by providing a schema and specifying\
        \ its configuration. Providing parentFolderId\n is mandatory. Use the [getItemByPath](#operation/getItemByPath)\
        \ endpoint to get content id of a path.\nPlease check [Content management\
        \ API](#tag/contentManagement) and [Folder management API](#tag/folderManagement)\
        \ for all available options."
      operationId: createTable
      parameters: []
      requestBody:
        description: The schema and configuration for the lookup table.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LookupTableDefinition'
        required: true
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: Lookup table created successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LookupTable'
  /v1/lookupTables/{id}:
    get:
      tags:
      - lookupManagement
      summary: Get A Lookup Table.
      description: Get a lookup table for the given identifier.
      operationId: lookupTableById
      parameters:
      - name: id
        in: path
        description: Identifier of the lookup table.
        required: true
        schema:
          type: string
          example: 0000000001C41EE4
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: Definition of the lookup table.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LookupTable'
    put:
      tags:
      - lookupManagement
      summary: Edit A Lookup Table.
      description: Edit the lookup table data. All the fields are mandatory in the
        request.
      operationId: updateTable
      parameters:
      - name: id
        in: path
        description: Identifier of the lookup table.
        required: true
        schema:
          type: string
          example: 0000000001C41EE4
      requestBody:
        description: The configuration changes for the lookup table.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LookupUpdateDefinition'
        required: true
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: Configuration updated successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LookupTable'
    delete:
      tags:
      - lookupManagement
      summary: Delete A Lookup Table.
      description: Delete a lookup table completely. <br> **Warning:** `This operation
        cannot be undone`.
      operationId: deleteTable
      parameters:
      - name: id
        in: path
        description: Identifier of the lookup table.
        required: true
        schema:
          type: string
          example: 0000000001C41EE4
      responses:
        '204':
          description: Deletion successful.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/lookupTables/{id}/upload:
    post:
      tags:
      - lookupManagement
      summary: Upload A CSV File.
      description: Create a request to populate a lookup table with a CSV file.
      operationId: uploadFile
      parameters:
      - name: id
        in: path
        description: Identifier of the lookup table to populate.
        required: true
        schema:
          type: string
          example: 0000000001C41EE4
      - name: merge
        in: query
        description: This indicates whether the file contents will be merged with
          existing data in the lookup table or not. If this is true then data with
          the same primary keys will be updated while the rest of the rows will be
          appended. By default, merge is false. The response includes a request identifier
          that you need to use in the [Request Status API](#operation/requestStatus)
          to track the status of the upload request.
        schema:
          type: boolean
          example: true
          default: false
      - name: fileEncoding
        in: query
        description: File encoding of file being uploaded.
        schema:
          type: string
          example: UTF-16
          default: UTF-8
      requestBody:
        content:
          multipart/form-data:
            schema:
              required:
              - file
              type: object
              properties:
                file:
                  type: string
                  description: "The CSV file to upload.\n  - The size limit for the\
                    \ CSV file is 100MB.\n  - Use Unix format, with newlines (\"\\\
                    n\") separating rows.\n  - The first row should contain headers\
                    \ that match the lookup table schema. Matching is\n    case-insensitive."
                  format: binary
        required: true
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: The upload request was accepted. Use the provided token in
            a status request to track the status of the upload.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LookupRequestToken'
  /v1/lookupTables/jobs/{jobId}/status:
    get:
      tags:
      - lookupManagement
      summary: Get The Status Of An Async Job.
      description: Retrieve the status of a previously made request. If the request
        was successful, the status of the response object will be `Success`.
      operationId: requestJobStatus
      parameters:
      - name: jobId
        in: path
        description: An identifier returned in response to an asynchronous request.
        required: true
        schema:
          type: string
          example: 0000000001C41AA3
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: The status of async job with given identifier.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LookupAsyncJobStatus'
  /v1/lookupTables/{id}/truncate:
    post:
      tags:
      - lookupManagement
      summary: Empty A Lookup Table.
      description: Delete all data from a lookup table.
      operationId: truncateTable
      parameters:
      - name: id
        in: path
        description: Identifier of the table to clear.
        required: true
        schema:
          type: string
          example: 0000000001C41EE4
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: The delete data request was accepted. Use the provided token
            in a status request to track the status of the delete.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LookupRequestToken'
  /v1/lookupTables/{id}/row:
    put:
      tags:
      - lookupManagement
      summary: Insert Or Update A Lookup Table Row.
      description: Insert or update a row of a lookup table with the given identifier.
        A new row is inserted if the primary key does not exist already, otherwise
        the existing row with the specified primary key is updated. All the fields
        of the lookup table are required and will be updated to the given values.
        In case a field is not specified then it will be assumed to be set to null.
        If the table size exceeds the maximum limit of 100MB then based on the size
        limit action of the table the update will be processed or discarded.
      operationId: updateTableRow
      parameters:
      - name: id
        in: path
        description: Identifier of the lookup table.
        required: true
        schema:
          type: string
          example: 0000000001C41EE4
      requestBody:
        description: Lookup table row update definition.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RowUpdateDefinition'
        required: true
      responses:
        '204':
          description: Row updated successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/lookupTables/{id}/deleteTableRow:
    put:
      tags:
      - lookupManagement
      summary: Delete A Lookup Table Row.
      description: Delete a row from lookup table by providing the row's primary keys'
        values. The complete set of primary key fields of the lookup table should
        be provided.
      operationId: deleteTableRow
      parameters:
      - name: id
        in: path
        description: Identifier of the lookup table.
        required: true
        schema:
          type: string
          example: 0000000001C41EE4
      requestBody:
        description: Lookup table row delete definition.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RowDeleteDefinition'
        required: true
      responses:
        '204':
          description: Row deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/partitions:
    get:
      tags:
      - partitionManagement
      summary: Get A List Of Partitions.
      description: Get a list of all partitions in the organization. The response
        is paginated with a default limit of 100 partitions per page.
      operationId: listPartitions
      parameters:
      - name: limit
        in: query
        description: Limit the number of partitions returned in the response. The
          number of partitions returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      - name: viewTypes
        in: query
        description: "The type of partitions to retrieve. Valid values are:\n  1.\
          \ `DefaultView`: To get General Index partition.\n  2. `Partition`: To get\
          \ user defined views/partitions.\n  3. `AuditIndex`: To get the internal\
          \ audit indexes. Eg. sumologic_audit_events.\n\nMore than one type of partitions\
          \ can be retrieved in same request."
        required: false
        style: form
        explode: false
        schema:
          type: array
          items:
            pattern: ^(AuditIndex|Partition|DefaultView)$
            type: string
        example:
        - AuditIndex
        - Partition
      responses:
        '200':
          description: A paginated list of partitions in the organization.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListPartitionsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - partitionManagement
      summary: Create A New Partition.
      description: Create a new partition.
      operationId: createPartition
      parameters: []
      requestBody:
        description: Information about the new partition.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreatePartitionDefinition'
        required: true
      responses:
        '200':
          description: The partition has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Partition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/partitions/{id}:
    get:
      tags:
      - partitionManagement
      summary: Get A Partition.
      description: Get a partition with the given identifier from the organization.
      operationId: getPartition
      parameters:
      - name: id
        in: path
        description: Identifier of partition to return.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Partition object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Partition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - partitionManagement
      summary: Update A Partition.
      description: Update an existing partition in the organization.
      operationId: updatePartition
      parameters:
      - name: id
        in: path
        description: Identifier of the partition to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update about the partition.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdatePartitionDefinition'
        required: true
      responses:
        '200':
          description: The partition was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Partition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/partitions/{id}/decommission:
    post:
      tags:
      - partitionManagement
      summary: Decommission A Partition.
      description: Decommission a partition with the given identifier from the organization.
      operationId: decommissionPartition
      parameters:
      - name: id
        in: path
        description: Identifier of the partition to decommission.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: The partition was decommissioned successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/partitions/{id}/cancelRetentionUpdate:
    post:
      tags:
      - partitionManagement
      summary: Cancel A Retention Update For A Partition
      description: Cancel update to retention of a partition for which retention was
        updated previously using `reduceRetentionPeriodImmediately` parameter as false
      operationId: cancelRetentionUpdate
      parameters:
      - name: id
        in: path
        description: Identifier of the partition to cancel the retention update for.
        required: true
        schema:
          type: string
        example: 1
      responses:
        '204':
          description: The retention update was cancelled successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/partitions/quota:
    get:
      tags:
      - partitionManagement
      summary: Provides Information About Partitions Quota.
      description: Every customer can use a limited number of partitions. This endpoint
        allows learning about these limitations and remaining quota.
      operationId: getPartitionsQuota
      responses:
        '200':
          description: Current state of partitions quota usage (limit and remaining).
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PartitionsQuotaUsage'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/logsDataForwarding/destinations:
    get:
      tags:
      - logsDataForwardingManagement
      summary: Get Amazon S3 Data Forwarding Destinations.
      description: Get a list of all Amazon S3 data forwarding destinations.
      operationId: getDataForwardingBuckets
      parameters:
      - name: limit
        in: query
        description: Limit the number of data forwarding destinations returned in
          the response. The number of data forwarding destinations returned may be
          less than the `limit`.
        required: false
        schema:
          maximum: 100
          minimum: 1
          type: integer
          format: int32
          default: 10
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: List of all S3 data forwarding destinations.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetDataForwardingDestinations'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - logsDataForwardingManagement
      summary: Create An S3 Data Forwarding Destination.
      description: Create a new Amazon S3 data forwarding destination.
      operationId: createDataForwardingBucket
      parameters: []
      requestBody:
        description: Parameters to create new S3 data forwarding destination.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateBucketDefinition'
        required: true
      responses:
        '200':
          description: The new data forwarding destination has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BucketDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/logsDataForwarding/destinations/{id}:
    get:
      tags:
      - logsDataForwardingManagement
      summary: Get An S3 Data Forwarding Destination.
      description: Get an S3 data forwarding destination by the given identifier.
      operationId: getDataForwardingDestination
      parameters:
      - name: id
        in: path
        description: Identifier of the S3 data forwarding destination to return.
        required: true
        schema:
          type: string
        example: 1
      responses:
        '200':
          description: Data forwarding destination object requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BucketDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - logsDataForwardingManagement
      summary: Update An S3 Data Forwarding Destination.
      description: Update an S3 data forwarding destination by the given identifier.
      operationId: UpdateDataForwardingBucket
      parameters:
      - name: id
        in: path
        description: Identifier of the data forwarding destination to update.
        required: true
        schema:
          type: string
        example: 1
      requestBody:
        description: Object with the updated parameters.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateBucketDefinition'
        required: true
      responses:
        '200':
          description: The data forwarding destination has been updated.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BucketDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - logsDataForwardingManagement
      summary: Delete An S3 Data Forwarding Destination.
      description: Delete an existing Amazon S3 data forwarding destination with the
        given identifier.
      operationId: deleteDataForwardingBucket
      parameters:
      - name: id
        in: path
        description: Identifier of the data forwarding destination to delete.
        required: true
        schema:
          type: string
        example: 1
      responses:
        '204':
          description: The data forwarding destination has been deleted.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/logsDataForwarding/rules:
    get:
      tags:
      - logsDataForwardingManagement
      summary: Get All S3 Data Forwarding Rules.
      description: Get a list of all S3 data forwarding rules.
      operationId: getRulesAndBuckets
      parameters:
      - name: limit
        in: query
        description: Limit the number of data forwarding rules returned in the response.
          The number of data forwarding rules returned may be less than the `limit`.
        required: false
        schema:
          maximum: 100
          minimum: 1
          type: integer
          format: int32
          default: 10
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: List of all S3 data forwarding rules.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetRulesAndBucketsResult'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - logsDataForwardingManagement
      summary: Create An S3 Data Forwarding Rule.
      description: Create a data forwarding rule to send data from a Partition or
        Scheduled View to an S3 bucket.
      operationId: createDataForwardingRule
      parameters: []
      requestBody:
        description: Parameters to create the new S3 data forwarding rule.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateDataForwardingRule'
        required: true
      responses:
        '200':
          description: The data forwarding rule was created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataForwardingRule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/logsDataForwarding/rules/{indexId}:
    get:
      tags:
      - logsDataForwardingManagement
      summary: Get An S3 Data Forwarding Rule By Its Index.
      description: Get the details of an S3 data forwarding rule by its Partition
        or Scheduled View identifier.
      operationId: getDataForwardingRule
      parameters:
      - name: indexId
        in: path
        description: The `id` of the Partition or Scheduled View.
        required: true
        schema:
          type: string
        example: 1
      responses:
        '200':
          description: Data forwarding rule that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RuleAndBucketDetail'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - logsDataForwardingManagement
      summary: Update An S3 Data Forwarding Rule By Its Index.
      description: Update an S3 data forwarding rule by its Partition or Scheduled
        View identifier.
      operationId: updateDataForwardingRule
      parameters:
      - name: indexId
        in: path
        description: The `id` of the Partition or Scheduled View with the data forwarding
          rule to update.
        required: true
        schema:
          type: string
        example: 1
      requestBody:
        description: Parameters of an S3 data forwarding rule.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateDataForwardingRule'
        required: true
      responses:
        '200':
          description: The data forwarding rule was updated.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataForwardingRule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - logsDataForwardingManagement
      summary: Delete An S3 Data Forwarding Rule By Its Index.
      description: Delete an S3 data forwarding rule by its Partition or Scheduled
        View identifier.
      operationId: deleteDataForwardingRule
      parameters:
      - name: indexId
        in: path
        description: The `id` of the Partition or Scheduled View with the data forwarding
          rule to delete.
        required: true
        schema:
          type: string
        example: 1
      responses:
        '204':
          description: The S3 data forwarding rule was deleted.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/logSearches:
    get:
      tags:
      - logSearchesManagement
      summary: List All Saved Log Searches.
      description: List all saved log searches viewable by the user.
      operationId: listLogSearches
      parameters:
      - name: limit
        in: query
        description: Limit the number of log searches returned in the response. The
          number of log searches returned may be less than the `limit`.
        required: false
        schema:
          maximum: 100
          minimum: 1
          type: integer
          format: int32
          default: 50
        example: 50
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
        example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
      responses:
        '200':
          description: Paginated list of log searches under the Personal folder created
            by the user.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedLogSearches'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - logSearchesManagement
      summary: Save A Log Search.
      description: Save the log search in the content library.
      operationId: createLogSearch
      parameters: []
      requestBody:
        description: The definition of the saved log search.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SaveLogSearchRequest'
        required: true
      responses:
        '200':
          description: Newly saved log search.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogSearch'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-create: createLogSearch
  /v1/logSearches/{id}:
    get:
      tags:
      - logSearchesManagement
      summary: Get The Saved Log Search.
      description: Get a saved log search from the content library by identifier.
      operationId: getLogSearch
      parameters:
      - name: id
        in: path
        description: Identifier of the saved log search.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Saved log search that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogSearch'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-read: getLogSearch
    put:
      tags:
      - logSearchesManagement
      summary: Update The Saved Log Search.
      description: Update the saved log search with the specified identifier. Partial
        update is not supported, you must provide values for all fields.
      operationId: updateLogSearch
      parameters:
      - name: id
        in: path
        description: Identifier of the saved log search.
        required: true
        schema:
          type: string
      requestBody:
        description: An updated saved log search definition.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LogSearchDefinition'
        required: true
      responses:
        '200':
          description: The saved log search that was updated.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogSearch'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-update: updateLogSearch
    delete:
      tags:
      - logSearchesManagement
      summary: Delete The Saved Log Search.
      description: Delete the saved log search from the content library.
      operationId: deleteLogSearch
      parameters:
      - name: id
        in: path
        description: Identifier of the saved log search.
        required: true
        schema:
          type: string
      responses:
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '204':
          description: The saved log search was successfully deleted.
      x-tf-delete: deleteLogSearch
  /v1/dataDeletionRules:
    get:
      tags:
      - dataDeletionRules
      summary: Get A List Of Data Deletion Rules
      description: Get a list of data deletion rules in the organization. The response
        is paginated with a default limit of 50 rules.
      operationId: listDeletionRules
      parameters:
      - name: limit
        in: query
        description: Limit the number of deletion Rules returned in the response
        required: false
        schema:
          maximum: 100
          minimum: 1
          type: integer
          format: int32
          default: 50
        example: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: A paginated list of data deletion Rules
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListDeletionRulesResponse'
        default:
          description: Operation failed with an error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - dataDeletionRules
      summary: Create A New Data Deletion Rule
      description: Create a new data deletion rule to delete logs.
      operationId: createDataDeletionRule
      parameters: []
      requestBody:
        description: Information about the new deletion rule.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateDeletionRuleRequest'
        required: true
      responses:
        '200':
          description: The data deletion Rule that has been created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DeletionRuleDefinition'
        default:
          description: Operation failed with an error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/dataDeletionRules/{id}:
    get:
      tags:
      - dataDeletionRules
      summary: Get Data Deletion Rule Information For The Given Id.
      description: Get Data Deletion Rule information for the given Id with updated
        fields.
      operationId: getDataDeletionRule
      parameters:
      - name: id
        in: path
        description: Identifier of the Deletion Rule to fetch
        required: true
        schema:
          type: string
      responses:
        '200':
          description: The data deletion Rule Definition that was requested
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DeletionRuleDefinition'
        default:
          description: Operation failed with an error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/dataDeletionRules/{id}/cancel:
    post:
      tags:
      - dataDeletionRules
      summary: Cancel The Data Deletion Rule With The Given Id.
      description: Cancel the data Deletion Rule with the given Id. Allowed only if
        the rule is waiting for approval.
      operationId: cancelDataDeletionRule
      parameters:
      - name: id
        in: path
        description: Identifier of the Deletion Rule to cancel
        required: true
        schema:
          type: string
      responses:
        '200':
          description: The data deletion Rule has been cancelled successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DeletionRuleDefinition'
        default:
          description: Operation failed with an error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/dataDeletionRules/{id}/delete:
    delete:
      tags:
      - dataDeletionRules
      summary: Delete The Data Deletion Rule With The Given Id.
      description: Delete the data Deletion Rule with the given Id. Allowed only if
        the rule is cancelled.
      operationId: deleteDataDeletionRule
      parameters:
      - name: id
        in: path
        description: Identifier of the Deletion Rule to delete
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The data deletion Rule has been deleted successfully.
        default:
          description: Operation failed with an error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/dataMaskingRules:
    get:
      tags:
      - dataMaskingManagement
      summary: Get A List Of Data Masking Rules.
      description: Get a list of all data masking rules for the current organization.
        The response is paginated with a default limit of 100 rules per page.
      operationId: listDataMaskingRules
      parameters:
      - name: limit
        in: query
        description: Limit the number of data masking rules returned in the response.
          The number of rules returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: A paginated list of data masking rules.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListDataMaskingRulesResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - dataMaskingManagement
      summary: Create A New Data Masking Rule.
      description: Create a new data masking rule. The rule will be applied to search
        results at query time, replacing matches of the regex pattern with the specified
        mask string.
      operationId: createDataMaskingRule
      parameters: []
      requestBody:
        description: Information about the new data masking rule.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DataMaskingRuleDefinition'
        required: true
      responses:
        '200':
          description: The data masking rule has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataMaskingRule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-create: createDataMaskingRule
  /v1/dataMaskingRules/{id}:
    get:
      tags:
      - dataMaskingManagement
      summary: Get A Data Masking Rule.
      description: Get a data masking rule with the given identifier.
      operationId: getDataMaskingRule
      parameters:
      - name: id
        in: path
        description: Identifier of the data masking rule to return.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Data masking rule object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataMaskingRule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-read: getDataMaskingRule
    put:
      tags:
      - dataMaskingManagement
      summary: Update A Data Masking Rule.
      description: Update an existing data masking rule. All properties specified
        in the request are replaced. Missing properties are set to their default values.
        The rule name is immutable and cannot be changed after creation.
      operationId: updateDataMaskingRule
      parameters:
      - name: id
        in: path
        description: Identifier of the data masking rule to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update about the data masking rule. The name field
          cannot be changed as it is immutable.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/BaseDataMaskingRuleDefinition'
        required: true
      responses:
        '200':
          description: The data masking rule was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataMaskingRule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-update: updateDataMaskingRule
    delete:
      tags:
      - dataMaskingManagement
      summary: Delete A Data Masking Rule.
      description: Delete a data masking rule with the given identifier.
      operationId: deleteDataMaskingRule
      parameters:
      - name: id
        in: path
        description: Identifier of the data masking rule to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Data masking rule was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-delete: deleteDataMaskingRule
  /v1/extractionRules:
    get:
      tags:
      - extractionRuleManagement
      summary: Get A List Of Field Extraction Rules.
      description: Get a list of all field extraction rules. The response is paginated
        with a default limit of 100 field extraction rules per page.
      operationId: listExtractionRules
      parameters:
      - name: limit
        in: query
        description: Limit the number of field extraction rules returned in the response.
          The number of field extraction rules returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: A paginated list of field extraction rules.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListExtractionRulesResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - extractionRuleManagement
      summary: Create A New Field Extraction Rule.
      description: Create a new field extraction rule.
      operationId: createExtractionRule
      parameters: []
      requestBody:
        description: Information about the new field extraction rule.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ExtractionRuleDefinition'
        required: true
      responses:
        '200':
          description: The field extraction rule has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ExtractionRule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-create: createExtractionRule
  /v1/extractionRules/{id}:
    get:
      tags:
      - extractionRuleManagement
      summary: Get A Field Extraction Rule.
      description: Get a field extraction rule with the given identifier.
      operationId: getExtractionRule
      parameters:
      - name: id
        in: path
        description: Identifier of field extraction rule to return.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Extraction rule object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ExtractionRule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-read: getExtractionRule
    put:
      tags:
      - extractionRuleManagement
      summary: Update A Field Extraction Rule.
      description: Update an existing field extraction rule. All properties specified
        in the request are replaced. Missing properties are set to their default values.
      operationId: updateExtractionRule
      parameters:
      - name: id
        in: path
        description: Identifier of the field extraction rule to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update about the field extraction rule.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateExtractionRuleDefinition'
        required: true
      responses:
        '200':
          description: The field extraction rule was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ExtractionRule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-update: updateExtractionRule
    delete:
      tags:
      - extractionRuleManagement
      summary: Delete A Field Extraction Rule.
      description: Delete a field extraction rule with the given identifier.
      operationId: deleteExtractionRule
      parameters:
      - name: id
        in: path
        description: Identifier of the field extraction rule to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Extraction rule was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-delete: deleteExtractionRule
  /v1/dynamicParsingRules:
    get:
      tags:
      - dynamicParsingRuleManagement
      summary: Get A List Of Dynamic Parsing Rules.
      description: Get a list of all dynamic parsing rules. The response is paginated
        with a default limit of 100 dynamic parsing rules per page.
      operationId: listDynamicParsingRules
      parameters:
      - name: limit
        in: query
        description: Limit the number of dynamic parsing rules returned in the response.
          The number of dynamic parsing rules returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          example: 10
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results.
        required: false
        schema:
          type: string
          example: 0000000001C51FF7
      responses:
        '200':
          description: A paginated list of dynamic parsing rules.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListDynamicRulesResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - dynamicParsingRuleManagement
      summary: Create A New Dynamic Parsing Rule.
      description: Create a new dynamic parsing rule.
      operationId: createDynamicParsingRule
      requestBody:
        description: Information about the new dynamic parsing rule.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DynamicRuleDefinition'
        required: true
      responses:
        '200':
          description: The dynamic parsing rule has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DynamicRule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/dynamicParsingRules/{id}:
    get:
      tags:
      - dynamicParsingRuleManagement
      summary: Get A Dynamic Parsing Rule.
      description: Get a dynamic parsing rule with the given identifier.
      operationId: getDynamicParsingRule
      parameters:
      - name: id
        in: path
        description: Identifier of dynamic parsing rule to return.
        required: true
        schema:
          type: string
          example: 0000000001C41EE4
      responses:
        '200':
          description: Dynamic parsing rule object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DynamicRule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - dynamicParsingRuleManagement
      summary: Update A Dynamic Parsing Rule.
      description: Update an existing dynamic parsing rule. All properties specified
        in the request are replaced. Missing properties are set to their default values.
      operationId: updateDynamicParsingRule
      parameters:
      - name: id
        in: path
        description: Identifier of the dynamic parsing rule to update.
        required: true
        schema:
          type: string
          example: 0000000001C41EE4
      requestBody:
        description: Information to update about the dynamic parsing rule.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DynamicRuleDefinition'
        required: true
      responses:
        '200':
          description: The dynamic parsing rule was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DynamicRule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - dynamicParsingRuleManagement
      summary: Delete A Dynamic Parsing Rule.
      description: Delete a dynamic parsing rule with the given identifier.
      operationId: deleteDynamicParsingRule
      parameters:
      - name: id
        in: path
        description: Identifier of the dynamic parsing rule to delete.
        required: true
        schema:
          type: string
          example: 0000000001C41EE4
      responses:
        '204':
          description: Dynamic parsing rule was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/fields:
    get:
      tags:
      - fieldManagementV1
      summary: Get A List Of All Custom Fields.
      description: Request a list of all the custom fields configured in your account.
      operationId: listCustomFields
      responses:
        '200':
          description: List of all custom fields.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListCustomFieldsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - fieldManagementV1
      summary: Create A New Field.
      description: Adding a field will define it in the Fields schema allowing it
        to be assigned as metadata to your logs.
      operationId: createField
      parameters: []
      requestBody:
        description: Name of a field to add. The name is used as the key in the key-value
          pair.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/FieldName'
        required: true
      responses:
        '200':
          description: The field was created successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CustomField'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/fields/{id}:
    get:
      tags:
      - fieldManagementV1
      summary: Get A Custom Field.
      description: Get the details of a custom field.
      operationId: getCustomField
      parameters:
      - name: id
        in: path
        description: Identifier of a field.
        required: true
        schema:
          type: string
        example: 00000000031D02DA
      responses:
        '200':
          description: The details of the custom field.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CustomField'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - fieldManagementV1
      summary: Delete A Custom Field.
      description: Deleting a field does not delete historical data assigned with
        that field. If you  delete a field by mistake and one or more of those dependencies
        break, you can  re-add the field to get things working properly again. You
        should always disable  a field and ensure things are behaving as expected
        before deleting a field.
      operationId: deleteField
      parameters:
      - name: id
        in: path
        description: Identifier of a field to delete.
        required: true
        schema:
          type: string
        example: 00000000031D02DA
      responses:
        '204':
          description: The field was successfully deleted.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/fields/{id}/enable:
    put:
      tags:
      - fieldManagementV1
      summary: Enable Custom Field With A Specified Identifier.
      description: Fields have to be enabled to be assigned to your data. This operation
        ensures that a specified field is enabled and Sumo Logic will treat it as
        safe to process. All manually created custom fields are  enabled by default.
      operationId: enableField
      parameters:
      - name: id
        in: path
        description: Identifier of a field to enable.
        required: true
        schema:
          type: string
        example: 00000000031D02DA
      responses:
        '204':
          description: Field has been enabled.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/fields/{id}/disable:
    delete:
      tags:
      - fieldManagementV1
      summary: Disable A Custom Field.
      description: After disabling a field Sumo Logic will start dropping its incoming
        values at ingest. As a result, they won't be searchable or usable. Historical
        values are not removed and remain searchable.
      operationId: disableField
      parameters:
      - name: id
        in: path
        description: Identifier of a field to disable.
        required: true
        schema:
          type: string
        example: 00000000031D02DA
      responses:
        '204':
          description: Field has been disabled.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/fields/dropped:
    get:
      tags:
      - fieldManagementV1
      summary: Get A List Of Dropped Fields.
      description: Dropped fields are fields sent to Sumo Logic, but are ignored since
        they are not defined in your Fields schema. In order to save these values
        a field must both exist and be enabled.
      operationId: listDroppedFields
      responses:
        '200':
          description: 'List of dropped fields.

            '
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListDroppedFieldsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/fields/builtin:
    get:
      tags:
      - fieldManagementV1
      summary: Get A List Of Built-in Fields.
      description: Built-in fields are created automatically by Sumo Logic for standard
        configuration purposes. They include `_sourceHost` and `_sourceCategory`.
        Built-in fields can't be deleted or disabled.
      operationId: listBuiltInFields
      responses:
        '200':
          description: List of all built-in fields.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListBuiltinFieldsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/fields/builtin/{id}:
    get:
      tags:
      - fieldManagementV1
      summary: Get A Built-in Field.
      description: Get the details of a built-in field.
      operationId: getBuiltInField
      parameters:
      - name: id
        in: path
        description: Identifier of a built-in field.
        required: true
        schema:
          type: string
        example: 000000000000000A
      responses:
        '200':
          description: The details of the built-in field.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BuiltinField'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/fields/quota:
    get:
      tags:
      - fieldManagementV1
      summary: Get Capacity Information.
      description: Every account has a limited number of fields available. This endpoint
        returns your account limitations and remaining quota.
      operationId: getFieldQuota
      responses:
        '200':
          description: Current fields capacity usage (fields count).
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FieldQuotaUsage'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/ingestBudgets:
    get:
      tags:
      - ingestBudgetManagementV2
      summary: Get A List Of Ingest Budgets.
      description: Get a list of all ingest budgets. The response is paginated with
        a default limit of 100 budgets per page.
      operationId: listIngestBudgetsV2
      parameters:
      - name: limit
        in: query
        description: Limit the number of budgets returned in the response. The number
          of budgets returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: A paginated list of budgets.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListIngestBudgetsResponseV2'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - ingestBudgetManagementV2
      summary: Create A New Ingest Budget.
      description: Create a new ingest budget.
      operationId: createIngestBudgetV2
      parameters: []
      requestBody:
        description: Information about the new ingest budget.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/IngestBudgetDefinitionV2'
        required: true
      responses:
        '200':
          description: The ingest budget has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IngestBudgetV2'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/ingestBudgets/{id}:
    get:
      tags:
      - ingestBudgetManagementV2
      summary: Get An Ingest Budget.
      description: Get an ingest budget by the given identifier.
      operationId: getIngestBudgetV2
      parameters:
      - name: id
        in: path
        description: Identifier of ingest budget to return.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Ingest budget object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IngestBudgetV2'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - ingestBudgetManagementV2
      summary: Update An Ingest Budget.
      description: Update an existing ingest budget. All properties specified in the
        request are required.
      operationId: updateIngestBudgetV2
      parameters:
      - name: id
        in: path
        description: Identifier of the ingest budget to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update about the ingest budget.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/IngestBudgetDefinitionV2'
        required: true
      responses:
        '200':
          description: The ingest budget was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IngestBudgetV2'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - ingestBudgetManagementV2
      summary: Delete An Ingest Budget.
      description: Delete an ingest budget with the given identifier.
      operationId: deleteIngestBudgetV2
      parameters:
      - name: id
        in: path
        description: Identifier of the ingest budget to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The ingest budget was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/ingestBudgets/{id}/usage/reset:
    post:
      tags:
      - ingestBudgetManagementV2
      summary: Reset Usage.
      description: Reset ingest budget's current usage to 0 before the scheduled reset
        time. This is only applicable to `dailyVolume` budgetType.
      operationId: resetUsageV2
      parameters:
      - name: id
        in: path
        description: Identifier of the ingest budget to reset usage.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Ingest budget's usage was reset successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/users:
    get:
      tags:
      - userManagement
      summary: Get A List Of Users.
      description: Get a list of all users in the organization. The response is paginated
        with a default limit of 100 users per page.
      operationId: listUsers
      parameters:
      - name: limit
        in: query
        description: Limit the number of users returned in the response. The number
          of users returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      - name: sortBy
        in: query
        description: Sort the list of users by the `firstName`, `lastName`, or `email`
          field.
        required: false
        schema:
          type: string
      - name: email
        in: query
        description: Find user with the given email address.
        required: false
        schema:
          minLength: 1
          type: string
      - name: includeServiceAccounts
        in: query
        description: Include service accounts while listing users within the organization.
        required: false
        schema:
          type: boolean
      responses:
        '200':
          description: A paginated list of users in the organization.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListUserModelsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - userManagement
      summary: Create A New User.
      description: Create a new user in the organization.
      operationId: createUser
      parameters: []
      requestBody:
        description: Information about the new user.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateUserDefinition'
        required: true
      responses:
        '200':
          description: The user has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserModel'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/users/{id}:
    get:
      tags:
      - userManagement
      summary: Get A User.
      description: Get a user with the given identifier from the organization.
      operationId: getUser
      parameters:
      - name: id
        in: path
        description: Identifier of user to return.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: User object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserModel'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - userManagement
      summary: Update A User.
      description: Update an existing user in the organization.
      operationId: updateUser
      parameters:
      - name: id
        in: path
        description: Identifier of the user to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update about the user.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateUserDefinition'
        required: true
      responses:
        '200':
          description: The user was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserModel'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - userManagement
      summary: Delete A User.
      description: Delete a user with the given identifier from the organization and
        transfer their content to the user with the identifier specified in "transferTo".
      operationId: deleteUser
      parameters:
      - name: id
        in: path
        description: Identifier of the user to delete.
        required: true
        schema:
          type: string
      - name: transferTo
        in: query
        description: Identifier of the user to receive the transfer of content from
          the deleted user. <br> **Note:** If `deleteContent` is not set to `true`,
          and no user identifier is specified in `transferTo`, content from the deleted
          user is transferred to the executing user.
        required: false
        schema:
          type: string
      - name: deleteContent
        in: query
        description: Whether to delete content from the deleted user or not. <br>
          **Warning:** If `deleteContent` is set to `true`, all of the content for
          the user being deleted is permanently deleted and cannot be recovered.
        required: false
        schema:
          type: boolean
      responses:
        '204':
          description: User was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/users/{id}/email/requestChange:
    post:
      tags:
      - userManagement
      summary: Change Email Address.
      description: An email with an activation link is sent to the user’s new email
        address. The user must click the link in the email within seven days to complete
        the email address change, or the link will expire.
      operationId: requestChangeEmail
      parameters:
      - name: id
        in: path
        description: Identifier of the user to change email address.
        required: true
        schema:
          type: string
      requestBody:
        description: New email address of the user.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ChangeEmailRequest'
        required: true
      responses:
        '204':
          description: Email change request was submitted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/users/{id}/password/reset:
    post:
      tags:
      - userManagement
      summary: Reset Password.
      description: Reset a user's password.
      operationId: resetPassword
      parameters:
      - name: id
        in: path
        description: Identifier of the user to reset password.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: User's password was reset successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/users/{id}/unlock:
    post:
      tags:
      - userManagement
      summary: Unlock A User.
      description: Unlock another user's account.
      operationId: unlockUser
      parameters:
      - name: id
        in: path
        description: The id of the user that needs to be unlocked.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: User's account was unlocked successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/users/{id}/mfa/disable:
    put:
      tags:
      - userManagement
      summary: Disable MFA For User.
      description: Disable multi-factor authentication for given user.
      operationId: disableMfa
      parameters:
      - name: id
        in: path
        description: Identifier of the user to disable MFA for.
        required: true
        schema:
          type: string
      requestBody:
        description: Email and Password of the user to disable MFA for.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DisableMfaRequest'
        required: true
      responses:
        '204':
          description: User's MFA was disabled successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/users/{id}/resendWelcomeEmail:
    post:
      tags:
      - userManagement
      summary: Resend Verification Email.
      description: Resend the welcome email to a user.
      operationId: resendWelcomeEmail
      parameters:
      - name: id
        in: path
        description: Identifier of the user to resend the welcome email.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Welcome email was resent successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/roles:
    get:
      tags:
      - roleManagement
      summary: Get A List Of Roles.
      description: Get a list of all the roles in the organization. The response is
        paginated with a default limit of 100 roles per page.
      operationId: listRoles
      parameters:
      - name: limit
        in: query
        description: Limit the number of roles returned in the response. The number
          of roles returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      - name: sortBy
        in: query
        description: Sort the list of roles by the `name` field.
        required: false
        schema:
          type: string
      - name: name
        in: query
        description: Only return roles matching the given name.
        required: false
        schema:
          minLength: 1
          type: string
      responses:
        '200':
          description: A paginated list of roles in the organization.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListRoleModelsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - roleManagement
      summary: Create A New Role.
      description: Create a new role in the organization.
      operationId: createRole
      parameters: []
      requestBody:
        description: Information about the new role.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateRoleDefinition'
        required: true
      responses:
        '200':
          description: The role has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RoleModel'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-create: createRole
  /v1/roles/{id}:
    get:
      tags:
      - roleManagement
      summary: Get A Role.
      description: Get a role with the given identifier in the organization.
      operationId: getRole
      parameters:
      - name: id
        in: path
        description: Identifier of the role to fetch.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Role object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RoleModel'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-read: getRole
    put:
      tags:
      - roleManagement
      summary: Update A Role.
      description: Update an existing role in the organization.
      operationId: updateRole
      parameters:
      - name: id
        in: path
        description: Identifier of the role to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update about the role.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateRoleDefinition'
        required: true
      responses:
        '200':
          description: The user was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RoleModel'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-update: updateRole
    delete:
      tags:
      - roleManagement
      summary: Delete A Role.
      description: Delete a role with the given identifier from the organization.
      operationId: deleteRole
      parameters:
      - name: id
        in: path
        description: Identifier of the role to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Role was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-delete: deleteRole
  /v1/roles/{roleId}/users/{userId}:
    put:
      tags:
      - roleManagement
      summary: Assign A Role To A User.
      description: Assign a role to a user in the organization.
      operationId: assignRoleToUser
      parameters:
      - name: roleId
        in: path
        description: Identifier of the role to assign.
        required: true
        schema:
          type: string
      - name: userId
        in: path
        description: Identifier of the user to assign the role to.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Role was successfully assigned to the user.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RoleModel'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - roleManagement
      summary: Remove Role From A User.
      description: Remove a role from a user in the organization.
      operationId: removeRoleFromUser
      parameters:
      - name: roleId
        in: path
        description: Identifier of the role to delete.
        required: true
        schema:
          type: string
      - name: userId
        in: path
        description: Identifier of the user to remove the role from.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Role was successfully removed from the user.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/roles:
    get:
      tags:
      - roleManagementV2
      summary: Get A List Of Roles.
      description: Get a list of all the roles in the organization. The response is
        paginated with a default limit of 100 roles per page.
      operationId: listRolesV2
      parameters:
      - name: limit
        in: query
        description: Limit the number of roles returned in the response. The number
          of roles returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      - name: sortBy
        in: query
        description: Sort the list of roles by the `name` field.
        required: false
        schema:
          type: string
      - name: name
        in: query
        description: Only return roles matching the given name.
        required: false
        schema:
          minLength: 1
          type: string
      responses:
        '200':
          description: A paginated list of roles in the organization.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListRoleModelsResponseV2'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - roleManagementV2
      summary: Create A New Role.
      description: Create a new role in the organization.
      operationId: createRoleV2
      parameters: []
      requestBody:
        description: Information about the new role.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateRoleDefinitionV2'
        required: true
      responses:
        '200':
          description: The role has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RoleModelV2'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-create: createRoleV2
  /v2/roles/{id}:
    get:
      tags:
      - roleManagementV2
      summary: Get A Role.
      description: Get a role with the given identifier in the organization.
      operationId: getRoleV2
      parameters:
      - name: id
        in: path
        description: Identifier of the role to fetch.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Role object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetRoleDefinitionV2'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-read: getRoleV2
    put:
      tags:
      - roleManagementV2
      summary: Update A Role.
      description: Update an existing role in the organization.
      operationId: updateRoleV2
      parameters:
      - name: id
        in: path
        description: Identifier of the role to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update about the role.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateRoleDefinitionV2'
        required: true
      responses:
        '200':
          description: The user was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RoleModelV2'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-update: updateRoleV2
    delete:
      tags:
      - roleManagementV2
      summary: Delete A Role.
      description: Delete a role with the given identifier from the organization.
      operationId: deleteRoleV2
      parameters:
      - name: id
        in: path
        description: Identifier of the role to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Role was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-tf-delete: deleteRoleV2
  /v2/roles/{roleId}/users/{userId}:
    put:
      tags:
      - roleManagementV2
      summary: Assign A Role To A User.
      description: Assign a role to a user in the organization.
      operationId: assignRoleToUserV2
      parameters:
      - name: roleId
        in: path
        description: Identifier of the role to assign.
        required: true
        schema:
          type: string
      - name: userId
        in: path
        description: Identifier of the user to assign the role to.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Role was successfully assigned to the user.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RoleModelV2'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - roleManagementV2
      summary: Remove Role From A User.
      description: Remove a role from a user in the organization.
      operationId: removeRoleFromUserV2
      parameters:
      - name: roleId
        in: path
        description: Identifier of the role to delete.
        required: true
        schema:
          type: string
      - name: userId
        in: path
        description: Identifier of the user to remove the role from.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Role was successfully removed from the user.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders:
    post:
      tags:
      - folderManagement
      summary: Create A New Folder.
      description: Creates a new folder under the given parent folder. Set the header
        parameter `isAdminMode` to `"true"` to create a folder inside "Admin Recommended"
        folder.
      operationId: createFolder
      parameters:
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      requestBody:
        description: Information about the new folder.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/FolderDefinition'
        required: true
      responses:
        '200':
          description: The folder has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Folder'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/{id}:
    get:
      tags:
      - folderManagement
      summary: Get A Folder.
      description: Get a folder with the given identifier. Set the header parameter
        `isAdminMode` to `"true"` if fetching a folder inside "Admin Recommended"
        folder.
      operationId: getFolder
      parameters:
      - name: id
        in: path
        description: Identifier of the folder to fetch.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: Folder that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Folder'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - folderManagement
      summary: Update A Folder.
      description: Update an existing folder with the given identifier. Set the header
        parameter `isAdminMode` to `"true"` if updating a folder inside "Admin Recommended"
        folder.
      operationId: updateFolder
      parameters:
      - name: id
        in: path
        description: Identifier of the folder to update.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      requestBody:
        description: Information to update about the folder.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateFolderRequest'
        required: true
      responses:
        '200':
          description: The folder was successfully updated.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Folder'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/personal:
    get:
      tags:
      - folderManagement
      summary: Get Personal Folder.
      description: Get the personal folder of the current user.
      operationId: getPersonalFolder
      responses:
        '200':
          description: 'The personal folder of the current user.

            '
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Folder'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/global:
    get:
      tags:
      - folderManagement
      summary: Schedule Global View Job
      description: 'Schedule an asynchronous job to get Global View. Global View contains
        all top-level content items that a user has permissions to view in the organization.
        User can traverse the top-level folders using [GetFolder API](#operation/getFolder)
        to get rest of the content items. Make sure you set `isAdminMode` header parameter
        to `true` when traversing top-level items.


        _Global View is not a real folder, therefore there is no folder identifier
        associated with it_.


        _You get back a identifier of asynchronous job in response to this endpoint.
        See [Asynchronous-Request](#section/Getting-Started/Asynchronous-Request)
        section for more details on how to work with asynchronous request._'
      operationId: getGlobalFolderAsync
      parameters:
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: An asynchronous job to get a list of all content items been
            scheduled.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BeginAsyncJobResponse'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/global/{jobId}/status:
    get:
      tags:
      - folderManagement
      summary: Get Global View Job Status
      description: Get the status of an asynchronous Global View job for the given
        job identifier. If job succeeds, use [Global View Result](#operation/getGlobalFolderAsyncResult)
        endpoint to fetch all content items that you have permissions to view.
      operationId: getGlobalFolderAsyncStatus
      parameters:
      - name: jobId
        in: path
        description: The identifier of the asynchronous Global View job.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Asynchronous Global View job status.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncJobStatus'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/global/{jobId}/result:
    get:
      tags:
      - folderManagement
      summary: Get Global View Job Result
      description: Get result of a Global View job for the given job identifier. The
        result will be a list of all content items that a user has permissions to
        view in the organization.
      operationId: getGlobalFolderAsyncResult
      parameters:
      - name: jobId
        in: path
        description: The identifier of the asynchronous Global View job.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: List of all content items with view permission.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ContentList'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/adminRecommended:
    get:
      tags:
      - folderManagement
      summary: Schedule Admin Recommended Folder Job
      description: 'Schedule an asynchronous job to get the top-level Admin Recommended
        content items. You can read more about Admin Recommended folder [here](https://help.sumologic.com/Manage/Content_Sharing/Admin_Mode#move-important-content-to-admin-recommended).


        _You get back a identifier of asynchronous job in response to this endpoint.
        See [Asynchronous-Request](#section/Getting-Started/Asynchronous-Request)
        section for more details on how to work with asynchronous request._'
      operationId: getAdminRecommendedFolderAsync
      parameters:
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: An asynchronous job to get the Admin Recommended folder has
            been scheduled.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BeginAsyncJobResponse'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/adminRecommended/{jobId}/status:
    get:
      tags:
      - folderManagement
      summary: Get Admin Recommended Folder Job Status
      description: Get the status of an asynchronous Admin Recommended folder job
        for the given job identifier. If job succeeds, use [Admin Recommended Job
        Result](#operation/getAdminRecommendedFolderAsyncResult) endpoint to fetch
        top-level content items in Admin Recommended folder.
      operationId: getAdminRecommendedFolderAsyncStatus
      parameters:
      - name: jobId
        in: path
        description: The identifier of the asynchronous Admin Recommended folder job.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Asynchronous Admin Recommended folder job status.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncJobStatus'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/adminRecommended/{jobId}/result:
    get:
      tags:
      - folderManagement
      summary: Get Admin Recommended Folder Job Result
      description: Get result of an Admin Recommended job for the given job identifier.
        The result will be "Admin Recommended" folder with a list of top-level Admin
        Recommended content items in `children` field.
      operationId: getAdminRecommendedFolderAsyncResult
      parameters:
      - name: jobId
        in: path
        description: The identifier of the asynchronous Admin Recommended folder job.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Admin Recommended folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Folder'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/installedApps:
    get:
      tags:
      - folderManagement
      summary: Schedule Installed Apps Folder Job
      description: 'Schedule an asynchronous job to get the top-level Installed Apps
        content items.


        _You get back a identifier of asynchronous job in response to this endpoint.
        See [Asynchronous-Request](#section/Getting-Started/Asynchronous-Request)
        section for more details on how to work with asynchronous request._'
      operationId: getInstalledAppsFolderAsync
      parameters:
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: An asynchronous job to get the Installed Apps folder has been
            scheduled.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BeginAsyncJobResponse'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/installedApps/{jobId}/status:
    get:
      tags:
      - folderManagement
      summary: Get Installed Apps Folder Job Status
      description: Get the status of an asynchronous Installed Apps folder job for
        the given job identifier. If job succeeds, use [Installed Apps Job Result](#operation/getInstalledAppsFolderAsyncResult)
        endpoint to fetch top-level content items in Installed Apps folder.
      operationId: getInstalledAppsFolderAsyncStatus
      parameters:
      - name: jobId
        in: path
        description: The identifier of the asynchronous Installed Apps folder job.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Asynchronous Installed Apps folder job status.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncJobStatus'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/installedApps/{jobId}/result:
    get:
      tags:
      - folderManagement
      summary: Get Installed Apps Folder Job Result
      description: Get result of an Installed Apps job for the given job identifier.
        The result will be "Installed Apps" folder with a list of top-level Installed
        Apps content items in `children` field.
      operationId: getInstalledAppsFolderAsyncResult
      parameters:
      - name: jobId
        in: path
        description: The identifier of the asynchronous Installed Apps folder job.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Installed Apps folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Folder'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/{id}/permissions:
    get:
      tags:
      - contentPermissions
      summary: Get Permissions Of A Content Item
      description: Returns content permissions of a content item with the given identifier.
      operationId: getContentPermissions
      parameters:
      - name: id
        in: path
        description: The identifier of the content item.
        required: true
        schema:
          type: string
      - name: explicitOnly
        in: query
        description: 'There are two permission types: explicit and implicit. Permissions
          specifically assigned to the content item are explicit. Permissions derived
          from a parent content item, like a folder are implicit. To return only explicit
          permissions set this to true.'
        schema:
          type: boolean
          default: false
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: A list of permissions for the requested content item.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ContentPermissionResult'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/{id}/permissions/add:
    put:
      tags:
      - contentPermissions
      summary: Add Permissions To A Content Item.
      description: Add permissions to a content item with the given identifier.
      operationId: addContentPermissions
      parameters:
      - name: id
        in: path
        description: The identifier of the content item.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      requestBody:
        description: New permissions to add to the content item with the given identifier.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ContentPermissionUpdateRequest'
        required: true
      responses:
        '200':
          description: Updated permission object for the requested content item.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ContentPermissionResult'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/{id}/permissions/remove:
    put:
      tags:
      - contentPermissions
      summary: Remove Permissions From A Content Item.
      description: Remove permissions from a content item with the given identifier.
      operationId: removeContentPermissions
      parameters:
      - name: id
        in: path
        description: The identifier of the content item.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      requestBody:
        description: Permissions to remove from a content item with the given identifier.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ContentPermissionUpdateRequest'
        required: true
      responses:
        '200':
          description: Updated permissions for the requested content item.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ContentPermissionResult'
        default:
          description: Operation failed with an error. Check that your request is
            valid.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/path:
    get:
      tags:
      - contentManagement
      summary: Get Content Item By Path.
      description: "Get a content item corresponding to the given path.\n\n_Path is\
        \ specified in the required query parameter `path`. The path should be URL\
        \ encoded._ For example, to get \"Acme Corp\" folder of a user \"user@sumo.com\"\
        \ you can use the following curl command:\n  ```bash\n  curl https://api.sumologic.com/api/v2/content/path?path=/Library/Users/user%40sumo.com/Acme%20Corp\n\
        \  ```\n\n\nThe absolute path to a content item should be specified to get\
        \ the item. The content library has \"Library\" folder at the root level.\
        \ For items in \"Personal\" folder, the base path is \"/Library/Users/user@sumo.com\"\
        \ where \"user@sumo.com\" is the email address of the user. For example if\
        \ a user with email address `wile@acme.com` has `Rockets` folder inside Personal\
        \ folder, the path of Rockets folder will be `/Library/Users/wile@acme.com/Rockets`.\n\
        \nFor items in \"Admin Recommended\" folder, the base path is \"/Library/Admin\
        \ Recommended\". For example, given a folder `Acme` in Admin Recommended folder,\
        \ the path will be `/Library/Admin Recommended/Acme`."
      operationId: getItemByPath
      parameters:
      - name: path
        in: query
        description: Path of the content item to retrieve.
        required: true
        schema:
          type: string
        example: /Library/Users/user@sumo.com/SampleFolder
      responses:
        '200':
          description: Content item corresponding to the given path.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Content'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/{contentId}/path:
    get:
      tags:
      - contentManagement
      summary: Get Path Of An Item.
      description: 'Get full path of a content item with the given identifier.

        '
      operationId: getPathById
      parameters:
      - name: contentId
        in: path
        description: Identifier of the content item to get the path.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Full path of the content item.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ContentPath'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/{id}/export:
    post:
      tags:
      - contentManagement
      summary: Start A Content Export Job.
      description: 'Schedule an _asynchronous_ export of content with the given identifier.
        You will get back an asynchronous job identifier on success. Use the [getAsyncExportStatus](#operation/getAsyncExportStatus)
        endpoint and the job identifier you got back in the response to track the
        status of an asynchronous export job.

        If the content item is a folder, everything under the folder is exported recursively.
        Keep in mind when exporting large folders that there is a limit of 1000 content
        objects that can be exported at once. If you want to import more than 1000
        content objects, then be sure to split the import into batches of 1000 objects
        or less.

        The results from the export are compatible with the Library import feature
        in the Sumo Logic user interface as well as the API content import job.'
      operationId: beginAsyncExport
      parameters:
      - name: id
        in: path
        description: The identifier of the content item to export. Identifiers from
          the Library in the Sumo user interface are provided in decimal format which
          is incompatible with this API. The identifier needs to be in hexadecimal
          format.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: Export job has been scheduled.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BeginAsyncJobResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/{contentId}/export/{jobId}/status:
    get:
      tags:
      - contentManagement
      summary: Content Export Job Status.
      description: Get the status of an asynchronous content export request for the
        given job identifier. On success, use the [getExportResult](#operation/getAsyncExportResult)
        endpoint to get the result of the export job.
      operationId: getAsyncExportStatus
      parameters:
      - name: contentId
        in: path
        description: The identifier of the exported content item.
        required: true
        schema:
          type: string
      - name: jobId
        in: path
        description: The identifier of the asynchronous export job.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: The status of the export job.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncJobStatus'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/{contentId}/export/{jobId}/result:
    get:
      tags:
      - contentManagement
      summary: Content Export Job Result.
      description: Get results from content export job for the given job identifier.
        The results from this export are incompatible with the Library import feature
        in the Sumo user interface.
      operationId: getAsyncExportResult
      parameters:
      - name: contentId
        in: path
        description: The identifier of the exported content item.
        required: true
        schema:
          type: string
      - name: jobId
        in: path
        description: The identifier of the asynchronous job.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: The result of export job.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ContentSyncDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/{folderId}/import:
    post:
      tags:
      - contentManagement
      summary: Start A Content Import Job.
      description: Schedule an asynchronous import of content inside an existing folder
        with the given identifier. Import requests can be used to create or update
        content within a folder. Content items need to have a unique name within their
        folder. If there is already a content item with the same name in the folder,
        you can set the `overwrite` parameter to `true` to overwrite existing content
        items. By default, the `overwrite` parameter is set to `false`, where the
        import will fail if a content item with the same name already exist. Keep
        in mind when importing large folders that there is a limit of 1000 content
        objects that can be imported at once. If you want to import more than 1000
        content objects, then be sure to split the import into batches of 1000 objects
        or less.
      operationId: beginAsyncImport
      parameters:
      - name: folderId
        in: path
        description: The identifier of the folder to import into. Identifiers from
          the Library in the Sumo user interface are provided in decimal format which
          is incompatible with this API. The identifier needs to be in hexadecimal
          format.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      - name: overwrite
        in: query
        description: Set this to "true" to overwrite a content item if the name already
          exists.
        required: false
        schema:
          type: boolean
          default: false
      requestBody:
        description: The content to import.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ContentSyncDefinition'
        required: true
      responses:
        '200':
          description: Import job has been scheduled.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BeginAsyncJobResponse'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/{folderId}/import/{jobId}/status:
    get:
      tags:
      - contentManagement
      summary: Content Import Job Status.
      description: Get the status of a content import job for the given job identifier.
      operationId: getAsyncImportStatus
      parameters:
      - name: folderId
        in: path
        description: The identifier of the folder to import into.
        required: true
        schema:
          type: string
      - name: jobId
        in: path
        description: The identifier of the import request.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: The status of the import job.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncJobStatus'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/folders/{folderId}/import/{jobId}/result:
    get:
      tags:
      - contentManagement
      summary: Content Import Job Result.
      description: Get the complete summary of content import job for the given job
        identifier.
      operationId: getAsyncImportResult
      parameters:
      - name: folderId
        in: path
        description: The identifier of the folder to import into.
        required: true
        schema:
          type: string
      - name: jobId
        in: path
        description: The identifier of the import request.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: The result of the import job.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ImportResult'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/{id}/delete:
    delete:
      tags:
      - contentManagement
      summary: Start A Content Deletion Job.
      description: Start an asynchronous content deletion job with the given identifier.
      operationId: beginAsyncDelete
      parameters:
      - name: id
        in: path
        description: Identifier of the content to delete. Identifiers from the Library
          in the Sumo user interface are provided in decimal format which is incompatible
          with this API. The identifier needs to be in hexadecimal format.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: Deletion job has been scheduled.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BeginAsyncJobResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/{id}/delete/{jobId}/status:
    get:
      tags:
      - contentManagement
      summary: Content Deletion Job Status.
      description: Get the status of an asynchronous content deletion job request
        for the given job identifier.
      operationId: getAsyncDeleteStatus
      parameters:
      - name: id
        in: path
        description: Identifier of the content to delete.
        required: true
        schema:
          type: string
      - name: jobId
        in: path
        description: The identifier of the asynchronous job.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: The status of the content deletion job.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncJobStatus'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/{id}/copy:
    post:
      tags:
      - contentManagement
      summary: Start A Content Copy Job.
      description: Start an asynchronous content copy job with the given identifier
        to the destination folder. If the content item is a folder, everything under
        the folder is copied recursively.
      operationId: beginAsyncCopy
      parameters:
      - name: id
        in: path
        description: The identifier of the content item to copy. Identifiers from
          the Library in the Sumo user interface are provided in decimal format which
          is incompatible with this API. The identifier needs to be in hexadecimal
          format.
        required: true
        schema:
          type: string
      - name: destinationFolder
        in: query
        description: The identifier of the destination folder.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: Content copy job has been scheduled.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BeginAsyncJobResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/{id}/copy/{jobId}/status:
    get:
      tags:
      - contentManagement
      summary: Content Copy Job Status.
      description: 'Get the status of the copy request with the given job identifier.
        On success, field `statusMessage` will contain identifier of the newly copied
        content in format: `id: {hexIdentifier}`.

        '
      operationId: asyncCopyStatus
      parameters:
      - name: id
        in: path
        description: The identifier of the content which was copied.
        required: true
        schema:
          type: string
      - name: jobId
        in: path
        description: The identifier of the asynchronous copy request job.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: The status of the content copy job.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncJobStatus'
              example:
                status: Success
                statusMessage: 'id: 0000000000000197'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/content/{id}/move:
    post:
      tags:
      - contentManagement
      summary: Move An Item.
      description: 'Moves an item from its current location to another folder.

        '
      operationId: moveItem
      parameters:
      - name: destinationFolderId
        in: query
        description: Identifier of the destination folder.
        required: true
        schema:
          type: string
      - name: id
        in: path
        description: Identifier of the item the user wants to move.
        required: true
        schema:
          type: string
      - name: isAdminMode
        in: header
        description: Set this to "true" if you want to perform the request as a Content
          Administrator.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: Content was moved successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/transformationRules:
    get:
      tags:
      - transformationRuleManagement
      summary: Get A List Of Transformation Rules.
      description: Get a list of transformation rules in the organization. The response
        is paginated with a default limit of 100 rules per page.
      operationId: getTransformationRules
      parameters:
      - name: limit
        in: query
        description: Limit the number of transformation rules returned in the response.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
        example: 10
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: List of transformation rules.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TransformationRulesResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - transformationRuleManagement
      summary: Create A New Transformation Rule.
      description: Create a new transformation rule.
      operationId: createRule
      parameters: []
      requestBody:
        description: The configuration of the transformation rule to create.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TransformationRuleRequest'
        required: true
      responses:
        '200':
          description: The transformation rule was successfully created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TransformationRuleResponse'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/transformationRules/{id}:
    get:
      tags:
      - transformationRuleManagement
      summary: Get A Transformation Rule.
      description: Get a transformation rule with the given identifier.
      operationId: getTransformationRule
      parameters:
      - name: id
        in: path
        description: Identifier of transformation rule to return.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Transformation rule object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TransformationRuleResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - transformationRuleManagement
      summary: Update A Transformation Rule.
      description: Update an existing transformation rule. All properties specified
        in the request are replaced. Missing properties will remain the same.
      operationId: updateTransformationRule
      parameters:
      - name: id
        in: path
        description: Identifier of the transformation rule to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update about the transformation rule.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TransformationRuleRequest'
        required: true
      responses:
        '200':
          description: The transformation rule was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TransformationRuleResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - transformationRuleManagement
      summary: Delete A Transformation Rule.
      description: Delete a transformation rule with the given identifier.
      operationId: deleteRule
      parameters:
      - name: id
        in: path
        description: Identifier of the transformation rule to delete.
        required: true
        schema:
          type: string
      responses:
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '204':
          description: The transformation rule was successfully deleted.
  /v1/account/accountOwner:
    get:
      tags:
      - accountManagement
      summary: Get The Owner Of An Account.
      description: Returns the user identifier of the account owner.
      operationId: getAccountOwner
      responses:
        '200':
          description: User identifier of the account owner.
          content:
            application/json:
              schema:
                type: string
              example: 00000000000001E7
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/account/status:
    get:
      tags:
      - accountManagement
      summary: Get Overview Of The Account Status.
      description: Get information related to the account's plan, pricing model, expiration
        and payment status.
      operationId: getStatus
      responses:
        '200':
          description: Overview of the account.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccountStatusResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/account/subdomain:
    get:
      tags:
      - accountManagement
      summary: Get The Configured Subdomain.
      description: Get the configured subdomain.
      operationId: getSubdomain
      responses:
        '200':
          description: The subdomain's definition.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SubdomainDefinitionResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - accountManagement
      summary: Update Account Subdomain.
      description: Update a subdomain. Only the Account Owner can update the subdomain.
      operationId: updateSubdomain
      requestBody:
        description: The new subdomain.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ConfigureSubdomainRequest'
        required: true
      responses:
        '200':
          description: The updated subdomain's definition.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SubdomainDefinitionResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - accountManagement
      summary: Create Account Subdomain.
      description: Create a subdomain. Only the Account Owner can create a subdomain.
      operationId: createSubdomain
      requestBody:
        description: The new subdomain.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ConfigureSubdomainRequest'
        required: true
      responses:
        '200':
          description: Created a new subdomain.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SubdomainDefinitionResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - accountManagement
      summary: Delete The Configured Subdomain.
      description: Delete the configured subdomain.
      operationId: deleteSubdomain
      responses:
        '204':
          description: The subdomain was successfully deleted.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/account/subdomain/recover:
    post:
      tags:
      - accountManagement
      summary: Recover Subdomains For A User.
      description: Send an email with the subdomain information for a user with the
        given email address.
      operationId: recoverSubdomains
      parameters:
      - name: email
        in: query
        description: Email address of the user to get subdomain information.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: An email containing information about associated subdomains
            for the given email was sent.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/account/usage/report:
    post:
      tags:
      - accountManagement
      summary: Export Credits Usage Details As CSV.
      description: Export the credit usage details as csv for the specific period
        of time given as input in the form of a start and end date with a specific
        grouping according to `day`, `week`, `month`, Note that this API will work
        only for credits plan customers.
      operationId: exportUsageReport
      requestBody:
        description: Export Usage Report Request.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UsageReportRequest'
        required: true
      responses:
        '200':
          description: Export Response with Job Id.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UsageReportResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/account/usage/report/{jobId}/status:
    get:
      tags:
      - accountManagement
      summary: Get Report Generation Status.
      description: Get the report download URL and status using Job Id.
      operationId: getStatusForReport
      parameters:
      - name: jobId
        in: path
        description: Job Id for the report to be exported.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Status response containing status and downloadURL if successful.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UsageReportStatusResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/account/usageForecast:
    get:
      tags:
      - accountManagement
      summary: Get Usage Forecast With Respect To Last Number Of Days Specified.
      description: Get usage forecast with respect to last number of days specified.
        If nothing is provided for  last number of days, the average of term period
        will be taken to do the forecast.
      operationId: getUsageForecast
      parameters:
      - name: numberOfDays
        in: query
        description: Number of days to use for calculating average usage and forecast.
        required: false
        schema:
          type: number
      responses:
        '200':
          description: Usage Forecast.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UsageForecastResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/plan/pendingUpdateRequest:
    get:
      tags:
      - accountManagement
      summary: Get The Pending Plan Update Request, If Any.
      description: Get the pending plan update request which will be applicable from
        next billing cycle.
      operationId: getPendingUpdateRequest
      responses:
        '200':
          description: Pending plan update request.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PendingUpdateRequest'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - accountManagement
      summary: Delete The Pending Plan Update Request, If Any.
      description: Delete the pending plan update request which would be applicable
        from next billing cycle.
      operationId: deletePendingUpdateRequest
      responses:
        '204':
          description: Deleted the pending update request.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/organizations/usages:
    post:
      tags:
      - orgsManagement
      summary: Get Usages For Child Orgs.
      description: Get the credits usage details of the child orgs for a parent.
      operationId: getChildUsages
      requestBody:
        description: Details for the usages to be fetched.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ChildUsageDetailsRequest'
      responses:
        '200':
          description: Usage details for the child orgs.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ChildUsageDetailsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/metricsSearches:
    post:
      tags:
      - metricsSearchesManagement
      summary: Save A Metrics Search.
      description: Saves a metrics search in the content library. Metrics search consists
        of one or more queries, a time range, a quantization period and a set of chart
        properties like line width.
      operationId: createMetricsSearch
      parameters: []
      requestBody:
        description: The definition of the metrics search.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SaveMetricsSearchRequest'
        required: true
      responses:
        '200':
          description: Newly created metrics search.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MetricsSearchInstance'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/metricsSearches/{id}:
    get:
      tags:
      - metricsSearchesManagement
      summary: Get A Metrics Search.
      description: Returns a metrics search with the specified identifier.
      operationId: getMetricsSearch
      parameters:
      - name: id
        in: path
        description: Identifier of the metrics search.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: A metrics search object with metadata.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MetricsSearchInstance'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - metricsSearchesManagement
      summary: Updates A Metrics Search.
      description: Updates a metrics search with the specified identifier. Partial
        updates are not supported, you must provide values for all fields.
      operationId: updateMetricsSearch
      parameters:
      - name: id
        in: path
        description: Identifier of the metrics search.
        required: true
        schema:
          type: string
      requestBody:
        description: An updated metrics search definition.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MetricsSearchV1'
        required: true
      responses:
        '200':
          description: The metrics saved search that was updated.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MetricsSearchInstance'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - metricsSearchesManagement
      summary: Deletes A Metrics Search.
      description: Deletes a metrics search from the content library.
      operationId: deleteMetricsSearch
      parameters:
      - name: id
        in: path
        description: Identifier of the metrics search.
        required: true
        schema:
          type: string
      responses:
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '204':
          description: The metrics search was successfully deleted.
  /v1/tokens:
    get:
      tags:
      - tokensLibraryManagement
      summary: Get A List Of Tokens.
      description: Get a list of all tokens in the token library.
      operationId: listTokens
      responses:
        '200':
          description: A list of tokens.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListTokensBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - tokensLibraryManagement
      summary: Create A Token.
      description: Create a token in the token library.
      operationId: createToken
      requestBody:
        description: Information about the token to create.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TokenBaseDefinition'
        required: true
      responses:
        '200':
          description: The token has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TokenBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tokens/{id}:
    get:
      tags:
      - tokensLibraryManagement
      summary: Get A Token.
      description: Get a token with the given identifier in the token library.
      operationId: getToken
      parameters:
      - name: id
        in: path
        description: Identifier of the token to return.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Token object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TokenBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - tokensLibraryManagement
      summary: Update A Token.
      description: Update a token with the given identifier in the token library.
      operationId: updateToken
      parameters:
      - name: id
        in: path
        description: Identifier of the token to update.
        required: true
        schema:
          type: string
      requestBody:
        description: The token to update.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TokenBaseDefinitionUpdate'
        required: true
      responses:
        '200':
          description: The token was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TokenBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - tokensLibraryManagement
      summary: Delete A Token.
      description: Delete a token with the given identifier in the token library.
      operationId: deleteToken
      parameters:
      - name: id
        in: path
        description: Identifier of the token to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The token was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/accessKeys:
    get:
      tags:
      - accessKeyManagement
      summary: List All Access Keys.
      description: List all access keys in your account.
      operationId: listAccessKeys
      parameters:
      - name: limit
        in: query
        description: Limit the number of access keys returned in the response. The
          number of access keys returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: A list of all access keys in your account.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedListAccessKeysResult'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - accessKeyManagement
      summary: Create An Access Key.
      description: "Creates a new access ID and key pair. The new access key can be\
        \ used from the domains specified in corsHeaders field. Whether Sumo Logic\
        \ accepts or rejects an API request depends on whether it contains an ORIGIN\
        \ header and the entries in the allowlist. Sumo Logic will reject:\n  1. Requests\
        \ with an ORIGIN header but the allowlist is empty.\n  2. Requests with an\
        \ ORIGIN header that don't match any entry in the allowlist."
      operationId: createAccessKey
      parameters: []
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AccessKeyCreateRequest'
        required: true
      responses:
        '200':
          description: Access key created successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccessKey'
        default:
          description: Access key creation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/accessKeys/personal:
    get:
      tags:
      - accessKeyManagement
      summary: List Personal Keys.
      description: List all access keys that belong to your user.
      operationId: listPersonalAccessKeys
      responses:
        '200':
          description: A list of all access keys that belong to the user making the
            request.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListAccessKeysResult'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/accessKeys/scopes:
    get:
      tags:
      - accessKeyManagement
      summary: Get All Scopes.
      description: Get a list of all of the scopes that can be added to an access
        key.
      operationId: listScopes
      responses:
        '200':
          description: A list of scopes that can be added to an access key.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScopesList'
        default:
          description: Operation failed with an error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/accessKeys/{id}:
    put:
      tags:
      - accessKeyManagement
      summary: Update An Access Key.
      description: Updates the properties of existing accessKey by accessId. It can
        be used to enable or disable the access key and to update the corsHeaders
        list.
      operationId: updateAccessKey
      parameters:
      - name: id
        in: path
        description: The accessId of the access key to update.
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AccessKeyUpdateRequest'
        required: true
      responses:
        '200':
          description: Access key updated successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccessKeyPublic'
        default:
          description: Access key update failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - accessKeyManagement
      summary: Delete An Access Key.
      description: Deletes the access key with the given accessId.
      operationId: deleteAccessKey
      parameters:
      - name: id
        in: path
        description: The accessId of the access key to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Access key deletion completed successfully.
        default:
          description: Access key deletion failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/accessKeys/{id}/rotate:
    put:
      tags:
      - accessKeyManagement
      summary: Rotate The Access Key Secret
      description: Generates a new secret for the access key that is passed in the
        call, keeping the same access ID.
      operationId: rotateAccessKeySecret
      parameters:
      - name: id
        in: path
        description: The accessId of the access key to rotate the secret for.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Access key secret rotated successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccessKey'
        default:
          description: Access key secret rotation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/saml/identityProviders:
    get:
      tags:
      - samlConfigurationManagement
      summary: Get A List Of SAML Configurations.
      description: Get a list of all SAML configurations in the organization.
      operationId: getIdentityProviders
      responses:
        '200':
          description: A list of SAML configurations in the organization.
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/SamlIdentityProvider'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - samlConfigurationManagement
      summary: Create A New SAML Configuration.
      description: Create a new SAML configuration in the organization.
      operationId: createIdentityProvider
      parameters: []
      requestBody:
        description: The configuration of the SAML identity provider.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SamlIdentityProviderRequest'
        required: true
      responses:
        '200':
          description: The SAML configuration was successfully created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SamlIdentityProvider'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/saml/identityProviders/{id}:
    put:
      tags:
      - samlConfigurationManagement
      summary: Update A SAML Configuration.
      description: Update an existing SAML configuration in the organization.
      operationId: updateIdentityProvider
      parameters:
      - name: id
        in: path
        description: Identifier of the SAML configuration to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update in the SAML configuration.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SamlIdentityProviderRequest'
        required: true
      responses:
        '200':
          description: The SAML configuration was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SamlIdentityProvider'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - samlConfigurationManagement
      summary: Delete A SAML Configuration.
      description: Delete a SAML configuration with the given identifier from the
        organization.
      operationId: deleteIdentityProvider
      parameters:
      - name: id
        in: path
        description: Identifier of the SAML configuration to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The SAML configuration was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/saml/allowlistedUsers:
    get:
      tags:
      - samlConfigurationManagement
      summary: Get List Of Allowlisted Users.
      description: Get a list of allowlisted users.
      operationId: getAllowlistedUsers
      responses:
        '200':
          description: A list of allowlisted users from the organization.
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/AllowlistedUserResult'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/saml/allowlistedUsers/{userId}:
    post:
      tags:
      - samlConfigurationManagement
      summary: Allowlist A User.
      description: Allowlist a user from SAML lockdown allowing them to sign in using
        a password in addition to SAML.
      operationId: createAllowlistedUser
      parameters:
      - name: userId
        in: path
        description: Identifier of the user.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: User was successfully allowlisted.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AllowlistedUserResult'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - samlConfigurationManagement
      summary: Remove An Allowlisted User.
      description: Remove an allowlisted user requiring them to sign in using SAML.
      operationId: deleteAllowlistedUser
      parameters:
      - name: userId
        in: path
        description: Identifier of user that will no longer be allowlisted from SAML
          Lockdown.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: User was successfully removed from the allowlist for SAML Lockdown.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/saml/lockdown/enable:
    post:
      tags:
      - samlConfigurationManagement
      summary: Require SAML For Sign-in.
      description: Enabling SAML lockdown requires users to sign in using SAML preventing
        them from logging in with an email and password.
      operationId: enableSamlLockdown
      responses:
        '204':
          description: SAML lockdown was enabled successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/saml/lockdown/disable:
    post:
      tags:
      - samlConfigurationManagement
      summary: Disable SAML Lockdown.
      description: Disable SAML lockdown for the organization.
      operationId: disableSamlLockdown
      responses:
        '204':
          description: SAML lockdown was disabled successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/saml/identityProviders/{id}/metadata:
    get:
      tags:
      - samlConfigurationManagement
      summary: Get SAML Configuration Metadata XML.
      description: Get metadata XML for a specific SAML configuration within the organization.
      operationId: getSamlMetadata
      parameters:
      - name: id
        in: path
        description: Identifier of the SAML configuration for which metadata should
          be returned.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: A SAML configuration metadata XML within the organization.
          content:
            application/xml:
              schema:
                type: string
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/serviceAllowlist/addresses:
    get:
      tags:
      - serviceAllowlistManagement
      summary: List All Allowlisted CIDRs/IP Addresses.
      description: Get a list of all allowlisted CIDR notations and/or IP addresses
        for the organization.
      operationId: listAllowlistedCidrs
      responses:
        '200':
          description: List of all allowlisted CIDR notations and/or IP addresses
            for the organization.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CidrList'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/serviceAllowlist/addresses/add:
    post:
      tags:
      - serviceAllowlistManagement
      summary: Allowlist CIDRs/IP Addresses.
      description: Add CIDR notations and/or IP addresses to the allowlist of the
        organization if not already there. When service allowlisting functionality
        is enabled, CIDRs/IP addresses that are allowlisted will have access to Sumo
        Logic and/or content sharing.
      operationId: addAllowlistedCidrs
      parameters: []
      requestBody:
        description: List of all CIDR notations and/or IP addresses to be added to
          the allowlist of the organization.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CidrList'
        required: true
      responses:
        '200':
          description: List of all allowlisted CIDR notations and/or IP addresses
            for the organization.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CidrList'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/serviceAllowlist/addresses/remove:
    post:
      tags:
      - serviceAllowlistManagement
      summary: Remove Allowlisted CIDRs/IP Addresses.
      description: Remove allowlisted CIDR notations and/or IP addresses from the
        organization. Removed CIDRs/IPs will immediately lose access to Sumo Logic
        and content sharing.
      operationId: deleteAllowlistedCidrs
      parameters: []
      requestBody:
        description: List of all CIDR notations and/or IP addresses to be removed
          from the allowlist of the organization.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CidrList'
        required: true
      responses:
        '200':
          description: List of all allowlisted CIDR notations and/or IP addresses
            for the organization.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CidrList'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/serviceAllowlist/enable:
    post:
      tags:
      - serviceAllowlistManagement
      summary: Enable Service Allowlisting.
      description: 'Enable service allowlisting functionality for the organization.
        The service allowlisting can be for 1. Login: If enabled, access to Sumo Logic
        is granted only to CIDRs/IP addresses that are allowlisted. 2. Content: If
        enabled, dashboards can be shared with users connecting from CIDRs/IP addresses
        that are allowlisted without logging in.'
      operationId: enableAllowlisting
      parameters:
      - name: allowlistType
        in: query
        description: 'The type of allowlisting to be enabled. It can be one of: `Login`,
          `Content`, or `Both`.'
        required: true
        schema:
          pattern: ^(Login|Content|Both)$
          type: string
          description: 'One of: `Login`, `Content`, `Both`.'
          example: Login
          x-pattern-message: must be `Login`, `Content`, or `Both`
      responses:
        '204':
          description: Service allowlisting was enabled successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/serviceAllowlist/disable:
    post:
      tags:
      - serviceAllowlistManagement
      summary: Disable Service Allowlisting.
      description: Disable service allowlisting functionality for login/API authentication
        or content sharing for the organization.
      operationId: disableAllowlisting
      parameters:
      - name: allowlistType
        in: query
        description: 'The type of allowlisting to be disabled. It can be one of: `Login`,
          `Content`, or `Both`.'
        required: true
        schema:
          pattern: ^(Login|Content|Both)$
          type: string
          description: 'One of: `Login`, `Content`, `Both`.'
          example: Login
          x-pattern-message: must be `Login`, `Content`, or `Both`
      responses:
        '204':
          description: Service allowlisting was disabled successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/serviceAllowlist/status:
    get:
      tags:
      - serviceAllowlistManagement
      summary: Get The Allowlisting Status.
      description: Get the status of the service allowlisting functionality for login/API
        authentication or content sharing for the organization.
      operationId: getAllowlistingStatus
      responses:
        '200':
          description: The status of service allowlisting for Content and Login.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AllowlistingStatus'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/policies/audit:
    get:
      tags:
      - policiesManagement
      summary: Get Audit Policy.
      description: Get the Audit policy. This policy specifies whether audit records
        for your account are enabled. You can access details about reported account
        events in the Sumo Logic Audit Index. [Learn More](https://help.sumologic.com/Manage/Security/Audit-Index)
      operationId: getAuditPolicy
      responses:
        '200':
          description: The Audit policy.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuditPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - policiesManagement
      summary: Set Audit Policy.
      description: Set the Audit policy. This policy specifies whether audit records
        for your account are enabled. You can access details about reported account
        events in the Sumo Logic Audit Index. [Learn More](https://help.sumologic.com/Manage/Security/Audit-Index)
      operationId: setAuditPolicy
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuditPolicy'
        required: true
      responses:
        '200':
          description: Audit policy was set successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuditPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/policies/searchAudit:
    get:
      tags:
      - policiesManagement
      summary: Get Search Audit Policy.
      description: Get the Search Audit policy. This policy specifies whether search
        records for your account are enabled. You can access details about your account's
        search capacity, queries run by users from the Sumo Search Audit Index. [Learn
        More](https://help.sumologic.com/Manage/Security/Search_Audit_Index)
      operationId: getSearchAuditPolicy
      responses:
        '200':
          description: The Search Audit policy.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SearchAuditPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - policiesManagement
      summary: Set Search Audit Policy.
      description: Set the Search Audit policy. This policy specifies whether search
        records for your account are enabled. You can access details about your account's
        search capacity, queries run by users from the Sumo Search Audit Index. [Learn
        More](https://help.sumologic.com/Manage/Security/Search_Audit_Index)
      operationId: setSearchAuditPolicy
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SearchAuditPolicy'
        required: true
      responses:
        '200':
          description: Search Audit policy was set successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SearchAuditPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/policies/shareDashboardsOutsideOrganization:
    get:
      tags:
      - policiesManagement
      summary: Get Share Dashboards Outside Organization Policy.
      description: Get the Share Dashboards Outside Organization policy. This policy
        allows users to share the dashboard with view only privileges outside of the
        organization (capability must be enabled from the Roles page). Disabling this
        policy will disable all dashboards that have been shared outside of the organization.
        [Learn More](https://help.sumologic.com/Visualizations-and-Alerts/Dashboards/Share_Dashboards/Share_a_Dashboard_Outside_Your_Org)
      operationId: getShareDashboardsOutsideOrganizationPolicy
      responses:
        '200':
          description: The Share Dashboards Outside Organization policy.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ShareDashboardsOutsideOrganizationPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - policiesManagement
      summary: Set Share Dashboards Outside Organization Policy.
      description: Set the Share Dashboards Outside Organization policy. This policy
        allows users to share the dashboard with view only privileges outside of the
        organization (capability must be enabled from the Roles page). Disabling this
        policy will disable all dashboards that have been shared outside of the organization.
        [Learn More](https://help.sumologic.com/Visualizations-and-Alerts/Dashboards/Share_Dashboards/Share_a_Dashboard_Outside_Your_Org)
      operationId: setShareDashboardsOutsideOrganizationPolicy
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ShareDashboardsOutsideOrganizationPolicy'
        required: true
      responses:
        '200':
          description: Share Dashboards Outside Organization policy was set successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ShareDashboardsOutsideOrganizationPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/policies/dataAccessLevel:
    get:
      tags:
      - policiesManagement
      summary: Get Data Access Level Policy.
      description: Get the Data Access Level policy. When enabled, this policy sets
        the default data access level for all newly created dashboards to the viewer’s
        role access filter. Otherwise, newly created dashboards will default to the
        sharer’s role access filter and might display data that viewers’ roles don’t
        allow them to view. [Learn More](https://help.sumologic.com/Manage/Security/Data_Access_Level_for_Shared_Dashboards)
      operationId: getDataAccessLevelPolicy
      responses:
        '200':
          description: The Data Access Level policy.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataAccessLevelPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - policiesManagement
      summary: Set Data Access Level Policy.
      description: Set the Data Access Level policy. When enabled, this policy sets
        the default data access level for all newly created dashboards to the viewer’s
        role access filter. Otherwise, newly created dashboards will default to the
        sharer’s role access filter and might display data that viewers’ roles don’t
        allow them to view. [Learn More](https://help.sumologic.com/Manage/Security/Data_Access_Level_for_Shared_Dashboards)
      operationId: setDataAccessLevelPolicy
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DataAccessLevelPolicy'
        required: true
      responses:
        '200':
          description: Data Access Level policy was set successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataAccessLevelPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/policies/userConcurrentSessionsLimit:
    get:
      tags:
      - policiesManagement
      summary: Get User Concurrent Sessions Limit Policy.
      description: Get the User Concurrent Sessions Limit policy. When enabled, the
        number of concurrent sessions a user may have is limited to the value entered.
        If a user exceeds the allowed number of sessions, the user's oldest session
        will be logged out to accommodate the new one. Disabling this policy means
        a user may have an unlimited number of concurrent sessions. [Learn More](https://help.sumologic.com/Manage/Security/Set_a_Limit_for_User_Concurrent_Sessions)
      operationId: getUserConcurrentSessionsLimitPolicy
      responses:
        '200':
          description: The User Concurrent Sessions Limit policy.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserConcurrentSessionsLimitPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - policiesManagement
      summary: Set User Concurrent Sessions Limit Policy.
      description: Set the User Concurrent Sessions Limit policy. When enabled, the
        number of concurrent sessions a user may have is limited to the value entered.
        If a user exceeds the allowed number of sessions, the user's oldest session
        will be logged out to accommodate the new one. Disabling this policy means
        a user may have an unlimited number of concurrent sessions. [Learn More](https://help.sumologic.com/Manage/Security/Set_a_Limit_for_User_Concurrent_Sessions)
      operationId: setUserConcurrentSessionsLimitPolicy
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserConcurrentSessionsLimitPolicy'
        required: true
      responses:
        '200':
          description: User Concurrent Sessions Limit policy was set successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserConcurrentSessionsLimitPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/policies/maxUserSessionTimeout:
    get:
      tags:
      - policiesManagement
      summary: Get Max User Session Timeout Policy.
      description: Get the Max User Session Timeout policy. When enabled, this policy
        sets the maximum web session timeout users are able to configure within their
        user preferences. Users preferences will be updated to match this value only
        if their current preference is set to a higher value. [Learn More](https://help.sumologic.com/Manage/Security/Set_a_Maximum_Web_Session_Timeout)
      operationId: getMaxUserSessionTimeoutPolicy
      responses:
        '200':
          description: The Max User Session Timeout policy.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MaxUserSessionTimeoutPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - policiesManagement
      summary: Set Max User Session Timeout Policy.
      description: Set the Max User Session Timeout policy. When enabled, this policy
        sets the maximum web session timeout users are able to configure within their
        user preferences. Users preferences will be updated to match this value only
        if their current preference is set to a higher value. [Learn More](https://help.sumologic.com/Manage/Security/Set_a_Maximum_Web_Session_Timeout)
      operationId: setMaxUserSessionTimeoutPolicy
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MaxUserSessionTimeoutPolicy'
        required: true
      responses:
        '200':
          description: Max User Session Timeout policy was set successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MaxUserSessionTimeoutPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/policies/accessKeysLifetime:
    get:
      tags:
      - policiesManagement
      summary: Get Access Key Lifetime Policy.
      description: Get access key lifetime policy. This policy defines the maximum
        time an access key has once it has been created or rotated before it must
        be rotated. Otherwise, it will no longer be able to be used. The value 0 represents
        that the access keys will never expire and the time specified can be configured  by
        the organization.
      operationId: getAccessKeysLifetimePolicy
      responses:
        '200':
          description: The Access Key Lifetime Policy.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccessKeysLifetimePolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - policiesManagement
      summary: Set Access Keys Lifetime Policy.
      description: Sets the access keys lifetime policy. By setting this policy, the
        time  an access key has to live before it is expired or must be rotated is
        defined based on the period (default = never) configured for the organization.
        Setting the value to 0 would represent that the access keys never expire.
      operationId: setAccessKeysLifetimePolicy
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AccessKeysLifetimePolicy'
        required: true
      responses:
        '200':
          description: Access Keys Lifetime policy was set successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccessKeysLifetimePolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/policies/dataDeletion:
    get:
      tags:
      - policiesManagement
      summary: Get Data Deletion Policy.
      description: Get the Data Deletion policy. This policy specifies whether users
        are allowed to delete data from Sumo Logic. Disabling this policy prevents
        users from deleting log data. [Learn More](https://help.sumologic.com/Manage/Security/Data_Deletion)
      operationId: getDataDeletionPolicy
      responses:
        '200':
          description: The Data Deletion policy.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataDeletionPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - policiesManagement
      summary: Set Data Deletion Policy.
      description: Set the Data Deletion policy. This policy specifies whether users
        are allowed to delete data from Sumo Logic. Disabling this policy prevents
        users from deleting log data. [Learn More](https://help.sumologic.com/Manage/Security/Data_Deletion)
      operationId: setDataDeletionPolicy
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DataDeletionPolicy'
        required: true
      responses:
        '200':
          description: Data Deletion policy was set successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataDeletionPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/healthEvents:
    get:
      tags:
      - healthEvents
      summary: Get A List Of Health Events.
      description: Get a list of all the unresolved health events in your account.
      operationId: listAllHealthEvents
      parameters:
      - name: limit
        in: query
        description: Limit the number of health events returned in the response. The
          number of health events returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: A paginated list of all the health events.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListHealthEventResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/healthEvents/resources:
    post:
      tags:
      - healthEvents
      summary: Health Events For Specific Resources.
      description: Get a list of all the unresolved events in your account that belong
        to the supplied resource identifiers.
      operationId: listAllHealthEventsForResources
      parameters:
      - name: limit
        in: query
        description: Limit the number of health events returned in the response. The
          number of health events returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      requestBody:
        description: Resource identifiers to request health events from.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ResourceIdentities'
        required: true
      responses:
        '200':
          description: List of all the health events for the specified resources.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListHealthEventResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/archive/{sourceId}/jobs:
    get:
      tags:
      - archiveManagement
      summary: Get Ingestion Jobs For An Archive Source.
      description: Get a list of all the ingestion jobs created on an Archive Source.
        The response is paginated with a default limit of 10 jobs per page.
      operationId: listArchiveJobsBySourceId
      parameters:
      - name: sourceId
        in: path
        description: The identifier of an Archive Source.
        required: true
        schema:
          type: string
          example: 000000000606C009
      - name: limit
        in: query
        description: Limit the number of jobs returned in the response. The number
          of jobs returned may be less than the `limit`.
        required: false
        schema:
          maximum: 100
          minimum: 1
          type: integer
          format: int32
          default: 10
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: A paginated list of ingestion jobs for an Archive Source.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListArchiveJobsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - archiveManagement
      summary: Create An Ingestion Job.
      description: Create an ingestion job to pull data from your S3 bucket.
      operationId: createArchiveJob
      parameters:
      - name: sourceId
        in: path
        description: The identifier of the Archive Source for which the job is to
          be added.
        required: true
        schema:
          type: string
          example: 000000000606C009
      requestBody:
        description: The definition of the ingestion job to create.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateArchiveJobRequest'
        required: true
      responses:
        '200':
          description: The ingestion job was created successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ArchiveJob'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/archive/{sourceId}/jobs/{id}:
    delete:
      tags:
      - archiveManagement
      summary: Delete An Ingestion Job.
      description: Delete an ingestion job with the given identifier from the organization.
        The delete operation is only possible for jobs with a Succeeded or Failed
        status.
      operationId: deleteArchiveJob
      parameters:
      - name: sourceId
        in: path
        description: The identifier of the Archive Source.
        required: true
        schema:
          type: string
      - name: id
        in: path
        description: The identifier of the ingestion job to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The ingestion job was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/archive/jobs/count:
    get:
      tags:
      - archiveManagement
      summary: List Ingestion Jobs For All Archive Sources.
      description: Get a list of all Archive Sources with the count and status of
        ingestion jobs.
      operationId: listArchiveJobsCountPerSource
      parameters: []
      responses:
        '200':
          description: A list of Archive Sources with ingestion jobs.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListArchiveJobsCount'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/logSearches/estimatedUsage:
    post:
      tags:
      - logSearchesEstimatedUsage
      summary: Gets Estimated Usage Details.
      description: 'Gets the estimated volume of data that would be scanned for a
        given log search in the Infrequent data tier.

        '
      operationId: getLogSearchEstimatedUsage
      parameters: []
      requestBody:
        description: The definition of the log search estimated usage.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LogSearchEstimatedUsageRequest'
        required: true
      responses:
        '200':
          description: Log search information along with its estimated usage details.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogSearchEstimatedUsageDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/logSearches/estimatedUsageByTier:
    post:
      tags:
      - logSearchesEstimatedUsage
      summary: Gets Tier Wise Estimated Usage Details.
      description: 'Gets the estimated volume of data that would be scanned for a
        given log search per data tier.

        '
      operationId: getLogSearchEstimatedUsageByTier
      parameters: []
      requestBody:
        description: The definition of the log search estimated usage.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LogSearchEstimatedUsageRequestV2'
        required: true
      responses:
        '200':
          description: Log search information along with its tier wise estimated usage
            details.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogSearchEstimatedUsageByTierDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/logSearches/estimatedUsageByMeteringType:
    post:
      tags:
      - logSearchesEstimatedUsage
      summary: Gets Estimated Usage Details Per Metering Type.
      description: 'Gets the estimated volume of data, per metering type,  that would
        be scanned for running a given log search for a given timerange.

        '
      operationId: getLogSearchEstimatedUsageByMeteringType
      parameters: []
      requestBody:
        description: The definition of the log search estimated usage.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LogSearchEstimatedUsageRequestV3'
        required: true
      responses:
        '200':
          description: Log search information along with its metering type wise estimated
            usage details.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogSearchEstimatedUsageByMeteringTypeDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/logSearches/estimatedUsageByView:
    post:
      tags:
      - logSearchesEstimatedUsage
      summary: Gets Estimated Usage Details Per View.
      description: 'Gets the estimated volume of data, per view,  that would be scanned
        for running a given log search for a given timerange.

        '
      operationId: logSearchesEstimatedUsageByView
      parameters: []
      requestBody:
        description: The definition of the log search estimated usage.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LogSearchEstimatedUsageRequestV3'
        required: true
      responses:
        '200':
          description: Log search information along with its view wise estimated usage
            details.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogSearchEstimatedUsageByViewDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/dashboards:
    get:
      tags:
      - dashboardManagement
      summary: List All Dashboards.
      description: List all dashboards under the Personal folder created by the user
        or under folders viewable by user.
      operationId: listDashboards
      parameters:
      - name: limit
        in: query
        description: Limit the number of dashboard returned in the response. The number
          of dashboards returned may be less than the `limit`.
        required: false
        schema:
          maximum: 100
          minimum: 1
          type: integer
          format: int32
          default: 50
        example: 50
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
        example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
      - name: mode
        in: query
        description: whether to list all viewable dashboards under the folders
        required: false
        schema:
          pattern: ^(createdByUser|allViewableByUser)$
          type: string
          example: createdByUser
          x-pattern-message: Must be `createdByUser` or `allViewableByUser`
        example: createdByUser
      responses:
        '200':
          description: Paginated list of dashboards under the Personal folder created
            by the user.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedDashboards'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - dashboardManagement
      summary: Create A New Dashboard.
      description: Creates a new dashboard.
      operationId: createDashboard
      requestBody:
        description: Information to create the new dashboard.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DashboardRequest'
        required: true
      responses:
        '200':
          description: The dashboard has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Dashboard'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/dashboards/{id}:
    get:
      tags:
      - dashboardManagement
      summary: Get A Dashboard.
      description: Get a dashboard by the given identifier.
      operationId: getDashboard
      parameters:
      - name: id
        in: path
        description: UUID of the dashboard to return.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Dashboard object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Dashboard'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - dashboardManagement
      summary: Update A Dashboard.
      description: Update a dashboard by the given identifier.
      operationId: updateDashboard
      parameters:
      - name: id
        in: path
        description: Identifier of the dashboard to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update on the dashboard.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DashboardRequest'
        required: true
      responses:
        '200':
          description: The dashboard was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Dashboard'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - dashboardManagement
      summary: Delete A Dashboard.
      description: Delete a dashboard by the given identifier.
      operationId: deleteDashboard
      parameters:
      - name: id
        in: path
        description: Identifier of the dashboard to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Dashboard was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/dashboards/reportJobs:
    post:
      tags:
      - dashboardManagement
      summary: Start A Report Job
      description: 'Schedule an asynchronous job to generate a report from a template.
        All items in the template will be included unless specified. See template
        section for more details on individual templates. Reports can be generated
        in Pdf or Png format and exported in various methods (ex. direct download).
        You will get back an asynchronous job identifier on success. Use the [getAsyncReportGenerationStatus](#operation/getAsyncExportStatus)
        endpoint and the job identifier you got back in the response to track the
        status of an asynchronous report generation job.

        '
      operationId: generateDashboardReport
      requestBody:
        description: Request for a report.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GenerateReportRequest'
        required: true
      responses:
        '200':
          description: Export job has been scheduled.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BeginAsyncJobResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/dashboards/reportJobs/{jobId}/status:
    get:
      tags:
      - dashboardManagement
      summary: Get Report Generation Job Status
      description: Get the status of an asynchronous report generation request for
        the given job identifier. On success, use the [getReportGenerationResult](#operation/getAsyncReportGenerationResult)
        endpoint to get the result of the report generation job.
      operationId: getAsyncReportGenerationStatus
      parameters:
      - name: jobId
        in: path
        description: The identifier of the asynchronous report generation job.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: The status of the report generation job.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncJobStatus'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/dashboards/reportJobs/{jobId}/result:
    get:
      tags:
      - dashboardManagement
      summary: Get Report Generation Job Result
      description: Get the result of an asynchronous report generation request for
        the given job identifier.
      operationId: getAsyncReportGenerationResult
      parameters:
      - name: jobId
        in: path
        description: The identifier of the asynchronous report generation job.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: The result of export job.
          content:
            application/pdf:
              schema:
                type: string
                format: binary
            image/png:
              schema:
                type: string
                format: binary
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/dashboards/migrate:
    post:
      tags:
      - dashboardManagement
      summary: Migrate Legacy Dashboards To Dashboards(New)
      description: 'Schedule an asynchronous job to migrate a list of legacy Dashboards
        to Dashboard(New). Once migration is finished, the migrated dashboards will
        be in the same folder as the corresponding legacy Dashboard.

        Note: This feature is in beta and may not support all existing features of
        legacy dashboards.

        '
      operationId: migrateReportToDashboard
      requestBody:
        description: List of legacy dashboard content identifiers.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DashboardMigrationRequest'
        required: true
      responses:
        '200':
          description: Async job identifier to get the status and result of the dashboard
            migration job.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BeginAsyncJobResponseV2'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/dashboards/migrate/preview:
    post:
      tags:
      - dashboardManagement
      summary: Preview Of Migrating Legacy Dashboards To Dashboards(New)
      description: Get a preview of migrating Legacy Dashboards to Dashboard(New)
      operationId: previewMigrateReportToDashboard
      requestBody:
        description: List of content identifiers. Can be folders or classic dashboard.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DashboardMigrationRequest'
        required: true
      responses:
        '200':
          description: Preview of the dashboard migration job.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MigrationPreviewResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/dashboards/migrate/{jobId}/status:
    get:
      tags:
      - dashboardManagement
      summary: Get Dashboard Migration Status.
      description: Get the status of an asynchronous Dashboard Migration job for the
        given job identifier. If job succeeds, use Dashboard Migration Result endpoint
        to see results of the migration.
      operationId: getDashboardMigrationStatus
      parameters:
      - name: jobId
        in: path
        description: The identifier of the asynchronous Dashboard Migration job.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Dashboard migration job status.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncJobStatus'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/dashboards/migrate/{jobId}/result:
    get:
      tags:
      - dashboardManagement
      summary: Get Dashboard Migration Result.
      description: Get the result of an asynchronous Dashboard Migration request for
        the given job identifier.
      operationId: getDashboardMigrationResult
      parameters:
      - name: jobId
        in: path
        description: The identifier of the asynchronous Dashboard Migration job.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Dashboard migration job result.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DashboardMigrationResult'
        default:
          description: The operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/dashboards/reportSchedules:
    get:
      tags:
      - dashboardManagement
      summary: List All Dashboard Report Schedules.
      description: List all dashboard report schedules created by the user.
      operationId: listReportSchedules
      parameters:
      - name: dashboardId
        in: query
        description: UUID of the dashboard that the report shedules are associated
          with.
        required: false
        schema:
          type: string
      - name: limit
        in: query
        description: Limit the number of dashboard report schedules returned in the
          response. The number of dashboard report schedules returned may be less
          than the `limit`.
        required: false
        schema:
          maximum: 100
          minimum: 1
          type: integer
          format: int32
          default: 50
        example: 50
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
        example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
      responses:
        '200':
          description: Paginated list of dashboard report schedules created by the
            user.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedReportSchedules'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - dashboardManagement
      summary: Schedule Dashboard Report
      description: 'Schedule dashboard report to send at a specific date and time.
        The report should be sent as attachment or downloadable URL in one of the
        following notification types: ''Email'', ''AWSLambda'', ''AzureFunctions'',
        ''Datadog'', ''HipChat'', ''Jira'', ''NewRelic'', ''Opsgenie'', ''PagerDuty'',
        ''Slack'', ''MicrosoftTeams'', ''ServiceNow'', ''SumoCloudSOAR'' and ''Webhook''.'
      operationId: createScheduleReport
      requestBody:
        description: Request for scheduling dashboard report.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ReportScheduleRequest'
        required: true
      responses:
        '200':
          description: Dashboard report has been scheduled.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ReportSchedule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/dashboards/reportSchedules/{scheduleId}:
    get:
      tags:
      - dashboardManagement
      summary: Get Dashboard Report Schedule.
      description: Get the schedule of a scheduled dashboard report by the given identifier.
      operationId: getReportSchedule
      parameters:
      - name: scheduleId
        in: path
        description: Identifier of the dashboard report schedule to return.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Dashboard report schedule object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ReportSchedule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - dashboardManagement
      summary: Update Dashboard Report Schedule.
      description: Update the schedule of a scheduled dashboard report by the given
        identifier.
      operationId: updateReportSchedule
      parameters:
      - name: scheduleId
        in: path
        description: identifier of the dashboard report schedule to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Request to update on the dashboard report schedule.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ReportScheduleRequest'
        required: true
      responses:
        '200':
          description: The dashboard report schedule was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ReportSchedule'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - dashboardManagement
      summary: Delete Dashboard Report Schedule.
      description: Delete the schedule of a scheduled dashboard report by the given
        identifier. The scheduled dashboard report will no longer be generated and
        sent.
      operationId: deleteReportSchedule
      parameters:
      - name: scheduleId
        in: path
        description: UUID of the dashboard report schedule to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Dashboard report schedule was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/metricsSearches:
    get:
      tags:
      - metricsSearchesManagementV2
      summary: List All Metrics Search Pages.
      description: List all metrics search pages under the Personal folder created
        by the user or under folders viewable by user.
      operationId: ListMetricsSearches
      parameters:
      - name: limit
        in: query
        description: Limit the number of metric searches returned in the response.
          The number of metric searches returned may be less than the `limit`.
        required: false
        schema:
          maximum: 100
          minimum: 1
          type: integer
          format: int32
          default: 50
        example: 50
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
        example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
      - name: mode
        in: query
        description: whether to list all viewable metric searches under the folders
        required: false
        schema:
          pattern: ^(createdByUser|allViewableByUser)$
          type: string
          example: createdByUser
          x-pattern-message: Must be `createdByUser` or `allViewableByUser`
        example: createdByUser
      responses:
        '200':
          description: Paginated list of metrics search pages under the Personal folder
            created by the user or viewable by user.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedMetricsSearches'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - metricsSearchesManagementV2
      summary: Create A New Metrics Search Page.
      description: Creates a new metrics search page.
      operationId: createMetricsSearches
      requestBody:
        description: Information to create the new metrics search page.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MetricsSearchRequest'
        required: true
      responses:
        '200':
          description: The metrics search page has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MetricsSearchResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/metricsSearches/{id}:
    get:
      tags:
      - metricsSearchesManagementV2
      summary: Get A Metrics Search Page.
      description: Get a metrics search page by the given identifier.
      operationId: getMetricsSearches
      parameters:
      - name: id
        in: path
        description: Unique identifier of the metrics search page to return.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Metrics search page that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MetricsSearchResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - metricsSearchesManagementV2
      summary: Update A Metrics Search Page.
      description: Update a metrics search page by the given identifier.
      operationId: updateMetricsSearches
      parameters:
      - name: id
        in: path
        description: Unique identifier of the metrics search page to return.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update the metrics search page.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MetricsSearchRequest'
        required: true
      responses:
        '200':
          description: The metrics search page was successfully modified.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MetricsSearchResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - metricsSearchesManagementV2
      summary: Delete A Metrics Search Page.
      description: Delete metrics search page by the given identifier.
      operationId: deleteMetricsSearches
      parameters:
      - name: id
        in: path
        description: Unique identifier of the metrics search page to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Metrics search page was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/usageInfo:
    get:
      tags:
      - monitorsLibraryManagement
      summary: Usage Info Of Monitors.
      description: Get the current number and the allowed number of log and metrics
        monitors.
      operationId: getMonitorUsageInfo
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: MonitorUsageInfo has been retrieved successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MonitorUsageInfo'
  /v1/monitors/disable:
    put:
      tags:
      - monitorsLibraryManagement
      summary: Disable Monitors.
      description: Bulk disable monitors by the given identifiers.
      operationId: disableMonitorByIds
      parameters:
      - name: ids
        in: query
        description: A comma-separated list of identifiers.
        required: true
        style: form
        explode: false
        schema:
          type: array
          items:
            type: string
        example: 0000000000000001,0000000000000002,0000000000000003
      responses:
        '200':
          description: Disabled monitors
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DisableMonitorResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/playbooks:
    get:
      tags:
      - monitorsLibraryManagement
      summary: List All Playbooks.
      description: List all playbooks available to run.
      operationId: getMonitorPlaybooks
      parameters:
      - name: playbookType
        in: query
        description: A string value for playbook type.
        required: false
        schema:
          type: string
        example: CSE
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: MonitorPlaybooks have been retrieved successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MonitorPlaybooksList'
  /v1/monitors/playbooksDetails:
    get:
      tags:
      - monitorsLibraryManagement
      summary: Get Playbook Details.
      description: Get the details of the playbooks with the specified identifiers.
      operationId: getPlaybooksDetails
      parameters:
      - name: ids
        in: query
        description: A comma-separated list of playbook identifiers.
        required: true
        style: form
        explode: false
        schema:
          type: array
          items:
            type: string
        example: 649074b5b3d402d6e80b0d1d,649074b7b3d402d6e80b0da1,649074b6b3d402d6e80b0d75
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: MonitorPlaybooks have been retrieved successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MonitorPlaybooksList'
  /v1/slos/sli:
    get:
      tags:
      - slosLibraryManagement
      summary: Bulk Fetch SLI Values, Error Budget Remaining And SLI Computation Status
        For The Current Compliance Period.
      description: Bulk fetch SLI values, error budget remaining and SLI computation
        status for the current compliance period.
      operationId: sli
      parameters:
      - name: ids
        in: query
        description: The identifiers of the SLOs.
        required: true
        schema:
          type: array
          items:
            type: string
        example: 000000000000000A,000000000000000B
      responses:
        '200':
          description: A map containing current status, SLI value and error budget
            remaining corresponding to each SLO id.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IdToSliStatusMap'
        default:
          description: Error getting SLI metrics for the SLO ids.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/slos/usageInfo:
    get:
      tags:
      - slosLibraryManagement
      summary: Usage Info Of SLOs.
      description: Get the current number and the allowed number of log and metrics
        SLOs.
      operationId: getSloUsageInfo
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: SLO Usage Info has been retrieved successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SloUsageInfo'
  /v1/passwordPolicy:
    get:
      tags:
      - passwordPolicy
      summary: Get The Current Password Policy.
      description: Get the current password policy.
      operationId: getPasswordPolicy
      parameters: []
      responses:
        '200':
          description: The current password policy.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordPolicy'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - passwordPolicy
      summary: Update Password Policy.
      description: Update the current password policy.
      operationId: setPasswordPolicy
      parameters: []
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PasswordPolicy'
        required: true
      responses:
        '200':
          description: Password Policy set successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordPolicy'
        default:
          description: Setting the password policy failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/parsers/root:
    get:
      tags:
      - parsersLibraryManagement
      summary: Get The Root Folder In The Library.
      description: 'Get the root folder in the library.

        '
      operationId: getParsersLibraryRoot
      responses:
        '200':
          description: Root folder in the library.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ParsersLibraryFolderResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/parsers:
    get:
      tags:
      - parsersLibraryManagement
      summary: Bulk Read Folders And Parsers.
      description: 'Bulk read folders and parsers by the given identifiers from the
        library.

        '
      operationId: parsersReadByIds
      parameters:
      - name: ids
        in: query
        description: A comma-separated list of identifiers.
        required: true
        schema:
          type: array
          example: 0000000000000001,0000000000000002,0000000000000003
          items:
            type: string
      responses:
        '200':
          description: A map between an identifier and its definition (folder or parser).
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IdToParsersLibraryBaseResponseMap'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - parsersLibraryManagement
      summary: Create A Folder Or Parser.
      description: 'Create a folder or parser.

        '
      operationId: parsersCreate
      parameters:
      - name: parentId
        in: query
        description: Identifier of the parent folder in which to create the folder
          or parser.
        required: true
        schema:
          type: string
      requestBody:
        description: The folder or parser to be created.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ParsersLibraryBase'
        required: true
      responses:
        '200':
          description: Newly created folder or parser.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ParsersLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - parsersLibraryManagement
      summary: Bulk Delete Folders And Parsers.
      description: 'Bulk delete folders and parsers by the given identifiers from
        the library.

        '
      operationId: parsersDeleteByIds
      parameters:
      - name: ids
        in: query
        description: A comma-separated list of identifiers.
        required: true
        schema:
          type: array
          example: 0000000000000001,0000000000000002,0000000000000003
          items:
            type: string
      responses:
        '200':
          description: A map between the deleted identifier and its meta data.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IdToParsersLibraryBaseResponseMap'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/parsers/{id}:
    get:
      tags:
      - parsersLibraryManagement
      summary: Read A Folder Or Parser.
      description: 'Read a folder or parser.

        '
      operationId: parsersReadById
      parameters:
      - name: id
        in: path
        description: Identifier of the folder or parser to read.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Requested folder or parser.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ParsersLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - parsersLibraryManagement
      summary: Update A Folder Or Parser.
      description: 'Update a folder or parser.

        '
      operationId: parsersUpdateById
      parameters:
      - name: id
        in: path
        description: Identifier of the folder or parser to update.
        required: true
        schema:
          type: string
      requestBody:
        description: 'The folder or parser to be updated. Content version must match
          its latest version number in the library. Any staled version will not be
          updated.

          '
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ParsersLibraryBaseUpdate'
        required: true
      responses:
        '200':
          description: Updated folder or parser.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ParsersLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - parsersLibraryManagement
      summary: Delete A Folder Or Parser.
      description: 'Delete a folder or parser.

        '
      operationId: parsersDeleteById
      parameters:
      - name: id
        in: path
        description: Identifier of the folder or parser to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The folder or parser was successfully deleted.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/parsers/{id}/path:
    get:
      tags:
      - parsersLibraryManagement
      summary: Get Full Path Of Folder Or Parser.
      description: 'Get full path of folder or parser.

        '
      operationId: getParsersFullPath
      parameters:
      - name: id
        in: path
        description: Identifier of the folder or parser.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Full path of the folder or parser.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Path'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/parsers/{id}/lock:
    post:
      tags:
      - parsersLibraryManagement
      summary: Lock A Folder Or A Parser.
      description: 'Locking requires the `LockParsers` capability. When an object
        is locked, it can''t be moved or deleted and only the local fields can be
        modified. Locking recursively locks all of the objects children.

        '
      operationId: parsersLockById
      parameters:
      - name: id
        in: path
        description: The id of the folder or parser that needs to be locked.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Updated folder or parser.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ParsersLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/parsers/{id}/unlock:
    post:
      tags:
      - parsersLibraryManagement
      summary: Unlock A Folder Or A Parser.
      description: 'Unlocking requires the `LockParsers` capability. It is only possible
        to unlock the highest locked object in a tree of locked objects. Unlocking
        recursively unlocks all of the objects children.

        '
      operationId: parsersUnlockById
      parameters:
      - name: id
        in: path
        description: The id of the folder or parser that needs to be unlocked.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Updated folder or parser.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ParsersLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/parsers/{id}/move:
    post:
      tags:
      - parsersLibraryManagement
      summary: Move A Folder Or Parser.
      description: 'Move a folder or parser.

        '
      operationId: parsersMove
      parameters:
      - name: id
        in: path
        description: Identifier of the folder or parser to move.
        required: true
        schema:
          type: string
      - name: parentId
        in: query
        description: Identifier of the parent folder to move the folder or parser
          to.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Moved folder or parser.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ParsersLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/parsers/{id}/copy:
    post:
      tags:
      - parsersLibraryManagement
      summary: Copy A Folder Or Parser.
      description: 'Copy a folder or parser.

        '
      operationId: parsersCopy
      parameters:
      - name: id
        in: path
        description: Identifier of the folder or parser to copy.
        required: true
        schema:
          type: string
      requestBody:
        description: "Fields include:\n  1) Identifier of the parent folder to copy\
          \ to.\n  2) Optionally provide a new name.\n  3) Optionally provide a new\
          \ description.\n  4) Optionally set to true if you want to copy and preserved\
          \ the locked status. Requires `LockParsers` capability.\n"
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ContentCopyParams'
        required: true
      responses:
        '200':
          description: Newly copied folder or parser.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ParsersLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/parsers/{id}/export:
    get:
      tags:
      - parsersLibraryManagement
      summary: Export A Folder Or Parser.
      description: Export a folder or parser.
      operationId: parsersExportItem
      parameters:
      - name: id
        in: path
        description: Identifier of the folder or parser to export.
        required: true
        schema:
          type: string
      - name: preserveLock
        in: query
        description: 'Set this to true if you want to export an object and preserve
          the locked status.

          '
        required: false
        schema:
          type: boolean
          default: false
      responses:
        '200':
          description: Exported folder or parser
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ParsersLibraryExportBase'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/parsers/{parentId}/import:
    post:
      tags:
      - parsersLibraryManagement
      summary: Import A Folder Or Parser
      description: 'Import a folder or parser

        '
      operationId: parsersImportItem
      parameters:
      - name: parentId
        in: path
        description: Identifier of the parent folder in which to import the folder
          or parser.
        required: true
        schema:
          type: string
      requestBody:
        description: 'The folder or parser to be imported.

          '
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ParsersLibraryExportBase'
        required: true
      responses:
        '200':
          description: Newly imported folder or parser.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ParsersLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/parsers/path:
    get:
      tags:
      - parsersLibraryManagement
      summary: Read A Folder Or Parser By Its Path.
      description: 'Read a folder or parser by its path.

        '
      operationId: parsersGetByPath
      parameters:
      - name: path
        in: query
        description: The path of the folder or parser.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Requested folder or parser.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ParsersLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/parsers/search:
    get:
      tags:
      - parsersLibraryManagement
      summary: Search For Folders Or Parsers.
      description: Search for a folder or parser in the cloud SIEM parsers library
        structure.
      operationId: parsersSearch
      parameters:
      - name: query
        in: query
        description: "The search query to find folder or parsers. Below is the list\
          \ of different filters with examples:\n  - **createdBy** : Filter by the\
          \ user's identifier who created the content. Example: `createdBy:000000000000968B`.\n\
          \  - **createdBefore** : Filter by the content objects created before the\
          \ given timestamp(in milliseconds). Example: `createdBefore:1457997222`.\n\
          \  - **createdAfter** : Filter by the content objects created after the\
          \ given timestamp(in milliseconds). Example: `createdAfter:1457997111`.\n\
          \  - **modifiedBefore** : Filter by the content objects modified before\
          \ the given timestamp(in milliseconds). Example: `modifiedBefore:1457997222`.\n\
          \  - **modifiedAfter** : Filter by the content objects modified after the\
          \ given timestamp(in milliseconds). Example: `modifiedAfter:1457997111`.\n\
          \  - **type** : Filter by the type of the content object. Example: `type:folder`.\n\
          You can also use multiple filters in one query. For example to search for\
          \ all content objects created by user with identifier 000000000000968B with\
          \ creation timestamp after 1457997222 containing the text Test, the query\
          \ would look like:\n  `createdBy:000000000000968B createdAfter:1457997222\
          \ Test`"
        required: true
        schema:
          type: string
          example: createdBy:000000000000968B Test
      - name: limit
        in: query
        description: Maximum number of items you want in the response.
        required: false
        schema:
          type: integer
          format: int32
          example: 10
          default: 100
      - name: offset
        in: query
        description: The position or row from where to start the search operation.
        required: false
        schema:
          type: integer
          format: int32
          example: 5
          default: 0
      responses:
        '200':
          description: List of folders and parsers matching the search query.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListParsersLibraryItemWithPath'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/system/parsers/{id}/lock:
    post:
      tags:
      - parsersLibraryManagement
      summary: Lock A Folder Or A Parser.
      description: 'Locking requires the `LockParsers` capability. When an object
        is locked, it can''t be moved or deleted and only the local fields can be
        modified. Locking recursively locks all of the objects children.

        '
      operationId: systemParsersLockById
      parameters:
      - name: id
        in: path
        description: The id of the folder or parser that needs to be locked.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Updated folder or parser.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ParsersLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/system/parsers/{id}/unlock:
    post:
      tags:
      - parsersLibraryManagement
      summary: Unlock A Folder Or A Parser.
      description: 'Unlocking requires the `LockParsers` capability. It is only possible
        to unlock the highest locked object in a tree of locked objects. Unlocking
        recursively unlocks all of the objects children.

        '
      operationId: systemParsersUnlockById
      parameters:
      - name: id
        in: path
        description: The id of the folder or parser that needs to be unlocked.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Updated folder or parser.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ParsersLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/serviceAccounts:
    get:
      tags:
      - serviceAccountManagement
      summary: Get A List Of Service Accounts.
      description: Get a list of all service accounts in the organization.
      operationId: listServiceAccounts
      responses:
        '200':
          description: A list of service accounts in the organization.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListServiceAccountModelsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - serviceAccountManagement
      summary: Create A New Service Account.
      description: Create a new service account in the organization.
      operationId: createServiceAccount
      parameters: []
      requestBody:
        description: Information about the new service account.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateServiceAccountDefinition'
        required: true
      responses:
        '200':
          description: A service account has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ServiceAccountModel'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/serviceAccounts/{id}:
    get:
      tags:
      - serviceAccountManagement
      summary: Get A Service Account.
      description: Get a service account with the given identifier from the organization.
      operationId: getServiceAccount
      parameters:
      - name: id
        in: path
        description: Identifier of service account to return.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Service account object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ServiceAccountModel'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - serviceAccountManagement
      summary: Update A Service Account.
      description: Update an existing service account in the organization.
      operationId: updateServiceAccount
      parameters:
      - name: id
        in: path
        description: Identifier of the service account to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Information to update about the service account.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateServiceAccountDefinition'
        required: true
      responses:
        '200':
          description: The service account was successfully updated.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ServiceAccountModel'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - serviceAccountManagement
      summary: Delete A Service Account.
      description: Delete a service account with the given identifier from the organization
        and transfer its content to a user or  a service account with the identifier
        specified in "transferTo".
      operationId: deleteServiceAccount
      parameters:
      - name: id
        in: path
        description: Identifier of the service account to delete.
        required: true
        schema:
          type: string
      - name: transferTo
        in: query
        description: Identifier of a user/service account to receive the transfer
          of content from the deleted service account. <br> **Note:** If `deleteContent`
          is not set to `true`, and no user identifier is specified in `transferTo`,
          content from the deleted service account is transferred to the executing
          user.
        required: false
        schema:
          type: string
      - name: deleteContent
        in: query
        description: Whether to delete content from the deleted service account or
          not. <br> **Warning:** If `deleteContent` is set to `true`, all of the content
          for the service account being  deleted is permanently deleted and cannot
          be recovered.
        required: false
        schema:
          type: boolean
      responses:
        '204':
          description: Service account was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/serviceAccounts/{serviceAccountId}/accessKeys:
    get:
      tags:
      - serviceAccountManagement
      summary: List Access Keys For A Service Account.
      description: List all access keys of a service account.
      operationId: listAccessKeysForServiceAccount
      parameters:
      - name: serviceAccountId
        in: path
        description: Identifier of the service account.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: A list of all access keys within the organization of a service
            account.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListAccessKeysResult'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - serviceAccountManagement
      summary: Create A New Access Key For A Service Account.
      description: Creates a new access ID and key pair for a service account.
      operationId: createAccessKeyForServiceAccount
      parameters:
      - name: serviceAccountId
        in: path
        description: Identifier of the service account.
        required: true
        schema:
          type: string
      requestBody:
        description: Information about the new access key of a service account.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AccessKeyCreateRequest'
        required: true
      responses:
        '200':
          description: The access key has been created for a service account.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccessKey'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/serviceAccounts/{serviceAccountId}/accessKeys/{accessId}:
    get:
      tags:
      - serviceAccountManagement
      summary: Get An Access Key Of A Service Account.
      description: Get an access key with the given identifier from the organization
        of a service account.
      operationId: getAccessKeyByIdOfAServiceAccount
      parameters:
      - name: serviceAccountId
        in: path
        description: Identifier of the service account.
        required: true
        schema:
          type: string
      - name: accessId
        in: path
        description: Identifier of an access key to return.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Access key object that was requested of a service account.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccessKeyPublic'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - serviceAccountManagement
      summary: Update An Access Key Of A Service Account.
      description: Updates the properties of existing accessKey by Id of a service
        account.
      operationId: updateAccessKeyOfAServiceAccount
      parameters:
      - name: serviceAccountId
        in: path
        description: Identifier of the service account.
        required: true
        schema:
          type: string
      - name: accessId
        in: path
        description: The id of an access key to update of a service account.
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AccessKeyUpdateRequest'
        required: true
      responses:
        '200':
          description: Access key of a service account updated successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccessKeyPublic'
        default:
          description: Access key updation of a service account failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - serviceAccountManagement
      summary: Delete An Access Key Of A Service Account.
      description: Deletes the access key with the given Id of a service account.
      operationId: deleteAccessKeyOfAServiceAccount
      parameters:
      - name: serviceAccountId
        in: path
        description: Identifier of the service account.
        required: true
        schema:
          type: string
      - name: accessId
        in: path
        description: The Id of the access key to delete of a service account.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Access key deletion of a service account completed successfully.
        default:
          description: Access key deletion of a service account failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/oauth/scopes:
    get:
      tags:
      - oauthManagement
      summary: Get All Scopes.
      description: '** Only available to Beta customers. During Beta endpoints are
        subject to backwards incompatible changes. **


        Get a list of all of the scopes that can be added to an oauth client.'
      operationId: listOAuthScopes
      responses:
        '200':
          description: A list of scopes that can be added to an oauth client.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScopesList'
        default:
          description: Operation failed with an error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/oauth/clients:
    get:
      tags:
      - oauthManagement
      summary: List The OAuth Clients.
      description: '** Only available to Beta customers. During Beta endpoints are
        subject to backwards incompatible changes. **


        List all OAuth clients.'
      operationId: listOAuthClients
      parameters:
      - name: limit
        in: query
        description: Limit the number of OAuth clients returned in the response. The
          number of OAuth clients returned may be  less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is  returned in the response body. Subsequent
          GET requests should specify the continuation token to get the  next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      - name: runAsId
        in: query
        description: Identifier of the service account that the OAuth Client runs
          as.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: A list of all OAuth clients within the organization.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedListOAuthClientsResult'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - oauthManagement
      summary: Create A New OAuth Client.
      description: '** Only available to Beta customers. During Beta endpoints are
        subject to backwards incompatible changes. **


        Creates a new OAuth clientId and clientSecret.'
      operationId: createOAuthClient
      requestBody:
        description: Information about the new OAuth client.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OAuthClientCreateRequest'
        required: true
      responses:
        '200':
          description: The OAuth client has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuthClientWithSecret'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/oauth/clients/{clientId}:
    get:
      tags:
      - oauthManagement
      summary: Get An OAuth Client.
      description: '** Only available to Beta customers. During Beta endpoints are
        subject to backwards incompatible changes. **


        Get an OAuth client with the given identifier from the organization.'
      operationId: getOAuthClientById
      parameters:
      - name: clientId
        in: path
        description: Identifier of an OAuth client to return.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: OAuth client object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuthClient'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - oauthManagement
      summary: Update An OAuth Client.
      description: '** Only available to Beta customers. During Beta endpoints are
        subject to backwards incompatible changes. **


        Updates the properties of existing OAuth client by Id.'
      operationId: updateOAuthClient
      parameters:
      - name: clientId
        in: path
        description: The id of an OAuth client to update.
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OAuthClientUpdateRequest'
        required: true
      responses:
        '200':
          description: OAuth client updated successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuthClient'
        default:
          description: OAuth client update failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - oauthManagement
      summary: Delete An OAuth Client.
      description: '** Only available to Beta customers. During Beta endpoints are
        subject to backwards incompatible changes. **


        Deletes the OAuth client with the given Id.'
      operationId: deleteOAuthClient
      parameters:
      - name: clientId
        in: path
        description: The Id of the OAuth client to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: OAuth client deletion completed successfully.
        default:
          description: OAuth client deletion failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/oauth/clients/{clientId}/rotate:
    put:
      tags:
      - oauthManagement
      summary: Rotate The Oauth Client Secret
      description: Generates a new secret for the oauth client that is passed in the
        call, keeping the same client ID.
      operationId: rotateOauthSecret
      parameters:
      - name: clientId
        in: path
        description: The ID of the oauth client to rotate the secret for.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: OAuth client secret rotated successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuthClientWithSecret'
        default:
          description: Oauth client secret rotation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/oauth/consents:
    get:
      tags:
      - oauthManagement
      summary: List OAuth Consents.
      description: Get a list of OAuth consents within the organization. Administrators
        can list all consents, while others can only list consents that they have
        authorized.
      operationId: listOAuthConsents
      parameters:
      - name: limit
        in: query
        description: Limit the number of consents returned in the response.
        required: false
        schema:
          maximum: 10000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results.
        required: false
        schema:
          type: string
      - name: authorizedUser
        in: query
        description: Filter consents by the identifier of the user who authorized
          the consent.
        required: false
        schema:
          type: string
      - name: clientId
        in: query
        description: Filter consents by the clientId of a registered OAuth client.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: A list of OAuth consents.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedListOAuthConsentsResult'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/oauth/consents/{consentId}:
    delete:
      tags:
      - oauthManagement
      summary: Delete An OAuth Consent.
      description: Deletes the OAuth consent with the given Id.
      operationId: deleteOAuthConsent
      parameters:
      - name: consentId
        in: path
        description: The ID of the OAuth consent to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: OAuth consent deletion completed successfully.
        default:
          description: OAuth consent deletion failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/scim/Users:
    get:
      tags:
      - scimUserManagement
      summary: List SCIM Users
      description: Retrieves a list of users in the SCIM system, with optional pagination
      operationId: listSCIMUsers
      parameters:
      - name: startIndex
        in: query
        description: The index of the first result to return. Defaults to 1 if not
          specified, a value less than 1 SHALL be interpreted as 1
        required: false
        schema:
          minimum: 1
          type: integer
          format: int32
          default: 1
      - name: count
        in: query
        description: The maximum number of results to return. Defaults to 100
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          default: 100
      - name: filter
        in: query
        description: Find user with the given email address
        required: false
        schema:
          minLength: 1
          type: string
          example: emails.value eq "john@doe.com"
      - name: sortOrder
        in: query
        description: The sort order. Use "ascending" or "descending"
        required: false
        schema:
          type: string
          example: descending
          enum:
          - ascending
          - descending
      - name: sortBy
        in: query
        description: Sort the list of users by the `givenName`, `familyName`, or `emails`
          field
        required: false
        schema:
          type: string
          example: givenName
      responses:
        '200':
          description: A paginated list of users in the organization
          content:
            application/scim+json:
              schema:
                $ref: '#/components/schemas/ListSCIMUserModelsResponse'
            application/json:
              schema:
                $ref: '#/components/schemas/ListSCIMUserModelsResponse'
        default:
          description: Operation failed with an error
          content:
            application/scim+json:
              schema:
                $ref: '#/components/schemas/ErrorResponseScim'
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponseScim'
    post:
      tags:
      - scimUserManagement
      summary: Create SCIM User
      description: Creates a new user in the SCIM system
      operationId: createSCIMUser
      requestBody:
        content:
          application/scim+json:
            schema:
              $ref: '#/components/schemas/SCIMCreateUserDefinition'
          application/json:
            schema:
              $ref: '#/components/schemas/ListSCIMUserModelsResponse'
        required: true
      responses:
        '201':
          description: The user has been created successfully
          content:
            application/scim+json:
              schema:
                $ref: '#/components/schemas/SCIMUserModel'
            application/json:
              schema:
                $ref: '#/components/schemas/SCIMUserModel'
        default:
          description: Operation failed with an error
          content:
            application/scim+json:
              schema:
                $ref: '#/components/schemas/ErrorResponseScim'
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponseScim'
  /v1/scim/Users/{id}:
    get:
      tags:
      - scimUserManagement
      summary: Get A SCIM User
      description: Fetches the details of a SCIM user by their unique identifier
      operationId: getSCIMUserById
      parameters:
      - name: id
        in: path
        description: Unique identifier of the SCIM user
        required: true
        schema:
          type: string
      responses:
        '200':
          description: User details retrieved successfully
          content:
            application/scim+json:
              schema:
                $ref: '#/components/schemas/SCIMUserModel'
            application/json:
              schema:
                $ref: '#/components/schemas/SCIMUserModel'
        default:
          description: Operation failed with an error
          content:
            application/scim+json:
              schema:
                $ref: '#/components/schemas/ErrorResponseScim'
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponseScim'
    put:
      tags:
      - scimUserManagement
      summary: Update SCIM User
      description: Updates an existing user's attributes in the SCIM system
      operationId: updateSCIMUser
      parameters:
      - name: id
        in: path
        description: Unique identifier of the SCIM user
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/scim+json:
            schema:
              $ref: '#/components/schemas/SCIMUpdateUserDefinition'
          application/json:
            schema:
              $ref: '#/components/schemas/ListSCIMUserModelsResponse'
        required: true
      responses:
        '200':
          description: The user has been updated successfully
          content:
            application/scim+json:
              schema:
                $ref: '#/components/schemas/SCIMUserModel'
            application/json:
              schema:
                $ref: '#/components/schemas/SCIMUserModel'
        default:
          description: Operation failed with an error
          content:
            application/scim+json:
              schema:
                $ref: '#/components/schemas/ErrorResponseScim'
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponseScim'
    delete:
      tags:
      - scimUserManagement
      summary: Delete SCIM User
      description: Deletes a SCIM user by their unique identifier
      operationId: deleteSCIMUserById
      parameters:
      - name: id
        in: path
        description: Unique identifier of the SCIM user to delete
        required: true
        schema:
          type: string
      responses:
        '204':
          description: User was deleted successfully
        default:
          description: Operation failed with an error
          content:
            application/scim+json:
              schema:
                $ref: '#/components/schemas/ErrorResponseScim'
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponseScim'
    patch:
      tags:
      - scimUserManagement
      summary: Update SCIM User Attributes
      description: Updates specific attributes of an existing user in the SCIM system
      operationId: patchSCIMUser
      parameters:
      - name: id
        in: path
        description: Unique identifier of the SCIM user
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/scim+json:
            schema:
              $ref: '#/components/schemas/SCIMPatchUserDefinition'
          application/json:
            schema:
              $ref: '#/components/schemas/ListSCIMUserModelsResponse'
        required: true
      responses:
        '200':
          description: The user attributes updated successfully
          content:
            application/scim+json:
              schema:
                $ref: '#/components/schemas/SCIMUserModel'
            application/json:
              schema:
                $ref: '#/components/schemas/SCIMUserModel'
        default:
          description: Operation failed with an error
          content:
            application/scim+json:
              schema:
                $ref: '#/components/schemas/ErrorResponseScim'
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponseScim'
  /v1/metricsQueries:
    post:
      tags:
      - metricsQuery
      summary: Run Metrics Queries
      description: Execute multiple metrics queries. Limits of this API are described
        in [Metrics Query Error Messages](https://help.sumologic.com/docs/metrics/metrics-queries/metric-query-error-messages/).
        For general information about Metrics Queries see [Metrics Queries](https://help.sumologic.com/docs/metrics/metrics-queries/).
      operationId: runMetricsQueries
      parameters: []
      requestBody:
        description: The parameters for the metrics query.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MetricsQueryRequest'
        required: true
      responses:
        '200':
          description: A set of time series grouped by the query.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MetricsQueryResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/tracequery:
    post:
      tags:
      - traces
      summary: Run A Trace Search Query Asynchronously.
      description: Execute a trace search query and get the id to fetch its status
        and results. Use the [Trace Query Status](#operation/getTraceQueryStatus)
        endpoint to check a query status. When the query has been completed, use the
        [Trace Query Result](#operation/getTraceQueryResult) endpoint to get the result
        of the asynchronous query.
      operationId: createTraceQuery
      parameters: []
      requestBody:
        description: Query parameters.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AsyncTraceQueryRequest'
        required: true
      responses:
        '200':
          description: Query execution result.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CreateTraceQueryResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/tracequery/{queryId}:
    delete:
      tags:
      - traces
      summary: Cancel A Trace Search Query.
      description: Cancel a currently processed trace search query with the given
        id.
      operationId: cancelTraceQuery
      parameters:
      - name: queryId
        in: path
        description: Identifier of the query to cancel.
        required: true
        schema:
          type: string
          example: 798a13dc1ceeb19a
      responses:
        '204':
          description: Query canceled successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/tracequery/{queryId}/status:
    get:
      tags:
      - traces
      summary: Get A Trace Search Query Status.
      description: Get a status of a trace query with the given id. When the query
        has been completed, use the [Trace Query Result](#operation/getTraceQueryResult)
        endpoint to get the result of the asynchronous query.
      operationId: getTraceQueryStatus
      parameters:
      - name: queryId
        in: path
        description: Identifier of the executed query.
        required: true
        schema:
          type: string
          example: 195038749d21ad109242c95cbbc8709d
      responses:
        '200':
          description: Status of the given trace search query.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TraceQueryStatusResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/tracequery/{queryId}/rows/{rowId}/traces:
    get:
      tags:
      - traces
      summary: Get Results Of A Trace Search Query.
      description: Get a list of traces matching a query with the specified id. The
        response is paginated with a default limit of 100 traces per page.
      operationId: getTraceQueryResult
      parameters:
      - name: queryId
        in: path
        description: Identifier of the executed query.
        required: true
        schema:
          type: string
          example: 195038749d21ad109242c95cbbc8709d
      - name: rowId
        in: path
        description: Identifier of the query row.
        required: true
        schema:
          type: string
          example: A
      - name: limit
        in: query
        description: Limit of the number of traces returned in the response.
        required: false
        schema:
          maximum: 500
          minimum: 1
          type: integer
          format: int32
          example: 100
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
          example: dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI
      responses:
        '200':
          description: Details about the given span query.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TraceQueryResultResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/metrics:
    get:
      tags:
      - traces
      summary: Get Trace Search Query Metrics.
      description: Get a list of available trace metrics that can be used in trace
        search queries.
      operationId: getMetrics
      parameters: []
      responses:
        '200':
          description: List of available metrics.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TraceMetricsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/tracequery/fields:
    get:
      tags:
      - traces
      summary: Get Filter Fields For Trace Search Queries.
      description: Get a list of available fields which can be used in trace search
        queries.
      operationId: getTraceQueryFields
      parameters: []
      responses:
        '200':
          description: List of available fields.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TraceFieldsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/tracequery/fields/{field}/values:
    get:
      tags:
      - traces
      summary: Get Trace Search Query Filter Field Values.
      description: Get a list of available values for the given trace search query
        filter field. Not all fields support value listing. The response is paginated
        with a default limit of 10 values per page.
      operationId: getTraceQueryFieldValues
      parameters:
      - name: field
        in: path
        description: Field identifier.
        required: true
        schema:
          type: string
      - name: query
        in: query
        description: Search filter to apply on the values to be returned. Only values
          containing the search query term will be returned.
        required: false
        schema:
          type: string
      - name: limit
        in: query
        description: The maximum number of results to fetch.
        required: false
        schema:
          maximum: 500
          minimum: 1
          type: integer
          format: int32
          default: 10
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      - name: fieldType
        in: query
        description: 'Indicates the kind of a field. Possible values: `SpanAttribute`,
          `SpanEventAttribute`.'
        required: false
        schema:
          pattern: ^(SpanAttribute|SpanEventAttribute)$
          type: string
          example: SpanEventAttribute
          x-pattern-message: 'Should be one of: `SpanAttribute`, `SpanEventAttribute`.'
      responses:
        '200':
          description: List of available filter values for the given field.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TraceFieldValuesResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/traces/{traceId}:
    get:
      tags:
      - traces
      summary: Get Trace Details.
      description: Get details of a trace with the given identifier.
      operationId: getTrace
      parameters:
      - name: traceId
        in: path
        description: Identifier of the trace to get the details.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Details of the trace with the given identifier.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TraceDetail'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/traces/{traceId}/exists:
    get:
      tags:
      - traces
      summary: Check If The Trace Exists.
      description: Check if the trace with the given identifier exists.
      operationId: traceExists
      parameters:
      - name: traceId
        in: path
        description: Identifier of the trace to check.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: The response contains the information whether the trace exists
            with other optional attributes.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TraceExistsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/traces/{traceId}/spans:
    get:
      tags:
      - traces
      summary: Get A List Of Trace Spans.
      description: Get a list of spans for the given trace. The response is paginated
        with a default limit of 100 spans per page.
      operationId: getSpans
      parameters:
      - name: traceId
        in: path
        description: Identifier of the trace to get the spans.
        required: true
        schema:
          type: string
      - name: limit
        in: query
        description: The maximum number of results to fetch.
        required: false
        schema:
          maximum: 500
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: List of spans for the given trace.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TraceSpansResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/traces/{traceId}/traceEvents:
    get:
      tags:
      - traces
      summary: Get A List Of Events (without Their Attributes) Per Span For A Trace.
      description: Gets a list of the events (without their attributes) attached to
        each span in a given trace. The response is paginated with a default limit
        of 100 spans per page.
      operationId: getTraceLightEvents
      parameters:
      - name: traceId
        in: path
        description: Identifier of the trace for which span events will be returned.
        required: true
        schema:
          maxLength: 32
          minLength: 16
          type: string
          example: 695068749d21cd104222a95cabc4707c
      - name: limit
        in: query
        description: The maximum number of spans with events returned by a single
          query.
        required: false
        schema:
          maximum: 500
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
          example: dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI
      responses:
        '200':
          description: Map of spans to events relations.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TraceLightEventsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/traces/{traceId}/criticalPath:
    get:
      tags:
      - traces
      summary: Get A Critical Path Of A Trace.
      description: Get a list of span segments composing the critical path of the
        trace. A span segment represents the processing time that was consumed within
        the span itself and does not incorporate the processing time of its children.
        The critical path is the sequence of span segments that contribute to the
        total trace duration. An increase of the processing time of any segment from
        the critical path would result in an increase of the total trace processing
        time.
      operationId: getCriticalPath
      parameters:
      - name: traceId
        in: path
        description: Identifier of the trace.
        required: true
        schema:
          type: string
      - name: limit
        in: query
        description: The maximum number of results to fetch.
        required: false
        schema:
          maximum: 500
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: List of span segments composing the critical path.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CriticalPathResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/traces/{traceId}/criticalPath/breakdown/service:
    get:
      tags:
      - traces
      summary: Get A Critical Path Service Breakdown Of A Trace.
      description: Get a critical path breakdown by services of the spans contributing
        to the critical path of a trace with the given identifier.
      operationId: getCriticalPathServiceBreakdown
      parameters:
      - name: traceId
        in: path
        description: Identifier of the trace.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: List of elements representing the critical path service breakdown.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CriticalPathServiceBreakdownResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/traces/{traceId}/spans/{spanId}:
    get:
      tags:
      - traces
      summary: Get Span Details.
      description: Get details of a span with the given identifier.
      operationId: getSpan
      parameters:
      - name: traceId
        in: path
        description: Identifier of the trace the span belongs to.
        required: true
        schema:
          type: string
      - name: spanId
        in: path
        description: Identifier of the span to get the details.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Details of the span with the given identifier.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TraceSpanDetail'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/traces/{traceId}/spans/{spanId}/billingInfo:
    get:
      tags:
      - traces
      summary: Get Span Billing Details.
      description: Get the billing information of the span.
      operationId: getSpanBillingInfo
      parameters:
      - name: traceId
        in: path
        description: Identifier of the trace the span belongs to.
        required: true
        schema:
          type: string
      - name: spanId
        in: path
        description: Identifier of the span to get the billing info.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Billing information of the span with the given identifier.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TraceSpanBillingInfo'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/spanquery:
    post:
      tags:
      - spanAnalytics
      summary: Run A Span Analytics Query Asynchronously.
      description: Execute a span analytics query and get the id to fetch its status
        and results. Use the [Span Query Status](#operation/getSpanQueryStatus) endpoint
        to check a query status. When the query has been completed, use the [Span
        Query Result](#operation/getSpanQueryResult) endpoint to get the result of
        the asynchronous query.
      operationId: createSpanQuery
      parameters: []
      requestBody:
        description: Query parameters.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SpanQueryRequest'
        required: true
      responses:
        '200':
          description: Query execution result.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SpanQueryResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/spanquery/{queryId}:
    delete:
      tags:
      - spanAnalytics
      summary: Cancel A Span Analytics Query.
      description: Cancel a currently processed span search query with the given id.
      operationId: cancelSpanQuery
      parameters:
      - name: queryId
        in: path
        description: Identifier of the query to cancel.
        required: true
        schema:
          type: string
          example: 195038749d21ad109242c95cbbc8709d
      responses:
        '204':
          description: Query canceled successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/spanquery/{queryId}/status:
    get:
      tags:
      - spanAnalytics
      summary: Get A Span Analytics Query Status.
      description: Get a status of a span analytics query with the given id. When
        the query has been completed, use the [Span Query Result](#operation/getSpanQueryResult)
        endpoint to get the result of the asynchronous query.
      operationId: getSpanQueryStatus
      parameters:
      - name: queryId
        in: path
        description: Identifier of the executed query.
        required: true
        schema:
          type: string
          example: 195038749d21ad109242c95cbbc8709d
      responses:
        '200':
          description: Details about the given span query.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SpanQueryStatusResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/spanquery/{queryId}/pause:
    put:
      tags:
      - spanAnalytics
      summary: Pause A Span Analytics Query.
      description: Pause a currently processed span search query with the given id.
      operationId: pauseSpanQuery
      parameters:
      - name: queryId
        in: path
        description: Identifier of the query to pause.
        required: true
        schema:
          type: string
          example: 195038749d21ad109242c95cbbc8709d
      responses:
        '204':
          description: Query paused successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/spanquery/{queryId}/resume:
    put:
      tags:
      - spanAnalytics
      summary: Resume A Span Analytics Query.
      description: Resume a previously paused span search query with the given id.
      operationId: resumeSpanQuery
      parameters:
      - name: queryId
        in: path
        description: Identifier of the query to resume.
        required: true
        schema:
          type: string
          example: 195038749d21ad109242c95cbbc8709d
      responses:
        '204':
          description: Query resumed successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/spanquery/{queryId}/rows/{rowId}/spans:
    get:
      tags:
      - spanAnalytics
      summary: Get Results Of A Span Analytics Query.
      description: Get a list of spans matching a query with the specified id. The
        response is paginated with a default limit of 100 spans per page.
      operationId: getSpanQueryResult
      parameters:
      - name: queryId
        in: path
        description: Identifier of the executed query.
        required: true
        schema:
          type: string
          example: 195038749d21ad109242c95cbbc8709d
      - name: rowId
        in: path
        description: Identifier of the query row.
        required: true
        schema:
          type: string
          example: A
      - name: limit
        in: query
        description: Limit of the number of spans returned in the response.
        required: false
        schema:
          maximum: 500
          minimum: 1
          type: integer
          format: int32
          example: 100
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
          example: dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI
      responses:
        '200':
          description: Details about the given span query.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SpanQueryResultSpansResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/spanquery/{queryId}/rows/{rowId}/facets:
    get:
      tags:
      - spanAnalytics
      summary: Get A List Of Facets Of A Span Analytics Query.
      description: Get a list of facets of a span analytics query with the specified
        id.
      operationId: getSpanQueryFacets
      parameters:
      - name: queryId
        in: path
        description: Identifier of the executed query.
        required: true
        schema:
          type: string
          example: 195038749d21ad109242c95cbbc8709d
      - name: rowId
        in: path
        description: Identifier of the query row.
        required: true
        schema:
          type: string
          example: A
      responses:
        '200':
          description: The list of facets from the executed query.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SpanQueryResultFacetsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/spanquery/{queryId}/aggregates:
    get:
      tags:
      - spanAnalytics
      summary: Get Span Analytics Query Aggregated Results.
      description: Get span aggregation results for an aggregated span analytics query
        with the specified id. Only aggregated rows being part of the executed query
        will have matching results in the response of this endpoint.
      operationId: getSpanQueryAggregates
      parameters:
      - name: queryId
        in: path
        description: Identifier of the executed query.
        required: true
        schema:
          type: string
          example: 195038749d21ad109242c95cbbc8709d
      responses:
        '200':
          description: The aggregation result of the executed query.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SpanQueryAggregateResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/spanquery/fields:
    get:
      tags:
      - spanAnalytics
      summary: Get Filter Fields For Span Analytics Queries.
      description: Get a list of available fields which can be used in span analytics
        queries.
      operationId: getSpanQueryFields
      parameters: []
      responses:
        '200':
          description: List of available fields.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SpanQueryFieldsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/spanquery/fields/{field}/values:
    get:
      tags:
      - spanAnalytics
      summary: Get Span Analytics Query Filter Field Values.
      description: Get a list of available values for the given span analytics query
        filter field. Not all fields support value listing. The response is paginated
        with a default limit of 10 field values per page.
      operationId: getSpanQueryFieldValues
      parameters:
      - name: field
        in: path
        description: Field identifier.
        required: true
        schema:
          type: string
      - name: query
        in: query
        description: Search filter to apply on the values to be returned. Only values
          containing the search query term will be returned.
        required: false
        schema:
          type: string
      - name: limit
        in: query
        description: The maximum number of results to fetch.
        required: false
        schema:
          maximum: 500
          minimum: 1
          type: integer
          format: int32
          default: 10
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: List of available filter values for the given field.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TraceFieldValuesResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/tracing/serviceMap:
    get:
      tags:
      - serviceMap
      summary: Get A Service Map.
      description: Run a search request to get a map of services and connections between
        them.
      operationId: getServiceMap
      parameters: []
      responses:
        '200':
          description: List of nodes and list of edges.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ServiceMapResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/threatIntel/datastore/db:
    get:
      tags:
      - threatIntelIngest
      summary: Get Threat Intel Indicators DB Information
      description: Get threat intel indicators DB information, such as storage utilization
        and indicator counts
      operationId: datastoreGet
      responses:
        '200':
          description: Threat intel ingest DB information.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DatastoreStatusResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - threatIntelIngest
      summary: Remove The Threat Intel Indicators DB
      description: Removes the entire database and all indicators associated with
        this tenant
      operationId: removeDatastore
      responses:
        '204':
          description: Removing the indicator database succeeded
        default:
          description: Operation failed with an error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/threatIntel/datastore/retentionPeriod:
    get:
      tags:
      - threatIntelIngest
      summary: Get Threat Intel Indicators Store Retention Period In Terms Of Days.
      description: Get the threat intel indicators store retention period in terms
        of days.
      operationId: retentionPeriod
      responses:
        '200':
          description: Threat intel indicators store retention period.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DatastoreRetentionPeriod'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - threatIntelIngest
      summary: Set The Threat Intel Indicators Store Retention Period In Terms Of
        Days.
      description: Sets the threat intel indicators store retention period in terms
        of days.
      operationId: setRetentionPeriod
      parameters: []
      requestBody:
        description: The threat intel indicators store retention period in terms of
          days.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DatastoreRetentionPeriod'
        required: true
      responses:
        '200':
          description: Threat intel indicators store retention period.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DatastoreRetentionPeriod'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/threatIntel/datastore/indicators/normalized:
    post:
      tags:
      - threatIntelIngestProducer
      summary: Uploads Indicators In A Sumo Normalized Format.
      description: Uploads a list indicators in a Sumo normalized format.
      operationId: uploadNormalizedIndicators
      parameters: []
      requestBody:
        description: The list of normalized threat intel indicators to upload.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UploadNormalizedIndicatorRequest'
        required: true
      responses:
        '204':
          description: Normalized indicators successfully uploaded.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/threatIntel/datastore/indicators/stix:
    post:
      tags:
      - threatIntelIngestProducer
      summary: Uploads Indicators In A STIX 2.x Json Format.
      description: Uploads a list indicators in in a STIX 2.x json format.
      operationId: uploadStixIndicators
      parameters: []
      requestBody:
        description: Upload stix indicators request body.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UploadStixIndicatorsRequest'
        required: true
      responses:
        '200':
          description: Stix indicators successfully uploaded.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UploadStixIndicatorsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/threatIntel/datastore/indicators:
    delete:
      tags:
      - threatIntelIngestProducer
      summary: Removes Indicators By Their IDS
      description: Removes indicators by specifying a list of indicator IDs
      operationId: removeIndicators
      parameters: []
      requestBody:
        description: The list of indicator IDs to remove
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RemoveIndicatorsRequest'
        required: true
      responses:
        '204':
          description: Indicators successfully removed
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/threatIntel/datastore/dataSource/{dataSourceName}:
    put:
      tags:
      - threatIntelIngest
      summary: Updates Source Properties
      description: Updates source properties
      operationId: dataSourcePropertiesUpdate
      parameters:
      - name: dataSourceName
        in: path
        description: Source name
        required: true
        schema:
          type: string
      requestBody:
        description: Source properties
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DataSourceProperties'
        required: true
      responses:
        '204':
          description: Data source properties successfuly updated.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/otCollectors:
    post:
      tags:
      - otCollectorManagementExternal
      summary: Get Paginated List Of OT Collectors
      description: Given different filter, search and sort conditions, get list of
        otCollectors.
      operationId: getPaginatedOTCollectors
      requestBody:
        description: pagination request details
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PaginatedOTCollectorsRequest'
        required: true
      responses:
        '200':
          description: A list of paginated OT Collectors.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedOTCollectorsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/otCollectors/{id}:
    get:
      tags:
      - otCollectorManagementExternal
      summary: Get OT Collector By ID.
      description: Get OT Collector by ID.
      operationId: getOTCollector
      parameters:
      - name: id
        in: path
        description: Identifier of the OT Collector to get.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: An OT Collector by identifier.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OTCollector'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - otCollectorManagementExternal
      summary: Delete An OT Collector.
      description: Delete an OT Collector with the given identifier.
      operationId: deleteOTCollector
      parameters:
      - name: id
        in: path
        description: Identifier of the OT Collector to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The OT Collector was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/otCollectors/totalCount:
    get:
      tags:
      - otCollectorManagementExternal
      summary: Get A Count Of OT Collectors.
      description: Get total count of OT Collectors for a customer.
      operationId: getOTCollectorsCount
      responses:
        '200':
          description: Total count of OT Collectors.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OTCollectorCountResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/otCollectors/otCollectorsByName:
    get:
      tags:
      - otCollectorManagementExternal
      summary: Get OT Collectors By Name.
      description: provided list of names, get all OT Collectors with metadata.
      operationId: getOTCollectorsByNames
      parameters:
      - name: names
        in: query
        description: A required parameter that accepts a list of names for which we
          need to collect all metadata.
        required: true
        schema:
          type: array
          items:
            type: string
      responses:
        '200':
          description: A list of OT Collectors.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OTCollectorListResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/otCollectors/offline:
    delete:
      tags:
      - otCollectorManagementExternal
      summary: Delete All Offline OT Collectors
      description: Delete all offline OT Collectors for a given customer.
      operationId: deleteOfflineOTCollectors
      responses:
        '204':
          description: All offline OT Collectors of the given customer deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/sourceTemplates:
    get:
      tags:
      - sourceTemplateManagementExternal
      summary: List All Source Templates.
      description: Get a list of all source templates.
      operationId: getSourceTemplatesV2
      parameters:
      - name: showDisabled
        in: query
        description: A boolean parameter to get all, including disabled source templates.
        required: false
        schema:
          type: boolean
          default: false
      - name: name
        in: query
        description: Only return source template matching the given name (exact match).
        required: false
        schema:
          minLength: 1
          type: string
          nullable: true
      responses:
        '200':
          description: A list of source templates.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SourceTemplateListResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - sourceTemplateManagementExternal
      summary: Create Source Template.
      description: Create source template.
      operationId: createSourceTemplateV2
      requestBody:
        description: Create source template details
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SourceTemplateRequest'
        required: true
      responses:
        '200':
          description: Create source template response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SourceTemplateDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/sourceTemplates/{id}:
    get:
      tags:
      - sourceTemplateManagementExternal
      summary: Get A Source Template By Id.
      description: Get a source template with the given identifier.
      operationId: getSourceTemplateV2
      parameters:
      - name: id
        in: path
        description: Identifier of the source template to get.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Get source template response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SourceTemplateDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - sourceTemplateManagementExternal
      summary: Update Source Template.
      description: Update a source template with the given identifier.
      operationId: updateSourceTemplateV2
      parameters:
      - name: id
        in: path
        description: Identifier of the source template to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Request details of update source template.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SourceTemplateUpdateRequest'
        required: true
      responses:
        '200':
          description: Update source template response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SourceTemplateDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - sourceTemplateManagementExternal
      summary: Delete A Source Template.
      description: Delete a source template with the given identifier.
      operationId: deleteSourceTemplateV2
      parameters:
      - name: id
        in: path
        description: Identifier of the source template to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The source template was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/sourceTemplates/{id}/status:
    put:
      tags:
      - sourceTemplateManagementExternal
      summary: Update Status Of Source Template
      description: Update the status (enable or disable) of a source template.
      operationId: updateSourceTemplateStatusV2
      parameters:
      - name: id
        in: path
        description: Identifier of the source template to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Status of source template
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SourceTemplateStatusUpdateRequest'
        required: true
      responses:
        '200':
          description: Update source template status response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SourceTemplateDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/sourceTemplates/{id}/upgrade:
    post:
      tags:
      - sourceTemplateManagementExternal
      summary: Upgrade Source Template.
      description: Upgrade a source template with the given identifier.
      operationId: upgradeSourceTemplateV2
      parameters:
      - name: id
        in: path
        description: Identifier of the source template to upgrade.
        required: true
        schema:
          type: string
      requestBody:
        description: Source template upgrade request details.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SourceTemplateUpgradeRequest'
        required: true
      responses:
        '200':
          description: Upgrade source template response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SourceTemplateDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/sourceTemplates/getLinkedSourceTemplatesImpact:
    post:
      tags:
      - sourceTemplateManagementExternal
      summary: Preview Source Template Linking Changes.
      description: Given the set of tags user wants to update, display the list of
        source templates that will be linked/unlinked to the otCollector.
      operationId: getLinkedSourceTemplatesImpact
      requestBody:
        description: Request body containing otCollector id and set of tags.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LinkedSourceTemplatesUpdateRequest'
        required: true
      responses:
        '200':
          description: A list of source templates whose linking to the otCollector
            will be impacted.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LinkedSourceTemplatesUpdateResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/sourceTemplate:
    get:
      tags:
      - sourceTemplateManagementExternal
      summary: Return All Source Templates Of A Customer (deprecated).
      description: 'Get a list of source template.


        **DEPRECATED**: This endpoint will be removed soon. Please use GET /v1/sourceTemplates
        instead.

        '
      operationId: getSourceTemplates
      parameters:
      - name: showDisabled
        in: query
        description: A boolean parameter to get all, including disabled source templates.
        required: false
        schema:
          type: boolean
          default: false
      - name: name
        in: query
        description: Only return source template matching the given name (exact match).
        required: false
        schema:
          minLength: 1
          type: string
          nullable: true
      responses:
        '200':
          description: A list of source templates.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SourceTemplateListResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      deprecated: true
    post:
      tags:
      - sourceTemplateManagementExternal
      summary: Create Source Template (deprecated).
      description: 'Create source template.


        **DEPRECATED**: This endpoint will be removed soon. Please use POST /v1/sourceTemplates
        instead.

        '
      operationId: createSourceTemplate
      requestBody:
        description: Create source template details
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SourceTemplateRequest'
        required: true
      responses:
        '200':
          description: Create source template response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SourceTemplateDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      deprecated: true
  /v1/sourceTemplate/{id}:
    get:
      tags:
      - sourceTemplateManagementExternal
      summary: Get A Source Template By Id (deprecated).
      description: 'Get a source template with the given identifier.


        **DEPRECATED**: This endpoint will be removed soon. Please use GET /v1/sourceTemplates/{id}
        instead.

        '
      operationId: getSourceTemplate
      parameters:
      - name: id
        in: path
        description: Identifier of the source template to get.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Get source template response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SourceTemplateDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      deprecated: true
    post:
      tags:
      - sourceTemplateManagementExternal
      summary: Update Source Template (deprecated).
      description: 'Update a source template with the given identifier.


        **DEPRECATED**: This endpoint will be removed soon. Please use POST /v1/sourceTemplates/{id}
        instead.

        '
      operationId: updateSourceTemplate
      parameters:
      - name: id
        in: path
        description: Identifier of the source template to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Source template request details.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SourceTemplateRequest'
        required: true
      responses:
        '200':
          description: Update source template response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SourceTemplateDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      deprecated: true
    delete:
      tags:
      - sourceTemplateManagementExternal
      summary: Delete A Source Template (deprecated).
      description: 'Delete a source template with the given identifier.


        **DEPRECATED**: This endpoint will be removed soon. Please use DELETE /v1/sourceTemplates/{id}
        instead.

        '
      operationId: deleteSourceTemplate
      parameters:
      - name: id
        in: path
        description: Identifier of the source template to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The source template was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      deprecated: true
  /v1/upgrade/sourceTemplate/{id}:
    post:
      tags:
      - sourceTemplateManagementExternal
      summary: Upgrade Source Template (deprecated).
      description: 'Upgrade a source template with the given identifier.


        **DEPRECATED**: This endpoint will be removed soon. Please use POST /v1/sourceTemplates/{id}/upgrade
        instead.

        '
      operationId: upgradeSourceTemplate
      parameters:
      - name: id
        in: path
        description: Identifier of the source template to upgrade.
        required: true
        schema:
          type: string
      requestBody:
        description: Source template upgrade request details.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SourceTemplateUpgradeRequest'
        required: true
      responses:
        '200':
          description: Upgrade source template response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SourceTemplateDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      deprecated: true
  /v1/sourceTemplate/getLinkedSourceTemplatesImpact:
    post:
      tags:
      - sourceTemplateManagementExternal
      summary: Get Linked Source Templates Update Based On The Ot-collector Tags User
        Is Wants To Update.
      description: Given the set of tags user wants to update, display the list of
        source templates that will be linked/unlinked to the otCollector.
      operationId: getLinkedSourceTemplatesUpdate
      requestBody:
        description: Request body containing otCollector id and set of tags.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LinkedSourceTemplatesUpdateRequest'
        required: true
      responses:
        '200':
          description: A list of source templates whose linking to the otCollector
            will be impacted.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LinkedSourceTemplatesUpdateResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/sourceTemplate/{id}/status:
    put:
      tags:
      - sourceTemplateManagementExternal
      summary: Update Status Of Source Template (deprecated)
      description: 'Update the status (enable or disable) of a source template.


        **DEPRECATED**: This endpoint will be removed soon. Please use PUT /v1/sourceTemplates/{id}/status
        instead.

        '
      operationId: updateSourceTemplateStatus
      parameters:
      - name: id
        in: path
        description: Identifier of the source template to update.
        required: true
        schema:
          type: string
      requestBody:
        description: Status of source template
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SourceTemplateStatusUpdateRequest'
        required: true
      responses:
        '200':
          description: Update source template status response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SourceTemplateDefinition'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      deprecated: true
  /v1/schemaIdentitiesGrouped:
    get:
      tags:
      - schemaBaseManagement
      summary: Get Schema Base Identities Grouped By Type And Sorted By Version.
      description: Get a summary of all available schema bases grouped by type and
        their versions sorted by latest.
      operationId: getSchemaIdentitiesGrouped
      responses:
        '200':
          description: A summary of all available schema bases grouped by type and
            their versions sorted by latest.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListSchemaBaseTypeToVersionsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/eventExtractionRules:
    get:
      tags:
      - eventAnalytics
      summary: Get All Event Extraction Rules.
      description: Get all event extraction rules.
      operationId: getEventExtractionRules
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: Event extraction rules.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListEventExtractionRulesResponse'
    post:
      tags:
      - eventAnalytics
      summary: Create Event Extraction Rule.
      description: Create event extraction rule.
      operationId: createEventExtractionRule
      requestBody:
        description: Information to create a new event extraction rule.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/EventExtractionRule'
        required: true
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: The event extraction rule was created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EventExtractionRuleWithDetails'
  /v1/eventExtractionRules/quota:
    get:
      tags:
      - eventAnalytics
      summary: Get Event Extraction Rules Quota.
      description: Every customer can use a limited number of Event Extraction Rules.
        This endpoint allows learning about these limitations and remaining quota.
      operationId: getEventExtractionRulesQuota
      responses:
        '200':
          description: Current state of Event Extraction Rules quota usage (limit
            and remaining).
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EventExtractionRulesQuotaUsage'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/eventExtractionRules/{id}:
    get:
      tags:
      - eventAnalytics
      summary: Get An Event Extraction Rule.
      description: Get an event extraction rule.
      operationId: getEventExtractionRule
      parameters:
      - name: id
        in: path
        description: The identifier of the event extraction rule.
        required: true
        schema:
          type: string
        example: 000000000000000A
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: Requested event extraction rule.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EventExtractionRuleWithDetails'
    put:
      tags:
      - eventAnalytics
      summary: Update An Event Extraction Rule.
      description: Update an event extraction rule.
      operationId: updateEventExtractionRule
      parameters:
      - name: id
        in: path
        description: The identifier of the event extraction rule.
        required: true
        schema:
          type: string
        example: 000000000000000A
      requestBody:
        description: Information to update event extraction rule.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/EventExtractionRule'
        required: true
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '200':
          description: The event extraction rule was updated.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EventExtractionRuleWithDetails'
    delete:
      tags:
      - eventAnalytics
      summary: Delete An Event Extraction Rule.
      description: Delete an event extraction rule.
      operationId: deleteEventExtractionRule
      parameters:
      - name: id
        in: path
        description: The identifier of the event extraction rule.
        required: true
        schema:
          type: string
        example: 000000000000000A
      responses:
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '204':
          description: The event extraction rule was successfully deleted.
  /v1/budgets:
    get:
      tags:
      - budgetManagement
      summary: Get Budgets
      description: Get budgets
      operationId: getBudgets
      parameters:
      - name: limit
        in: query
        description: Limit the number of budgets returned in the response. The number
          of budgets returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: Budgets assigned to the org.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanBudgetList'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - budgetManagement
      summary: Creates A Budget Definition
      description: Create a budget definition
      operationId: createBudget
      parameters: []
      requestBody:
        description: Information about the new budget.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ScanBudgetDefinition'
        required: true
      responses:
        '200':
          description: The created budget.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanBudget'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/budgets/{budgetId}:
    get:
      tags:
      - budgetManagement
      summary: Get Budget
      description: Get budget
      operationId: getBudget
      parameters:
      - name: budgetId
        in: path
        description: The id of the budget.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: The requested budget.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanBudget'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - budgetManagement
      summary: Update Budget
      description: Update budget
      operationId: updateBudget
      parameters:
      - name: budgetId
        in: path
        description: The id of the budget.
        required: true
        schema:
          type: string
      requestBody:
        description: Updated budget.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ScanBudgetDefinition'
        required: true
      responses:
        '200':
          description: The updated budget.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanBudget'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - budgetManagement
      summary: Delete Budget
      description: Delete budget
      operationId: deleteBudget
      parameters:
      - name: budgetId
        in: path
        description: The id of the budget.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The budget was successfully deleted.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/budgets/usage:
    get:
      tags:
      - budgetManagement
      summary: Get Budget Usages
      description: Get budget usages
      operationId: getBudgetUsages
      parameters:
      - name: limit
        in: query
        description: Limit the number of budget usages returned in the response. The
          number of budget usages returned may be less than the `limit`.
        required: false
        schema:
          maximum: 1000
          minimum: 1
          type: integer
          format: int32
          default: 100
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results.
        required: false
        schema:
          type: string
      responses:
        '200':
          description: Scan budget usages.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanBudgetUsageList'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/budgets/{budgetId}/usage:
    get:
      tags:
      - budgetManagement
      summary: Get Budget Usage
      description: Get budget usage
      operationId: getBudgetUsage
      parameters:
      - name: budgetId
        in: path
        description: The id of the budget.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: The requested budget usage.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanBudgetUsage'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/macros:
    get:
      tags:
      - macroManagement
      summary: List All Macros.
      description: List all viewable macros for the customer.
      operationId: listMacros
      parameters:
      - name: limit
        in: query
        description: Limit the number of macro returned in the response. The number
          of macros returned may be less than the `limit`. Default 50.
        required: false
        schema:
          maximum: 100
          minimum: 1
          type: integer
          format: int32
          default: 50
        example: 50
      - name: token
        in: query
        description: Continuation token to get the next page of results. A page object
          with the next continuation token is returned in the response body. Subsequent
          GET requests should specify the continuation token to get the next page
          of results. `token` is set to null when no more pages are left.
        required: false
        schema:
          type: string
        example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
      responses:
        '200':
          description: Paginated list of viewable macros for the customer.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedMacros'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - macroManagement
      summary: Create A New Macro.
      description: Creates a new macro.
      operationId: createMacro
      requestBody:
        description: Information to create the new macro.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MacroRequest'
        required: true
      responses:
        '200':
          description: The macro has been created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Macro'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v2/macros/{id}:
    get:
      tags:
      - macroManagement
      summary: Get A Macro.
      description: Get a macro by the given identifier.
      operationId: getMacro
      parameters:
      - name: id
        in: path
        description: UUID of the macro.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Macro object that was requested.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Macro'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - macroManagement
      summary: Edit A Macro.
      description: Edits an existing macro by id. Macro name is immutable.
      operationId: editMacro
      parameters:
      - name: id
        in: path
        description: UUID of the macro to edit.
        required: true
        schema:
          type: string
      requestBody:
        description: Macro fields to update. Macro name is immutable.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/BaseMacroRequest'
        required: true
      responses:
        '200':
          description: The edited macro.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Macro'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - macroManagement
      summary: Delete A Macro.
      description: Delete a macro by id.
      operationId: deleteMacro
      parameters:
      - name: id
        in: path
        description: Id of macro to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Macro was deleted successfully.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/mutingSchedules:
    get:
      tags:
      - mutingSchedulesLibraryManagement
      summary: Bulk Read A Mutingschedule Or Folder.
      description: Bulk read a mutingschedule or folder by the given identifiers from
        the mutingSchedules library.
      operationId: mutingSchedulesReadByIds
      parameters:
      - name: ids
        in: query
        description: A comma-separated list of identifiers.
        required: true
        schema:
          type: array
          items:
            type: string
        example: 0000000000000001,0000000000000002,0000000000000003
      - name: skipChildren
        in: query
        description: a boolean parameter to control skipping fetching children of
          requested folder(s)
        required: false
        schema:
          type: boolean
      responses:
        '200':
          description: A map between an identifier and its definition (mutingschedule
            or folder).
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IdToMutingSchedulesLibraryBaseResponseMap'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - mutingSchedulesLibraryManagement
      summary: Create A Mutingschedule Or Folder.
      description: Create a mutingschedule or folder in the mutingSchedules library.
      operationId: mutingSchedulesCreate
      parameters:
      - name: parentId
        in: query
        description: Identifier of the parent folder in which to create the mutingschedule
          or folder.
        required: true
        schema:
          type: string
      requestBody:
        description: The mutingschedule or folder to create.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MutingSchedulesLibraryBase'
        required: true
      responses:
        '200':
          description: The mutingschedule or folder was created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - mutingSchedulesLibraryManagement
      summary: Bulk Delete A Mutingschedule Or Folder.
      description: Bulk delete a mutingschedule or folder by the given identifiers
        in the mutingSchedules library.
      operationId: mutingSchedulesDeleteByIds
      parameters:
      - name: ids
        in: query
        description: A comma-separated list of identifiers.
        required: true
        schema:
          type: array
          items:
            type: string
        example: 0000000000000001,0000000000000002,0000000000000003
      responses:
        '200':
          description: A map between the deleted identifier and its metadata.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IdToMutingSchedulesLibraryBaseResponseMap'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/mutingSchedules/root:
    get:
      tags:
      - mutingSchedulesLibraryManagement
      summary: Get The Root MutingSchedules Folder.
      description: Get the root folder in the mutingSchedules library.
      operationId: getMutingSchedulesLibraryRoot
      responses:
        '200':
          description: Root folder of the mutingSchedules library.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MutingSchedulesLibraryFolderResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/mutingSchedules/search:
    get:
      tags:
      - mutingSchedulesLibraryManagement
      summary: Search For A Mutingschedule Or Folder.
      description: Search for a mutingschedule or folder in the mutingSchedules library
        structure.
      operationId: mutingSchedulesSearch
      parameters:
      - name: query
        in: query
        description: "The search query to find mutingschedule or folder. Below is\
          \ the list of different filters with examples:\n  - **createdBy** : Filter\
          \ by the user's identifier who created the content. Example: `createdBy:000000000000968B`.\n\
          \  - **createdBefore** : Filter by the content objects created before the\
          \ given timestamp(in milliseconds). Example: `createdBefore:1457997222`.\n\
          \  - **createdAfter** : Filter by the content objects created after the\
          \ given timestamp(in milliseconds). Example: `createdAfter:1457997111`.\n\
          \  - **modifiedBefore** : Filter by the content objects modified before\
          \ the given timestamp(in milliseconds). Example: `modifiedBefore:1457997222`.\n\
          \  - **modifiedAfter** : Filter by the content objects modified after the\
          \ given timestamp(in milliseconds). Example: `modifiedAfter:1457997111`.\n\
          \  - **type** : Filter by the type of the content object. Example: `type:folder`.\n\
          \nYou can also use multiple filters in one query. For example to search\
          \ for all content objects created by user with identifier 000000000000968B\
          \ with creation timestamp after 1457997222 containing the text Test, the\
          \ query would look like:\n\n  `createdBy:000000000000968B createdAfter:1457997222\
          \ Test`"
        required: true
        schema:
          type: string
        example: createdBy:000000000000968B Test
      - name: limit
        in: query
        description: Maximum number of items you want in the response.
        required: false
        schema:
          maximum: 5000
          type: integer
          format: int32
          default: 1000
        example: 10
      - name: offset
        in: query
        description: The position or row from where to start the search operation.
        required: false
        schema:
          type: integer
          format: int32
          default: 0
        example: 5
      - name: skipChildren
        in: query
        description: a boolean parameter to control skipping fetching children of
          requested folder(s)
        required: false
        schema:
          type: boolean
      responses:
        '200':
          description: List of folders and mutingSchedules matching the search query.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListMutingSchedulesLibraryItemWithPath'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/mutingSchedules/{id}:
    get:
      tags:
      - mutingSchedulesLibraryManagement
      summary: Get A Mutingschedule Or Folder.
      description: Get a mutingschedule or folder from the mutingSchedules library.
      operationId: mutingSchedulesReadById
      parameters:
      - name: id
        in: path
        description: Identifier of the mutingschedule or folder to read.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Requested mutingschedule or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - mutingSchedulesLibraryManagement
      summary: Update A Mutingschedule Or Folder.
      description: Update a mutingschedule or folder in the mutingSchedules library.
      operationId: mutingSchedulesUpdateById
      parameters:
      - name: id
        in: path
        description: Identifier of the mutingschedule or folder to update.
        required: true
        schema:
          type: string
      requestBody:
        description: The mutingschedule or folder to update. The content version must
          match its latest version number in the mutingSchedules library. If the version
          does not match it will not be updated.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MutingSchedulesLibraryBaseUpdate'
        required: true
      responses:
        '200':
          description: The mutingschedule or folder was updated.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - mutingSchedulesLibraryManagement
      summary: Delete A Mutingschedule Or Folder.
      description: Delete a mutingschedule or folder from the mutingSchedules library.
      operationId: mutingSchedulesDeleteById
      parameters:
      - name: id
        in: path
        description: Identifier of the mutingschedule or folder to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The mutingschedule or folder was successfully deleted.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/mutingSchedules/{id}/path:
    get:
      tags:
      - mutingSchedulesLibraryManagement
      summary: Get The Path Of A Mutingschedule Or Folder.
      description: Get the full path of the mutingschedule or folder in the mutingSchedules
        library.
      operationId: getMutingSchedulesFullPath
      parameters:
      - name: id
        in: path
        description: Identifier of the mutingschedule or folder.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Full path of the mutingschedule or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Path'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/mutingSchedules/{id}/copy:
    post:
      tags:
      - mutingSchedulesLibraryManagement
      summary: Copy A Mutingschedule Or Folder.
      description: Copy a mutingschedule or folder in the mutingSchedules library.
      operationId: mutingSchedulesCopy
      parameters:
      - name: id
        in: path
        description: Identifier of the mutingschedule or folder to copy.
        required: true
        schema:
          type: string
      requestBody:
        description: "Fields include:\n  1) Identifier of the parent folder to copy\
          \ to.\n  2) Optionally provide a new name.\n  3) Optionally provide a new\
          \ description.\n  4) Optionally set to true if you want to copy and preserve\
          \ the locked status. Requires `LockMutingSchedules` capability."
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ContentCopyParams'
        required: true
      responses:
        '200':
          description: The mutingschedule or folder was copied.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/mutingSchedules/{id}/export:
    get:
      tags:
      - mutingSchedulesLibraryManagement
      summary: Export A Mutingschedule Or Folder.
      description: Export a mutingschedule or folder. If the given identifier is a
        folder, everything under the folder is exported recursively with folder as
        the root.
      operationId: mutingSchedulesExportItem
      parameters:
      - name: id
        in: path
        description: Identifier of the mutingschedule or folder to export.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Exported mutingschedule or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MutingSchedulesLibraryBaseExport'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/mutingSchedules/{parentId}/import:
    post:
      tags:
      - mutingSchedulesLibraryManagement
      summary: Import A Mutingschedule Or Folder.
      description: Import a mutingschedule or folder.
      operationId: mutingSchedulesImportItem
      parameters:
      - name: parentId
        in: path
        description: Identifier of the parent folder in which to import the mutingschedule
          or folder.
        required: true
        schema:
          type: string
      requestBody:
        description: The mutingschedule or folder to be imported.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MutingSchedulesLibraryBaseExport'
        required: true
      responses:
        '200':
          description: 'Newly imported mutingschedule or folder. NOTE: Permissions
            field will not be filled (empty list).'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/slos:
    get:
      tags:
      - slosLibraryManagement
      summary: Bulk Read A Slo Or Folder.
      description: Bulk read a slo or folder by the given identifiers from the slos
        library.
      operationId: slosReadByIds
      parameters:
      - name: ids
        in: query
        description: A comma-separated list of identifiers.
        required: true
        schema:
          type: array
          items:
            type: string
        example: 0000000000000001,0000000000000002,0000000000000003
      - name: skipChildren
        in: query
        description: a boolean parameter to control skipping fetching children of
          requested folder(s)
        required: false
        schema:
          type: boolean
      responses:
        '200':
          description: A map between an identifier and its definition (slo or folder).
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IdToSlosLibraryBaseResponseMap'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - slosLibraryManagement
      summary: Create A Slo Or Folder.
      description: Create a slo or folder in the slos library.
      operationId: slosCreate
      parameters:
      - name: parentId
        in: query
        description: Identifier of the parent folder in which to create the slo or
          folder.
        required: true
        schema:
          type: string
      requestBody:
        description: The slo or folder to create.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SlosLibraryBase'
        required: true
      responses:
        '200':
          description: The slo or folder was created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SlosLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - slosLibraryManagement
      summary: Bulk Delete A Slo Or Folder.
      description: Bulk delete a slo or folder by the given identifiers in the slos
        library.
      operationId: slosDeleteByIds
      parameters:
      - name: ids
        in: query
        description: A comma-separated list of identifiers.
        required: true
        schema:
          type: array
          items:
            type: string
        example: 0000000000000001,0000000000000002,0000000000000003
      responses:
        '200':
          description: A map between the deleted identifier and its metadata.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IdToSlosLibraryBaseResponseMap'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/slos/root:
    get:
      tags:
      - slosLibraryManagement
      summary: Get The Root Slos Folder.
      description: Get the root folder in the slos library.
      operationId: getSlosLibraryRoot
      responses:
        '200':
          description: Root folder of the slos library.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SlosLibraryFolderResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/slos/path:
    get:
      tags:
      - slosLibraryManagement
      summary: Read A Slo Or Folder By Its Path.
      description: Read a slo or folder by its path in the slos library structure.
      operationId: slosGetByPath
      parameters:
      - name: path
        in: query
        description: The path of the slo or folder.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Requested slo or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SlosLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/slos/search:
    get:
      tags:
      - slosLibraryManagement
      summary: Search For A Slo Or Folder.
      description: Search for a slo or folder in the slos library structure.
      operationId: slosSearch
      parameters:
      - name: query
        in: query
        description: "The search query to find slo or folder. Below is the list of\
          \ different filters with examples:\n  - **createdBy** : Filter by the user's\
          \ identifier who created the content. Example: `createdBy:000000000000968B`.\n\
          \  - **createdBefore** : Filter by the content objects created before the\
          \ given timestamp(in milliseconds). Example: `createdBefore:1457997222`.\n\
          \  - **createdAfter** : Filter by the content objects created after the\
          \ given timestamp(in milliseconds). Example: `createdAfter:1457997111`.\n\
          \  - **modifiedBefore** : Filter by the content objects modified before\
          \ the given timestamp(in milliseconds). Example: `modifiedBefore:1457997222`.\n\
          \  - **modifiedAfter** : Filter by the content objects modified after the\
          \ given timestamp(in milliseconds). Example: `modifiedAfter:1457997111`.\n\
          \  - **type** : Filter by the type of the content object. Example: `type:folder`.\n\
          \nYou can also use multiple filters in one query. For example to search\
          \ for all content objects created by user with identifier 000000000000968B\
          \ with creation timestamp after 1457997222 containing the text Test, the\
          \ query would look like:\n\n  `createdBy:000000000000968B createdAfter:1457997222\
          \ Test`"
        required: true
        schema:
          type: string
        example: createdBy:000000000000968B Test
      - name: limit
        in: query
        description: Maximum number of items you want in the response.
        required: false
        schema:
          maximum: 5000
          type: integer
          format: int32
          default: 1000
        example: 10
      - name: offset
        in: query
        description: The position or row from where to start the search operation.
        required: false
        schema:
          type: integer
          format: int32
          default: 0
        example: 5
      - name: skipChildren
        in: query
        description: a boolean parameter to control skipping fetching children of
          requested folder(s)
        required: false
        schema:
          type: boolean
      responses:
        '200':
          description: List of folders and slos matching the search query.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListSlosLibraryItemWithPath'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/slos/{id}:
    get:
      tags:
      - slosLibraryManagement
      summary: Get A Slo Or Folder.
      description: Get a slo or folder from the slos library.
      operationId: slosReadById
      parameters:
      - name: id
        in: path
        description: Identifier of the slo or folder to read.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Requested slo or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SlosLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - slosLibraryManagement
      summary: Update A Slo Or Folder.
      description: Update a slo or folder in the slos library.
      operationId: slosUpdateById
      parameters:
      - name: id
        in: path
        description: Identifier of the slo or folder to update.
        required: true
        schema:
          type: string
      requestBody:
        description: The slo or folder to update. The content version must match its
          latest version number in the slos library. If the version does not match
          it will not be updated.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SlosLibraryBaseUpdate'
        required: true
      responses:
        '200':
          description: The slo or folder was updated.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SlosLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - slosLibraryManagement
      summary: Delete A Slo Or Folder.
      description: Delete a slo or folder from the slos library.
      operationId: slosDeleteById
      parameters:
      - name: id
        in: path
        description: Identifier of the slo or folder to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The slo or folder was successfully deleted.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/slos/{id}/path:
    get:
      tags:
      - slosLibraryManagement
      summary: Get The Path Of A Slo Or Folder.
      description: Get the full path of the slo or folder in the slos library.
      operationId: getSlosFullPath
      parameters:
      - name: id
        in: path
        description: Identifier of the slo or folder.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Full path of the slo or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Path'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/slos/{id}/move:
    post:
      tags:
      - slosLibraryManagement
      summary: Move A Slo Or Folder.
      description: Move a slo or folder to a different location in the slos library.
      operationId: slosMove
      parameters:
      - name: id
        in: path
        description: Identifier of the slo or folder to move.
        required: true
        schema:
          type: string
      - name: parentId
        in: query
        description: Identifier of the parent folder to move the slo or folder to.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Moved slo or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SlosLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/slos/{id}/copy:
    post:
      tags:
      - slosLibraryManagement
      summary: Copy A Slo Or Folder.
      description: Copy a slo or folder in the slos library.
      operationId: slosCopy
      parameters:
      - name: id
        in: path
        description: Identifier of the slo or folder to copy.
        required: true
        schema:
          type: string
      requestBody:
        description: "Fields include:\n  1) Identifier of the parent folder to copy\
          \ to.\n  2) Optionally provide a new name.\n  3) Optionally provide a new\
          \ description.\n  4) Optionally set to true if you want to copy and preserve\
          \ the locked status. Requires `LockSlos` capability."
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ContentCopyParams'
        required: true
      responses:
        '200':
          description: The slo or folder was copied.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SlosLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/slos/{id}/export:
    get:
      tags:
      - slosLibraryManagement
      summary: Export A Slo Or Folder.
      description: Export a slo or folder. If the given identifier is a folder, everything
        under the folder is exported recursively with folder as the root.
      operationId: slosExportItem
      parameters:
      - name: id
        in: path
        description: Identifier of the slo or folder to export.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Exported slo or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SlosLibraryBaseExport'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/slos/{parentId}/import:
    post:
      tags:
      - slosLibraryManagement
      summary: Import A Slo Or Folder.
      description: Import a slo or folder.
      operationId: slosImportItem
      parameters:
      - name: parentId
        in: path
        description: Identifier of the parent folder in which to import the slo or
          folder.
        required: true
        schema:
          type: string
      requestBody:
        description: The slo or folder to be imported.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SlosLibraryBaseExport'
        required: true
      responses:
        '200':
          description: 'Newly imported slo or folder. NOTE: Permissions field will
            not be filled (empty list).'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SlosLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors:
    get:
      tags:
      - monitorsLibraryManagement
      summary: Bulk Read A Monitor Or Folder.
      description: Bulk read a monitor or folder by the given identifiers from the
        monitors library.
      operationId: monitorsReadByIds
      parameters:
      - name: ids
        in: query
        description: A comma-separated list of identifiers.
        required: true
        schema:
          type: array
          items:
            type: string
        example: 0000000000000001,0000000000000002,0000000000000003
      - name: skipChildren
        in: query
        description: a boolean parameter to control skipping fetching children of
          requested folder(s)
        required: false
        schema:
          type: boolean
      responses:
        '200':
          description: A map between an identifier and its definition (monitor or
            folder).
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IdToMonitorsLibraryBaseResponseMap'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    post:
      tags:
      - monitorsLibraryManagement
      summary: Create A Monitor Or Folder.
      description: Create a monitor or folder in the monitors library.
      operationId: monitorsCreate
      parameters:
      - name: parentId
        in: query
        description: Identifier of the parent folder in which to create the monitor
          or folder.
        required: true
        schema:
          type: string
      requestBody:
        description: The monitor or folder to create.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MonitorsLibraryBase'
        required: true
      responses:
        '200':
          description: The monitor or folder was created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MonitorsLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - monitorsLibraryManagement
      summary: Bulk Delete A Monitor Or Folder.
      description: Bulk delete a monitor or folder by the given identifiers in the
        monitors library.
      operationId: monitorsDeleteByIds
      parameters:
      - name: ids
        in: query
        description: A comma-separated list of identifiers.
        required: true
        schema:
          type: array
          items:
            type: string
        example: 0000000000000001,0000000000000002,0000000000000003
      responses:
        '200':
          description: A map between the deleted identifier and its metadata.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IdToMonitorsLibraryBaseResponseMap'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/root:
    get:
      tags:
      - monitorsLibraryManagement
      summary: Get The Root Monitors Folder.
      description: Get the root folder in the monitors library.
      operationId: getMonitorsLibraryRoot
      responses:
        '200':
          description: Root folder of the monitors library.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MonitorsLibraryFolderResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/path:
    get:
      tags:
      - monitorsLibraryManagement
      summary: Read A Monitor Or Folder By Its Path.
      description: Read a monitor or folder by its path in the monitors library structure.
      operationId: monitorsGetByPath
      parameters:
      - name: path
        in: query
        description: The path of the monitor or folder.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Requested monitor or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MonitorsLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/search:
    get:
      tags:
      - monitorsLibraryManagement
      summary: Search For A Monitor Or Folder.
      description: Search for a monitor or folder in the monitors library structure.
      operationId: monitorsSearch
      parameters:
      - name: query
        in: query
        description: "The search query to find monitor or folder. Below is the list\
          \ of different filters with examples:\n  - **createdBy** : Filter by the\
          \ user's identifier who created the content. Example: `createdBy:000000000000968B`.\n\
          \  - **createdBefore** : Filter by the content objects created before the\
          \ given timestamp(in milliseconds). Example: `createdBefore:1457997222`.\n\
          \  - **createdAfter** : Filter by the content objects created after the\
          \ given timestamp(in milliseconds). Example: `createdAfter:1457997111`.\n\
          \  - **modifiedBefore** : Filter by the content objects modified before\
          \ the given timestamp(in milliseconds). Example: `modifiedBefore:1457997222`.\n\
          \  - **modifiedAfter** : Filter by the content objects modified after the\
          \ given timestamp(in milliseconds). Example: `modifiedAfter:1457997111`.\n\
          \  - **type** : Filter by the type of the content object. Example: `type:folder`.\n\
          \  - **monitorStatus** : Filter by the status of the monitor: Normal, Critical,\
          \ Warning, MissingData, Disabled, AllTriggered. Example: `monitorStatus:Normal`.\n\
          \nYou can also use multiple filters in one query. For example to search\
          \ for all content objects created by user with identifier 000000000000968B\
          \ with creation timestamp after 1457997222 containing the text Test, the\
          \ query would look like:\n\n  `createdBy:000000000000968B createdAfter:1457997222\
          \ Test`"
        required: true
        schema:
          type: string
        example: createdBy:000000000000968B Test
      - name: limit
        in: query
        description: Maximum number of items you want in the response.
        required: false
        schema:
          maximum: 5000
          type: integer
          format: int32
          default: 1000
        example: 10
      - name: offset
        in: query
        description: The position or row from where to start the search operation.
        required: false
        schema:
          type: integer
          format: int32
          default: 0
        example: 5
      - name: skipChildren
        in: query
        description: a boolean parameter to control skipping fetching children of
          requested folder(s)
        required: false
        schema:
          type: boolean
      responses:
        '200':
          description: List of folders and monitors matching the search query.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListMonitorsLibraryItemWithPath'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/{id}:
    get:
      tags:
      - monitorsLibraryManagement
      summary: Get A Monitor Or Folder.
      description: Get a monitor or folder from the monitors library.
      operationId: monitorsReadById
      parameters:
      - name: id
        in: path
        description: Identifier of the monitor or folder to read.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Requested monitor or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MonitorsLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    put:
      tags:
      - monitorsLibraryManagement
      summary: Update A Monitor Or Folder.
      description: Update a monitor or folder in the monitors library. When making
        updates to existing monitors via API, all configurations are over-written.
        Make sure to include all configurations of the monitor (existing with new
        updates), not just the new configurations you want to apply.
      operationId: monitorsUpdateById
      parameters:
      - name: id
        in: path
        description: Identifier of the monitor or folder to update.
        required: true
        schema:
          type: string
      requestBody:
        description: The monitor or folder to update. The content version must match
          its latest version number in the monitors library. If the version does not
          match it will not be updated.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MonitorsLibraryBaseUpdate'
        required: true
      responses:
        '200':
          description: The monitor or folder was updated.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MonitorsLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
    delete:
      tags:
      - monitorsLibraryManagement
      summary: Delete A Monitor Or Folder.
      description: Delete a monitor or folder from the monitors library.
      operationId: monitorsDeleteById
      parameters:
      - name: id
        in: path
        description: Identifier of the monitor or folder to delete.
        required: true
        schema:
          type: string
      responses:
        '204':
          description: The monitor or folder was successfully deleted.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/{id}/path:
    get:
      tags:
      - monitorsLibraryManagement
      summary: Get The Path Of A Monitor Or Folder.
      description: Get the full path of the monitor or folder in the monitors library.
      operationId: getMonitorsFullPath
      parameters:
      - name: id
        in: path
        description: Identifier of the monitor or folder.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Full path of the monitor or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Path'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/{id}/move:
    post:
      tags:
      - monitorsLibraryManagement
      summary: Move A Monitor Or Folder.
      description: Move a monitor or folder to a different location in the monitors
        library.
      operationId: monitorsMove
      parameters:
      - name: id
        in: path
        description: Identifier of the monitor or folder to move.
        required: true
        schema:
          type: string
      - name: parentId
        in: query
        description: Identifier of the parent folder to move the monitor or folder
          to.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Moved monitor or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MonitorsLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/{id}/copy:
    post:
      tags:
      - monitorsLibraryManagement
      summary: Copy A Monitor Or Folder.
      description: Copy a monitor or folder in the monitors library.
      operationId: monitorsCopy
      parameters:
      - name: id
        in: path
        description: Identifier of the monitor or folder to copy.
        required: true
        schema:
          type: string
      requestBody:
        description: "Fields include:\n  1) Identifier of the parent folder to copy\
          \ to.\n  2) Optionally provide a new name.\n  3) Optionally provide a new\
          \ description.\n  4) Optionally set to true if you want to copy and preserve\
          \ the locked status. Requires `LockMonitors` capability."
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ContentCopyParams'
        required: true
      responses:
        '200':
          description: The monitor or folder was copied.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MonitorsLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/{id}/export:
    get:
      tags:
      - monitorsLibraryManagement
      summary: Export A Monitor Or Folder.
      description: Export a monitor or folder. If the given identifier is a folder,
        everything under the folder is exported recursively with folder as the root.
      operationId: monitorsExportItem
      parameters:
      - name: id
        in: path
        description: Identifier of the monitor or folder to export.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: Exported monitor or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MonitorsLibraryBaseExport'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/{parentId}/import:
    post:
      tags:
      - monitorsLibraryManagement
      summary: Import A Monitor Or Folder.
      description: Import a monitor or folder.
      operationId: monitorsImportItem
      parameters:
      - name: parentId
        in: path
        description: Identifier of the parent folder in which to import the monitor
          or folder.
        required: true
        schema:
          type: string
      requestBody:
        description: The monitor or folder to be imported.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MonitorsLibraryBaseExport'
        required: true
      responses:
        '200':
          description: 'Newly imported monitor or folder. NOTE: Permissions field
            will not be filled (empty list).'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MonitorsLibraryBaseResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/{id}/permissions:
    get:
      tags:
      - monitorsLibraryManagement
      summary: List Explicit Permissions On Monitor Or Folder.
      description: List explicit permissions on monitor or folder in the monitors
        library.
      operationId: monitorsReadPermissionsById
      parameters:
      - name: id
        in: path
        description: Identifier of the monitor or folder to list permissions.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: The list of explicit permission statements for the monitor
            or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListPermissionsResponse'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/permissions/set:
    put:
      tags:
      - monitorsLibraryManagement
      summary: Set Permissions On Monitor Or Folder.
      description: Set permissions on monitor or folder in the monitors library.
      operationId: monitorsSetPermissions
      requestBody:
        description: The permission statement definitions to set.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PermissionStatementDefinitions'
        required: true
      responses:
        '200':
          description: List of the successfully set `PermissionStatements`.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PermissionStatements'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/permissions/revoke:
    put:
      tags:
      - monitorsLibraryManagement
      summary: Revoke All Permissions On Monitor Or Folder.
      description: Revoke all permissions on monitor or folder in the monitors library.
      operationId: monitorsRevokePermissions
      requestBody:
        description: The identifiers of the permissions statements to revoke.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PermissionIdentifiers'
        required: true
      responses:
        '204':
          description: Permissions were successfully revoked for monitor or folder.
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
  /v1/monitors/{id}/permissionSummariesBySubjects:
    get:
      tags:
      - monitorsLibraryManagement
      summary: List Permission Summaries For A Monitor Or Folder.
      description: List permission summary meta(s) grouped by subjects on monitor
        or folder in the monitors library.
      operationId: monitorsReadPermissionSummariesByIdGroupBySubjects
      parameters:
      - name: id
        in: path
        description: Identifier of the monitor or folder to list permissions.
        required: true
        schema:
          type: string
      responses:
        '200':
          description: The list of permission summary meta(s) grouped by subjects
            for the monitor or folder.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PermissionSummariesBySubjects'
        default:
          description: Operation failed with an error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
components:
  schemas:
    AddOrReplaceTransformation:
      allOf:
      - $ref: '#/components/schemas/DimensionTransformation'
      - required:
        - dimensionToReplace
        - value
        type: object
        properties:
          dimensionToReplace:
            type: string
            description: The dimension that needs to be modified or added.
            example: metric
          value:
            type: string
            description: The value for the dimension.
            example: '{{metric}}_aggregated'
    AggregateOnTransformation:
      allOf:
      - $ref: '#/components/schemas/DimensionTransformation'
      - required:
        - aggregateOn
        type: object
        properties:
          aggregateOn:
            type: array
            description: A list of dimensions that should be aggregated on.
            example:
            - metric
            - cluster
            items:
              type: string
            default: []
    BeginBoundedTimeRange:
      allOf:
      - $ref: '#/components/schemas/ResolvableTimeRange'
      - required:
        - from
        type: object
        properties:
          from:
            $ref: '#/components/schemas/TimeRangeBoundary'
          to:
            $ref: '#/components/schemas/TimeRangeBoundary'
    CompleteLiteralTimeRange:
      allOf:
      - $ref: '#/components/schemas/ResolvableTimeRange'
      - required:
        - rangeName
        type: object
        properties:
          rangeName:
            pattern: ^(today|yesterday|previous_week|previous_month)$
            type: string
            description: 'Name of the complete time range. Possible values are: -
              `today`, - `yesterday`, - `previous_week`, - `previous_month`.'
            example: previous_month
            x-pattern-message: 'must be one of the following: `today`, `yesterday`,
              `previous_week`, `previous_month`'
    EpochTimeRangeBoundary:
      allOf:
      - $ref: '#/components/schemas/TimeRangeBoundary'
      - required:
        - epochMillis
        type: object
        properties:
          epochMillis:
            type: integer
            description: Starting point in time as a number of milliseconds since
              the epoch. For example `1538392220000`
            format: int64
            example: 1538392220000
    Iso8601TimeRangeBoundary:
      allOf:
      - $ref: '#/components/schemas/TimeRangeBoundary'
      - required:
        - iso8601Time
        type: object
        properties:
          iso8601Time:
            type: string
            description: Starting point in time as a string in ISO 8601 format. For
              example `2018-10-01T11:10:20.52+01:00`
            format: date-time
            example: 2018-10-01 11:10:20.520000+01:00
    LiteralTimeRangeBoundary:
      allOf:
      - $ref: '#/components/schemas/TimeRangeBoundary'
      - required:
        - rangeName
        type: object
        properties:
          rangeName:
            type: string
            description: "Name of the time range. Possible values are:\n  - `now`,\n\
              \  - `second`,\n  - `minute`,\n  - `hour`,\n  - `day`,\n  - `today`,\n\
              \  - `week`,\n  - `month`,\n  - `year`"
            example: week
    RelativeTimeRangeBoundary:
      allOf:
      - $ref: '#/components/schemas/TimeRangeBoundary'
      - required:
        - relativeTime
        type: object
        properties:
          relativeTime:
            type: string
            description: 'Relative time as a string consisting of following elements:
              - `-` (optional): minus sign indicates time in the past, - `<number>`:
              number of time units, - `<time_unit>`: time unit; possible values are:
              `w` (week), `d` (day), `h` (hour), `m` (minute), `s` (second).

              Multiple pairs of `<number><time_unit>` may be provided, and they may
              be in any order. For example, `-2w5d3h` points to the moment in time
              2 weeks, 5 days and 3 hours ago.'
            example: -2w5d3h
    ResolvableTimeRange:
      required:
      - type
      type: object
      properties:
        type:
          type: string
          description: Type of the time range. Value must be either `CompleteLiteralTimeRange`
            or `BeginBoundedTimeRange`.
      example:
        type: BeginBoundedTimeRange
        from:
          type: RelativeTimeRangeBoundary
          relativeTime: -15m
      discriminator:
        propertyName: type
    TimeRangeBoundary:
      required:
      - type
      type: object
      properties:
        type:
          type: string
          description: 'Type of the time range boundary. Value must be from list:
            - `RelativeTimeRangeBoundary`, - `EpochTimeRangeBoundary`, - `Iso8601TimeRangeBoundary`,
            - `LiteralTimeRangeBoundary`.'
          example: RelativeTimeRangeBoundary
      discriminator:
        propertyName: type
    Header:
      required:
      - name
      - value
      type: object
      properties:
        name:
          type: string
          description: Name of the header field.
        value:
          type: string
          description: Value of the header field.
    ConnectionSubtype:
      pattern: ^(Event|Incident)$
      type: string
      description: The subtype of the connection. Valid values are `Event` or `Incident`.
      x-pattern-message: must be `Event` or `Incident`
    ServiceNowConnection:
      allOf:
      - $ref: '#/components/schemas/Connection'
      - required:
        - url
        - username
        type: object
        properties:
          url:
            type: string
            description: URL for the ServiceNow connection.
          username:
            type: string
            description: User name for the ServiceNow connection.
    ServiceNowDefinition:
      allOf:
      - $ref: '#/components/schemas/ConnectionDefinition'
      - required:
        - password
        - url
        - username
        type: object
        properties:
          url:
            type: string
            description: URL for the ServiceNow connection.
            example: https://www.google.com
          username:
            type: string
            description: User name for the ServiceNow connection.
          password:
            type: string
            description: User password for the ServiceNow connection.
    WebhookConnection:
      allOf:
      - $ref: '#/components/schemas/Connection'
      - required:
        - customHeaders
        - defaultPayload
        - headers
        - url
        - webhookType
        type: object
        properties:
          url:
            type: string
            description: URL for the webhook connection.
          headers:
            type: array
            description: List of access authorization headers.
            items:
              $ref: '#/components/schemas/Header'
          customHeaders:
            type: array
            description: List of custom webhook headers.
            items:
              $ref: '#/components/schemas/Header'
          defaultPayload:
            type: string
            description: Default payload of the webhook.
          webhookType:
            $ref: '#/components/schemas/ConnectionType'
          connectionSubtype:
            $ref: '#/components/schemas/ConnectionSubtype'
          resolutionPayload:
            maxLength: 4096
            type: string
            description: Resolution payload of the webhook.
          warnings:
            type: array
            description: Webhook endpoint warning for incorrect variable names and
              syntax.
            example: 'The following variables are not supported: NotSupportedVariable'
            items:
              type: string
    WebhookDefinition:
      allOf:
      - $ref: '#/components/schemas/ConnectionDefinition'
      - required:
        - defaultPayload
        - url
        type: object
        properties:
          url:
            type: string
            description: URL for the webhook connection.
            example: https://www.google.com
          headers:
            maxItems: 7995
            type: array
            description: List of access authorization headers.
            items:
              $ref: '#/components/schemas/Header'
            default: []
          customHeaders:
            maxItems: 5
            type: array
            description: List of custom webhook headers.
            items:
              $ref: '#/components/schemas/Header'
            default: []
          defaultPayload:
            minLength: 1
            type: string
            description: Default payload of the webhook.
          webhookType:
            $ref: '#/components/schemas/ConnectionType'
          connectionSubtype:
            $ref: '#/components/schemas/ConnectionSubtype'
          resolutionPayload:
            maxLength: 4096
            type: string
            description: Resolution payload of the webhook.
    Layout:
      required:
      - layoutStructures
      - layoutType
      type: object
      properties:
        layoutType:
          type: string
          description: The type of panel layout on the Dashboard. For example, Grid,
            Tabs, or Hierarchical. Currently supports `Grid` only.
          example: Grid
        layoutStructures:
          type: array
          description: Layout structures for the panel childen.
          items:
            $ref: '#/components/schemas/LayoutStructure'
      discriminator:
        propertyName: layoutType
    Panel:
      required:
      - key
      - panelType
      type: object
      properties:
        id:
          type: string
          description: Unique identifier for the panel.
          example: 2F7D449E3D511066
        key:
          type: string
          description: 'Key for the panel. Used to create searches for the queries
            in the panel and configure the layout of the panel in the dashboard.

            '
          example: panelca6280e4a75fca45
        title:
          type: string
          description: Title of the panel.
          example: This panel shows memory usage for your kubernetes pod.
        visualSettings:
          type: string
          description: Visual settings of the panel.
          example: '{\"general\":{\"type\":\"column\"}'
        keepVisualSettingsConsistentWithParent:
          type: boolean
          description: Keeps the visual settings, like series colors, consistent with
            the settings of the parent panel.
          default: true
        panelType:
          type: string
          description: Type of panel.
          example: SumoSearchPanel
      discriminator:
        propertyName: panelType
    SumoSearchPanel:
      allOf:
      - $ref: '#/components/schemas/Panel'
      - required:
        - queries
        type: object
        properties:
          queries:
            type: array
            description: Metrics and log queries of the panel.
            items:
              $ref: '#/components/schemas/Query'
          description:
            type: string
            description: Description of the panel.
            example: This panel gives an overview of CPU metrics for a pod
          timeRange:
            $ref: '#/components/schemas/ResolvableTimeRange'
          coloringRules:
            type: array
            description: Rules to set the color of data.
            items:
              $ref: '#/components/schemas/ColoringRule'
          linkedDashboards:
            type: array
            description: List of linked dashboards.
            items:
              $ref: '#/components/schemas/LinkedDashboard'
        description: A panel that has logs and metrics search queries.
    Query:
      required:
      - queryKey
      - queryString
      - queryType
      type: object
      properties:
        queryString:
          type: string
          description: The metrics, traces or logs query.
          example: _sourceCategory=cqsplitter metric=CPU_user | count by _sourceHost
        queryType:
          pattern: ^(Logs|Metrics|Traces|Spans)$
          type: string
          description: The type of the query, either `Metrics`, `Traces`, `Spans`
            or `Logs`.
          example: Logs
          x-pattern-message: Must be `Logs`, `Traces`, `Spans` or `Metrics`
        queryKey:
          type: string
          description: 'The key for metric, traces or log queries. Used as an identifier
            for queries. It is displayed on the panel builder and used for display
            overrides and query toggling.

            '
          example: A
        metricsQueryMode:
          pattern: ^(Basic|Advanced|basic|advanced)$
          type: string
          description: 'The mode of the metrics query that the user was editing. Can
            be `Basic` or `Advanced`. Will ONLY be specified for metrics queries.

            '
          example: Basic
          x-pattern-message: Must be `Basic`, or `Advanced`
        metricsQueryData:
          $ref: '#/components/schemas/MetricsQueryData'
        tracesQueryData:
          $ref: '#/components/schemas/TracesQueryData'
        spansQueryData:
          $ref: '#/components/schemas/SpansQueryData'
        parseMode:
          pattern: ^(Auto|Manual|Intelliparse)$
          type: string
          description: "This field only applies for queryType of `Logs` but other\
            \ query types may be supported in the future. Define the parsing mode\
            \ to scan the JSON format log messages. Possible values are:\n  1. `Auto`\n\
            \  2. `Manual`\nIn AutoParse mode, the system automatically figures out\
            \ fields to parse based on the search query. While in the Manual mode,\
            \ no fields are parsed out automatically. For more information see [Dynamic\
            \ Parsing](https://help.sumologic.com/?cid=0011)."
          example: Auto
          default: Auto
          x-pattern-message: Must be either `Auto`,`Manual` or `Intelliparse`
        timeSource:
          pattern: ^(Message|Receipt|Searchable)$
          type: string
          description: This field only applies for queryType of `Logs` but other query
            types may be supported in the future. Define the time source of this query.
            Possible values are `Message`, `Receipt`. `Message` will use the timeStamp
            on the message, while `Receipt` will use the timestamp it was received
            by Sumo.
          example: Message
          default: Message
          x-pattern-message: Must be `Message`, or `Receipt`
        transient:
          type: boolean
          description: This field only applies for queryType of `Metrics` but other
            query types may be supported in the future. Determines if the row should
            be returned in the response. Can be used in conjunction with a join, if
            only the result of the join is needed, and not the intermediate rows.
            Setting `transient` to `true`  wherever the intermediate results aren't
            required speeds up the computation and reduces the amount of data  transferred
            over the network.
          default: false
        outputCardinalityLimit:
          maximum: 3000
          minimum: 1
          type: integer
          description: This field only applies for queryType of `Metrics` but other
            query types may be supported in the future. Specifies the output cardinality
            limitations for the query, which is the maximum number of timeseries returned
            in the result.
          format: int32
          example: 1000
          default: 1000
    TextPanel:
      allOf:
      - $ref: '#/components/schemas/Panel'
      - required:
        - text
        type: object
        properties:
          text:
            type: string
            description: Text to display in the panel.
            example: Kubernetes pods
        description: A panel that has text.
    CollapsiblePanel:
      allOf:
      - $ref: '#/components/schemas/Panel'
      - type: object
        properties:
          collapsed:
            type: boolean
            description: Indicates whether the panel is collapsed.
            example: false
          collapsiblePanelChildKeys:
            type: array
            description: A list of panel keys that will be collapsible.
            items:
              type: string
        description: A panel that contains other panels in a collapsible/expanded
          state.
    PanelOverride:
      required:
      - id
      - panelType
      type: object
      properties:
        id:
          type: string
          description: The ID of the panel to override
          example: '0000000000001'
        panelType:
          type: string
          description: The type of panel to override. `CollapsiblePanel` controls
            collapsible panel behavior. New panel types may be supported in the future.
          example: CollapsiblePanel
      discriminator:
        propertyName: panelType
        mapping:
          CollapsiblePanel: '#/components/schemas/CollapsiblePanelOverride'
    CollapsiblePanelOverride:
      allOf:
      - $ref: '#/components/schemas/PanelOverride'
      - required:
        - collapsed
        type: object
        properties:
          collapsed:
            type: boolean
            description: Whether the collapsible panel should be collapsed in the
              report.
            example: true
    EventsOfInterestScatterPanel:
      allOf:
      - $ref: '#/components/schemas/Panel'
    TracesListPanel:
      allOf:
      - $ref: '#/components/schemas/Panel'
      - type: object
        properties:
          queries:
            maxItems: 6
            type: array
            description: Traces queries of the panel.
            example:
              traceQueryExample:
                value:
                  queryKey: A
                  queryString: ''
                  queryType: Traces
                  tracesQueryData:
                    filters:
                      type: FieldDescriptor
            items:
              $ref: '#/components/schemas/Query'
          timeRange:
            $ref: '#/components/schemas/ResolvableTimeRange'
        description: A panel for traces list
    ServiceMapPanel:
      allOf:
      - $ref: '#/components/schemas/Panel'
      - type: object
        properties:
          application:
            type: string
            description: Filter services by the application custom tag.
            example: sumologic
          service:
            type: string
            description: Show only the specific service and its connections to other
              services.
            example: prada
          showRemoteServices:
            type: boolean
            description: Show remote services, like databases or external calls, automatically
              detected in client traffic.
            example: true
          environment:
            type: string
            description: Show only service map data specific to the provided environment.
            example: default-environment
        description: A panel for service map.
    ColoringRule:
      required:
      - colorThresholds
      - multipleSeriesAggregateFunction
      - scope
      - singleSeriesAggregateFunction
      type: object
      properties:
        scope:
          type: string
          description: Regex string to match queries to apply coloring to.
          example: CPU_*
        singleSeriesAggregateFunction:
          type: string
          description: Function to aggregate one series into one single value.
          example: Average
        multipleSeriesAggregateFunction:
          type: string
          description: Function to aggregate the aggregate values of multiple time
            series into one single value.
          example: Average
        colorThresholds:
          type: array
          description: Color thresholds.
          items:
            $ref: '#/components/schemas/ColoringThreshold'
    Grid:
      allOf:
      - $ref: '#/components/schemas/Layout'
    LayoutStructure:
      required:
      - key
      - structure
      type: object
      properties:
        key:
          type: string
          description: The identifier of the panel that this structure applies to.
          example: panelPANE-3DC454FD977E2A46
        structure:
          type: string
          description: The structure of a panel.
          example: '{\"height\":5,\"width\":9,\"x\":0,\"y\":0}'
    ColoringThreshold:
      required:
      - color
      type: object
      properties:
        color:
          type: string
          description: Color for the threshold.
          example: FFFFFF
        min:
          type: number
          description: Absolute inclusive threshold to color by.
          format: double
          example: 0
        max:
          type: number
          description: Absolute exclusive threshold to color by.
          format: double
          example: 50
    MetricsQueryData:
      required:
      - filters
      - metric
      type: object
      properties:
        metric:
          type: string
          description: The metric of the query.
          example: CPU_user
        aggregationType:
          pattern: ^(Count|Minimum|Maximum|Sum|Average|None)$|^$
          type: string
          description: The type of aggregation. Can be `Count`, `Minimum`, `Maximum`,
            `Sum`, `Average` or `None`.
          example: Count
          x-pattern-message: Must be `Count`, `Minimum`, `Maximum`, `Sum`, `Average`
            or `None`
        groupBy:
          type: string
          description: The field to group the results by.
          example: _sourceHost
        filters:
          type: array
          description: A list of filters for the metrics query.
          items:
            $ref: '#/components/schemas/MetricsFilter'
        operators:
          type: array
          description: A list of operator data for the metrics query.
          items:
            $ref: '#/components/schemas/OperatorData'
      description: The data format describing a basic metrics query.
      example:
        metric: CPU_user
        aggregationType: count
        groupBy: _sourceHost
        filters:
        - key: _sourceCategory
          value: kubernetes
        - key: _sourceHost
          value: dep-kubernetes-1
        operators:
          operatorName: avg
          parameters:
          - key: aggregator
            value: max
          - key: operation
            value: ''
          - key: value
            value: 50
    SpansQueryData:
      required:
      - filters
      - groupBy
      - limit
      - visualizations
      type: object
      properties:
        filters:
          type: array
          description: A list of filters for the spans query.
          items:
            $ref: '#/components/schemas/SpansFilter'
        visualizations:
          type: array
          description: A list of used visualization methods for the spans query.
          items:
            $ref: '#/components/schemas/SpansVisualization'
        groupBy:
          type: array
          description: A list of group-by clauses for the spans query.
          items:
            $ref: '#/components/schemas/SpansGroupBy'
        limit:
          type: array
          description: A list of limits that will be applied to the spans query.
          items:
            $ref: '#/components/schemas/SpansLimitItem'
      description: The data format describing a basic spans query.
    SpansCountVisualization:
      allOf:
      - $ref: '#/components/schemas/SpansVisualization'
      - type: object
        properties:
          distinctBy:
            type: string
            description: A field by which the spans need to be counted.
            example: service
        description: 'Represents the visualization type where the total number of
          all spans is counted or where the spans are counted by a specific field.

          '
    SpansCalculationVisualization:
      allOf:
      - $ref: '#/components/schemas/SpansVisualization'
      - required:
        - aggregator
        - field
        type: object
        properties:
          field:
            type: string
            description: A field by which the spans are aggregated.
            example: duration
          aggregator:
            $ref: '#/components/schemas/SpanCalculationAggregator'
        description: 'Represents the visualization type where a specific aggregation
          by a particular field is  applied to all spans / all grouped spans.

          '
    SpansFilterStandaloneKey:
      allOf:
      - $ref: '#/components/schemas/SpansFilter'
      - type: object
        description: 'A representation of a span filter where only a single filtering
          key is provided.  The given value is then looked up in all span data.

          '
    SpansFilterKeyValuePair:
      allOf:
      - $ref: '#/components/schemas/SpansFilter'
      - required:
        - fieldValue
        - operator
        type: object
        properties:
          operator:
            pattern: ^(<|<=|>|>=|=|!=)$
            type: string
            description: A symbol that indicates an operation to be performed between
              a `fieldName` and `fieldValue`.
            example: <
            x-pattern-message: Must be `<`, `<=`, `>`, `>=`, `=` or `!=`
          fieldValue:
            type: string
            description: The second argument of the operation applied to a `fieldName`.
            example: some_service
        description: 'A representation of a span filter where both the field name
          and field value are provided, e.g. http.response.status_code > 500.

          '
    SpansTimeGroupBy:
      allOf:
      - $ref: '#/components/schemas/SpansGroupBy'
      - required:
        - fieldValue
        type: object
        properties:
          fieldValue:
            pattern: ^[0-9]+(w|d|h|m|s)$
            type: string
            description: 'A fixed interval grouping in the following format <#><time_period>,  supported
              <time_period> values are weeks (w), days (d), hours (h), minutes (m),
              and seconds (s).

              '
            example: 5m
        description: 'A representation of a group-by clause where results are bucketed
          based on a fixed interval are  created, e.g. five-minute buckets.

          '
    SpansFieldGroupBy:
      allOf:
      - $ref: '#/components/schemas/SpansGroupBy'
      - required:
        - fieldName
        type: object
        properties:
          fieldName:
            type: string
            description: A name of the field to group by.
            example: http.response.status_code
        description: 'A representation of a group-by clause where results are bucketed
          based on a grouping by a specific field.

          '
    SpanCalculationAggregator:
      required:
      - key
      type: object
      properties:
        key:
          pattern: ^(sum|avg|max|min|pct)$
          type: string
          description: A specific aggregation type applied to spans.
          example: sum
          x-pattern-message: Must be `sum`, `avg`, `max`, `min` or `pct`
      discriminator:
        propertyName: key
        mapping:
          sum: '#/components/schemas/SpanCalculationSumAggregator'
          avg: '#/components/schemas/SpanCalculationAvgAggregator'
          max: '#/components/schemas/SpanCalculationMaxAggregator'
          min: '#/components/schemas/SpanCalculationMinAggregator'
          pct: '#/components/schemas/SpanCalculationPctAggregator'
    SpanCalculationSumAggregator:
      allOf:
      - $ref: '#/components/schemas/SpanCalculationAggregator'
      - type: object
    SpanCalculationAvgAggregator:
      allOf:
      - $ref: '#/components/schemas/SpanCalculationAggregator'
      - type: object
    SpanCalculationMaxAggregator:
      allOf:
      - $ref: '#/components/schemas/SpanCalculationAggregator'
      - type: object
    SpanCalculationMinAggregator:
      allOf:
      - $ref: '#/components/schemas/SpanCalculationAggregator'
      - type: object
    SpanCalculationPctAggregator:
      allOf:
      - $ref: '#/components/schemas/SpanCalculationAggregator'
      - required:
        - percentile
        type: object
        properties:
          percentile:
            type: number
            description: The specified percentile of a given field.
            format: double
            example: 95
    MetricsFilter:
      required:
      - value
      type: object
      properties:
        key:
          type: string
          description: The key of the metrics filter.
          example: _sourceCategory
        value:
          type: string
          description: The value of the metrics filter.
          example: kubernetes
        negation:
          type: boolean
          description: Whether or not the metrics filter is negated.
          example: false
      description: The filter for metrics query.
      example:
        key: _sourceCategory
        value: cqmerger
        negation: false
    VariablesValuesData:
      required:
      - data
      type: object
      properties:
        data:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: array
            items:
              type: string
          description: Data for variable values.
          default: {}
        richData:
          maxProperties: 1000
          type: object
          additionalProperties:
            $ref: '#/components/schemas/VariableValuesData'
          description: A rich form of data for the variable search, including variable
            values, status and variable type. This field is different from `data`
            in that it includes an object instead of list as the value in the map.
            The `data` field is kept for backwards compatibility, please use `richData`
            for all usages going forward.
    GenerateReportRequest:
      required:
      - action
      - exportFormat
      - template
      - timezone
      type: object
      properties:
        action:
          $ref: '#/components/schemas/ReportAction'
        exportFormat:
          pattern: ^(Pdf|Png)$
          type: string
          description: File format of the report. Can be `Pdf` or `Png`. `Pdf` is
            portable document format. `Png` is portable graphics image format.
          example: Pdf
          x-pattern-message: 'should be one of the following: ''Pdf'', ''Png'''
        timezone:
          type: string
          description: Time zone for the query time ranges. Follow the format in the
            [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
          example: America/Los_Angeles
        template:
          $ref: '#/components/schemas/Template'
    ReportAction:
      required:
      - actionType
      type: object
      properties:
        actionType:
          pattern: ^DirectDownloadReportAction$
          type: string
          description: Type of action.
          example: DirectDownloadReportAction
          x-pattern-message: should be 'DirectDownloadReportAction'
      description: The base class of all report action types. `DirectDownloadReportAction`
        downloads dashboard from browser. New action types may be supported in the
        future.
      discriminator:
        propertyName: actionType
    DirectDownloadReportAction:
      allOf:
      - $ref: '#/components/schemas/ReportAction'
      - type: object
        description: Generate a direct download report action.
    Template:
      required:
      - templateType
      type: object
      properties:
        templateType:
          pattern: ^(DashboardTemplate|DashboardReportModeTemplate)$
          type: string
          description: The type of template. `DashboardTemplate` provides a snapshot
            view of the exported dashboard. `DashboardReportModeTemplate` provides
            a printer-friendly view of the exported dashboard. New templates may be
            supported in the future.
          example: DashboardTemplate
          x-pattern-message: Must be `DashboardTemplate`, or `DashboardReportModeTemplate`
      discriminator:
        propertyName: templateType
    DashboardTemplate:
      allOf:
      - $ref: '#/components/schemas/Template'
      - required:
        - id
        type: object
        properties:
          id:
            type: string
            description: Id of the dashboard.
            example: B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2
          panelToSessionIdMap:
            type: object
            additionalProperties:
              type: string
            description: 'A map of panel to session id. The session id will be used
              to fetch data of the panel for the report. If not specified, a new session
              id will be created for the panel.

              '
            example:
              '1': 64
              '2': 128
              '3': 192
          timeRange:
            $ref: '#/components/schemas/ResolvableTimeRange'
          variableValues:
            $ref: '#/components/schemas/VariablesValuesData'
          panelOverrides:
            type: array
            description: Override settings for panels in the report
            example:
            - id: '0000000000001'
              panelType: CollapsiblePanel
              collapsed: true
            - id: '0000000000002'
              panelType: CollapsiblePanel
              collapsed: false
            items:
              $ref: '#/components/schemas/PanelOverride'
        description: Generate the report from a dashboard template.
    DashboardReportModeTemplate:
      allOf:
      - $ref: '#/components/schemas/DashboardTemplate'
      - type: object
        description: Generate the report from a dashboard template in report mode.
    DashboardSearchSessionIds:
      required:
      - data
      type: object
      properties:
        data:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Map of search keys to session ids.
          default: {}
        errors:
          maxProperties: 1000
          type: object
          additionalProperties:
            $ref: '#/components/schemas/ErrorResponse'
          description: Error description for the session keys that failed validation.
    Variable:
      required:
      - name
      - sourceDefinition
      type: object
      properties:
        id:
          type: string
          description: Unique identifier for the variable.
        name:
          maxLength: 256
          type: string
          description: Name of the variable. The variable name is case-insensitive.
          example: _sourceHost
        displayName:
          maxLength: 256
          type: string
          description: 'Display name of the variable shown in the UI. If this field
            is empty, the name field will be used.

            The display name is case-insensitive. Only numbers, and underscores are
            allowed in the variable name.

            This field is not yet supported by the UI.

            '
          example: Source Host
        defaultValue:
          type: string
          description: Default value of the variable.
          example: default_value
        sourceDefinition:
          $ref: '#/components/schemas/VariableSourceDefinition'
        allowMultiSelect:
          type: boolean
          description: Allow multiple selections in the values dropdown.
          example: false
          default: false
        includeAllOption:
          type: boolean
          description: Include an "All" option at the top of the variable's values
            dropdown.
          example: true
          default: true
        hideFromUI:
          type: boolean
          description: Hide the variable in the dashboard UI.
          example: false
          default: false
        valueType:
          type: string
          description: 'The type of value of the variable. Allowed values are `String`,
            Any` and `Numeric`. - `String` considers as a single phrase and will wrap
            in double-quotes. - `Any` is all characters. - `Numeric` consists of a
            numeric value for variables, it will be displayed differently in the UI.
            - `Integer` is a variable with an `Int` value. - `Long` is a variable
            with a `Long` value. - `Double` is a variable with a `Double` value. -
            `Boolean` is a variable with a `Boolean` value.

            '
          example: Any
          default: Any
    VariableSourceDefinition:
      required:
      - variableSourceType
      type: object
      properties:
        variableSourceType:
          type: string
          description: Source type of the variable values.
          example: MetadataVariableSourceDefinition
      discriminator:
        propertyName: variableSourceType
    MetadataVariableSourceDefinition:
      allOf:
      - $ref: '#/components/schemas/VariableSourceDefinition'
      - required:
        - filter
        - key
        type: object
        properties:
          filter:
            maxLength: 65536
            type: string
            description: A metrics query to filter the metadata catalog.
            example: _sourceHost=prod-* metric=CPU_Idle
          key:
            type: string
            description: Return the values for this given key.
            example: _sourceCategory
        description: Variable with values that are powered by a metadata search.
    CsvVariableSourceDefinition:
      allOf:
      - $ref: '#/components/schemas/VariableSourceDefinition'
      - required:
        - values
        type: object
        properties:
          values:
            maxLength: 65536
            type: string
            description: Comma separated values for the variable.
            example: host1, host2
        description: Variable with values that are powered by a csv file.
    LogQueryVariableSourceDefinition:
      allOf:
      - $ref: '#/components/schemas/VariableSourceDefinition'
      - required:
        - field
        - query
        type: object
        properties:
          query:
            maxLength: 65536
            type: string
            description: A log query.
            example: _sourceCategory=forge error | parse "[pod=*]" podid | count by
              podid
          field:
            maxLength: 65536
            type: string
            description: A field in log query to populate the variable values.
            example: podid
        description: Variable with values that are powered by a log query.
    VariableValuesLogQueryRequest:
      required:
      - field
      - query
      type: object
      properties:
        query:
          type: string
          description: The original log query of the variable.
          example: _sourceCategory=forge | count by _sourceHost
        field:
          type: string
          description: A field in log query to populate the variable values.
          example: _sourceHost
        variablesValues:
          $ref: '#/components/schemas/VariablesValuesData'
      description: The request to get a log query to populate variable values.
    TopologySearchLabel:
      required:
      - key
      - value
      type: object
      properties:
        key:
          type: string
          description: Key of a topology label to search for.
        value:
          type: string
          description: Value of a topology label to search for.
        isRequired:
          type: boolean
          description: 'Whether the content item is required to contain this label
            in order to be matched. If true, content items without this label will
            not be matched. If false, content items without this label will be matched.

            '
      description: 'Topology label to search for. Each label has a key and a list
        of values. If a value is `*`, it means we want to match for all values of
        the label''s key.

        '
      example:
        key: pod
        value: '*'
        isRequired: true
    AlertSearchNotificationSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition'
      - required:
        - sourceId
        type: object
        properties:
          sourceId:
            type: string
            description: A String value to uniquely identify a Collector's Source.
    EmailSearchNotificationSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition'
      - required:
        - toList
        type: object
        properties:
          toList:
            type: array
            description: A list of email recipients.
            items:
              type: string
          subjectTemplate:
            type: string
            description: 'If the notification is scheduled with a threshold, the default
              subject template will be "Search Alert: {{AlertCondition}} results found
              for {{SearchName}}". For email notifications without a threshold, the
              default subject template is "Search Results: {{SearchName}}".'
          includeQuery:
            type: boolean
            description: A boolean value to indicate if the search query should be
              included in the notification email.
            default: true
          includeResultSet:
            type: boolean
            description: A boolean value to indicate if the search result set should
              be included in the notification email.
            default: true
          includeHistogram:
            type: boolean
            description: A boolean value to indicate if the search result histogram
              should be included in the notification email.
            default: true
          includeCsvAttachment:
            type: boolean
            description: A boolean value to indicate if the search results should
              be included in the notification email as a CSV attachment.
            default: false
    FolderSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ContentSyncDefinition'
      - required:
        - children
        type: object
        properties:
          description:
            type: string
            description: An optional description for the folder.
          children:
            type: array
            description: The items in the folder, a list of Dashboard and/or Folder
              items.
            items:
              $ref: '#/components/schemas/ContentSyncDefinition'
    QueryParameterSyncDefinition:
      required:
      - autoComplete
      - dataType
      - description
      - label
      - name
      - value
      type: object
      properties:
        name:
          type: string
          description: The name of the parameter.
        label:
          type: string
          description: The label of the parameter.
        description:
          type: string
          description: A description of the parameter.
        dataType:
          type: string
          description: "The data type of the parameter. Supported values are:\n  1.\
            \ `NUMBER`\n  2. `STRING`\n  3. `QUERY_FRAGMENT`\n  4. `SEARCH_KEYWORD`"
        value:
          type: string
          description: A value for the parameter. Should be compatible with the type
            set in dataType field.
        autoComplete:
          $ref: '#/components/schemas/ParameterAutoCompleteSyncDefinition'
    LogSearchQueryParameterSyncDefinition:
      type: object
      allOf:
      - $ref: '#/components/schemas/LogSearchQueryParameterSyncDefinitionBase'
      - required:
        - autoComplete
        - dataType
        - name
        - value
        type: object
        properties:
          autoComplete:
            $ref: '#/components/schemas/LogSearchParameterAutoCompleteSyncDefinition'
    LogSearchParameterAutoCompleteSyncDefinition:
      required:
      - autoCompleteType
      type: object
      properties:
        autoCompleteType:
          type: string
          description: The autocomplete parameter type.
      discriminator:
        propertyName: autoCompleteType
        mapping:
          None: '#/components/schemas/NoneAutoCompleteSyncDefinition'
          TextEntries: '#/components/schemas/TextEntriesAutoCompleteSyncDefinition'
          LabelValuePairs: '#/components/schemas/LabelValuePairsAutoCompleteSyncDefinition'
          ValueOnlyLookup: '#/components/schemas/ValueOnlyLookupAutoCompleteSyncDefinition'
          LabelValueLookup: '#/components/schemas/LabelValueLookupAutoCompleteSyncDefinition'
    AutoCompleteDefinition:
      required:
      - type
      type: object
      properties:
        type:
          type: string
          description: The autocomplete parameter type.
          example: SKIP_AUTOCOMPLETE
        autoCompleteKey:
          type: string
          description: The autocomplete key to be used to fetch autocomplete values.
          example: Ephemeral-3644138589235809747-1583470806220-parameter
        autoCompleteValues:
          type: array
          description: The array of label-value pairs for autocomplete.
          items:
            $ref: '#/components/schemas/AutoCompleteValueSyncDefinition'
        lookupMetaData:
          $ref: '#/components/schemas/AutoCompleteLookupMetaData'
    AutoCompleteLookupMetaData:
      type: object
      properties:
        fileName:
          type: string
          description: The lookup file name to use as a source for autocomplete values.
          example: users.csv
        valueColumn:
          type: string
          description: The column from the lookup file to use as the value.
          example: user_id
        labelColumn:
          type: string
          description: The column from the lookup file to use as the label.
          example: user_name
      x-class-extra-annotation: '@com.fasterxml.jackson.annotation.JsonInclude(com.fasterxml.jackson.annotation.JsonInclude.Include.NON_NULL)'
    NoneAutoCompleteSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/LogSearchParameterAutoCompleteSyncDefinition'
      - type: object
    TextEntriesAutoCompleteSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/LogSearchParameterAutoCompleteSyncDefinition'
      - required:
        - autoCompleteKey
        type: object
        properties:
          autoCompleteKey:
            type: string
            description: The autocomplete key to be used to fetch autocomplete values.
            example: Ephemeral-3644138589235809747-1583470806220-parameter
    LabelValuePairsAutoCompleteSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/LogSearchParameterAutoCompleteSyncDefinition'
      - required:
        - autoCompleteKey
        type: object
        properties:
          autoCompleteKey:
            type: string
            description: The autocomplete key to be used to fetch autocomplete values.
            example: Ephemeral-3644138589235809747-1583470806220-parameter
    ValueOnlyLookupAutoCompleteSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/LogSearchParameterAutoCompleteSyncDefinition'
      - required:
        - autoCompleteKey
        - lookupFileName
        - lookupValueColumn
        type: object
        properties:
          autoCompleteKey:
            type: string
            description: The autocomplete key to be used to fetch autocomplete values.
            example: Ephemeral-3644138589235809747-1583470806220-parameter
          lookupFileName:
            type: string
            description: The lookup file to use as a source for autocomplete values.
          lookupValueColumn:
            type: string
            description: The column from the lookup file to fill the actual value
              when a particular label is selected.
    LabelValueLookupAutoCompleteSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/LogSearchParameterAutoCompleteSyncDefinition'
      - required:
        - autoCompleteKey
        - lookupFileName
        - lookupLabelColumn
        - lookupValueColumn
        type: object
        properties:
          autoCompleteKey:
            type: string
            description: The autocomplete key to be used to fetch autocomplete values.
            example: Ephemeral-3644138589235809747-1583470806220-parameter
          lookupFileName:
            type: string
            description: The lookup file to use as a source for autocomplete values.
          lookupLabelColumn:
            type: string
            description: The column from the lookup file to use for autocomplete labels.
          lookupValueColumn:
            type: string
            description: The column from the lookup file to fill the actual value
              when a particular label is selected.
    DashboardSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ContentSyncDefinition'
      - required:
        - description
        - detailLevel
        - filters
        - panels
        - properties
        type: object
        properties:
          description:
            type: string
            description: A description of the dashboard.
          detailLevel:
            type: integer
            description: "Supported values are:\n  - `1` for small\n  - `2` for medium\n\
              \  - `3` for large"
          properties:
            type: string
            description: Visual settings for the panel.
          panels:
            type: array
            description: The panels of the dashboard. _Dashboard links are not supported._
            items:
              $ref: '#/components/schemas/ReportPanelSyncDefinition'
          filters:
            type: array
            description: The filters for the dashboard. Filters allow you to control
              the amount of information displayed in your dashboards.
            items:
              $ref: '#/components/schemas/ReportFilterSyncDefinition'
    MewboardSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ContentSyncDefinition'
      - required:
        - title
        type: object
        properties:
          description:
            maxLength: 65546
            type: string
            description: A description of the dashboard.
            example: A view of pods, namespaces and nodes of your cluster.
          title:
            maxLength: 255
            minLength: 1
            type: string
            description: The title of the dashboard.
            example: Kubernetes Dashboard
          theme:
            pattern: ^(light|dark|Light|Dark)$
            type: string
            description: Theme for the dashboard. Must be `light` or `dark`.
            example: light
            default: light
            x-pattern-message: Must be `Light`, or `Dark`
          topologyLabelMap:
            $ref: '#/components/schemas/TopologyLabelMap'
          refreshInterval:
            type: integer
            description: Interval of time (in seconds) to automatically refresh the
              dashboard. A value of 0 means we never automatically refresh the dashboard.
            format: int32
            example: 5
          timeRange:
            $ref: '#/components/schemas/ResolvableTimeRange'
          layout:
            $ref: '#/components/schemas/Layout'
          panels:
            type: array
            description: Children panels that the container panel contains.
            items:
              $ref: '#/components/schemas/Panel'
          variables:
            type: array
            description: Variables that could be applied to the panel's children.
            items:
              $ref: '#/components/schemas/Variable'
          coloringRules:
            type: array
            description: Coloring rules to color the panel/data with.
            items:
              $ref: '#/components/schemas/ColoringRule'
    DashboardV2SyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ContentSyncDefinition'
      - required:
        - title
        type: object
        properties:
          description:
            maxLength: 65546
            type: string
            description: A description of the dashboard.
            example: A view of pods, namespaces and nodes of your cluster.
          title:
            maxLength: 255
            minLength: 1
            type: string
            description: The title of the dashboard.
            example: Kubernetes Dashboard
          theme:
            pattern: ^(light|dark|Light|Dark)$
            type: string
            description: Theme for the dashboard. Must be `light` or `dark`.
            example: light
            default: light
            x-pattern-message: Must be `Light`, or `Dark`
          topologyLabelMap:
            $ref: '#/components/schemas/TopologyLabelMap'
          refreshInterval:
            type: integer
            description: Interval of time (in seconds) to automatically refresh the
              dashboard. A value of 0 means we never automatically refresh the dashboard.
            format: int32
            example: 5
          timeRange:
            $ref: '#/components/schemas/ResolvableTimeRange'
          layout:
            $ref: '#/components/schemas/Layout'
          panels:
            type: array
            description: Children panels that the container panel contains.
            items:
              $ref: '#/components/schemas/Panel'
          variables:
            type: array
            description: Variables that could be applied to the panel's children.
            items:
              $ref: '#/components/schemas/Variable'
          coloringRules:
            type: array
            description: Coloring rules to color the panel/data with.
            items:
              $ref: '#/components/schemas/ColoringRule'
          schedules:
            type: array
            description: Dashboard report schedules.
            items:
              $ref: '#/components/schemas/ReportScheduleSyncDefinition'
    NotificationThresholdSyncDefinition:
      required:
      - count
      - operator
      type: object
      properties:
        thresholdType:
          type: string
          description: "This property is deprecated. The system will automatically\
            \ infer the value of this field from the query going forward, so the user-specified\
            \ value will no longer be honored.\nThreshold type. Possible values are:\n\
            \ 1. `message`\n 2. `group`\n\nUse `group` as threshold type if the search\
            \ query is of aggregate type. For non-aggregate queries, set it to `message`."
          deprecated: true
        operator:
          pattern: ^(eq|gt|ge|lt|le)$
          type: string
          description: "Criterion to be applied when comparing actual result count\
            \ with expected count. Possible values are:\n 1. `eq`\n 2. `gt`\n 3. `ge`\n\
            \ 4. `lt`\n 5. `le`"
          x-pattern-message: 'must be one of the following: `eq`, `gt`, `ge`, `lt`,
            or `le`'
        count:
          type: integer
          description: Expected result count.
    ReportFilterSyncDefinition:
      required:
      - fieldName
      - filterType
      - label
      - panelIds
      - properties
      type: object
      properties:
        fieldName:
          type: string
          description: The name af the field being filtered on, as listed in PanelField.
        label:
          type: string
          description: The name of the field being filtered on, as displayed to the
            user.
        defaultValue:
          type: string
          description: The default value of the parameter.
        filterType:
          type: string
          description: Type of filter. Can only be `numeric` or `textbox`.
        properties:
          type: string
          description: Visual settings for the panel.
        panelIds:
          type: array
          description: A list of panel identifiers that the filter applies to.
          items:
            type: string
    ReportPanelSyncDefinition:
      required:
      - detailLevel
      - height
      - id
      - metricsQueries
      - name
      - properties
      - queryParameters
      - queryString
      - timeRange
      - viewerType
      - width
      - x
      - y
      type: object
      properties:
        name:
          type: string
          description: The title of the panel.
        viewerType:
          type: string
          description: "Type of [area chart](https://help.sumologic.com/Dashboards-and-Alerts/Dashboards/Chart-Panel-Types).\
            \ Supported values are:\n  1. `table` for Table\n  2. `bar` for Bar Chart\n\
            \  3. `column` for Column Chart\n  4. `line` for Line Chart\n  5. `area`\
            \ for Area Chart\n  6. `pie` for Pie Chart\n  7. `svv` for Single Value\
            \ Viewer\n  8. `title` for Title Panel\n  9. `text` for Text Panel\n\n\
            Values 1-7 are used for Data Panels."
        detailLevel:
          type: integer
          description: "Supported values are:\n  - `1` for small\n  - `2` for medium\n\
            \  - `3` for large"
        queryString:
          type: string
          description: The query to run, for panels associated to log searches.
        metricsQueries:
          type: array
          description: The query or queries to run, for panels associated to metrics
            searches.
          items:
            $ref: '#/components/schemas/MetricsQuerySyncDefinition'
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
        x:
          type: integer
          description: The horizontal position of the panel. A sumo screen is divided
            into 24 columns. The value for x can be any integer from 0 to 24.
        y:
          type: integer
          description: The vertical position of the panel. A sumo screen is divided
            into 24 rows. The value for y can be any integer from 0 to 24.
        width:
          type: integer
          description: The width of the panel.
        height:
          type: integer
          description: The height of the panel.
        properties:
          type: string
          description: Visual settings for the panel.
        id:
          type: string
          description: A string identifier that you can use to refer to the panel
            in filters.panelIds.
        desiredQuantizationInSecs:
          type: integer
          description: The quantization interval aligns your time series data to common
            intervals on the time axis (for example every one minute) to optimize
            the visualization and performance.
        queryParameters:
          type: array
          description: The parameters for parameterized searches.
          items:
            $ref: '#/components/schemas/QueryParameterSyncDefinition'
        autoParsingInfo:
          $ref: '#/components/schemas/ReportAutoParsingInfo'
    SavedSearchWithScheduleSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ContentSyncDefinition'
      - required:
        - description
        - search
        type: object
        properties:
          search:
            $ref: '#/components/schemas/SavedSearchSyncDefinition'
          searchSchedule:
            $ref: '#/components/schemas/SearchScheduleSyncDefinition'
          description:
            type: string
            description: Description of the saved search.
    SavedSearchWithScheduleAndDependencySyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ContentSyncDefinition'
      - required:
        - description
        - search
        type: object
        properties:
          search:
            $ref: '#/components/schemas/SavedSearchSyncDefinition'
          scheduleWithDependency:
            $ref: '#/components/schemas/SearchScheduleWithDependencySyncDefinition'
          description:
            type: string
            description: Description of the saved search.
    SavedSearchSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/SavedSearchSyncDefinitionBase'
      - required:
        - defaultTimeRange
        type: object
        properties:
          defaultTimeRange:
            type: string
            description: "Default time range for the search. Possible types of time\
              \ ranges are:\n  - relative time range: e.g. \"-1d -12h\" represents\
              \ a time range from one day ago to 12 hours ago.\n  - absolute time\
              \ range: e.g. \"01-04-2017 20:32:00 to 01-04-2017 20:35:00\" represents\
              \ a time range\n  from April 1st, 2017 at 8:32 PM until April 1st, 2017\
              \ at 8:35 PM."
    SaveToViewNotificationSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition'
      - required:
        - viewName
        type: object
        properties:
          viewName:
            type: string
            description: Name of the View to save the notification to.
    SaveToLookupNotificationSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition'
      - required:
        - isLookupMergeOperation
        - lookupFilePath
        type: object
        properties:
          lookupFilePath:
            type: string
            description: The path of the lookup table that will store the results
              of the scheduled search.
            example: /personal/folder/testLookupTable
          isLookupMergeOperation:
            type: boolean
            description: This indicates whether the file contents will be merged with
              existing data in the lookup table or not. If this is true then data
              with the same primary keys will be updated while the rest of the rows
              will be appended.
            example: false
    ScheduleNotificationSyncDefinition:
      required:
      - taskType
      type: object
      properties:
        taskType:
          type: string
          description: Delivery channel for notifications.
      discriminator:
        propertyName: taskType
    ScheduleSearchParameterSyncDefinition:
      required:
      - name
      - value
      type: object
      properties:
        name:
          maxLength: 60
          type: string
          description: Name of scheduled search parameter.
        value:
          maxLength: 300
          type: string
          description: Value of scheduled search parameter.
    SearchScheduleSyncDefinition:
      required:
      - notification
      - parseableTimeRange
      - scheduleType
      - timeZone
      type: object
      properties:
        cronExpression:
          type: string
          description: Cron-like expression specifying the search's schedule. Field
            scheduleType must be set to "Custom", otherwise, scheduleType takes precedence
            over cronExpression.
          example: 0 0/15 * * * ? *
        displayableTimeRange:
          type: string
          description: A human-friendly text describing the query time range. For
            e.g. "-2h", "last three days", "team default time". This value can not
            be set via API.
          example: -2h
        parseableTimeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
        timeZone:
          type: string
          description: Time zone identifier for time specification. Either an abbreviation
            such as "PST", a full name such as "America/Los_Angeles", or a custom
            ID such as "GMT-8:00". Note that the support of abbreviations is for JDK
            1.1.x compatibility only and full names should be used.
        threshold:
          $ref: '#/components/schemas/NotificationThresholdSyncDefinition'
        notification:
          $ref: '#/components/schemas/ScheduleNotificationSyncDefinition'
        scheduleType:
          type: string
          description: "Run schedule of the scheduled search. Set to \"Custom\" to\
            \ specify the schedule with a CRON expression.Please note that with Custom,\
            \ 1Day and 1Week schedule types you need to provide the corresponding\
            \ cron expression to determine when to actually run the search. e.g. Sample\
            \ Valid Cron for 1Day is \"0 0 16 ? * 2-6 *\". Possible schedule types\
            \ are:\n  - `RealTime`\n  - `15Minutes`\n  - `1Hour`\n  - `2Hours`\n \
            \ - `4Hours`\n  - `6Hours`\n  - `8Hours`\n  - `12Hours`\n  - `1Day`\n\
            \  - `1Week`\n  - `Custom`"
        muteErrorEmails:
          type: boolean
          description: If enabled, emails are not sent out in case of errors with
            the search.
        parameters:
          maxLength: 50
          type: array
          description: A list of scheduled search parameters.
          items:
            $ref: '#/components/schemas/ScheduleSearchParameterSyncDefinition'
    ServiceNowSearchNotificationSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition'
      - required:
        - externalId
        type: object
        properties:
          externalId:
            type: string
            description: ServiceNow identifier.
          fields:
            $ref: '#/components/schemas/ServiceNowFieldsSyncDefinition'
    ServiceNowFieldsSyncDefinition:
      type: object
      properties:
        eventType:
          type: string
          description: The category that the event source uses to identify the event.
        severity:
          type: integer
          description: "An integer value representing the severity of the alert. Supported\
            \ values are:\n  - `0` for Clear\n  - `1` for Critical\n  - `2` for Major\n\
            \  - `3` for Minor\n  - `4` for Warning"
        resource:
          type: string
          description: The component on the node to which the event applies.
        node:
          type: string
          description: The physical or virtual device on which the event occurred.
    WebhookSearchNotificationSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition'
      - required:
        - webhookId
        type: object
        properties:
          webhookId:
            type: string
            description: Identifier of the webhook connection.
          payload:
            type: string
            description: A JSON object in the format required by the target WebHook
              URL. For details on variables that can be used as parameters within
              your JSON object, please refer to Sumo Logic Doc Hub.
          itemizeAlerts:
            type: boolean
            description: If this field is set to true, one webhook per result will
              be sent when the trigger conditions are met
            example: true
            default: false
          maxItemizedAlerts:
            minimum: 0
            type: integer
            description: The maximum number of results for which we send separate
              alerts. This value should be between 1 and 100.
            format: int32
            example: 10
    CseSignalNotificationSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ScheduleNotificationSyncDefinition'
      - required:
        - recordType
        type: object
        properties:
          recordType:
            type: string
            description: Name of the Cloud SIEM Enterprise Record to be created.
    MetricsSavedSearchSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ContentSyncDefinition'
      - required:
        - desiredQuantizationInSecs
        - metricsQueries
        - timeRange
        type: object
        properties:
          description:
            maxLength: 8192
            type: string
            description: Item description in the content library.
            example: Long and detailed description
          timeRange:
            $ref: '#/components/schemas/ResolvableTimeRange'
          logQuery:
            maxLength: 10240
            type: string
            description: Query used to add an overlay to the chart.
            example: my_metric | timeslice 1m | count by _timeslice
          metricsQueries:
            type: array
            description: Metrics queries.
            items:
              $ref: '#/components/schemas/MetricsSavedSearchQuerySyncDefinition'
          desiredQuantizationInSecs:
            minimum: 0
            type: integer
            description: Desired quantization in seconds.
            format: int32
            example: 60
          properties:
            type: string
            description: Chart properties. This field is optional.
            example: '{ \"key\": \"value\" }'
    MetricsSearchSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ContentSyncDefinition'
      - required:
        - queries
        - timeRange
        type: object
        properties:
          timeRange:
            $ref: '#/components/schemas/ResolvableTimeRange'
          description:
            type: string
            description: Description of the metrics search page.
            example: CPU and memory utilization for RDS cluster
          queries:
            type: array
            description: Queries of the metrics search page.
            example:
            - queryString: CPU_Idle Namespace=RDS
              queryType: Metrics
              queryKey: A
            - queryString: Mem_Used Namespace=RDS
              queryType: Metrics
              queryKey: B
            items:
              $ref: '#/components/schemas/Query'
          visualSettings:
            type: string
            description: 'Visual settings of the metrics search page. Must be a string
              representing a valid JSON object.

              '
            example: '{"title": {"fontsize": 9}}'
    LookupTableSyncDefinition:
      allOf:
      - $ref: '#/components/schemas/ContentSyncDefinition'
      - $ref: '#/components/schemas/ExportableLookupTableInfo'
    CollectorRegistrationTokenResponse:
      allOf:
      - $ref: '#/components/schemas/TokenBaseResponse'
      - required:
        - encodedTokenAndUrl
        type: object
        properties:
          encodedTokenAndUrl:
            type: string
            description: The token and URL used to register the Collector as an encoded
              string.
    CollectorResourceIdentity:
      allOf:
      - $ref: '#/components/schemas/ResourceIdentity'
    OrgIdentity:
      allOf:
      - $ref: '#/components/schemas/ResourceIdentity'
    SourceResourceIdentity:
      allOf:
      - $ref: '#/components/schemas/ResourceIdentity'
      - type: object
        properties:
          collectorId:
            type: string
            description: The unique identifier of the Collector this Source belongs
              to.
            default: Unknown
          collectorName:
            type: string
            description: The name of the Collector this Source belongs to.
            default: Unknown
    IngestBudgetResourceIdentity:
      allOf:
      - $ref: '#/components/schemas/ResourceIdentity'
      - type: object
        properties:
          ingestBudgetFieldValue:
            type: string
            description: The unique field value of the ingest budget v1. This will
              be empty for v2 budgets.
            default: Unknown
          scope:
            type: string
            description: The scope of the ingest budget v2. This will be empty for
              v1 budgets.
            default: Unknown
          budgetType:
            type: string
            description: 'The type of budget. Supported values are:  * `dailyVolume`
              * `minuteVolume`'
    LogsToMetricsRuleIdentity:
      allOf:
      - $ref: '#/components/schemas/ResourceIdentity'
    ScheduledViewResourceIdentity:
      allOf:
      - $ref: '#/components/schemas/ResourceIdentity'
    CollectorLimitApproachingTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    OTCollectorLimitApproachingTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    AgentRemoteConfigStatusTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - type: object
        properties:
          CustomerId:
            type: string
            description: The CustomerId.
          message:
            type: string
            description: The error message.
    GcpMetricsCollectionBrokenTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    OAuthRefreshFailedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - type: object
        properties:
          exceptionType:
            type: string
            description: The type of exception received while attempting OAuth.
          exceptionMessage:
            type: string
            description: The error message received with the failed OAuth request.
    IngestBudgetExceededTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/DataIngestAffectedTracker'
    CollectionAffectedDueToIngestBudgetTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/DataIngestAffectedTracker'
      - type: object
        properties:
          associatedBudgetNames:
            type: string
            description: The list of budget names.
    CollectionS3AccessDeniedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/S3CollectionErrorTracker'
      - type: object
        properties:
          bucketName:
            type: string
            description: The bucket name of the associated Source.
          accessKey:
            type: string
            description: The access key used to make the request. In the case of IAM
              roles, this is the temporary key used for authentication.
    CollectionS3GetObjectAccessDeniedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/S3CollectionErrorTracker'
      - type: object
        properties:
          bucketName:
            type: string
            description: The bucket name of the associated Source.
          accessKey:
            type: string
            description: The access key used to make the request. In the case of IAM
              roles, this is the temporary key used for authentication.
    CollectionS3InvalidKeyTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/S3CollectionErrorTracker'
      - type: object
        properties:
          accessKey:
            type: string
            description: The access key used to make the request. In the case of IAM
              roles, this is the temporary key used for authentication.
    CollectionS3ListingFailedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/S3CollectionErrorTracker'
      - type: object
        properties:
          bucketName:
            type: string
            description: The bucket name of the associated Source.
    CollectionS3SlowListingTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/S3CollectionErrorTracker'
      - type: object
        properties:
          bucketName:
            type: string
            description: The bucket name of the associated Source.
          flaggedAfterMinutes:
            type: string
            description: The number of minutes elapsed in scanning after which this
              incident was created.
    InstalledCollectorOfflineTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - type: object
        properties:
          minutesSinceLastHeartbeat:
            type: string
            description: The number of minutes since the last heartbeat for the collector
              was received.
    IngestThrottlingTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/DataIngestAffectedTracker'
      - type: object
        properties:
          dataType:
            type: string
            description: The type of data for which the rate limit was enabled. The
              possible values are `LogIngest` and `MetricsIngest`.
    AgentOpampConnectionStatusTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - type: object
    CollectionInvalidFilePathTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/FileCollectionErrorTracker'
      - type: object
        properties:
          path:
            type: string
            description: The path to the file.
    CollectionPathAccessDeniedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/FileCollectionErrorTracker'
      - type: object
        properties:
          path:
            type: string
            description: The path to the file.
    CollectionRemoteConnectionFailedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/FileCollectionErrorTracker'
    CollectionDockerClientBuildingFailedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    CollectionWindowsEventChannelConnectionFailedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    CollectionWindowsHostConnectionFailedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    CollectionAwsMetadataTagsFetchDeniedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    CollectionCloudWatchTagsFetchDeniedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/AwsCloudWatchCollectionErrorTracker'
    CollectionCloudWatchListMetricsDeniedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/AwsCloudWatchCollectionErrorTracker'
      - type: object
        properties:
          errorCode:
            type: string
            description: The error code from AWS for the request made to get metrics.
          errorMessage:
            type: string
            description: The error message from AWS for the request made to get metrics.
    CollectionCloudWatchGetStatisticsDeniedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/AwsCloudWatchCollectionErrorTracker'
      - type: object
        properties:
          errorCode:
            type: string
            description: The error code from AWS for the request made to get metrics.
          errorMessage:
            type: string
            description: The error message from AWS for the request made to get metrics.
    CollectionCloudWatchGetStatisticsThrottledTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/AwsCloudWatchCollectionErrorTracker'
    MetricsHighCardinalityDetectedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - type: object
        properties:
          retention:
            type: string
            description: The retention of metrics that approached the limit.
    MetricsCardinalityLimitExceededTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - type: object
        properties:
          retention:
            type: string
            description: The retention of metrics that exceeded the limit.
    HighCardinalityDimensionDroppedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - type: object
        properties:
          dimension:
            type: string
            description: The dropped high cardinality dimension.
    LogsToMetricsRuleDisabledTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    SpanIngestLimitExceededTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    CollectionAwsInventoryThrottledTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/AwsInventoryCollectionErrorTracker'
    CollectionAwsInventoryUnauthorizedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/AwsInventoryCollectionErrorTracker'
    CSEWindowsInvalidConfigurationTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/CSEWindowsErrorTracker'
      - type: object
        properties:
          sensorId:
            type: string
            description: The sensor ID.
          sensorHostname:
            type: string
            description: The sensor's hostname.
          sensorUserName:
            type: string
            description: The sensor's user name.
    CSEWindowsRuntimeErrorTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/CSEWindowsErrorTracker'
      - type: object
        properties:
          sensorId:
            type: string
            description: The sensor ID.
          sensorHostname:
            type: string
            description: The sensor's hostname.
          sensorUserName:
            type: string
            description: The sensor's user name.
    CSEWindowsExcessiveEventLogMonitorsTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/CSEWindowsErrorTracker'
      - type: object
        properties:
          sensorId:
            type: string
            description: The sensor ID.
          sensorHostname:
            type: string
            description: The sensor's hostname.
          sensorUserName:
            type: string
            description: The sensor's user name.
    CSEWindowsRuntimeWarningTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/CSEWindowsErrorTracker'
      - type: object
        properties:
          sensorId:
            type: string
            description: The sensor ID.
          sensorHostname:
            type: string
            description: The sensor's hostname.
          sensorUserName:
            type: string
            description: The sensor's user name.
    CSEWindowsInvalidUserPermissionsTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/CSEWindowsAccessErrorTracker'
      - type: object
        properties:
          sensorId:
            type: string
            description: The sensor ID.
          sensorHostname:
            type: string
            description: The sensor's hostname.
          sensorUserName:
            type: string
            description: The sensor's user name.
          folderPath:
            type: string
            description: The path of the folder.
          filePath:
            type: string
            description: The complete file path.
          source:
            type: string
            description: The HostName + EventLog name for EventLogs and Domain name
              for Directory..
    CSEWindowsWriteQueueFilesToSensorDirectoryFailedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/CSEWindowsAccessErrorTracker'
      - type: object
        properties:
          sensorId:
            type: string
            description: The sensor ID.
          sensorHostname:
            type: string
            description: The sensor's hostname.
          sensorUserName:
            type: string
            description: The sensor's user name.
          folderPath:
            type: string
            description: The path of the folder.
          filePath:
            type: string
            description: The complete file path.
          source:
            type: string
            description: The HostName + EventLog name for EventLogs and Domain name
              for Directory..
    CSEWindowsStorageLimitExceededTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/CSEWindowsSensorOutOfStorageTracker'
      - type: object
        properties:
          sensorId:
            type: string
            description: The sensor ID.
          sensorHostname:
            type: string
            description: The sensor's hostname.
          folderPath:
            type: string
            description: The path of the folder.
          folderSizeLimit:
            type: string
            description: The complete file path.
          currentFolderSize:
            type: string
            description: Current size of the folder.
          percentageAvailableDiskSpaceLimit:
            type: string
            description: The percentage available disk space limit.
          currentPercentageAvailableDiskSpace:
            type: string
            description: The current percentage available disk space.
          lastError:
            type: string
            description: The last error.
    CSEWindowsStorageLimitApproachingTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/CSEWindowsSensorOutOfStorageTracker'
      - type: object
        properties:
          sensorId:
            type: string
            description: The sensor ID.
          sensorHostname:
            type: string
            description: The sensor's hostname.
          folderPath:
            type: string
            description: The path of the folder.
          folderSizeLimit:
            type: string
            description: The complete file path.
          currentFolderSize:
            type: string
            description: Current size of the folder.
          percentageAvailableDiskSpaceLimit:
            type: string
            description: The percentage available disk space limit.
          currentPercentageAvailableDiskSpace:
            type: string
            description: The current percentage available disk space.
          lastError:
            type: string
            description: The last error.
    CSEWindowsErrorAppendingToQueueFilesTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/CSEWindowsSensorOutOfStorageTracker'
      - type: object
        properties:
          sensorId:
            type: string
            description: The sensor ID.
          sensorHostname:
            type: string
            description: The sensor's hostname.
          folderPath:
            type: string
            description: The path of the folder.
          folderSizeLimit:
            type: string
            description: The complete file path.
          currentFolderSize:
            type: string
            description: Current size of the folder.
          percentageAvailableDiskSpaceLimit:
            type: string
            description: The percentage available disk space limit.
          currentPercentageAvailableDiskSpace:
            type: string
            description: The current percentage available disk space.
          lastError:
            type: string
            description: The last error.
    CSEWindowsErrorParsingRecordsTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/CSEWindowsParsingErrorTracker'
      - type: object
        properties:
          sensorId:
            type: string
            description: The sensor ID.
          sensorHostname:
            type: string
            description: The sensor's hostname.
          source:
            type: string
            description: The HostName + EventLog name for EventLogs and Domain name
              for Directory.
          errorCount:
            type: string
            description: The error count.
          lastErrorMessage:
            type: string
            description: The last error message.
    CSEWindowsExcessiveFilesPendingUploadTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/CSEWindowsExcessiveBacklogTracker'
      - type: object
        properties:
          sensorId:
            type: string
            description: The sensor ID.
          sensorHostname:
            type: string
            description: The sensor's hostname.
          source:
            type: string
            description: The HostName + EventLog name for EventLogs and Domain name
              for Directory.
          lastErrorMessage:
            type: string
            description: The last error message.
          numberOfFilesPending:
            type: string
            description: The number of files pending upload.
          oldestTimestampInQueue:
            type: string
            description: The oldest timestamp in the queue.
    CSEWindowsOldestRecordTimestampExceedsThresholdTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/CSEWindowsExcessiveBacklogTracker'
      - type: object
        properties:
          sensorId:
            type: string
            description: The sensor ID.
          sensorHostname:
            type: string
            description: The sensor's hostname.
          source:
            type: string
            description: The HostName + EventLog name for EventLogs and Domain name
              for Directory.
          lastErrorMessage:
            type: string
            description: The last error message.
          numberOfFilesPending:
            type: string
            description: The number of files pending upload.
          oldestTimestampInQueue:
            type: string
            description: The oldest timestamp in the queue.
    CSEWindowsSensorOfflineTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - type: object
        properties:
          minutesWithNoHeartbeatBeforeMarkingOffline:
            type: string
            description: The number of minutes without heartbeat after which sensor
              is marked offline.
    MetricsMetadataKeyLengthLimitExceeded:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker'
    MetricsMetadataValueLengthLimitExceeded:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker'
    MetricsMetadataKeyValuePairsLimitExceeded:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker'
    MetricsMetadataTotalMetadataSizeLimitExceeded:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker'
    MetricNameMissingTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/MetricNameErrorTracker'
    MetricNameAsMetatagTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/MetricNameErrorTracker'
    OTCReceiverNoSpansObservedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/OTCReceiverErrorTracker'
      - type: object
        properties:
          instanceId:
            type: string
            description: The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`.
          instanceAddress:
            type: string
            description: The collector instance address, e.g. `172.16.1.14`.
          receiverId:
            type: string
            description: The collector receiver ID, e.g. `otlphttp/2`.
    OTCReceiverSpansDroppedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/OTCReceiverErrorTracker'
      - type: object
        properties:
          instanceId:
            type: string
            description: The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`.
          instanceAddress:
            type: string
            description: The collector instance address, e.g. `172.16.1.14`.
          receiverId:
            type: string
            description: The collector receiver ID, e.g. `otlphttp/2`.
          count:
            type: string
            description: The count of dropped spans.
    OTCReceiverSpansRefusedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/OTCReceiverErrorTracker'
      - type: object
        properties:
          instanceId:
            type: string
            description: The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`.
          instanceAddress:
            type: string
            description: The collector instance address, e.g. `172.16.1.14`.
          receiverId:
            type: string
            description: The collector receiver ID, e.g. `otlphttp/2`.
          count:
            type: string
            description: The count of refused spans.
    OTCExporterHighFailuresExportingSpansTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/OTCExporterErrorTracker'
      - type: object
        properties:
          instanceId:
            type: string
            description: The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`.
          instanceAddress:
            type: string
            description: The collector instance address, e.g. `172.16.1.14`.
          exporterId:
            type: string
            description: The collector exporter ID, e.g. `otlphttp`.
          count:
            type: string
            description: The failure count.
    OTCExporterLargeTraceBatchesTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/OTCExporterErrorTracker'
      - type: object
        properties:
          instanceId:
            type: string
            description: The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`.
          instanceAddress:
            type: string
            description: The collector instance address, e.g. `172.16.1.14`.
          exporterId:
            type: string
            description: The collector exporter ID, e.g. `otlphttp`.
          count:
            type: string
            description: The failure count.
    OTCProcessHighMemoryUsageTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/OTCProcessErrorTracker'
      - type: object
        properties:
          instanceId:
            type: string
            description: The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`.
          instanceAddress:
            type: string
            description: The collector instance address, e.g. `172.16.1.14`.
          memoryUsage:
            type: string
            description: The collector memory usage in bytes, e.g. `142606592`
          memoryLimit:
            type: string
            description: The collector memory limit (if set) in bytes, e.g. `4000000000`
    OTCProcessSpansDroppedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/OTCProcessErrorTracker'
      - type: object
        properties:
          instanceId:
            type: string
            description: The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`.
          instanceAddress:
            type: string
            description: The collector instance address, e.g. `172.16.1.14`.
          processorId:
            type: string
            description: The collector processor ID, e.g. `cascading_filter`.
          count:
            type: string
            description: The count of dropped spans.
    OTCProcessSpansRefusedTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/OTCProcessErrorTracker'
      - type: object
        properties:
          instanceId:
            type: string
            description: The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`.
          instanceAddress:
            type: string
            description: The collector instance address, e.g. `172.16.1.14`.
          processorId:
            type: string
            description: The collector processor ID, e.g. `cascading_filter`.
          count:
            type: string
            description: The count of refused spans.
    OTCWarningProcessingSpansTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/OTCProcessErrorTracker'
      - type: object
        properties:
          instanceId:
            type: string
            description: The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`.
          instanceAddress:
            type: string
            description: The collector instance address, e.g. `172.16.1.14`.
          processorId:
            type: string
            description: The collector processor ID, e.g. `cascading_filter`.
          message:
            type: string
            description: The warning message.
    OTCErrorProcessingSpansTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/OTCProcessErrorTracker'
      - type: object
        properties:
          instanceId:
            type: string
            description: The collector instance ID, e.g. `974b444b-4b45-4f32-aa03-1dbf2a16826d`.
          instanceAddress:
            type: string
            description: The collector instance address, e.g. `172.16.1.14`.
          processorId:
            type: string
            description: The collector processor ID, e.g. `cascading_filter`.
          message:
            type: string
            description: The error message.
    AzureEventHubConnectionErrorTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - type: object
        properties:
          reason:
            type: string
            description: The specific reason of the connection error
    AzureEventHubPermissionErrorTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - properties:
          reason:
            type: string
            description: The specific reason of the permission error
    AzureMetricsInvalidClientSecretTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    AzureMetricsNoAccessibleSubscriptionsTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    FsrTooManyFieldsCreationErrorTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    InstalledCollectorDeprecatedJreTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    PartitionLimitApproachingTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    FieldsLimitApproachingTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    LookupLimitApproachingTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    FerLimitApproachingTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    ScheduledViewFailureTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    OTCollectorNoDataTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
    PermissionSubject:
      required:
      - subjectId
      - subjectType
      type: object
      properties:
        subjectType:
          pattern: ^(user|role|org)$
          type: string
          description: 'Type of subject for the permission. Valid values are: `user`
            or `role` or `org`.'
          example: role
          x-pattern-message: 'must be one of the following: `user`, `role`, `org`'
        subjectId:
          type: string
          description: The identifier that belongs to the subject type chosen above.
            For e.g. if the subjectType is set to `user`, subjectId should be the
            identifier of a user (same goes for `role` or `org` subjectType).
          example: 0000000006743FDA
      description: Identifier for the entity (subject) that is granted the permission
        on resource(s).
    PermissionIdentifier:
      allOf:
      - $ref: '#/components/schemas/PermissionSubject'
      - required:
        - targetId
        type: object
        properties:
          targetId:
            type: string
            description: The identifier that belongs to the resource this permission
              assignment applies to.
            example: 0000000006743FE2
    PermissionIdentifiers:
      required:
      - permissionIdentifiers
      type: object
      properties:
        permissionIdentifiers:
          maxItems: 1000
          minItems: 1
          type: array
          description: List of permission identifiers.
          items:
            $ref: '#/components/schemas/PermissionIdentifier'
    PermissionStatementDefinition:
      allOf:
      - $ref: '#/components/schemas/Permissions'
      - required:
        - subjectId
        - subjectType
        - targetId
        type: object
        properties:
          subjectType:
            pattern: ^(role|org)$
            type: string
            description: 'Type of subject for the permission. Valid values are: `role`
              or `org`.'
            example: role
            x-pattern-message: 'must be one of the following: `role` or `org`'
          subjectId:
            type: string
            description: The identifier that belongs to the subject type chosen above.
              For e.g. if the subjectType is set to `role`, subjectId should be the
              identifier of a role.  Similarly, if the subjectType is `org`, the subjectId
              should be the identifier of the same org,  which owns the resource target.
            example: 0000000006743FDA
          targetId:
            type: string
            description: The identifier that belongs to the resource this permission
              assignment applies to.
            example: 0000000006743FE2
    PermissionStatementDefinitions:
      required:
      - permissionStatementDefinitions
      type: object
      properties:
        permissionStatementDefinitions:
          maxItems: 1000
          minItems: 1
          type: array
          description: List of permission statement definitions.
          items:
            $ref: '#/components/schemas/PermissionStatementDefinition'
    PermissionStatement:
      type: object
      allOf:
      - $ref: '#/components/schemas/PermissionStatementDefinition'
      - $ref: '#/components/schemas/MetadataModel'
    PermissionStatements:
      required:
      - permissionStatements
      type: object
      properties:
        permissionStatements:
          type: array
          description: A list of permission statements.
          items:
            $ref: '#/components/schemas/PermissionStatement'
    PermissionSummaryMeta:
      required:
      - isExplicit
      - isInherited
      - isRecursive
      - isRevoked
      - isSystemDefined
      - name
      type: object
      properties:
        name:
          type: string
          description: 'Name of the permission. Example values are: `Read`, `Update`,
            `Create`, etc.'
          example: Read
        isInherited:
          type: boolean
          description: A true value implies that the permission is inherited from
            some ancestors of the resource. A false value implies that the permission
            is explicitly assigned to the resource.
          example: true
        isExplicit:
          type: boolean
          description: A true value implies that the permission is explicitly assigned
            to the resource. A false value implies that the permission is not explicitly
            assigned to the resource.
          example: true
        isRevoked:
          type: boolean
          description: A true value implies that the capability required for this
            permission has been revoked.
          example: true
        isRecursive:
          type: boolean
          description: A true value implies that the permission is recursively cascaded
            down to all the direct and indirect children of the resource.
          example: true
        isSystemDefined:
          type: boolean
          description: A true value implies that the permission is defined by the
            system on the resource and can not be modified by the user. A false value
            implies that the permission is defined by the user on the resource and
            can be modified by the user.
          example: true
      description: Permission Summary with additional information like inheritance,
        revocation, etc about the permission.
    PermissionSummaryBySubjects:
      description: A list of PermissionSubjects and PermissionSummaryMeta(s) associated
        with each subject.
      allOf:
      - $ref: '#/components/schemas/PermissionSubject'
      - required:
        - permissionSummaries
        type: object
        properties:
          permissionSummaries:
            type: array
            items:
              $ref: '#/components/schemas/PermissionSummaryMeta'
    PermissionSummariesBySubjects:
      required:
      - permissionSummariesBySubjects
      type: object
      properties:
        permissionSummariesBySubjects:
          type: array
          description: A list of PermissionSubjects and PermissionSummaryMeta(s) associated
            with each subject.
          items:
            $ref: '#/components/schemas/PermissionSummaryBySubjects'
    ListPermissionsResponse:
      required:
      - permissionStatements
      type: object
      properties:
        permissionStatements:
          type: array
          description: A list of permission statements.
          items:
            $ref: '#/components/schemas/PermissionStatement'
    Permissions:
      required:
      - permissions
      type: object
      properties:
        permissions:
          type: array
          description: List of permissions.
          example:
          - Read
          - Delete
          items:
            type: string
    Email:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - recipients
        - subject
        type: object
        properties:
          recipients:
            type: array
            description: A list of email addresses to send to when the rule fires.
            items:
              type: string
              example: john@doe.com
          subject:
            type: string
            description: The subject line of the email.
            example: Sample Email Subject
          messageBody:
            type: string
            description: The message body of the email to send.
            example: Sample Email Message Body
          timeZone:
            type: string
            description: Time zone for the email content. All dates/times will be
              displayed in this timeZone in the email payload. Follow the format in
              the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
            example: America/Los_Angeles
    AWSLambda:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - connectionId
        type: object
        properties:
          connectionId:
            type: string
            description: The identifier of the connection.
            example: 000000000BF39283
          payloadOverride:
            type: string
            description: The override of the default JSON payload of the connection.
              Should be in JSON format.
          resolutionPayloadOverride:
            type: string
            description: The override of the resolution JSON payload of the connection.
              Should be in JSON format.
    AzureFunctions:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - connectionId
        type: object
        properties:
          connectionId:
            type: string
            description: The identifier of the connection.
            example: 000000000BF39283
          payloadOverride:
            type: string
            description: The override of the default JSON payload of the connection.
              Should be in JSON format.
          resolutionPayloadOverride:
            type: string
            description: The override of the resolution JSON payload of the connection.
              Should be in JSON format.
    Datadog:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - connectionId
        type: object
        properties:
          connectionId:
            type: string
            description: The identifier of the connection.
            example: 000000000BF39283
          payloadOverride:
            type: string
            description: The override of the default JSON payload of the connection.
              Should be in JSON format.
    HipChat:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - connectionId
        type: object
        properties:
          connectionId:
            type: string
            description: The identifier of the connection.
            example: 000000000BF39283
          payloadOverride:
            type: string
            description: The override of the default JSON payload of the connection.
              Should be in JSON format.
    PagerDuty:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - connectionId
        type: object
        properties:
          connectionId:
            type: string
            description: The identifier of the connection.
            example: 000000000BF39283
          payloadOverride:
            type: string
            description: The override of the default JSON payload of the connection.
              Should be in JSON format.
          resolutionPayloadOverride:
            type: string
            description: The override of the resolution JSON payload of the connection.
              Should be in JSON format.
    Slack:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - connectionId
        type: object
        properties:
          connectionId:
            type: string
            description: The identifier of the connection.
            example: 000000000BF39283
          payloadOverride:
            type: string
            description: The override of the default JSON payload of the connection.
              Should be in JSON format.
          resolutionPayloadOverride:
            type: string
            description: The override of the resolution JSON payload of the connection.
              Should be in JSON format.
    NewRelic:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - connectionId
        type: object
        properties:
          connectionId:
            type: string
            description: The identifier of the connection.
            example: 000000000BF39283
          payloadOverride:
            type: string
            description: The override of the default JSON payload of the connection.
              Should be in JSON format.
    Jira:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - connectionId
        type: object
        properties:
          connectionId:
            type: string
            description: The identifier of the connection.
            example: 000000000BF39283
          payloadOverride:
            type: string
            description: The override of the default JSON payload of the connection.
              Should be in JSON format.
    Opsgenie:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - connectionId
        type: object
        properties:
          connectionId:
            type: string
            description: The identifier of the connection.
            example: 000000000BF39283
          payloadOverride:
            type: string
            description: The override of the default JSON payload of the connection.
              Should be in JSON format.
          resolutionPayloadOverride:
            type: string
            description: The override of the resolution JSON payload of the connection.
              Should be in JSON format.
    MicrosoftTeams:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - connectionId
        type: object
        properties:
          connectionId:
            type: string
            description: The identifier of the connection.
            example: 000000000BF39283
          payloadOverride:
            type: string
            description: The override of the default JSON payload of the connection.
              Should be in JSON format.
          resolutionPayloadOverride:
            type: string
            description: The override of the resolution JSON payload of the connection.
              Should be in JSON format.
    ServiceNow:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - connectionId
        type: object
        properties:
          connectionId:
            type: string
            description: The identifier of the connection.
            example: 000000000BF39283
          connectionSubtype:
            $ref: '#/components/schemas/ConnectionSubtype'
          payloadOverride:
            type: string
            description: The override of the default JSON payload of the connection.
              Should be in JSON format.
          resolutionPayloadOverride:
            type: string
            description: The override of the resolution JSON payload of the connection.
              Should be in JSON format.
    SumoCloudSOAR:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - connectionId
        type: object
        properties:
          connectionId:
            type: string
            description: The identifier of the connection.
            example: 000000000BF39283
          connectionSubtype:
            $ref: '#/components/schemas/ConnectionSubtype'
          payloadOverride:
            type: string
            description: The override of the default JSON payload of the connection.
              Should be in JSON format.
    Webhook:
      allOf:
      - $ref: '#/components/schemas/Action'
      - required:
        - connectionId
        type: object
        properties:
          connectionId:
            type: string
            description: The identifier of the connection.
            example: 000000000BF39283
          payloadOverride:
            type: string
            description: The override of the default JSON payload of the connection.
              Should be in JSON format.
          resolutionPayloadOverride:
            type: string
            description: The override of the resolution JSON payload of the connection.
              Should be in JSON format.
    ChartDataRequest:
      required:
      - monitorType
      - queries
      type: object
      properties:
        monitorType:
          pattern: ^(Logs|Metrics)$
          type: string
          description: "The type of monitor. Valid values:\n  1. `Logs`: A logs query\
            \ monitor.\n  2. `Metrics`: A metrics query monitor."
          example: Logs
          x-pattern-message: should be either 'Logs' or 'Metrics'
        queries:
          uniqueItems: true
          type: array
          description: All queries from the monitor.
          items:
            $ref: '#/components/schemas/MonitorQuery'
        triggers:
          type: array
          description: Defines the conditions of when to send notifications.
          items:
            $ref: '#/components/schemas/TriggerCondition'
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
      description: Request payload for monitor chart data visualization.
    ChartDataResult:
      type: object
      properties:
        warnings:
          type: array
          description: Execution warnings of queries.
          items:
            $ref: '#/components/schemas/ErrorDescription'
        series:
          type: array
          description: List of time series of the monitor chart data.
          items:
            $ref: '#/components/schemas/SeriesData'
      description: Response for monitor chart data visualization.
    OutlierSeriesDataPoint:
      allOf:
      - $ref: '#/components/schemas/DataPoint'
      - required:
        - x
        - y
        type: object
        properties:
          x:
            type: integer
            description: Epoch unix time stamp.
            format: int64
            example: 1617146107
          y:
            $ref: '#/components/schemas/OutlierDataValue'
        description: Data point of outlier series.
    StaticSeriesDataPoint:
      allOf:
      - $ref: '#/components/schemas/DataPoint'
      - required:
        - x
        - y
        type: object
        properties:
          x:
            type: integer
            description: Epoch unix time stamp.
            format: int64
            example: 1617146107
          y:
            type: number
            description: The value of the data point.
            format: double
            example: 70.0
        description: Data point of static series.
    SearchQueryFieldsAndTypes:
      type: array
      items:
        $ref: '#/components/schemas/SearchQueryFieldAndType'
    SearchQueryFieldAndType:
      type: object
      properties:
        fieldName:
          type: string
          description: Log field parsed from log search query.
          example: status_code
        fieldType:
          pattern: ^(NumericValue|DistinctCount)$
          type: string
          description: "The type of the field inferred from log results and explicit\
            \ configuration. Valid values:\n  1. `NumericValue`: A field with a numerical\
            \ type.\n  2. `DistinctCount`: A field with a dimensional type."
          x-pattern-message: should be either 'NumericValue' or 'DistinctCount'
        isImplicitField:
          type: boolean
          description: Indicates if the field is implicit or user defined.
          example: true
      description: A log field and its associated type
    TriggerCondition:
      required:
      - triggerType
      type: object
      properties:
        detectionMethod:
          pattern: ^(StaticCondition|LogsStaticCondition|MetricsStaticCondition|LogsOutlierCondition|MetricsOutlierCondition|LogsMissingDataCondition|MetricsMissingDataCondition|SloSliCondition|SloBurnRateCondition|LogsAnomalyCondition|MetricsAnomalyCondition)$
          type: string
          description: "Detection method of the trigger condition. Valid values:\n\
            \  1. `StaticCondition`: A condition that triggers based off of a static\
            \ threshold. This `detectionMethod` is deprecated, it is recommended to\
            \ use other ones instead.\n  2. `LogsStaticCondition`: A logs condition\
            \ that triggers based off of a static threshold.\n  3. `MetricsStaticCondition`:\
            \ A metrics condition that triggers based off of a static threshold.\n\
            \  4. `LogsOutlierCondition`: A logs condition that triggers based off\
            \ of a dynamic outlier threshold.\n  5. `MetricsOutlierCondition`: A metrics\
            \ condition that triggers based off of a dynamic outlier threshold.\n\
            \  6. `LogsMissingDataCondition`: A logs missing data condition that triggers\
            \ based off of no data available.\n  7. `MetricsMissingDataCondition`:\
            \ A metrics missing data condition that triggers based off of no data\
            \ available.\n  8. `SloSliCondition`: An SLO condition that triggers based\
            \ off of current SLI value.\n  9. `SloBurnRateCondition`: An SLO condition\
            \ that triggers based off of error budget burn rate.\n  10. `LogsAnomalyCondition`:\
            \ A log anomaly condition that triggers based off anomalies in the data.\n\
            \  11. `MetricsAnomalyCondition`: A metric anomaly condition that triggers\
            \ based off anomalies in the data."
          example: StaticCondition
          default: StaticCondition
          x-pattern-message: 'should be one of the following: ''StaticCondition'',
            ''LogsStaticCondition'', ''MetricsStaticCondition'', ''LogsOutlierCondition'',
            ''MetricsOutlierCondition'', ''LogsMissingDataCondition'', ''MetricsMissingDataCondition'',
            ''SloSliCondition'', ''SloBurnRateCondition'', ''LogsAnomalyCondition'',
            ''MetricsAnomalyCondition'' '
        triggerType:
          pattern: ^(Critical|Warning|MissingData|ResolvedCritical|ResolvedWarning|ResolvedMissingData)$
          type: string
          description: "The type of trigger condition. Valid values:\n  1. `Critical`:\
            \ A critical condition to trigger on.\n  2. `Warning`: A warning condition\
            \ to trigger on.\n  3. `MissingData`: A condition that indicates data\
            \ is missing.\n  4. `ResolvedCritical`: A condition to resolve a Critical\
            \ trigger on.\n  5. `ResolvedWarning`: A condition to resolve a Warning\
            \ trigger on.\n  6. `ResolvedMissingData`: A condition to resolve a MissingData\
            \ trigger."
          example: Critical
          x-pattern-message: 'should be one of the following: ''Critical'', ''Warning'',
            ''MissingData'', ''ResolvedCritical'', ''ResolvedWarning'', or ''ResolvedMissingData'''
        resolutionWindow:
          type: string
          description: 'The resolution window that the recovery condition must be
            met in each evaluation that happens within this entire duration before
            the alert is recovered (resolved). If not specified, the time range of
            your trigger will be used. Valid values are: `0m`, `-5m`, `-10m`, `-15m`,
            `-30m`, `-1h`, `-3h`, `-6h`, `-12h`, or `-24h`'
          nullable: true
          example: -5m
      discriminator:
        propertyName: detectionMethod
        mapping:
          StaticCondition: '#/components/schemas/StaticCondition'
          LogsStaticCondition: '#/components/schemas/LogsStaticCondition'
          MetricsStaticCondition: '#/components/schemas/MetricsStaticCondition'
          LogsOutlierCondition: '#/components/schemas/LogsOutlierCondition'
          MetricsOutlierCondition: '#/components/schemas/MetricsOutlierCondition'
          LogsMissingDataCondition: '#/components/schemas/LogsMissingDataCondition'
          MetricsMissingDataCondition: '#/components/schemas/MetricsMissingDataCondition'
          SloSliCondition: '#/components/schemas/SloSliCondition'
          SloBurnRateCondition: '#/components/schemas/SloBurnRateCondition'
          LogsAnomalyCondition: '#/components/schemas/LogsAnomalyCondition'
          MetricsAnomalyCondition: '#/components/schemas/MetricsAnomalyCondition'
    StaticCondition:
      allOf:
      - $ref: '#/components/schemas/TriggerCondition'
      - required:
        - occurrenceType
        - timeRange
        - triggerSource
        type: object
        properties:
          timeRange:
            type: string
            description: The relative time range of the monitor. Valid values of time
              ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`, `-12h`,
              or `-24h`.
            example: -15m
          threshold:
            $ref: '#/components/schemas/StaticThreshold'
          thresholdType:
            $ref: '#/components/schemas/StaticThresholdType'
          field:
            type: string
            description: The name of the field that the trigger condition will alert
              on. The trigger could compare the value of specified field with the
              threshold. If `field` is not specified, monitor would default to result
              count instead.
            example: _count
          occurrenceType:
            $ref: '#/components/schemas/OccurrenceType'
          triggerSource:
            $ref: '#/components/schemas/TriggerSource'
          minDataPoints:
            maximum: 100
            minimum: 1
            type: integer
            description: The minimum number of data points to alert or resolve a metrics
              monitor within the time range. This field is only valid for Metrics
              Monitor, it will always be set to 1 for `AtleastOnce` occurrence type
              and for `Always`, if not specified by user it will default to 2.
            format: int32
            example: 5
        description: A rule that defines how the monitor should evaluate data and
          trigger notifications.
    LogsStaticCondition:
      allOf:
      - $ref: '#/components/schemas/TriggerCondition'
      - required:
        - threshold
        - thresholdType
        - timeRange
        type: object
        properties:
          timeRange:
            type: string
            description: The relative time range of the monitor. Valid values of time
              ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`, `-12h`,
              or `-24h`.
            example: -15m
          threshold:
            $ref: '#/components/schemas/StaticThreshold'
          thresholdType:
            $ref: '#/components/schemas/StaticThresholdType'
          field:
            type: string
            description: The name of the field that the trigger condition will alert
              on. The trigger could compare the value of specified field with the
              threshold. If `field` is not specified, monitor would default to result
              count instead.
            example: _count
          frequency:
            type: string
            description: The frequency that this trigger will be evaluated. Valid
              values of frequencies are `1m`, `2m`, `10m`, `20m`, `1h`
            example: 1m
        description: A rule that defines how logs monitor should evaluate static data
          and trigger notifications.
    MetricsStaticCondition:
      allOf:
      - $ref: '#/components/schemas/TriggerCondition'
      - required:
        - occurrenceType
        - threshold
        - thresholdType
        - timeRange
        type: object
        properties:
          timeRange:
            type: string
            description: The relative time range of the monitor. Valid values of time
              ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`, `-12h`,
              or `-24h`.
            example: -15m
          threshold:
            $ref: '#/components/schemas/StaticThreshold'
          thresholdType:
            $ref: '#/components/schemas/StaticThresholdType'
          occurrenceType:
            $ref: '#/components/schemas/OccurrenceType'
          minDataPoints:
            maximum: 100
            minimum: 1
            type: integer
            description: The minimum number of data points required for the monitor
              to alert or resolve within the time range specified. This field will
              always be set to 1 for `AtleastOnce` occurrence type and for `Always`,
              if not specified by user it will default to 2.
            format: int32
            example: 5
        description: A rule that defines how metrics monitor should evaluate static
          data and trigger notifications.
    LogsOutlierCondition:
      allOf:
      - $ref: '#/components/schemas/TriggerCondition'
      - type: object
        properties:
          window:
            type: integer
            description: Sets the trailing number of data points to calculate mean
              and sigma.
            format: int64
            example: 15
            default: 50
          consecutive:
            type: integer
            description: Sets the required number of consecutive indicator data points
              (outliers) to trigger a violation.
            format: int64
            example: 3
            default: 1
          direction:
            $ref: '#/components/schemas/OutlierDirection_1'
          threshold:
            type: number
            description: Sets the number of standard deviations for calculating violations.
            format: double
            example: 10.0
            default: 3.0
          field:
            type: string
            description: The name of the field that the trigger condition will alert
              on.
            example: _count
        description: A rule that defines how logs monitor should evaluate outlier
          data and trigger notifications.
    MetricsOutlierCondition:
      allOf:
      - $ref: '#/components/schemas/TriggerCondition'
      - type: object
        properties:
          baselineWindow:
            type: string
            description: The time range used to compute the baseline.
            example: 1h
            default: 1d
          direction:
            $ref: '#/components/schemas/OutlierDirection_1'
          threshold:
            type: number
            description: How much should the indicator be different from the baseline
              for each datapoint.
            format: double
            example: 10.0
            default: 3.0
        description: A rule that defines how metrics monitor should evaluate outlier
          data and trigger notifications.
    LogsMissingDataCondition:
      allOf:
      - $ref: '#/components/schemas/TriggerCondition'
      - required:
        - timeRange
        type: object
        properties:
          timeRange:
            type: string
            description: The relative time range of the monitor. Valid values of time
              ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`, `-12h`,
              or `-24h`.
            example: -15m
          frequency:
            type: string
            description: The frequency that this trigger will be evaluated. Valid
              values of frequencies are `1m`, `2m`, `10m`, `20m`, `1h`
            example: 1m
        description: A rule that defines how logs monitors should evaluate missing
          data and trigger notifications.
    MetricsMissingDataCondition:
      allOf:
      - $ref: '#/components/schemas/TriggerCondition'
      - required:
        - timeRange
        - triggerSource
        type: object
        properties:
          triggerSource:
            $ref: '#/components/schemas/TriggerSource'
          timeRange:
            type: string
            description: The relative time range of the monitor. Valid values of time
              ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`, `-12h`,
              or `-24h`.
            example: -15m
        description: A rule that defines how metrics monitors should evaluate missing
          data and trigger notifications.
    SloSliCondition:
      allOf:
      - $ref: '#/components/schemas/TriggerCondition'
      - required:
        - sliThreshold
        type: object
        properties:
          sliThreshold:
            type: number
            description: The remaining SLI error budget threshold percentage.
            format: double
            example: 90
        description: A rule that defines how SLO monitors should evaluate remaining
          error budget and trigger notifications.
    SloBurnRateCondition:
      allOf:
      - $ref: '#/components/schemas/TriggerCondition'
      - type: object
        properties:
          burnRateThreshold:
            type: number
            description: The error budget depletion percentage.
            format: double
            example: 90
          timeRange:
            type: string
            description: The relative time range for measuring error budget depletion.
            example: -2h
        description: A rule that defines parameters for burn rate based monitor evaluation
          and trigger notifications.
    AnomalyCondition:
      type: object
      properties:
        timeRange:
          type: string
          description: The relative time range of the monitor. Valid values of time
            ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`, `-12h`,
            `-24h` or `-1d`.
          example: -15m
        sensitivity:
          type: number
          description: The triggering sensitivity of the anomaly model used for this
            monitor.
          format: double
          example: 0.5
          default: 0.5
        anomalyDetectorType:
          pattern: ^Cluster$
          type: string
          description: The type of anomaly model that will be used for evaluating
            this monitor. Only `Cluster` option is supported currently.
          example: Cluster
        field:
          type: string
          description: The name of the field that the trigger condition will alert
            on. The trigger could compare the value of specified field with the threshold.
            If `field` is not specified, monitor would default to result count instead.
          example: _count
        minAnomalyCount:
          type: integer
          description: The minimum number of anomalies required to exist in the current
            time range for the condition to trigger.
          format: int32
          example: 1
          default: 1
        direction:
          $ref: '#/components/schemas/OutlierDirection_1'
      description: A rule that defines a monitor based on anomaly models.
    LogsAnomalyCondition:
      allOf:
      - $ref: '#/components/schemas/AnomalyCondition'
      - $ref: '#/components/schemas/TriggerCondition'
      - required:
        - anomalyDetectorType
        - field
        - timeRange
        type: object
        description: A rule that defines a log monitor based on an anomaly model.
    MetricsAnomalyCondition:
      allOf:
      - $ref: '#/components/schemas/AnomalyCondition'
      - $ref: '#/components/schemas/TriggerCondition'
      - required:
        - anomalyDetectorType
        - timeRange
        type: object
        description: A rule that defines a metrics monitor based on an anomaly model.
    MonitorFolderDefinition:
      allOf:
      - $ref: '#/components/schemas/MonitorContentSyncDefinition'
      - required:
        - children
        type: object
        properties:
          description:
            type: string
            description: An optional description for the folder.
          children:
            type: array
            description: The items in the folder, a list of Monitor and/or Folder
              items.
            items:
              $ref: '#/components/schemas/MonitorContentSyncDefinition'
    MonitorWithDependenciesDefinition:
      allOf:
      - $ref: '#/components/schemas/MonitorContentSyncDefinition'
      - required:
        - monitor
        type: object
        properties:
          monitor:
            $ref: '#/components/schemas/MonitorsLibraryMonitorExport'
          dependencies:
            type: array
            items:
              $ref: '#/components/schemas/MonitorDependency'
          lookupTableDependencies:
            type: array
            description: Lookup tables that this monitor depends on
            items:
              $ref: '#/components/schemas/LookupTableSyncDefinition'
    AlertSignalContext:
      type: object
      description: Details of the alert signal context.
      allOf:
      - $ref: '#/components/schemas/SignalContext'
      - required:
        - alertId
        type: object
        properties:
          alertId:
            type: string
            description: Alert Identifier.
            example: 00000000F5000634
    TraceQueryExpression:
      required:
      - type
      type: object
      properties:
        type:
          type: string
          description: Expression type of the object model.
      description: Base query expression object.
      discriminator:
        propertyName: type
    AndTracingExpression:
      allOf:
      - $ref: '#/components/schemas/TraceQueryExpression'
      - required:
        - expressions
        type: object
        properties:
          expressions:
            type: array
            description: Evaluates to true, if (and only if) all expressions evaluate
              to true, otherwise evaluates to false.
            items:
              $ref: '#/components/schemas/TraceQueryExpression'
    OrTracingExpression:
      description: Evaluates to true, if at least one expression evaluates to true,
        otherwise evaluates to false.
      allOf:
      - $ref: '#/components/schemas/TraceQueryExpression'
      - required:
        - expressions
        type: object
        properties:
          expressions:
            type: array
            items:
              $ref: '#/components/schemas/TraceQueryExpression'
    MetricTracingFilter:
      allOf:
      - $ref: '#/components/schemas/TraceQueryExpression'
      - required:
        - metric
        - operator
        type: object
        properties:
          metric:
            type: string
            description: The name of the metric to filter by. The list of supported
              metrics can be retrieved using the [Trace Metrics](#operation/getMetrics)
              endpoint.
          operator:
            type: string
            description: "The operator to use. Accepted values:\n  <table>\n    <tr>\n\
              \      <th>Operator</th>\n      <th>Accepted value types</th>\n    </tr>\n\
              \    <tr>\n      <th>&lt; &lt;= &gt; &gt;= =</th>\n      <th>DoubleTracingValue\
              \ IntegerTracingValue</th>\n    </tr>\n    <tr>\n      <th>between</th>\n\
              \      <th>RangeTracingValue of DoubleTracingValue / IntegerTracingValue</th>\n\
              \    </tr>\n  </table>"
          value:
            $ref: '#/components/schemas/TracingValue'
    FieldTracingFilter:
      allOf:
      - $ref: '#/components/schemas/TraceQueryExpression'
      - required:
        - field
        - operator
        type: object
        properties:
          field:
            type: string
            description: The field name to filter by. The list of supported field
              names can be retrieved using the [Trace Query Fields](#operation/getTraceQueryFields)
              endpoint.
          operator:
            type: string
            description: "The operator to use. Accepted values:\n  <table>\n    <tr>\n\
              \      <th>Operator</th>\n      <th>Accepted value types</th>\n    </tr>\n\
              \    <tr>\n      <th>&lt; &lt;= &gt; &gt;= = !=</th>\n      <th>StringTracingValue\
              \ DoubleTracingValue IntegerTracingValue DateTimeTracingValue</th>\n\
              \    </tr>\n    <tr>\n      <th>in</th>\n      <th>ArrayTracingValue\
              \ of StringTracingValue / DoubleTracingValue / IntegerTracingValue /\
              \ DateTimeTracingValue</th>\n    </tr>\n    <tr>\n      <th>between</th>\n\
              \      <th>RangeTracingValue of StringTracingValue / DoubleTracingValue\
              \ / IntegerTracingValue / DateTimeTracingValue</th>\n    </tr>\n  </table>"
          value:
            $ref: '#/components/schemas/TracingValue'
    RootSpanTracingFilter:
      allOf:
      - $ref: '#/components/schemas/TraceQueryExpression'
      - required:
        - field
        - operator
        type: object
        properties:
          field:
            type: string
            description: The field name to filter by. The list of supported field
              names can be retrieved using the [Trace Query Fields](#operation/getTraceQueryFields)
              endpoint.
          operator:
            type: string
            description: "The operator to use. Accepted values:\n  <table>\n    <tr>\n\
              \      <th>Operator</th>\n      <th>Accepted value types</th>\n    </tr>\n\
              \    <tr>\n      <th>&lt; &lt;= &gt; &gt;= = !=</th>\n      <th>StringTracingValue\
              \ DoubleTracingValue IntegerTracingValue DateTimeTracingValue</th>\n\
              \    </tr>\n    <tr>\n      <th>in</th>\n      <th>ArrayTracingValue\
              \ of StringTracingValue / DoubleTracingValue / IntegerTracingValue /\
              \ DateTimeTracingValue</th>\n    </tr>\n    <tr>\n      <th>between</th>\n\
              \      <th>RangeTracingValue of StringTracingValue / DoubleTracingValue\
              \ / IntegerTracingValue / DateTimeTracingValue</th>\n    </tr>\n  </table>"
          value:
            $ref: '#/components/schemas/TracingValue'
    TracingValue:
      required:
      - type
      properties:
        type:
          type: string
          description: Type of the value model.
      discriminator:
        propertyName: type
    DoubleTracingValue:
      allOf:
      - $ref: '#/components/schemas/TracingValue'
      - required:
        - value
        type: object
        properties:
          value:
            type: number
            format: double
    IntegerTracingValue:
      allOf:
      - $ref: '#/components/schemas/TracingValue'
      - required:
        - value
        type: object
        properties:
          value:
            type: integer
            format: int64
    StringTracingValue:
      allOf:
      - $ref: '#/components/schemas/TracingValue'
      - required:
        - value
        type: object
        properties:
          value:
            type: string
    DateTimeTracingValue:
      allOf:
      - $ref: '#/components/schemas/TracingValue'
      - required:
        - value
        type: object
        properties:
          value:
            type: string
            description: Timestamp in UTC in the [ISO 8601 / RFC3339](https://tools.ietf.org/html/rfc3339)
              format.
            format: date-time
            example: 2019-11-22 09:00:00+00:00
    ArrayTracingValue:
      allOf:
      - $ref: '#/components/schemas/TracingValue'
      - required:
        - values
        type: object
        properties:
          values:
            type: array
            items:
              $ref: '#/components/schemas/TracingValue'
    RangeTracingValue:
      allOf:
      - $ref: '#/components/schemas/TracingValue'
      - required:
        - from
        - to
        type: object
        properties:
          from:
            $ref: '#/components/schemas/TracingValue'
          to:
            $ref: '#/components/schemas/TracingValue'
    EventAttributeValue:
      required:
      - type
      properties:
        type:
          pattern: ^(BooleanEventAttributeValue|StringEventAttributeValue|DoubleEventAttributeValue|IntegerEventAttributeValue|BooleanArrayEventAttributeValue|StringArrayEventAttributeValue|DoubleArrayEventAttributeValue|IntegerArrayEventAttributeValue)$
          type: string
          description: Type of the event attribute value.
          example: BooleanAttributeValue
      discriminator:
        propertyName: type
    BooleanEventAttributeValue:
      allOf:
      - $ref: '#/components/schemas/EventAttributeValue'
      - required:
        - value
        type: object
        properties:
          value:
            type: boolean
    DoubleEventAttributeValue:
      allOf:
      - $ref: '#/components/schemas/EventAttributeValue'
      - required:
        - value
        type: object
        properties:
          value:
            type: number
            format: double
    IntegerEventAttributeValue:
      allOf:
      - $ref: '#/components/schemas/EventAttributeValue'
      - required:
        - value
        type: object
        properties:
          value:
            type: integer
            format: int64
    StringEventAttributeValue:
      allOf:
      - $ref: '#/components/schemas/EventAttributeValue'
      - required:
        - value
        type: object
        properties:
          value:
            type: string
    BooleanArrayEventAttributeValue:
      allOf:
      - $ref: '#/components/schemas/EventAttributeValue'
      - required:
        - values
        type: object
        properties:
          values:
            type: array
            items:
              type: boolean
    DoubleArrayEventAttributeValue:
      allOf:
      - $ref: '#/components/schemas/EventAttributeValue'
      - required:
        - values
        type: object
        properties:
          values:
            type: array
            items:
              type: number
              format: double
    IntegerArrayEventAttributeValue:
      allOf:
      - $ref: '#/components/schemas/EventAttributeValue'
      - required:
        - values
        type: object
        properties:
          values:
            type: array
            items:
              type: integer
              format: int64
    StringArrayEventAttributeValue:
      allOf:
      - $ref: '#/components/schemas/EventAttributeValue'
      - required:
        - values
        type: object
        properties:
          values:
            type: array
            items:
              type: string
    TraceHttpSpanInfo:
      allOf:
      - $ref: '#/components/schemas/TraceSpanInfo'
      - type: object
        properties:
          method:
            pattern: ^(GET|HEAD|POST|PUT|DELETE|CONNECT|OPTIONS|TRACE)$
            type: string
            description: HTTP method of the request for the associated span.
            example: GET
          url:
            type: string
            description: URL of the request being handled in this span, in the standard
              URI format.
            example: https://domain.net/path/to?resource=here
          statusCode:
            type: integer
            description: HTTP response status code for the associated span.
            example: 200
    TraceDbSpanInfo:
      allOf:
      - $ref: '#/components/schemas/TraceSpanInfo'
      - type: object
        properties:
          dbType:
            type: string
            description: Database type.
            example: sql
          instance:
            type: string
            description: Database instance name, e.g. in java, if jdbc.url="jdbc:mysql://127.0.0.1:3306/customers",
              the instance name is "customers".
            example: customers
          statement:
            type: string
            description: Database statement for the given database type.
            example: SELECT * FROM user_table
    TraceMessageBusSpanInfo:
      allOf:
      - $ref: '#/components/schemas/TraceSpanInfo'
      - type: object
        properties:
          destination:
            type: string
            description: An address at which messages can be exchanged e.g. a Kafka
              record has an associated "topic name" that can be stored using this
              tag.
            example: kafka.topic.name
    OTCollectorListResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of OT Collectors.
          items:
            $ref: '#/components/schemas/OTCollector'
    PaginatedOTCollectorsRequest:
      type: object
      properties:
        search:
          type: string
          description: search by collector id or free text search on collector properties.
          example: testAgent
        filters:
          type: object
          properties:
            tags:
              type: array
              description: tags associated with the OT collector
              example:
              - - key: region
                  values:
                  - us2
                  - mum
              - - key: key2
                  values:
                  - value2
              items:
                type: array
                items:
                  $ref: '#/components/schemas/OtTag'
              default: []
            os:
              type: string
              description: Name of the Operating System.
              nullable: true
              example: linux
              x-visibility: private
            collectorVersionRange:
              $ref: '#/components/schemas/VersionRange'
            alive:
              type: boolean
              description: alive Status of the OT Collector based on heartbeat.
              nullable: true
              example: true
            isRemotelyManaged:
              type: boolean
              description: Management Status of the OT Collector based on if it is
                remotely or locally managed.
              nullable: true
              example: true
            isUpgradeAvailable:
              type: boolean
              description: upgrade availability status of the OT Collector.
              nullable: true
              example: true
            hasNoSourceTemplateLinked:
              type: boolean
              description: whether the remotely managed OT Collector has no source
                template linked.
              nullable: true
              example: true
          description: parameter which is used for filtering.
        sortBy:
          type: string
          description: parameter which is used for sorting.
          example: name
        next:
          type: string
          description: parameter which is used for fetching next set of results.
          example: token
        limit:
          maximum: 1000
          minimum: 1
          type: integer
          description: parameter which is used for limiting number of otCollectors
            on a page.
          format: int32
          example: 30
        includeCount:
          type: boolean
          description: count of filtered otCollectors.
          nullable: true
          example: false
    PaginatedOTCollectorsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: paginated list of OT Collectors.
          items:
            $ref: '#/components/schemas/OTCollector'
        next:
          type: string
          description: next page token.
        count:
          type: integer
          description: count of otCollectors in response.
          format: int32
    OTCollectorCountResponse:
      required:
      - totalCount
      type: object
      properties:
        totalCount:
          type: integer
          description: Total number of OT Collector for a customer.
          format: int32
          example: 100
      description: response for total count of otCollectors.
    SearchQueryContext:
      allOf:
      - $ref: '#/components/schemas/EventContext'
      - required:
        - queryId
        type: object
        properties:
          queryId:
            type: string
            description: The query id of the log search.
            example: 0BA5454CDE467
    ParsersLibraryBase:
      required:
      - description
      - name
      - type
      type: object
      properties:
        name:
          maxLength: 255
          minLength: 1
          type: string
          description: Name of the folder or parser.
        description:
          maxLength: 4096
          type: string
          description: Description of the folder or parser.
        type:
          type: string
          description: Type of the object model.
        isLocked:
          type: boolean
          description: Locking/Unlocking requires the `LockParsers` capability. Locked
            objects can only be `Localized`. Updating or moving requires unlocking
            the object. Locking/Unlocking recursively locks all of the objects children.
            All children of a locked object must be locked.
          default: false
      discriminator:
        propertyName: type
    ParsersLibraryBaseUpdate:
      required:
      - description
      - name
      - version
      type: object
      properties:
        name:
          maxLength: 255
          minLength: 1
          type: string
          description: Name of the folder or parser.
        description:
          maxLength: 4096
          type: string
          description: Description of the folder or parser.
        version:
          type: integer
          description: Version of the folder or parser.
          format: int64
        type:
          type: string
          description: Type of the object model.
      discriminator:
        propertyName: type
    ParsersLibraryBaseResponse:
      required:
      - contentType
      - createdAt
      - createdBy
      - description
      - id
      - isLocked
      - isMutable
      - isSystem
      - modifiedAt
      - modifiedBy
      - name
      - parentId
      - type
      - version
      type: object
      properties:
        id:
          type: string
          description: Identifier of the folder or parser.
        name:
          type: string
          description: Name of the folder or parser.
        description:
          type: string
          description: Description of the folder or parser.
        version:
          type: integer
          description: Version of the folder or parser.
          format: int64
        createdAt:
          type: string
          description: 'Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.

            '
          format: date-time
        createdBy:
          type: string
          description: Identifier of the user who created the resource.
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
        modifiedBy:
          type: string
          description: Identifier of the user who last modified the resource.
        parentId:
          type: string
          description: Identifier of the parent folder.
        contentType:
          type: string
          description: "Type of the content. Valid values:\n  1) Folder\n  2) Parser\n"
        type:
          type: string
          description: Type of the object model.
        isLocked:
          type: boolean
          description: Whether the object is locked.
        isSystem:
          type: boolean
          description: System objects are objects provided by Sumo Logic. System objects
            can only be localized. Non-local fields can't be updated.
        isMutable:
          type: boolean
          description: Immutable objects are "READ-ONLY".
      discriminator:
        propertyName: type
    ParsersLibraryParser:
      allOf:
      - $ref: '#/components/schemas/ParsersLibraryBase'
      - required:
        - stanzas
        type: object
        properties:
          stanzas:
            type: string
            description: Collection of stanzas describing the parser.
            example: '[sourcetype:PAN-firewall]

              EVENT_MULTILINE = False

              FORMAT = CSV

              '
          modelPath:
            type: string
            description: The path to the Model a Model-Connector is associated with.
            example: Models/firewalls/PAN
          sourcetypePath:
            type: string
            description: The path to the sourcetype a Model-Connector is associated
              with.
            example: Parsers/firewalls/PAN-firewall
          families:
            type: string
            description: CSV list of model families this object belongs/applies to
            example: firewalls,IDS
          isPartial:
            type: boolean
            description: Is this a complete Parser or Model-Connector, or just a config
              fragment?
            default: false
          localStanzas:
            type: string
            description: Localized stanzas.
            example: '[sourcetype:PAN-firewall]

              WRAPPER = BSD_SYSLOG

              '
    ParsersLibraryFolder:
      allOf:
      - $ref: '#/components/schemas/ParsersLibraryBase'
    ParsersLibraryParserUpdate:
      allOf:
      - $ref: '#/components/schemas/ParsersLibraryBaseUpdate'
      - required:
        - stanzas
        type: object
        properties:
          stanzas:
            type: string
            description: Collection of stanzas describing the parser.
            example: '[sourcetype:PAN-firewall]

              EVENT_MULTILINE = False

              FORMAT = CSV

              '
          modelPath:
            type: string
            description: The path to the Model a Model-Connector is associated with.
            example: Models/firewalls/PAN
          sourcetypePath:
            type: string
            description: The path to the sourcetype a Model-Connector is associated
              with.
            example: Parsers/firewalls/PAN-firewall
          families:
            type: string
            description: CSV list of model families this object belongs/applies to
            example: firewalls,IDS
          isPartial:
            type: boolean
            description: Is this a complete Parser or Model-Connector, or just a config
              fragment?
            default: false
          localStanzas:
            type: string
            description: Localized stanzas.
            example: '[sourcetype:PAN-firewall]

              WRAPPER = BSD_SYSLOG

              '
    ParsersLibraryFolderUpdate:
      allOf:
      - $ref: '#/components/schemas/ParsersLibraryBaseUpdate'
    ParsersLibraryParserResponse:
      allOf:
      - $ref: '#/components/schemas/ParsersLibraryBaseResponse'
      - required:
        - stanzas
        type: object
        properties:
          stanzas:
            type: string
            description: Collection of stanzas describing the parser.
            example: '[sourcetype:PAN-firewall]

              EVENT_MULTILINE = False

              FORMAT = CSV

              '
          modelPath:
            type: string
            description: The path to the Model a Model-Connector is associated with.
            example: Models/firewalls/PAN
          sourcetypePath:
            type: string
            description: The path to the sourcetype a Model-Connector is associated
              with.
            example: Parsers/firewalls/PAN-firewall
          families:
            type: string
            description: CSV list of model families this object belongs/applies to
            example: firewalls,IDS
          isPartial:
            type: boolean
            description: Is this a complete Parser or Model-Connector, or just a config
              fragment?
            default: false
          localStanzas:
            type: string
            description: Localized stanzas.
            example: '[sourcetype:PAN-firewall]

              WRAPPER = BSD_SYSLOG

              '
    ParsersLibraryFolderResponse:
      allOf:
      - $ref: '#/components/schemas/ParsersLibraryBaseResponse'
      - required:
        - children
        type: object
        properties:
          children:
            type: array
            description: Children of the folder.
            items:
              $ref: '#/components/schemas/ParsersLibraryBaseResponse'
    IdToParsersLibraryBaseResponseMap:
      maxProperties: 1000
      type: object
      additionalProperties:
        $ref: '#/components/schemas/ParsersLibraryBaseResponse'
    ParsersLibraryExportBase:
      required:
      - description
      - name
      - type
      type: object
      properties:
        name:
          maxLength: 255
          minLength: 1
          type: string
          description: Name of the folder or parser.
        description:
          maxLength: 4096
          type: string
          description: Description of the folder or parser.
        type:
          type: string
          description: Type of the object model.
      discriminator:
        propertyName: type
    ParsersLibraryParserExportV2:
      allOf:
      - $ref: '#/components/schemas/ParsersLibraryExportBase'
      - required:
        - stanzas
        type: object
        properties:
          stanzas:
            type: array
            description: Array of lines of stanzas describing the parser.
            example: '["[sourcetype:PAN-firewall]",

              "EVENT_MULTILINE = False",

              "FORMAT = CSV"]

              '
            items:
              type: string
          modelPath:
            type: string
            description: The path to the Model a Model-Connector is associated with.
            example: Models/firewalls/PAN
          sourcetypePath:
            type: string
            description: The path to the sourcetype a Model-Connector is associated
              with.
            example: Parsers/firewalls/PAN-firewall
          families:
            type: string
            description: CSV list of model families this object belongs/applies to
            example: firewalls,IDS
          isPartial:
            type: boolean
            description: Is this a complete Parser or Model-Connector, or just a config
              fragment?
            default: false
          localStanzas:
            type: string
            description: Localized stanzas.
            example: '[sourcetype:PAN-firewall]

              WRAPPER = BSD_SYSLOG

              '
    ParsersLibraryParserExport:
      allOf:
      - $ref: '#/components/schemas/ParsersLibraryExportBase'
      - required:
        - stanzas
        type: object
        properties:
          stanzas:
            type: string
            description: Collection of stanza or array of lines of stanzas describing
              the parser.
            example: '[sourcetype:PAN-firewall]

              EVENT_MULTILINE = False

              FORMAT = CSV

              '
          modelPath:
            type: string
            description: The path to the Model a Model-Connector is associated with.
            example: Models/firewalls/PAN
          sourcetypePath:
            type: string
            description: The path to the sourcetype a Model-Connector is associated
              with.
            example: Parsers/firewalls/PAN-firewall
          families:
            type: string
            description: CSV list of model families this object belongs/applies to
            example: firewalls,IDS
          isPartial:
            type: boolean
            description: Is this a complete Parser or Model-Connector, or just a config
              fragment?
            default: false
          localStanzas:
            type: string
            description: Localized stanzas.
            example: '[sourcetype:PAN-firewall]

              WRAPPER = BSD_SYSLOG

              '
    ParsersLibraryFolderExport:
      allOf:
      - $ref: '#/components/schemas/ParsersLibraryExportBase'
      - type: object
        properties:
          children:
            type: array
            description: Children of the folder
            items:
              $ref: '#/components/schemas/ParsersLibraryExportBase'
    ParsersLibraryItemWithPath:
      required:
      - item
      - path
      type: object
      properties:
        item:
          $ref: '#/components/schemas/ParsersLibraryBaseResponse'
        path:
          type: string
          description: Path of the folder or parser.
          example: /Parsers/SampleFolder/TestParser
    ListParsersLibraryItemWithPath:
      type: array
      description: List of folders or parsers.
      items:
        $ref: '#/components/schemas/ParsersLibraryItemWithPath'
    SCIMRoles:
      required:
      - primary
      - value
      type: object
      properties:
        value:
          type: string
          description: Role assigned to the user
          example: Administrator
        primary:
          type: boolean
          description: Always set to 'true' as sumologic doesn't have a concept of
            primary/secondary roles
          example: true
          default: true
    OAuthClientCreateRequest:
      required:
      - name
      - type
      type: object
      properties:
        type:
          type: string
          description: Type of the object model.
        name:
          maxLength: 128
          minLength: 0
          type: string
          description: Name of the OAuth client.
          example: My OAuth Client
        description:
          maxLength: 255
          minLength: 0
          type: string
          description: Description of the OAuth client.
          example: OAuth client for data ingestion
          default: ''
        scopes:
          type: array
          description: "Scopes assigned to the client.\n### Alerting\n  - adminMonitorsV2\n\
            \  - viewMonitorsV2\n  - manageMonitorsV2\n\n### Data Management\n  -\
            \ manageApps\n  - viewCollectors\n  - manageCollectors\n  - viewConnections\n\
            \  - manageConnections\n  - contentAdmin\n  - viewFieldExtractionRules\n\
            \  - manageFieldExtractionRules            \n  - viewFields\n  - manageFields\n\
            \  - manageBudgets\n  - viewLibrary\n  - manageLibrary\n  - viewPartitions\n\
            \  - managePartitions \n  - manageS3DataForwarding\n  - viewScheduledViews\n\
            \  - manageScheduledViews\n  - manageTokens\n\n### Logs\n  - runLogSearch\n\
            \n### Metrics\n  - runMetricsQuery \n\n### Reliability Management\n  -\
            \ viewSlos\n  - manageSlos\n\n### Security\n  - manageAccessKeys\n  -\
            \ viewPersonalAccessKeys\n  - managePersonalAccessKeys\n\n### UserManagement\n\
            \  - viewUsersAndRoles\n  - manageUsersAndRoles"
          example:
          - manageUsersAndRoles
          - viewCollectors
          items:
            type: string
          default: []
      discriminator:
        propertyName: type
        mapping:
          ClientCredentialsClient: '#/components/schemas/CreateClientCredentialsClientRequest'
          AuthorizationCodeClient: '#/components/schemas/CreateAuthorizationCodeClientRequest'
    OAuthRunAs:
      required:
      - type
      type: object
      properties:
        type:
          type: string
          description: Type of the object model.
      discriminator:
        propertyName: type
        mapping:
          ServiceAccount: '#/components/schemas/OAuthRunAsId'
    OAuthRunAsId:
      allOf:
      - $ref: '#/components/schemas/OAuthRunAs'
      - required:
        - runAsId
        type: object
        properties:
          runAsId:
            type: string
            description: Identifier of the service account that the OAuth Client runs
              as.
            example: 0000000006743FDA
    CreateClientCredentialsClientRequest:
      allOf:
      - $ref: '#/components/schemas/OAuthClientCreateRequest'
      - required:
        - runAs
        type: object
        properties:
          runAs:
            $ref: '#/components/schemas/OAuthRunAs'
    CreateAuthorizationCodeClientRequest:
      allOf:
      - $ref: '#/components/schemas/OAuthClientCreateRequest'
      - required:
        - redirectUris
        type: object
        properties:
          redirectUris:
            type: array
            description: Redirect URIs for the OAuth client. Redirect URI's during
              Authorization Code flow must be an exact match.
            example:
            - https://www.example.com/oauth/callback
            items:
              type: string
            default: []
    OAuthClientUpdateRequest:
      required:
      - description
      - disabled
      - name
      - scopes
      - type
      type: object
      properties:
        type:
          type: string
          description: Type of the object model.
        name:
          maxLength: 128
          minLength: 0
          type: string
          description: Name of the OAuth client.
          example: My OAuth Client
        description:
          maxLength: 255
          minLength: 0
          type: string
          description: Description of the OAuth client.
          example: OAuth client for data ingestion
        disabled:
          type: boolean
          description: Whether the OAuth client is disabled. Disabled OAuth clients
            cannot be used to authenticate users.
        scopes:
          type: array
          description: "Scopes assigned to the client.\n### Alerting\n  - adminMonitorsV2\n\
            \  - viewMonitorsV2\n  - manageMonitorsV2\n\n### Data Management\n  -\
            \ manageApps\n  - viewCollectors\n  - manageCollectors\n  - viewConnections\n\
            \  - manageConnections\n  - contentAdmin\n  - viewFieldExtractionRules\n\
            \  - manageFieldExtractionRules            \n  - viewFields\n  - manageFields\n\
            \  - manageBudgets\n  - viewLibrary\n  - manageLibrary\n  - viewPartitions\n\
            \  - managePartitions \n  - manageS3DataForwarding\n  - viewScheduledViews\n\
            \  - manageScheduledViews\n  - manageTokens\n\n### Logs\n  - runLogSearch\n\
            \n### Metrics\n  - runMetricsQuery \n\n### Reliability Management\n  -\
            \ viewSlos\n  - manageSlos\n\n### Security\n  - manageAccessKeys\n  -\
            \ viewPersonalAccessKeys\n  - managePersonalAccessKeys\n\n### UserManagement\n\
            \  - viewUsersAndRoles\n  - manageUsersAndRoles"
          example:
          - manageUsersAndRoles
          - viewCollectors
          items:
            type: string
      discriminator:
        propertyName: type
        mapping:
          ClientCredentialsClient: '#/components/schemas/UpdateClientCredentialsClientRequest'
          AuthorizationCodeClient: '#/components/schemas/UpdateAuthorizationCodeClientRequest'
    UpdateClientCredentialsClientRequest:
      allOf:
      - $ref: '#/components/schemas/OAuthClientUpdateRequest'
      - required:
        - runAs
        type: object
        properties:
          runAs:
            $ref: '#/components/schemas/OAuthRunAs'
    UpdateAuthorizationCodeClientRequest:
      allOf:
      - $ref: '#/components/schemas/OAuthClientUpdateRequest'
      - required:
        - redirectUris
        type: object
        properties:
          redirectUris:
            type: array
            description: Redirect URIs for the OAuth client. Redirect URI's during
              Authorization Code flow must be an exact match.
            example:
            - https://www.example.com/oauth/callback
            items:
              type: string
    OAuthClient:
      required:
      - clientId
      - createdAt
      - createdBy
      - description
      - disabled
      - modifiedAt
      - modifiedBy
      - name
      - scopes
      - type
      type: object
      properties:
        type:
          type: string
          description: Type of the object model.
        clientId:
          type: string
          description: Identifier of the OAuth client.
          example: zVplCFHcpTDwtktBIQmFI2K6s9HEo4HAtcQD1f1M5eQ
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        createdBy:
          type: string
          description: Identifier of the user who created the OAuth client.
          example: 0000000006743FDD
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        modifiedBy:
          type: string
          description: Identifier of the user who modified the OAuth client.
          example: 0000000006743FDD
        name:
          maxLength: 128
          minLength: 0
          type: string
          description: Name of the OAuth client.
          example: My OAuth Client
        description:
          maxLength: 255
          minLength: 0
          type: string
          description: Description of the OAuth client.
          example: OAuth client for data ingestion
        disabled:
          type: boolean
          description: Whether the OAuth client is disabled. Disabled OAuth clients
            cannot be used to authenticate users.
        scopes:
          type: array
          description: "Scopes assigned to the client.\n### Alerting\n  - adminMonitorsV2\n\
            \  - viewMonitorsV2\n  - manageMonitorsV2\n\n### Data Management\n  -\
            \ manageApps\n  - viewCollectors\n  - manageCollectors\n  - viewConnections\n\
            \  - manageConnections\n  - contentAdmin\n  - viewFieldExtractionRules\n\
            \  - manageFieldExtractionRules            \n  - viewFields\n  - manageFields\n\
            \  - manageBudgets\n  - viewLibrary\n  - manageLibrary\n  - viewPartitions\n\
            \  - managePartitions \n  - manageS3DataForwarding\n  - viewScheduledViews\n\
            \  - manageScheduledViews\n  - manageTokens\n\n### Logs\n  - runLogSearch\n\
            \n### Metrics\n  - runMetricsQuery \n\n### Reliability Management\n  -\
            \ viewSlos\n  - manageSlos\n\n### Security\n  - manageAccessKeys\n  -\
            \ viewPersonalAccessKeys\n  - managePersonalAccessKeys\n\n### UserManagement\n\
            \  - viewUsersAndRoles\n  - manageUsersAndRoles"
          example:
          - manageUsersAndRoles
          - viewCollectors
          items:
            type: string
      discriminator:
        propertyName: type
        mapping:
          ClientCredentialsClient: '#/components/schemas/ClientCredentialsClient'
          AuthorizationCodeClient: '#/components/schemas/AuthorizationCodeClient'
    ClientCredentialsClient:
      allOf:
      - $ref: '#/components/schemas/OAuthClient'
      - required:
        - effectiveScopes
        - runAs
        type: object
        properties:
          effectiveScopes:
            type: array
            description: Effective scopes based on the intersection of the user's
              RBAC capabilities and the assigned scopes.
            example:
            - manageUsersAndRoles
            - viewCollectors
            items:
              type: string
          runAs:
            $ref: '#/components/schemas/OAuthRunAs'
    AuthorizationCodeClient:
      allOf:
      - $ref: '#/components/schemas/OAuthClient'
      - required:
        - redirectUris
        type: object
        properties:
          redirectUris:
            type: array
            description: Redirect URIs for the OAuth client. Redirect URI's during
              Authorization Code flow must be an exact  match.
            example:
            - https://www.example.com/oauth/callback
            items:
              type: string
    OAuthClientWithSecret:
      required:
      - clientId
      - clientSecret
      - createdAt
      - createdBy
      - description
      - disabled
      - modifiedAt
      - modifiedBy
      - name
      - scopes
      - type
      type: object
      properties:
        type:
          type: string
          description: Type of the object model.
        clientId:
          type: string
          description: Identifier of the OAuth client.
          example: zVplCFHcpTDwtktBIQmFI2K6s9HEo4HAtcQD1f1M5eQ
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        createdBy:
          type: string
          description: Identifier of the user who created the OAuth client.
          example: 0000000006743FDD
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        modifiedBy:
          type: string
          description: Identifier of the user who modified the OAuth client.
          example: 0000000006743FDD
        name:
          maxLength: 128
          minLength: 0
          type: string
          description: Name of the OAuth client.
          example: My OAuth Client
        description:
          maxLength: 255
          minLength: 0
          type: string
          description: Description of the OAuth client.
          example: OAuth client for data ingestion
        disabled:
          type: boolean
          description: Whether the OAuth client is disabled. Disabled OAuth clients
            cannot be used to authenticate users.
        scopes:
          type: array
          description: "Scopes assigned to the client.\n### Alerting\n  - adminMonitorsV2\n\
            \  - viewMonitorsV2\n  - manageMonitorsV2\n\n### Data Management\n  -\
            \ manageApps\n  - viewCollectors\n  - manageCollectors\n  - viewConnections\n\
            \  - manageConnections\n  - contentAdmin\n  - viewFieldExtractionRules\n\
            \  - manageFieldExtractionRules            \n  - viewFields\n  - manageFields\n\
            \  - manageBudgets\n  - viewLibrary\n  - manageLibrary\n  - viewPartitions\n\
            \  - managePartitions \n  - manageS3DataForwarding\n  - viewScheduledViews\n\
            \  - manageScheduledViews\n  - manageTokens\n\n### Logs\n  - runLogSearch\n\
            \n### Metrics\n  - runMetricsQuery \n\n### Reliability Management\n  -\
            \ viewSlos\n  - manageSlos\n\n### Security\n  - manageAccessKeys\n  -\
            \ viewPersonalAccessKeys\n  - managePersonalAccessKeys\n\n### UserManagement\n\
            \  - viewUsersAndRoles\n  - manageUsersAndRoles"
          example:
          - manageUsersAndRoles
          - viewCollectors
          items:
            type: string
        clientSecret:
          type: string
          description: The client secret for the created OAuth Client.
          example: EqyuIvsnae0LnMC2mbJArysXcmp0LuBsRgmyeLtSkFPEzSxdvpYQMDajn_8buaDj
      discriminator:
        propertyName: type
        mapping:
          ClientCredentialsClient: '#/components/schemas/ClientCredentialsClientWithSecret'
          AuthorizationCodeClient: '#/components/schemas/AuthorizationCodeClientWithSecret'
    ClientCredentialsClientWithSecret:
      allOf:
      - $ref: '#/components/schemas/OAuthClientWithSecret'
      - required:
        - effectiveScopes
        - runAs
        type: object
        properties:
          effectiveScopes:
            type: array
            description: Effective scopes based on the intersection of the user's
              RBAC capabilities and the assigned scopes.
            example:
            - manageUsersAndRoles
            - viewCollectors
            items:
              type: string
          runAs:
            $ref: '#/components/schemas/OAuthRunAs'
    AuthorizationCodeClientWithSecret:
      allOf:
      - $ref: '#/components/schemas/OAuthClientWithSecret'
      - required:
        - redirectUris
        type: object
        properties:
          redirectUris:
            type: array
            description: Redirect URIs for the OAuth client. Redirect URI's during
              Authorization Code flow must be an exact  match.
            example:
            - https://www.example.com/oauth/callback
            items:
              type: string
    PaginatedListOAuthClientsResult:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: An array of OAuth clients.
          items:
            $ref: '#/components/schemas/OAuthClient'
        next:
          type: string
          description: Next continuation token.
          example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
      description: List of OAuth clients.
    MonitorTemplatesLibraryBase:
      required:
      - name
      - type
      type: object
      properties:
        name:
          type: string
          description: Name of the monitortemplate or folder.
        description:
          type: string
          description: Description of the monitortemplate or folder.
          default: ''
        type:
          type: string
          description: "Type of the object model. Valid values:\n  1) MonitorTemplatesLibraryMonitortemplate\n\
            \  2) MonitorTemplatesLibraryFolder"
      discriminator:
        propertyName: type
    MonitorTemplatesLibraryBaseUpdate:
      required:
      - name
      - type
      - version
      type: object
      properties:
        name:
          type: string
          description: The name of the monitortemplate or folder.
        description:
          type: string
          description: The description of the monitortemplate or folder.
          default: ''
        version:
          type: integer
          description: The version of the monitortemplate or folder.
          format: int64
        type:
          type: string
          description: Type of the object model.
      discriminator:
        propertyName: type
    MonitorTemplatesLibraryBaseResponse:
      required:
      - contentType
      - createdAt
      - createdBy
      - description
      - id
      - isMutable
      - isSystem
      - modifiedAt
      - modifiedBy
      - name
      - parentId
      - type
      - version
      type: object
      properties:
        id:
          type: string
          description: Identifier of the monitortemplate or folder.
        name:
          type: string
          description: Identifier of the monitortemplate or folder.
        description:
          type: string
          description: Description of the monitortemplate or folder.
        version:
          type: integer
          description: Version of the monitortemplate or folder.
          format: int64
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
        createdBy:
          type: string
          description: Identifier of the user who created the resource.
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
        modifiedBy:
          type: string
          description: Identifier of the user who last modified the resource.
        parentId:
          type: string
          description: Identifier of the parent folder.
        contentType:
          type: string
          description: "Type of the content. Valid values:\n  1) Monitortemplate\n\
            \  2) Folder"
        type:
          type: string
          description: Type of the object model.
        isSystem:
          type: boolean
          description: System objects are objects provided by Sumo Logic. System objects
            can only be localized. Non-local fields can't be updated.
        isMutable:
          type: boolean
          description: Immutable objects are "READ-ONLY".
        permissions:
          type: array
          description: Aggregated permission summary for the calling user. If detailed
            permission statements are required, please call list permissions endpoint.
          example:
          - Read
          - Delete
          items:
            type: string
      discriminator:
        propertyName: type
    MonitorTemplatesLibraryFolder:
      allOf:
      - $ref: '#/components/schemas/MonitorTemplatesLibraryBase'
    MonitorTemplatesLibraryFolderUpdate:
      allOf:
      - $ref: '#/components/schemas/MonitorTemplatesLibraryBaseUpdate'
    MonitorTemplatesLibraryFolderResponse:
      allOf:
      - $ref: '#/components/schemas/MonitorTemplatesLibraryBaseResponse'
      - required:
        - children
        - permissions
        type: object
        properties:
          permissions:
            type: array
            description: Aggregated permission summary for the calling user. If detailed
              permission statements are required, please call list permissions endpoint.
            example:
            - Read
            - Delete
            items:
              type: string
          children:
            type: array
            description: 'Children of the folder. NOTE: Permissions field will not
              be filled (empty list) for children.'
            items:
              $ref: '#/components/schemas/MonitorTemplatesLibraryBaseResponse'
    MonitorTemplatesLibraryBaseExport:
      required:
      - name
      - type
      type: object
      properties:
        name:
          type: string
          description: Name of the monitortemplate or folder.
        description:
          type: string
          description: Description of the monitortemplate or folder.
        type:
          type: string
          description: Type of the object model.
      discriminator:
        propertyName: type
    MonitorTemplatesLibraryFolderExport:
      allOf:
      - $ref: '#/components/schemas/MonitorTemplatesLibraryBaseExport'
      - type: object
        properties:
          children:
            type: array
            description: The items in the folder. A multi-type list of types monitortemplate
              or folder.
            items:
              $ref: '#/components/schemas/MonitorTemplatesLibraryBaseExport'
    MonitorTemplatesLibraryMonitorTemplate:
      allOf:
      - $ref: '#/components/schemas/MonitorTemplatesLibraryBase'
      - required:
        - monitorType
        - queries
        - triggers
        type: object
        properties:
          monitorType:
            pattern: ^(Logs|Metrics|Slo)$
            type: string
            description: "The type of monitor template. Valid values:\n  1. `Logs`:\
              \ A logs query monitor template.\n  2. `Metrics`: A metrics query monitor\
              \ template.\n  3. `Slo`: A SLO based monitor template."
            example: Logs
            x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo'
          evaluationDelay:
            type: string
            description: The delay duration for evaluating the monitor (relative to
              current time). The timerange of monitor will be shifted in the past
              by this delay time.
            example: 5m
            default: 0m
          alertName:
            type: string
            description: The name of the alert(s) triggered from the monitor created
              based on the template. Monitor name will be used if not specified.
          queries:
            uniqueItems: true
            type: array
            description: All queries from the monitor.
            items:
              $ref: '#/components/schemas/MonitorQuery'
          triggers:
            type: array
            description: Defines the conditions of when to send notifications.
            example:
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: Critical
              threshold: 50
              thresholdType: GreaterThanOrEqual
              occurrenceType: ResultCount
              triggerSource: AllResults
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: ResolvedCritical
              threshold: 50
              thresholdType: LessThan
              occurrenceType: ResultCount
              triggerSource: AllResults
            items:
              $ref: '#/components/schemas/TriggerCondition'
          isDisabled:
            type: boolean
            description: Whether or not the monitor template is disabled.
            example: false
            default: false
          groupNotifications:
            type: boolean
            description: Whether or not to group notifications for individual items
              that meet the trigger condition.
            example: true
            default: true
          playbook:
            maxLength: 4096
            type: string
            description: Notes such as links and instruction to help you resolve alerts
              triggered by this monitor template. {{Markdown}} supported. It will
              be enabled only if available for your organization. Please contact your
              Sumo Logic account team to learn more.
            example: This issue typically happens when database calls are timing out.
              Look at ServiceA's dashboard to investigate further
            default: ''
    MonitorTemplatesLibraryMonitorTemplateResponse:
      allOf:
      - $ref: '#/components/schemas/MonitorTemplatesLibraryBaseResponse'
      - required:
        - monitorType
        - queries
        - triggers
        type: object
        properties:
          monitorType:
            pattern: ^(Logs|Metrics|Slo)$
            type: string
            description: "The type of monitor template. Valid values:\n  1. `Logs`:\
              \ A logs query monitor template.\n  2. `Metrics`: A metrics query monitor\
              \ template.\n  3. `Slo`: A SLO based monitor template."
            example: Logs
            x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo'
          evaluationDelay:
            type: string
            description: The delay duration for evaluating the monitor (relative to
              current time). The timerange of monitor will be shifted in the past
              by this delay time.
            example: 5m
            default: 0m
          alertName:
            type: string
            description: The name of the alert(s) triggered from the monitor created
              based on the template. Monitor name will be used if not specified.
          queries:
            uniqueItems: true
            type: array
            description: All queries from the monitor.
            items:
              $ref: '#/components/schemas/MonitorQuery'
          triggers:
            type: array
            description: Defines the conditions of when to send notifications.
            example:
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: Critical
              threshold: 50
              thresholdType: GreaterThanOrEqual
              occurrenceType: ResultCount
              triggerSource: AllResults
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: ResolvedCritical
              threshold: 50
              thresholdType: LessThan
              occurrenceType: ResultCount
              triggerSource: AllResults
            items:
              $ref: '#/components/schemas/TriggerCondition'
          isDisabled:
            type: boolean
            description: Whether or not the monitor template is disabled.
            example: false
            default: false
          groupNotifications:
            type: boolean
            description: Whether or not to group notifications for individual items
              that meet the trigger condition.
            example: true
            default: true
          playbook:
            maxLength: 4096
            type: string
            description: Notes such as links and instruction to help you resolve alerts
              triggered by this monitor template. {{Markdown}} supported. It will
              be enabled only if available for your organization. Please contact your
              Sumo Logic account team to learn more.
            example: This issue typically happens when database calls are timing out.
              Look at ServiceA's dashboard to investigate further
            default: ''
    MonitorTemplatesLibraryMonitorTemplateExport:
      allOf:
      - $ref: '#/components/schemas/MonitorTemplatesLibraryBaseExport'
      - required:
        - monitorType
        - queries
        - triggers
        type: object
        properties:
          monitorType:
            pattern: ^(Logs|Metrics|Slo)$
            type: string
            description: "The type of monitor template. Valid values:\n  1. `Logs`:\
              \ A logs query monitor template.\n  2. `Metrics`: A metrics query monitor\
              \ template.\n  3. `Slo`: A SLO based monitor template."
            example: Logs
            x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo'
          evaluationDelay:
            type: string
            description: The delay duration for evaluating the monitor (relative to
              current time). The timerange of monitor will be shifted in the past
              by this delay time.
            example: 5m
            default: 0m
          alertName:
            type: string
            description: The name of the alert(s) triggered from the monitor created
              based on the template. Monitor name will be used if not specified.
          queries:
            uniqueItems: true
            type: array
            description: All queries from the monitor.
            items:
              $ref: '#/components/schemas/MonitorQuery'
          triggers:
            type: array
            description: Defines the conditions of when to send notifications.
            example:
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: Critical
              threshold: 50
              thresholdType: GreaterThanOrEqual
              occurrenceType: ResultCount
              triggerSource: AllResults
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: ResolvedCritical
              threshold: 50
              thresholdType: LessThan
              occurrenceType: ResultCount
              triggerSource: AllResults
            items:
              $ref: '#/components/schemas/TriggerCondition'
          isDisabled:
            type: boolean
            description: Whether or not the monitor template is disabled.
            example: false
            default: false
          groupNotifications:
            type: boolean
            description: Whether or not to group notifications for individual items
              that meet the trigger condition.
            example: true
            default: true
          playbook:
            maxLength: 4096
            type: string
            description: Notes such as links and instruction to help you resolve alerts
              triggered by this monitor template. {{Markdown}} supported. It will
              be enabled only if available for your organization. Please contact your
              Sumo Logic account team to learn more.
            example: This issue typically happens when database calls are timing out.
              Look at ServiceA's dashboard to investigate further
            default: ''
    MonitorTemplatesLibraryMonitorTemplateUpdate:
      allOf:
      - $ref: '#/components/schemas/MonitorTemplatesLibraryBaseUpdate'
      - required:
        - monitorType
        - queries
        - triggers
        type: object
        properties:
          monitorType:
            pattern: ^(Logs|Metrics|Slo)$
            type: string
            description: "The type of monitor template. Valid values:\n  1. `Logs`:\
              \ A logs query monitor template.\n  2. `Metrics`: A metrics query monitor\
              \ template.\n  3. `Slo`: A SLO based monitor template."
            example: Logs
            x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo'
          evaluationDelay:
            type: string
            description: The delay duration for evaluating the monitor (relative to
              current time). The timerange of monitor will be shifted in the past
              by this delay time.
            example: 5m
            default: 0m
          alertName:
            type: string
            description: The name of the alert(s) triggered from the monitor created
              based on the template. Monitor name will be used if not specified.
          queries:
            uniqueItems: true
            type: array
            description: All queries from the monitor.
            items:
              $ref: '#/components/schemas/MonitorQuery'
          triggers:
            type: array
            description: Defines the conditions of when to send notifications.
            example:
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: Critical
              threshold: 50
              thresholdType: GreaterThanOrEqual
              occurrenceType: ResultCount
              triggerSource: AllResults
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: ResolvedCritical
              threshold: 50
              thresholdType: LessThan
              occurrenceType: ResultCount
              triggerSource: AllResults
            items:
              $ref: '#/components/schemas/TriggerCondition'
          isDisabled:
            type: boolean
            description: Whether or not the monitor template is disabled.
            example: false
            default: false
          groupNotifications:
            type: boolean
            description: Whether or not to group notifications for individual items
              that meet the trigger condition.
            example: true
            default: true
          playbook:
            maxLength: 4096
            type: string
            description: Notes such as links and instruction to help you resolve alerts
              triggered by this monitor template. {{Markdown}} supported. It will
              be enabled only if available for your organization. Please contact your
              Sumo Logic account team to learn more.
            example: This issue typically happens when database calls are timing out.
              Look at ServiceA's dashboard to investigate further
            default: ''
    MutingSchedulesLibraryBase:
      required:
      - name
      - type
      type: object
      properties:
        name:
          type: string
          description: Name of the mutingschedule or folder.
        description:
          type: string
          description: Description of the mutingschedule or folder.
          default: ''
        type:
          type: string
          description: "Type of the object model. Valid values:\n  1) MutingSchedulesLibraryMutingschedule\n\
            \  2) MutingSchedulesLibraryFolder"
      discriminator:
        propertyName: type
    MutingSchedulesLibraryBaseUpdate:
      required:
      - name
      - type
      - version
      type: object
      properties:
        name:
          type: string
          description: The name of the mutingschedule or folder.
        description:
          type: string
          description: The description of the mutingschedule or folder.
          default: ''
        version:
          type: integer
          description: The version of the mutingschedule or folder.
          format: int64
        type:
          type: string
          description: Type of the object model.
      discriminator:
        propertyName: type
    MutingSchedulesLibraryBaseResponse:
      required:
      - contentType
      - createdAt
      - createdBy
      - description
      - id
      - isMutable
      - isSystem
      - modifiedAt
      - modifiedBy
      - name
      - parentId
      - type
      - version
      type: object
      properties:
        id:
          type: string
          description: Identifier of the mutingschedule or folder.
        name:
          type: string
          description: Identifier of the mutingschedule or folder.
        description:
          type: string
          description: Description of the mutingschedule or folder.
        version:
          type: integer
          description: Version of the mutingschedule or folder.
          format: int64
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
        createdBy:
          type: string
          description: Identifier of the user who created the resource.
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
        modifiedBy:
          type: string
          description: Identifier of the user who last modified the resource.
        parentId:
          type: string
          description: Identifier of the parent folder.
        contentType:
          type: string
          description: "Type of the content. Valid values:\n  1) Mutingschedule\n\
            \  2) Folder"
        type:
          type: string
          description: Type of the object model.
        isSystem:
          type: boolean
          description: System objects are objects provided by Sumo Logic. System objects
            can only be localized. Non-local fields can't be updated.
        isMutable:
          type: boolean
          description: Immutable objects are "READ-ONLY".
        permissions:
          type: array
          description: Aggregated permission summary for the calling user. If detailed
            permission statements are required, please call list permissions endpoint.
          example:
          - Read
          - Delete
          items:
            type: string
      discriminator:
        propertyName: type
    MutingSchedulesLibraryFolder:
      allOf:
      - $ref: '#/components/schemas/MutingSchedulesLibraryBase'
    MutingSchedulesLibraryFolderUpdate:
      allOf:
      - $ref: '#/components/schemas/MutingSchedulesLibraryBaseUpdate'
    MutingSchedulesLibraryFolderResponse:
      allOf:
      - $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse'
      - required:
        - children
        - permissions
        type: object
        properties:
          permissions:
            type: array
            description: Aggregated permission summary for the calling user. If detailed
              permission statements are required, please call list permissions endpoint.
            example:
            - Read
            - Delete
            items:
              type: string
          children:
            type: array
            description: 'Children of the folder. NOTE: Permissions field will not
              be filled (empty list) for children.'
            items:
              $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse'
    MutingSchedulesLibraryBaseExport:
      required:
      - name
      - type
      type: object
      properties:
        name:
          type: string
          description: Name of the mutingschedule or folder.
        description:
          type: string
          description: Description of the mutingschedule or folder.
        type:
          type: string
          description: Type of the object model.
      discriminator:
        propertyName: type
    MutingSchedulesLibraryFolderExport:
      allOf:
      - $ref: '#/components/schemas/MutingSchedulesLibraryBaseExport'
      - type: object
        properties:
          children:
            type: array
            description: The items in the folder. A multi-type list of types mutingschedule
              or folder.
            items:
              $ref: '#/components/schemas/MutingSchedulesLibraryBaseExport'
    MutingSchedulesLibraryMutingSchedule:
      allOf:
      - $ref: '#/components/schemas/MutingSchedulesLibraryBase'
      - required:
        - schedule
        type: object
        properties:
          schedule:
            $ref: '#/components/schemas/ScheduleDefinition'
          monitor:
            $ref: '#/components/schemas/MonitorScope'
          notificationGroups:
            type: array
            items:
              $ref: '#/components/schemas/GroupDefinition'
            default: []
    MutingSchedulesLibraryMutingScheduleResponse:
      allOf:
      - $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse'
      - required:
        - schedule
        type: object
        properties:
          schedule:
            $ref: '#/components/schemas/ScheduleDefinition'
          monitor:
            $ref: '#/components/schemas/MonitorScope'
          notificationGroups:
            type: array
            items:
              $ref: '#/components/schemas/GroupDefinition'
            default: []
    MutingSchedulesLibraryMutingScheduleExport:
      allOf:
      - $ref: '#/components/schemas/MutingSchedulesLibraryBaseExport'
      - required:
        - schedule
        type: object
        properties:
          schedule:
            $ref: '#/components/schemas/ScheduleDefinition'
          monitor:
            $ref: '#/components/schemas/MonitorScope'
          notificationGroups:
            type: array
            items:
              $ref: '#/components/schemas/GroupDefinition'
            default: []
    MutingSchedulesLibraryMutingScheduleUpdate:
      allOf:
      - $ref: '#/components/schemas/MutingSchedulesLibraryBaseUpdate'
      - required:
        - schedule
        type: object
        properties:
          schedule:
            $ref: '#/components/schemas/ScheduleDefinition'
          monitor:
            $ref: '#/components/schemas/MonitorScope'
          notificationGroups:
            type: array
            items:
              $ref: '#/components/schemas/GroupDefinition'
            default: []
    ScheduleDefinition:
      required:
      - duration
      - startDate
      - startTime
      - timezone
      type: object
      properties:
        timezone:
          type: string
          description: Time zone for the schedule per [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
        startDate:
          type: string
          description: Schedule start date in the format of `yyyy-mm-dd`
        startTime:
          type: string
          description: Schedule start time in the format of `hh:mm`
        duration:
          type: integer
          description: Duration of the muting in minutes
          format: int32
        rrule:
          type: string
          description: RRule (Recurrence Rule)
        isForm:
          type: boolean
          description: A flag identifying if the RRule is created or modified through
            Form UI
    MonitorScope:
      type: object
      properties:
        ids:
          type: array
          description: List of monitor Ids in hex. Must be empty if `all` is true.
          items:
            type: string
        all:
          type: boolean
          description: true if the schedule applies to all monitors
          default: false
      description: Monitor scope that the schedule applies to
    GroupDefinition:
      required:
      - groupKey
      - groupValues
      type: object
      properties:
        groupKey:
          type: string
          description: Field name of an alert group defined in monitors
        groupValues:
          type: array
          description: Values of alert groups generated by monitors
          items:
            type: string
      description: Alert group scope that the schedule applies to
      example:
        groupKey: region
        groupValues:
        - us-east-1
        - us-west-1
    SlosLibraryBase:
      required:
      - name
      - type
      type: object
      properties:
        name:
          type: string
          description: Name of the slo or folder.
        description:
          type: string
          description: Description of the slo or folder.
          default: ''
        type:
          type: string
          description: "Type of the object model. Valid values:\n  1) SlosLibrarySlo\n\
            \  2) SlosLibraryFolder"
      discriminator:
        propertyName: type
    SlosLibraryBaseUpdate:
      required:
      - name
      - type
      - version
      type: object
      properties:
        name:
          type: string
          description: The name of the slo or folder.
        description:
          type: string
          description: The description of the slo or folder.
          default: ''
        version:
          type: integer
          description: The version of the slo or folder.
          format: int64
        type:
          type: string
          description: Type of the object model.
      discriminator:
        propertyName: type
    SlosLibraryBaseResponse:
      required:
      - contentType
      - createdAt
      - createdBy
      - description
      - id
      - isMutable
      - isSystem
      - modifiedAt
      - modifiedBy
      - name
      - parentId
      - type
      - version
      type: object
      properties:
        id:
          type: string
          description: Identifier of the slo or folder.
        name:
          type: string
          description: Identifier of the slo or folder.
        description:
          type: string
          description: Description of the slo or folder.
        version:
          type: integer
          description: Version of the slo or folder.
          format: int64
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
        createdBy:
          type: string
          description: Identifier of the user who created the resource.
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
        modifiedBy:
          type: string
          description: Identifier of the user who last modified the resource.
        parentId:
          type: string
          description: Identifier of the parent folder.
        contentType:
          type: string
          description: "Type of the content. Valid values:\n  1) Slo\n  2) Folder"
        type:
          type: string
          description: Type of the object model.
        isSystem:
          type: boolean
          description: System objects are objects provided by Sumo Logic. System objects
            can only be localized. Non-local fields can't be updated.
        isMutable:
          type: boolean
          description: Immutable objects are "READ-ONLY".
        permissions:
          type: array
          description: Aggregated permission summary for the calling user. If detailed
            permission statements are required, please call list permissions endpoint.
          example:
          - Read
          - Delete
          items:
            type: string
      discriminator:
        propertyName: type
    SlosLibraryFolder:
      allOf:
      - $ref: '#/components/schemas/SlosLibraryBase'
    SlosLibraryFolderUpdate:
      allOf:
      - $ref: '#/components/schemas/SlosLibraryBaseUpdate'
    SlosLibraryFolderResponse:
      allOf:
      - $ref: '#/components/schemas/SlosLibraryBaseResponse'
      - required:
        - children
        - permissions
        type: object
        properties:
          permissions:
            type: array
            description: Aggregated permission summary for the calling user. If detailed
              permission statements are required, please call list permissions endpoint.
            example:
            - Read
            - Delete
            items:
              type: string
          children:
            type: array
            description: 'Children of the folder. NOTE: Permissions field will not
              be filled (empty list) for children.'
            items:
              $ref: '#/components/schemas/SlosLibraryBaseResponse'
    SlosLibraryBaseExport:
      required:
      - name
      - type
      type: object
      properties:
        name:
          type: string
          description: Name of the slo or folder.
        description:
          type: string
          description: Description of the slo or folder.
        type:
          type: string
          description: Type of the object model.
      discriminator:
        propertyName: type
    SlosLibraryFolderExport:
      allOf:
      - $ref: '#/components/schemas/SlosLibraryBaseExport'
      - type: object
        properties:
          children:
            type: array
            description: The items in the folder. A multi-type list of types slo or
              folder.
            items:
              $ref: '#/components/schemas/SlosLibraryBaseExport'
    SlosLibrarySlo:
      allOf:
      - $ref: '#/components/schemas/SlosLibraryBase'
      - required:
        - compliance
        - indicator
        - signalType
        type: object
        properties:
          signalType:
            pattern: ^(Latency|Error|Throughput|Availability|Other)$
            type: string
            description: Type of SLI Signal (latency, error, throughput, availability
              or other).
            example: Latency
            x-pattern-message: Must be `Latency`, `Error`, `Throughput`, `Availability`
              or `Other`
          compliance:
            $ref: '#/components/schemas/Compliance'
          indicator:
            $ref: '#/components/schemas/Sli'
          service:
            type: string
            description: Name of the service.
          application:
            type: string
            description: Name of the application.
          tags:
            maxProperties: 50
            type: object
            additionalProperties:
              type: string
            description: Tags to be associated with the SLO.
    SlosLibrarySloResponse:
      allOf:
      - $ref: '#/components/schemas/SlosLibraryBaseResponse'
      - required:
        - compliance
        - indicator
        - signalType
        type: object
        properties:
          signalType:
            pattern: ^(Latency|Error|Throughput|Availability|Other)$
            type: string
            description: Type of SLI Signal (latency, error, throughput, availability
              or other).
            example: Latency
            x-pattern-message: Must be `Latency`, `Error`, `Throughput`, `Availability`
              or `Other`
          compliance:
            $ref: '#/components/schemas/Compliance'
          indicator:
            $ref: '#/components/schemas/Sli'
          service:
            type: string
            description: Name of the service.
          application:
            type: string
            description: Name of the application.
          tags:
            maxProperties: 50
            type: object
            additionalProperties:
              type: string
            description: Tags to be associated with the SLO.
          sloVersion:
            type: integer
            description: Current SLO Version. This is incremented on every change
              of a critical field of the SLO (i.e, SLI or Compliance period timezone),
              that requires a recompute of the SLI values over the compliance period.
            format: int64
    SlosLibrarySloExport:
      allOf:
      - $ref: '#/components/schemas/SlosLibraryBaseExport'
      - required:
        - compliance
        - indicator
        - signalType
        type: object
        properties:
          signalType:
            pattern: ^(Latency|Error|Throughput|Availability|Other)$
            type: string
            description: Type of SLI Signal (latency, error, throughput, availability
              or other).
            example: Latency
            x-pattern-message: Must be `Latency`, `Error`, `Throughput`, `Availability`
              or `Other`
          compliance:
            $ref: '#/components/schemas/Compliance'
          indicator:
            $ref: '#/components/schemas/Sli'
          service:
            type: string
            description: Name of the service.
          application:
            type: string
            description: Name of the application.
          tags:
            maxProperties: 50
            type: object
            additionalProperties:
              type: string
            description: Tags to be associated with the SLO.
    SlosLibrarySloUpdate:
      allOf:
      - $ref: '#/components/schemas/SlosLibraryBaseUpdate'
      - required:
        - compliance
        - indicator
        - signalType
        type: object
        properties:
          signalType:
            pattern: ^(Latency|Error|Throughput|Availability|Other)$
            type: string
            description: Type of SLI Signal (latency, error, throughput, availability
              or other).
            example: Latency
            x-pattern-message: Must be `Latency`, `Error`, `Throughput`, `Availability`
              or `Other`
          compliance:
            $ref: '#/components/schemas/Compliance'
          indicator:
            $ref: '#/components/schemas/Sli'
          service:
            type: string
            description: Name of the service.
          application:
            type: string
            description: Name of the application.
          tags:
            maxProperties: 50
            type: object
            additionalProperties:
              type: string
            description: Tags to be associated with the SLO.
    Compliance:
      required:
      - complianceType
      - target
      - timezone
      type: object
      properties:
        complianceType:
          pattern: ^(Rolling|Calendar)$
          type: string
          description: Compliance Type (rolling or calendar)
          example: Rolling
          x-pattern-message: Must be `Rolling` or `Calendar`
        target:
          type: number
          description: Target percentage for the SLI over the compliance period.
          example: 99.5
        timezone:
          type: string
          description: Time zone for the SLO compliance. Follow the format in the
            [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
          example: America/Los_Angeles
      discriminator:
        propertyName: complianceType
        mapping:
          Rolling: '#/components/schemas/RollingCompliance'
          Calendar: '#/components/schemas/CalendarCompliance'
    CalendarCompliance:
      type: object
      description: Window for Calendar Compliance.
      allOf:
      - $ref: '#/components/schemas/Compliance'
      - required:
        - windowType
        type: object
        properties:
          windowType:
            pattern: ^(Week|Month|Quarter)$
            type: string
            description: Type of Calendar Window (week/month/quarter).
            example: Week
            x-pattern-message: Must be `Week`, `Month` or `Quarter`
          startFrom:
            type: string
            description: Start of the calendar window. For week, it would be the day
              of the week (for e.g Sunday, Monday etc). For month, it will always
              be the first day of the month (therefore not required to specify for
              monthly compliance). For quarter, it would be the first month of the
              quarter (for e.g January, February etc.)
            example: Monday
    RollingCompliance:
      type: object
      description: Window for Rolling Compliance.
      allOf:
      - $ref: '#/components/schemas/Compliance'
      - required:
        - size
        type: object
        properties:
          size:
            type: string
            description: Size of Rolling Window. Must be a multiple of days.
            example: 7d
    Sli:
      required:
      - evaluationType
      type: object
      properties:
        evaluationType:
          pattern: ^(Window|Request|Monitor)$
          type: string
          description: Evaluate SLI using successful/total windows, or occurrence
            of successful events over entire compliance period, or based on monitor
            evaluation.
          example: Window
          x-pattern-message: Must be `Window` or `Request` or `Monitor`
      discriminator:
        propertyName: evaluationType
    SliQueryGroup:
      required:
      - queryGroup
      - queryGroupType
      type: object
      properties:
        queryGroupType:
          pattern: ^(Successful|Unsuccessful|Total|Threshold)$
          type: string
          description: Type of Query (successful/unsuccessful/total/threshold).
          example: Threshold
          x-pattern-message: Must be `Successful`, `Unsuccessful`, `Total` or `Threshold`
        queryGroup:
          type: array
          description: Group of queries to allow for query arithmetic.
          items:
            $ref: '#/components/schemas/SliQuery'
    SliQuery:
      required:
      - query
      - rowId
      - useRowCount
      type: object
      properties:
        rowId:
          type: string
          description: Unique id of the row. Used for query arithmetic, only for metric
            queries.
          example: A
        query:
          type: string
          description: Query String.
          example: _sourceCategory=webserver "Request completed successfully"
        useRowCount:
          type: boolean
          description: Determines whether to use count of rows (for logs) or data
            points (for metrics) in query result or specific field.
          example: false
        field:
          type: string
          description: Field of log query output to compare against. To be used only
            for logs based data type when `useRowCount` is false.
          example: request_latency
      description: Group of queries to allow for query arithmetic.
    QueryBasedSli:
      required:
      - queries
      - queryType
      type: object
      properties:
        queryType:
          pattern: ^(Logs|Metrics)$
          type: string
          description: Type of Raw Data Queries for SLI (Logs/Metrics).
          example: Logs
          x-pattern-message: Must be `Logs` or `Metrics`
        queries:
          type: array
          description: Queries for defining SLI.
          items:
            $ref: '#/components/schemas/SliQueryGroup'
      description: Common properties for query based SLIs
    Request:
      type: object
      description: Evaluate SLI using occurrences of successful events over compliance
        period.
      allOf:
      - $ref: '#/components/schemas/QueryBasedSli'
      - $ref: '#/components/schemas/Sli'
      - type: object
        properties:
          threshold:
            type: number
            description: Compared against threshold query's raw data points to determine
              success.
            example: 200
          op:
            pattern: ^(LessThan|GreaterThan|LessThanOrEqual|GreaterThanOrEqual)$
            type: string
            description: Comparison function with threshold (LessThan/GreaterThan/LessThanOrEqual/GreaterThanOrEqual).
            example: LessThan
            x-pattern-message: Must be `LessThan`, `GreaterThan`, `LessThanOrEqual`
              or `GreaterThanOrEqual`
    Window:
      type: object
      description: Evaluate SLI using successful or unsuccessful windows over compliance
        period.
      allOf:
      - $ref: '#/components/schemas/QueryBasedSli'
      - $ref: '#/components/schemas/Sli'
      - required:
        - op
        - size
        - threshold
        type: object
        properties:
          threshold:
            type: number
            description: Threshold for classifying window as successful or unsuccessful.
            example: 200
          op:
            pattern: ^(LessThan|GreaterThan|LessThanOrEqual|GreaterThanOrEqual)$
            type: string
            description: Comparison function with window threshold (LessThan/GreaterThan/LessThanOrEqual/GreaterThanOrEqual).
            example: LessThan
            x-pattern-message: Must be `LessThan`, `GreaterThan`, `LessThanOrEqual`
              or `GreaterThanOrEqual`
          aggregation:
            type: string
            description: Aggregation function applied over each window to arrive at
              SLI. Must be `Avg`, `Min`, `Max`, `Sum`, or percentile of the form `pX`
              where `X` is an integer between 0 and 100.
            example: p99
          size:
            type: string
            description: Size of the aggregation window (minimum of 1m and maximum
              of 1h).
            example: 15m
    Monitor:
      type: object
      description: SLI definition based on monitors.
      allOf:
      - $ref: '#/components/schemas/Sli'
      - required:
        - monitorTriggers
        type: object
        properties:
          monitorTriggers:
            type: array
            description: Monitors over which the SLO is defined.
            items:
              $ref: '#/components/schemas/MonitorTrigger'
    MonitorTrigger:
      required:
      - monitorId
      - triggerTypes
      type: object
      properties:
        monitorId:
          type: string
          description: Hex-id of the monitor on which the SLI is based.
          example: 0000000000BCB3A4
        triggerTypes:
          type: array
          description: The types of trigger conditions (such as Critical, Warning,
            MissingData etc).
          items:
            pattern: ^(Critical|Warning|MissingData)$
            type: string
            description: "The type of trigger condition. Valid values:\n  1. `Critical`:\
              \ A critical condition to trigger on.\n  2. `Warning`: A warning condition\
              \ to trigger on.\n  3. `MissingData`: A condition that indicates data\
              \ is missing."
            example: Critical
            x-pattern-message: 'should be one of the following: ''Critical'', ''Warning''
              or ''MissingData'''
      description: Monitor related info required for defining SLO.
    MonitorsLibraryBase:
      required:
      - name
      - type
      type: object
      properties:
        name:
          type: string
          description: Name of the monitor or folder.
        description:
          type: string
          description: Description of the monitor or folder.
          default: ''
        type:
          type: string
          description: "Type of the object model. Valid values:\n  1) MonitorsLibraryMonitor\n\
            \  2) MonitorsLibraryFolder"
      discriminator:
        propertyName: type
    MonitorsLibraryBaseUpdate:
      required:
      - name
      - type
      - version
      type: object
      properties:
        name:
          type: string
          description: The name of the monitor or folder.
        description:
          type: string
          description: The description of the monitor or folder.
          default: ''
        version:
          type: integer
          description: The version of the monitor or folder.
          format: int64
        type:
          type: string
          description: Type of the object model.
      discriminator:
        propertyName: type
    MonitorsLibraryBaseResponse:
      required:
      - contentType
      - createdAt
      - createdBy
      - description
      - id
      - isMutable
      - isSystem
      - modifiedAt
      - modifiedBy
      - name
      - parentId
      - type
      - version
      type: object
      properties:
        id:
          type: string
          description: Identifier of the monitor or folder.
        name:
          type: string
          description: Identifier of the monitor or folder.
        description:
          type: string
          description: Description of the monitor or folder.
        version:
          type: integer
          description: Version of the monitor or folder.
          format: int64
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
        createdBy:
          type: string
          description: Identifier of the user who created the resource.
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
        modifiedBy:
          type: string
          description: Identifier of the user who last modified the resource.
        parentId:
          type: string
          description: Identifier of the parent folder.
        contentType:
          type: string
          description: "Type of the content. Valid values:\n  1) Monitor\n  2) Folder"
        type:
          type: string
          description: Type of the object model.
        isSystem:
          type: boolean
          description: System objects are objects provided by Sumo Logic. System objects
            can only be localized. Non-local fields can't be updated.
        isMutable:
          type: boolean
          description: Immutable objects are "READ-ONLY".
        permissions:
          type: array
          description: Aggregated permission summary for the calling user. If detailed
            permission statements are required, please call list permissions endpoint.
          example:
          - Read
          - Delete
          items:
            type: string
      discriminator:
        propertyName: type
    MonitorsLibraryFolder:
      allOf:
      - $ref: '#/components/schemas/MonitorsLibraryBase'
    MonitorsLibraryFolderUpdate:
      allOf:
      - $ref: '#/components/schemas/MonitorsLibraryBaseUpdate'
    MonitorsLibraryFolderResponse:
      allOf:
      - $ref: '#/components/schemas/MonitorsLibraryBaseResponse'
      - required:
        - children
        - permissions
        type: object
        properties:
          permissions:
            type: array
            description: Aggregated permission summary for the calling user. If detailed
              permission statements are required, please call list permissions endpoint.
            example:
            - Read
            - Delete
            items:
              type: string
          children:
            type: array
            description: 'Children of the folder. NOTE: Permissions field will not
              be filled (empty list) for children.'
            items:
              $ref: '#/components/schemas/MonitorsLibraryBaseResponse'
    MonitorsLibraryBaseExport:
      required:
      - name
      - type
      type: object
      properties:
        name:
          type: string
          description: Name of the monitor or folder.
        description:
          type: string
          description: Description of the monitor or folder.
        type:
          type: string
          description: Type of the object model.
      discriminator:
        propertyName: type
    MonitorsLibraryFolderExport:
      allOf:
      - $ref: '#/components/schemas/MonitorsLibraryBaseExport'
      - type: object
        properties:
          children:
            type: array
            description: The items in the folder. A multi-type list of types monitor
              or folder.
            items:
              $ref: '#/components/schemas/MonitorsLibraryBaseExport'
    MonitorsLibraryMonitor:
      allOf:
      - $ref: '#/components/schemas/MonitorsLibraryBase'
      - required:
        - monitorType
        - queries
        - triggers
        type: object
        properties:
          monitorType:
            pattern: ^(Logs|Metrics|Slo)$
            type: string
            description: "The type of monitor. Valid values:\n  1. `Logs`: A logs\
              \ query monitor.\n  2. `Metrics`: A metrics query monitor.\n  3. `Slo`:\
              \ A SLO based monitor. Currently SLO based monitor is available in closed\
              \ beta (Notify your Sumo Logic representative in order to get the early\
              \ access)."
            example: Logs
            x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo'
          evaluationDelay:
            type: string
            description: The delay duration for evaluating the monitor (relative to
              current time). The timerange of monitor will be shifted in the past
              by this delay time.
            example: 5m
            default: 0m
          alertName:
            type: string
            description: The name of the alert(s) triggered from this monitor. Monitor
              name will be used if not specified. All template variables can be used
              here except {{AlertName}}, {{AlertResponseURL}}, {{ResultsJson}}, and
              {{Playbook}}.
          runAs:
            type: object
            allOf:
            - $ref: '#/components/schemas/RunAs'
          notificationGroupFields:
            type: array
            description: The set of fields to be used to group alert notifications
              for a monitor. The value of this field will be considered only when
              'groupNotifications' is true. The fields with very high cardinality
              such as `_blockid`, `_raw`, `_messagetime`, `_receipttime`, and `_messageid`
              are not allowed for Alert Grouping.
            example:
            - service
            - env
            items:
              type: string
          queries:
            uniqueItems: true
            type: array
            description: All queries from the monitor.
            items:
              $ref: '#/components/schemas/MonitorQuery'
          triggers:
            type: array
            description: Defines the conditions of when to send notifications.
            example:
            - detectionMethod: LogsStaticCondition
              timeRange: 15m
              triggerType: Critical
              threshold: 50
              thresholdType: GreaterThanOrEqual
            - detectionMethod: LogsStaticCondition
              timeRange: 15m
              triggerType: ResolvedCritical
              threshold: 50
              thresholdType: LessThan
            items:
              $ref: '#/components/schemas/TriggerCondition'
          timeZone:
            type: string
            description: Time zone identifier for monitor notifications. Follow the
              format in [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
            example: America/Los_Angeles
          notifications:
            type: array
            description: The notifications the monitor will send when the respective
              trigger condition is met.
            example:
            - notification:
                connectionType: Slack
                connectionId: '0000000000000005'
              runForTriggerTypes:
              - Critical
            - notification:
                connectionType: Email
                messageBody: Alert Triggered!
                recipients:
                - john@doe.com
                subject: 'Monitor Alert: {{TriggerType}} on {{SearchName}}'
                timeZone: America/Los_Angeles
              runForTriggerTypes:
              - Critical
            items:
              $ref: '#/components/schemas/MonitorNotification'
            default: []
          isDisabled:
            type: boolean
            description: Whether or not the monitor is disabled. Disabled monitors
              will not run, and will not generate or send notifications.
            example: false
            default: false
          groupNotifications:
            type: boolean
            description: Whether or not to group notifications for individual items
              that meet the trigger condition.
            example: true
            default: true
          playbook:
            type: string
            description: Notes such as links and instruction to help you resolve alerts
              triggered by this monitor. {{Markdown}} supported. It will be enabled
              only if available for your organization. Please contact your Sumo Logic
              account team to learn more.
            example: This issue typically happens when database calls are timing out.
              Look at ServiceA's dashboard to investigate further
            default: ''
          sloId:
            type: string
            description: Identifier of the SLO definition for the monitor. This is
              only applicable for SLO type monitors.
          automatedPlaybookIds:
            uniqueItems: true
            type: array
            description: The set of automated playbook ids for a monitor.
            example:
            - 649dcb922b70c74b5d2110f8
            - 649dcb912b70c74b5d2110a0
            items:
              type: string
            default: []
    MonitorsLibraryMonitorResponse:
      allOf:
      - $ref: '#/components/schemas/MonitorsLibraryBaseResponse'
      - required:
        - monitorType
        - queries
        - triggers
        type: object
        properties:
          monitorType:
            pattern: ^(Logs|Metrics|Slo)$
            type: string
            description: "The type of monitor. Valid values:\n  1. `Logs`: A logs\
              \ query monitor.\n  2. `Metrics`: A metrics query monitor.\n  3. `Slo`:\
              \ A SLO based monitor. Currently SLO based monitor is available in closed\
              \ beta (Notify your Sumo Logic representative in order to get the early\
              \ access)."
            example: Logs
            x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo'
          evaluationDelay:
            type: string
            description: The delay duration for evaluating the monitor (relative to
              current time). The timerange of monitor will be shifted in the past
              by this delay time.
            example: 5m
            default: 0m
          alertName:
            type: string
            description: The name of the alert(s) triggered from this monitor. Monitor
              name will be used if not specified. All template variables can be used
              here except {{AlertName}}, {{AlertResponseURL}}, {{ResultsJson}}, and
              {{Playbook}}.
          runAs:
            type: object
            allOf:
            - $ref: '#/components/schemas/RunAs'
          notificationGroupFields:
            type: array
            description: The set of fields to be used to group alert notifications
              for a monitor. The value of this field will be considered only when
              'groupNotifications' is true. The fields with very high cardinality
              such as `_blockid`, `_raw`, `_messagetime`, `_receipttime`, and `_messageid`
              are not allowed for Alert Grouping.
            example:
            - service
            - env
            items:
              type: string
          queries:
            uniqueItems: true
            type: array
            description: All queries from the monitor.
            items:
              $ref: '#/components/schemas/MonitorQuery'
          triggers:
            type: array
            description: Defines the conditions of when to send notifications.
            example:
            - detectionMethod: LogsStaticCondition
              timeRange: 15m
              triggerType: Critical
              threshold: 50
              thresholdType: GreaterThanOrEqual
            - detectionMethod: LogsStaticCondition
              timeRange: 15m
              triggerType: ResolvedCritical
              threshold: 50
              thresholdType: LessThan
            items:
              $ref: '#/components/schemas/TriggerCondition'
          timeZone:
            type: string
            description: Time zone identifier for monitor notifications. Follow the
              format in [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
            example: America/Los_Angeles
          notifications:
            type: array
            description: The notifications the monitor will send when the respective
              trigger condition is met.
            example:
            - notification:
                connectionType: Slack
                connectionId: '0000000000000005'
              runForTriggerTypes:
              - Critical
            - notification:
                connectionType: Email
                messageBody: Alert Triggered!
                recipients:
                - john@doe.com
                subject: 'Monitor Alert: {{TriggerType}} on {{SearchName}}'
                timeZone: America/Los_Angeles
              runForTriggerTypes:
              - Critical
            items:
              $ref: '#/components/schemas/MonitorNotification'
            default: []
          isDisabled:
            type: boolean
            description: Whether or not the monitor is disabled. Disabled monitors
              will not run, and will not generate or send notifications.
            example: false
            default: false
          status:
            uniqueItems: true
            type: array
            description: "The current status of the monitor. Each monitor can have\
              \ one or more status values. Valid values:\n  1. `Normal`: The monitor\
              \ is running normally and does not have any currently triggered conditions.\n\
              \  2. `Critical`: The Critical trigger condition has been met.\n  3.\
              \ `Warning`: The Warning trigger condition has been met.\n  4. `MissingData`:\
              \ The MissingData trigger condition has been met.\n  5. `Disabled`:\
              \ The monitor has been disabled and is not currently running."
            example: '[Normal]'
            items:
              type: string
          groupNotifications:
            type: boolean
            description: Whether or not to group notifications for individual items
              that meet the trigger condition.
            example: true
            default: true
          warnings:
            maxProperties: 1000
            type: object
            additionalProperties:
              type: string
            description: Monitor manager warnings
          playbook:
            type: string
            description: Notes such as links and instruction to help you resolve alerts
              triggered by this monitor. {{Markdown}} supported. It will be enabled
              only if available for your organization. Please contact your Sumo Logic
              account team to learn more.
            example: This issue typically happens when database calls are timing out.
              Look at ServiceA's dashboard to investigate further
            default: ''
          sloId:
            type: string
            description: Identifier of the SLO definition for the monitor. This is
              only applicable for SLO type monitors.
          automatedPlaybookIds:
            uniqueItems: true
            type: array
            description: The set of automated playbook ids for a monitor.
            example:
            - 649dcb922b70c74b5d2110f8
            - 649dcb912b70c74b5d2110a0
            items:
              type: string
            default: []
    MonitorsLibraryMonitorExport:
      allOf:
      - $ref: '#/components/schemas/MonitorsLibraryBaseExport'
      - required:
        - monitorType
        - queries
        - triggers
        type: object
        properties:
          monitorType:
            pattern: ^(Logs|Metrics|Slo)$
            type: string
            description: "The type of monitor. Valid values:\n  1. `Logs`: A logs\
              \ query monitor.\n  2. `Metrics`: A metrics query monitor.\n  3. `Slo`:\
              \ A SLO based monitor. Currently SLO based monitor is available in closed\
              \ beta (Notify your Sumo Logic representative in order to get the early\
              \ access)."
            example: Logs
            x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo'
          evaluationDelay:
            type: string
            description: The delay duration for evaluating the monitor (relative to
              current time). The timerange of monitor will be shifted in the past
              by this delay time.
            example: 5m
            default: 0m
          alertName:
            type: string
            description: The name of the alert(s) triggered from this monitor. Monitor
              name will be used if not specified. All template variables can be used
              here except {{AlertName}}, {{AlertResponseURL}}, {{ResultsJson}}, and
              {{Playbook}}.
          runAs:
            type: object
            allOf:
            - $ref: '#/components/schemas/RunAs'
          notificationGroupFields:
            type: array
            description: The set of fields to be used to group alert notifications
              for a monitor. The value of this field will be considered only when
              'groupNotifications' is true. The fields with very high cardinality
              such as `_blockid`, `_raw`, `_messagetime`, `_receipttime`, and `_messageid`
              are not allowed for Alert Grouping.
            example:
            - service
            - env
            items:
              type: string
          queries:
            uniqueItems: true
            type: array
            description: All queries from the monitor.
            items:
              $ref: '#/components/schemas/MonitorQuery'
          triggers:
            type: array
            description: Defines the conditions of when to send notifications.
            example:
            - detectionMethod: LogsStaticCondition
              timeRange: 15m
              triggerType: Critical
              threshold: 50
              thresholdType: GreaterThanOrEqual
            - detectionMethod: LogsStaticCondition
              timeRange: 15m
              triggerType: ResolvedCritical
              threshold: 50
              thresholdType: LessThan
            items:
              $ref: '#/components/schemas/TriggerCondition'
          timeZone:
            type: string
            description: Time zone identifier for monitor notifications. Follow the
              format in [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
            example: America/Los_Angeles
          notifications:
            type: array
            description: The notifications the monitor will send when the respective
              trigger condition is met.
            example:
            - notification:
                connectionType: Slack
                connectionId: '0000000000000005'
              runForTriggerTypes:
              - Critical
            - notification:
                connectionType: Email
                messageBody: Alert Triggered!
                recipients:
                - john@doe.com
                subject: 'Monitor Alert: {{TriggerType}} on {{SearchName}}'
                timeZone: America/Los_Angeles
              runForTriggerTypes:
              - Critical
            items:
              $ref: '#/components/schemas/MonitorNotification'
            default: []
          isDisabled:
            type: boolean
            description: Whether or not the monitor is disabled. Disabled monitors
              will not run, and will not generate or send notifications.
            example: false
            default: false
          groupNotifications:
            type: boolean
            description: Whether or not to group notifications for individual items
              that meet the trigger condition.
            example: true
            default: true
          playbook:
            type: string
            description: Notes such as links and instruction to help you resolve alerts
              triggered by this monitor. {{Markdown}} supported. It will be enabled
              only if available for your organization. Please contact your Sumo Logic
              account team to learn more.
            example: This issue typically happens when database calls are timing out.
              Look at ServiceA's dashboard to investigate further
            default: ''
          sloId:
            type: string
            description: Identifier of the SLO definition for the monitor. This is
              only applicable for SLO type monitors.
          automatedPlaybookIds:
            uniqueItems: true
            type: array
            description: The set of automated playbook ids for a monitor.
            example:
            - 649dcb922b70c74b5d2110f8
            - 649dcb912b70c74b5d2110a0
            items:
              type: string
            default: []
    MonitorsLibraryMonitorUpdate:
      allOf:
      - $ref: '#/components/schemas/MonitorsLibraryBaseUpdate'
      - required:
        - monitorType
        - queries
        - triggers
        type: object
        properties:
          monitorType:
            pattern: ^(Logs|Metrics|Slo)$
            type: string
            description: "The type of monitor. Valid values:\n  1. `Logs`: A logs\
              \ query monitor.\n  2. `Metrics`: A metrics query monitor.\n  3. `Slo`:\
              \ A SLO based monitor. Currently SLO based monitor is available in closed\
              \ beta (Notify your Sumo Logic representative in order to get the early\
              \ access)."
            example: Logs
            x-pattern-message: should be 'Logs' or 'Metrics' or 'Slo'
          evaluationDelay:
            type: string
            description: The delay duration for evaluating the monitor (relative to
              current time). The timerange of monitor will be shifted in the past
              by this delay time.
            example: 5m
            default: 0m
          alertName:
            type: string
            description: The name of the alert(s) triggered from this monitor. Monitor
              name will be used if not specified. All template variables can be used
              here except {{AlertName}}, {{AlertResponseURL}}, {{ResultsJson}}, and
              {{Playbook}}.
          runAs:
            type: object
            allOf:
            - $ref: '#/components/schemas/RunAs'
          notificationGroupFields:
            type: array
            description: The set of fields to be used to group alert notifications
              for a monitor. The value of this field will be considered only when
              'groupNotifications' is true. The fields with very high cardinality
              such as `_blockid`, `_raw`, `_messagetime`, `_receipttime`, and `_messageid`
              are not allowed for Alert Grouping.
            example:
            - service
            - env
            items:
              type: string
          queries:
            uniqueItems: true
            type: array
            description: All queries from the monitor.
            items:
              $ref: '#/components/schemas/MonitorQuery'
          triggers:
            type: array
            description: Defines the conditions of when to send notifications.
            example:
            - detectionMethod: LogsStaticCondition
              timeRange: 15m
              triggerType: Critical
              threshold: 50
              thresholdType: GreaterThanOrEqual
            - detectionMethod: LogsStaticCondition
              timeRange: 15m
              triggerType: ResolvedCritical
              threshold: 50
              thresholdType: LessThan
            items:
              $ref: '#/components/schemas/TriggerCondition'
          timeZone:
            type: string
            description: Time zone identifier for monitor notifications. Follow the
              format in [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
            example: America/Los_Angeles
          notifications:
            type: array
            description: The notifications the monitor will send when the respective
              trigger condition is met.
            example:
            - notification:
                connectionType: Slack
                connectionId: '0000000000000005'
              runForTriggerTypes:
              - Critical
            - notification:
                connectionType: Email
                messageBody: Alert Triggered!
                recipients:
                - john@doe.com
                subject: 'Monitor Alert: {{TriggerType}} on {{SearchName}}'
                timeZone: America/Los_Angeles
              runForTriggerTypes:
              - Critical
            items:
              $ref: '#/components/schemas/MonitorNotification'
            default: []
          isDisabled:
            type: boolean
            description: Whether or not the monitor is disabled. Disabled monitors
              will not run, and will not generate or send notifications.
            example: false
            default: false
          groupNotifications:
            type: boolean
            description: Whether or not to group notifications for individual items
              that meet the trigger condition.
            example: true
            default: true
          playbook:
            type: string
            description: Notes such as links and instruction to help you resolve alerts
              triggered by this monitor. {{Markdown}} supported. It will be enabled
              only if available for your organization. Please contact your Sumo Logic
              account team to learn more.
            example: This issue typically happens when database calls are timing out.
              Look at ServiceA's dashboard to investigate further
            default: ''
          sloId:
            type: string
            description: Identifier of the SLO definition for the monitor. This is
              only applicable for SLO type monitors.
          automatedPlaybookIds:
            uniqueItems: true
            type: array
            description: The set of automated playbook ids for a monitor.
            example:
            - 649dcb922b70c74b5d2110f8
            - 649dcb912b70c74b5d2110a0
            items:
              type: string
            default: []
    MonitorNotification:
      required:
      - notification
      - runForTriggerTypes
      type: object
      properties:
        notification:
          $ref: '#/components/schemas/Action'
        runForTriggerTypes:
          uniqueItems: true
          type: array
          description: The trigger types assigned to send this notification.
          items:
            type: string
    RunAs:
      required:
      - runAsId
      type: object
      properties:
        runAsId:
          type: string
          description: The runAsId indicates the context in which monitors will run.
            If not provided, then it will run in the context of the monitor author.
          example: 00000000000001DF
    AlertsLibraryBase:
      required:
      - name
      - type
      type: object
      properties:
        name:
          type: string
          description: Name of the alert or folder.
        description:
          type: string
          description: Description of the alert or folder.
          default: ''
        type:
          type: string
          description: "Type of the object model. Valid values:\n  1) AlertsLibraryAlert\n\
            \  2) AlertsLibraryFolder"
        isLocked:
          type: boolean
          description: Locking/Unlocking requires the `LockAlerts` capability. Locked
            objects can only be `Localized`. Updating or moving requires unlocking
            the object. Locking/Unlocking recursively locks all of the objects children.
            All children of a locked object must be locked.
          default: false
      discriminator:
        propertyName: type
    AlertsLibraryBaseUpdate:
      required:
      - name
      - type
      - version
      type: object
      properties:
        name:
          type: string
          description: The name of the alert or folder.
        description:
          type: string
          description: The description of the alert or folder.
          default: ''
        version:
          type: integer
          description: The version of the alert or folder.
          format: int64
        type:
          type: string
          description: Type of the object model.
      discriminator:
        propertyName: type
    AlertsLibraryBaseResponse:
      required:
      - contentType
      - createdAt
      - createdBy
      - description
      - id
      - isMutable
      - isSystem
      - modifiedAt
      - modifiedBy
      - name
      - parentId
      - type
      - version
      type: object
      properties:
        id:
          type: string
          description: Identifier of the alert or folder.
        name:
          type: string
          description: Identifier of the alert or folder.
        description:
          type: string
          description: Description of the alert or folder.
        version:
          type: integer
          description: Version of the alert or folder.
          format: int64
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
        createdBy:
          type: string
          description: Identifier of the user who created the resource.
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
        modifiedBy:
          type: string
          description: Identifier of the user who last modified the resource.
        parentId:
          type: string
          description: Identifier of the parent folder.
        contentType:
          type: string
          description: "Type of the content. Valid values:\n  1) Alert\n  2) Folder"
        type:
          type: string
          description: Type of the object model.
        isLocked:
          type: boolean
          description: Whether the object is locked.
        isSystem:
          type: boolean
          description: System objects are objects provided by Sumo Logic. System objects
            can only be localized. Non-local fields can't be updated.
        isMutable:
          type: boolean
          description: Immutable objects are "READ-ONLY".
      discriminator:
        propertyName: type
    AlertsLibraryFolder:
      allOf:
      - $ref: '#/components/schemas/AlertsLibraryBase'
    AlertsLibraryFolderUpdate:
      allOf:
      - $ref: '#/components/schemas/AlertsLibraryBaseUpdate'
    AlertsLibraryFolderResponse:
      allOf:
      - $ref: '#/components/schemas/AlertsLibraryBaseResponse'
      - required:
        - children
        type: object
        properties:
          children:
            type: array
            description: 'Children of the folder. NOTE: Permissions field will not
              be filled (empty list) for children.'
            items:
              $ref: '#/components/schemas/AlertsLibraryBaseResponse'
    AlertsLibraryBaseExport:
      required:
      - name
      - type
      type: object
      properties:
        name:
          type: string
          description: Name of the alert or folder.
        description:
          type: string
          description: Description of the alert or folder.
        type:
          type: string
          description: Type of the object model.
      discriminator:
        propertyName: type
    AlertsLibraryFolderExport:
      allOf:
      - $ref: '#/components/schemas/AlertsLibraryBaseExport'
      - type: object
        properties:
          children:
            type: array
            description: The items in the folder. A multi-type list of types alert
              or folder.
            items:
              $ref: '#/components/schemas/AlertsLibraryBaseExport'
    AlertsLibraryAlert:
      allOf:
      - $ref: '#/components/schemas/AlertsLibraryBase'
      - type: object
        properties:
          monitorId:
            type: string
            description: The Id of the associated monitor.
            example: 000000000000003C
          resolvedAt:
            type: string
            description: The time at which the alert was resolved.
            format: date-time
            nullable: true
            example: 2018-10-16 10:10:00+00:00
          abnormalityStartTime:
            type: string
            description: The time at which the incident started.
            format: date-time
            example: 2018-10-16 09:10:00+00:00
          alertType:
            pattern: ^(Critical|Warning|MissingData)$
            type: string
            description: "The severity of the Alert. Valid values:\n  1. `Critical`\n\
              \  2. `Warning`\n  3. `MissingData`"
            example: Warning
            x-pattern-message: should be either 'Critical', 'Warning' or 'MissingData'
          status:
            pattern: ^(Triggered|Resolved)$
            type: string
            description: "The status of the Alert. Valid values:\n  1. `Triggered`\n\
              \  2. `Resolved`"
            example: Triggered
            x-pattern-message: should be either 'Triggered' or 'Resolved'
          monitorQueries:
            type: array
            description: All queries from the monitor relevant to the alert.
            items:
              $ref: '#/components/schemas/AlertMonitorQuery'
          triggerQueries:
            type: array
            description: All queries from the monitor relevant to the alert with triggered
              time series filters.
            items:
              $ref: '#/components/schemas/AlertMonitorQuery'
          monitorUrl:
            type: string
            description: URL for this monitor's view page
          triggerQueryUrl:
            type: string
            description: A link to search with the triggering data and time range
          triggerConditions:
            type: array
            description: Trigger conditions which were breached to create this Alert.
            example:
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: Critical
              threshold: 50
              thresholdType: GreaterThanOrEqual
              occurrenceType: ResultCount
              triggerSource: AllResults
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: ResolvedCritical
              threshold: 50
              thresholdType: LessThan
              occurrenceType: ResultCount
              triggerSource: AllResults
            items:
              $ref: '#/components/schemas/TriggerCondition'
          triggerValue:
            type: number
            description: The of the query result which breached the trigger condition.
            format: double
            example: 99.9
          monitorType:
            pattern: ^(Logs|Metrics)$
            type: string
            description: "The type of monitor. Valid values:\n  1. `Logs`: A logs\
              \ query monitor.\n  2. `Metrics`: A metrics query monitor."
            example: Logs
            x-pattern-message: should be either 'Logs' or 'Metrics'
          entityIds:
            maxItems: 10000
            minItems: 0
            type: array
            description: 'One or more primary entity identifiers involved in this
              Alert. Primary/secondary entities are explained in description for `entities`.
              DEPRECATED, USE `entities` INSTEAD.

              '
            deprecated: true
            items:
              maxLength: 32
              minLength: 1
              type: string
              example: be138dbaaf15ff05da1df0a9d5e763e8
          entities:
            maxItems: 10000
            minItems: 0
            type: array
            description: 'One or more primary entities involved in this Alert. Primary
              entity is the most concrete entity that can be assigned per time series
              or log group (e.g. k8s container), secondary entities are the less specific
              ones that can be assigned per that notification (e.g. k8s cluster or
              EC2 host).

              '
            items:
              $ref: '#/components/schemas/AlertEntityInfo'
          secondaryEntities:
            maxItems: 10000
            minItems: 0
            type: array
            description: 'One or more secondary entity involved in this Alert. Primary/secondary
              entities are explained in description for `entities`

              '
            items:
              $ref: '#/components/schemas/AlertEntityInfo'
            default: []
          notes:
            type: string
            example: High CPU is often fixed by scaling up the cluster. <link to scale
              up cluster>
          extraDetails:
            $ref: '#/components/schemas/ExtraDetails'
          alertCondition:
            type: string
            description: The condition which triggered this alert.
            nullable: true
            example: Metric value greater than or equal to 100.0 for all of the last
              5 minutes.
          isMuted:
            type: boolean
            description: Flag of the alerts muting status.
            example: false
    AlertsLibraryAlertResponse:
      allOf:
      - $ref: '#/components/schemas/AlertsLibraryBaseResponse'
      - type: object
        properties:
          monitorId:
            type: string
            description: The Id of the associated monitor.
            example: 000000000000003C
          resolvedAt:
            type: string
            description: The time at which the alert was resolved.
            format: date-time
            nullable: true
            example: 2018-10-16 10:10:00+00:00
          abnormalityStartTime:
            type: string
            description: The time at which the incident started.
            format: date-time
            example: 2018-10-16 09:10:00+00:00
          alertType:
            pattern: ^(Critical|Warning|MissingData)$
            type: string
            description: "The severity of the Alert. Valid values:\n  1. `Critical`\n\
              \  2. `Warning`\n  3. `MissingData`"
            example: Warning
            x-pattern-message: should be either 'Critical', 'Warning' or 'MissingData'
          status:
            pattern: ^(Triggered|Resolved)$
            type: string
            description: "The status of the Alert. Valid values:\n  1. `Triggered`\n\
              \  2. `Resolved`"
            example: Triggered
            x-pattern-message: should be either 'Triggered' or 'Resolved'
          monitorQueries:
            type: array
            description: All queries from the monitor relevant to the alert.
            items:
              $ref: '#/components/schemas/AlertMonitorQuery'
          triggerQueries:
            type: array
            description: All queries from the monitor relevant to the alert with triggered
              time series filters.
            items:
              $ref: '#/components/schemas/AlertMonitorQuery'
          monitorUrl:
            type: string
            description: URL for this monitor's view page
          triggerQueryUrl:
            type: string
            description: A link to search with the triggering data and time range
          triggerConditions:
            type: array
            description: Trigger conditions which were breached to create this Alert.
            example:
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: Critical
              threshold: 50
              thresholdType: GreaterThanOrEqual
              occurrenceType: ResultCount
              triggerSource: AllResults
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: ResolvedCritical
              threshold: 50
              thresholdType: LessThan
              occurrenceType: ResultCount
              triggerSource: AllResults
            items:
              $ref: '#/components/schemas/TriggerCondition'
          triggerValue:
            type: number
            description: The of the query result which breached the trigger condition.
            format: double
            example: 99.9
          monitorType:
            pattern: ^(Logs|Metrics)$
            type: string
            description: "The type of monitor. Valid values:\n  1. `Logs`: A logs\
              \ query monitor.\n  2. `Metrics`: A metrics query monitor."
            example: Logs
            x-pattern-message: should be either 'Logs' or 'Metrics'
          entityIds:
            maxItems: 10000
            minItems: 0
            type: array
            description: 'One or more primary entity identifiers involved in this
              Alert. Primary/secondary entities are explained in description for `entities`.
              DEPRECATED, USE `entities` INSTEAD.

              '
            deprecated: true
            items:
              maxLength: 32
              minLength: 1
              type: string
              example: be138dbaaf15ff05da1df0a9d5e763e8
          entities:
            maxItems: 10000
            minItems: 0
            type: array
            description: 'One or more primary entities involved in this Alert. Primary
              entity is the most concrete entity that can be assigned per time series
              or log group (e.g. k8s container), secondary entities are the less specific
              ones that can be assigned per that notification (e.g. k8s cluster or
              EC2 host).

              '
            items:
              $ref: '#/components/schemas/AlertEntityInfo'
          secondaryEntities:
            maxItems: 10000
            minItems: 0
            type: array
            description: 'One or more secondary entity involved in this Alert. Primary/secondary
              entities are explained in description for `entities`

              '
            items:
              $ref: '#/components/schemas/AlertEntityInfo'
            default: []
          notes:
            type: string
            example: High CPU is often fixed by scaling up the cluster. <link to scale
              up cluster>
          extraDetails:
            $ref: '#/components/schemas/ExtraDetails'
          alertCondition:
            type: string
            description: The condition which triggered this alert.
            nullable: true
            example: Metric value greater than or equal to 100.0 for all of the last
              5 minutes.
          isMuted:
            type: boolean
            description: Flag of the alerts muting status.
            example: false
    AlertsLibraryAlertExport:
      allOf:
      - $ref: '#/components/schemas/AlertsLibraryBaseExport'
      - type: object
        properties:
          monitorId:
            type: string
            description: The Id of the associated monitor.
            example: 000000000000003C
          resolvedAt:
            type: string
            description: The time at which the alert was resolved.
            format: date-time
            nullable: true
            example: 2018-10-16 10:10:00+00:00
          abnormalityStartTime:
            type: string
            description: The time at which the incident started.
            format: date-time
            example: 2018-10-16 09:10:00+00:00
          alertType:
            pattern: ^(Critical|Warning|MissingData)$
            type: string
            description: "The severity of the Alert. Valid values:\n  1. `Critical`\n\
              \  2. `Warning`\n  3. `MissingData`"
            example: Warning
            x-pattern-message: should be either 'Critical', 'Warning' or 'MissingData'
          status:
            pattern: ^(Triggered|Resolved)$
            type: string
            description: "The status of the Alert. Valid values:\n  1. `Triggered`\n\
              \  2. `Resolved`"
            example: Triggered
            x-pattern-message: should be either 'Triggered' or 'Resolved'
          monitorQueries:
            type: array
            description: All queries from the monitor relevant to the alert.
            items:
              $ref: '#/components/schemas/AlertMonitorQuery'
          triggerQueries:
            type: array
            description: All queries from the monitor relevant to the alert with triggered
              time series filters.
            items:
              $ref: '#/components/schemas/AlertMonitorQuery'
          monitorUrl:
            type: string
            description: URL for this monitor's view page
          triggerQueryUrl:
            type: string
            description: A link to search with the triggering data and time range
          triggerConditions:
            type: array
            description: Trigger conditions which were breached to create this Alert.
            example:
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: Critical
              threshold: 50
              thresholdType: GreaterThanOrEqual
              occurrenceType: ResultCount
              triggerSource: AllResults
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: ResolvedCritical
              threshold: 50
              thresholdType: LessThan
              occurrenceType: ResultCount
              triggerSource: AllResults
            items:
              $ref: '#/components/schemas/TriggerCondition'
          triggerValue:
            type: number
            description: The of the query result which breached the trigger condition.
            format: double
            example: 99.9
          monitorType:
            pattern: ^(Logs|Metrics)$
            type: string
            description: "The type of monitor. Valid values:\n  1. `Logs`: A logs\
              \ query monitor.\n  2. `Metrics`: A metrics query monitor."
            example: Logs
            x-pattern-message: should be either 'Logs' or 'Metrics'
          entityIds:
            maxItems: 10000
            minItems: 0
            type: array
            description: 'One or more primary entity identifiers involved in this
              Alert. Primary/secondary entities are explained in description for `entities`.
              DEPRECATED, USE `entities` INSTEAD.

              '
            deprecated: true
            items:
              maxLength: 32
              minLength: 1
              type: string
              example: be138dbaaf15ff05da1df0a9d5e763e8
          entities:
            maxItems: 10000
            minItems: 0
            type: array
            description: 'One or more primary entities involved in this Alert. Primary
              entity is the most concrete entity that can be assigned per time series
              or log group (e.g. k8s container), secondary entities are the less specific
              ones that can be assigned per that notification (e.g. k8s cluster or
              EC2 host).

              '
            items:
              $ref: '#/components/schemas/AlertEntityInfo'
          secondaryEntities:
            maxItems: 10000
            minItems: 0
            type: array
            description: 'One or more secondary entity involved in this Alert. Primary/secondary
              entities are explained in description for `entities`

              '
            items:
              $ref: '#/components/schemas/AlertEntityInfo'
            default: []
          notes:
            type: string
            example: High CPU is often fixed by scaling up the cluster. <link to scale
              up cluster>
          extraDetails:
            $ref: '#/components/schemas/ExtraDetails'
          alertCondition:
            type: string
            description: The condition which triggered this alert.
            nullable: true
            example: Metric value greater than or equal to 100.0 for all of the last
              5 minutes.
          isMuted:
            type: boolean
            description: Flag of the alerts muting status.
            example: false
    AlertsLibraryAlertUpdate:
      allOf:
      - $ref: '#/components/schemas/AlertsLibraryBaseUpdate'
      - type: object
        properties:
          monitorId:
            type: string
            description: The Id of the associated monitor.
            example: 000000000000003C
          resolvedAt:
            type: string
            description: The time at which the alert was resolved.
            format: date-time
            nullable: true
            example: 2018-10-16 10:10:00+00:00
          abnormalityStartTime:
            type: string
            description: The time at which the incident started.
            format: date-time
            example: 2018-10-16 09:10:00+00:00
          alertType:
            pattern: ^(Critical|Warning|MissingData)$
            type: string
            description: "The severity of the Alert. Valid values:\n  1. `Critical`\n\
              \  2. `Warning`\n  3. `MissingData`"
            example: Warning
            x-pattern-message: should be either 'Critical', 'Warning' or 'MissingData'
          status:
            pattern: ^(Triggered|Resolved)$
            type: string
            description: "The status of the Alert. Valid values:\n  1. `Triggered`\n\
              \  2. `Resolved`"
            example: Triggered
            x-pattern-message: should be either 'Triggered' or 'Resolved'
          monitorQueries:
            type: array
            description: All queries from the monitor relevant to the alert.
            items:
              $ref: '#/components/schemas/AlertMonitorQuery'
          triggerQueries:
            type: array
            description: All queries from the monitor relevant to the alert with triggered
              time series filters.
            items:
              $ref: '#/components/schemas/AlertMonitorQuery'
          monitorUrl:
            type: string
            description: URL for this monitor's view page
          triggerQueryUrl:
            type: string
            description: A link to search with the triggering data and time range
          triggerConditions:
            type: array
            description: Trigger conditions which were breached to create this Alert.
            example:
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: Critical
              threshold: 50
              thresholdType: GreaterThanOrEqual
              occurrenceType: ResultCount
              triggerSource: AllResults
            - detectionMethod: StaticCondition
              timeRange: 15m
              triggerType: ResolvedCritical
              threshold: 50
              thresholdType: LessThan
              occurrenceType: ResultCount
              triggerSource: AllResults
            items:
              $ref: '#/components/schemas/TriggerCondition'
          triggerValue:
            type: number
            description: The of the query result which breached the trigger condition.
            format: double
            example: 99.9
          monitorType:
            pattern: ^(Logs|Metrics)$
            type: string
            description: "The type of monitor. Valid values:\n  1. `Logs`: A logs\
              \ query monitor.\n  2. `Metrics`: A metrics query monitor."
            example: Logs
            x-pattern-message: should be either 'Logs' or 'Metrics'
          entityIds:
            maxItems: 10000
            minItems: 0
            type: array
            description: 'One or more primary entity identifiers involved in this
              Alert. Primary/secondary entities are explained in description for `entities`.
              DEPRECATED, USE `entities` INSTEAD.

              '
            deprecated: true
            items:
              maxLength: 32
              minLength: 1
              type: string
              example: be138dbaaf15ff05da1df0a9d5e763e8
          entities:
            maxItems: 10000
            minItems: 0
            type: array
            description: 'One or more primary entities involved in this Alert. Primary
              entity is the most concrete entity that can be assigned per time series
              or log group (e.g. k8s container), secondary entities are the less specific
              ones that can be assigned per that notification (e.g. k8s cluster or
              EC2 host).

              '
            items:
              $ref: '#/components/schemas/AlertEntityInfo'
          secondaryEntities:
            maxItems: 10000
            minItems: 0
            type: array
            description: 'One or more secondary entity involved in this Alert. Primary/secondary
              entities are explained in description for `entities`

              '
            items:
              $ref: '#/components/schemas/AlertEntityInfo'
            default: []
          notes:
            type: string
            example: High CPU is often fixed by scaling up the cluster. <link to scale
              up cluster>
          extraDetails:
            $ref: '#/components/schemas/ExtraDetails'
          alertCondition:
            type: string
            description: The condition which triggered this alert.
            nullable: true
            example: Metric value greater than or equal to 100.0 for all of the last
              5 minutes.
          isMuted:
            type: boolean
            description: Flag of the alerts muting status.
            example: false
    AlertMonitorQuery:
      allOf:
      - $ref: '#/components/schemas/MonitorQuery'
      - required:
        - isTriggerRow
        type: object
        properties:
          isTriggerRow:
            type: boolean
            description: Indicates whether the current row is the trigger (final)
              row.
            example: false
        description: Monitor Query for the Alert.
    ExtraDetails:
      type: object
      properties:
        details:
          type: array
          description: Additional data from Sumo Logic related to the Alert.
          items:
            $ref: '#/components/schemas/KeyValuePair'
    KeyValuePair:
      properties:
        key:
          type: string
          description: Name of the key.
          example: cluster
        value:
          type: string
          description: Value of the key.
          example: cluster1
    AlertEntityInfo:
      type: object
      properties:
        entityId:
          type: string
          description: Identifier of the entity.
          example: f11046564fc9fd093f92fdca24e2823f
        entityName:
          type: string
          description: Name of the entity.
          example: _sourceCategory=worker _sourceHost=node-1
        entityTypeId:
          type: string
          description: Entity type ID or empty if unknown.
          example: f5ef50254e45958882a2c1e37f528308
          default: ''
        isPrimaryWithinDomain:
          type: boolean
          description: Whether entity is the most specific entity within its domain
            for that alert.
          default: true
        isPrimaryDomain:
          type: boolean
          description: Whether entity is from the most accurate domain found for this
            alert.
          default: true
      description: An entity's name and Id.
    ListAppsResult:
      required:
      - apps
      type: object
      properties:
        apps:
          type: array
          description: An array of Apps
          items:
            $ref: '#/components/schemas/App'
      description: List of all available apps from the App Catalog.
    App:
      required:
      - appDefinition
      - appManifest
      type: object
      properties:
        appDefinition:
          $ref: '#/components/schemas/AppDefinition'
        appManifest:
          $ref: '#/components/schemas/AppManifest'
    AppDefinition:
      required:
      - appVersion
      - contentId
      - name
      - uuid
      type: object
      properties:
        contentId:
          type: string
          description: Content identifier of the app in hexadecimal format.
          example: 00000000000011AE
        uuid:
          type: string
          description: Unique identifier for the app.
          format: uuid
          example: 1c57fbc3-3141-4b12-aab3-5f40152bc3d9
        name:
          type: string
          description: Name of the app.
          example: Sumo Config
        appVersion:
          type: string
          description: Version of the app.
          example: '1.0'
        preview:
          type: boolean
          description: Indicates whether the app is in preview or not.
          example: true
        manifestVersion:
          type: string
          description: Manifest version of the app
          example: '0.1'
    AppManifest:
      required:
      - description
      - hoverText
      - iconURL
      type: object
      properties:
        family:
          type: string
          description: The app family
          example: IIS
        description:
          type: string
          description: Description of the app.
          example: A description for Sumo Logic Config App.
        categories:
          type: array
          description: Categories that the app belongs to.
          example:
          - Sumo Logic
          - Configuration
          items:
            type: string
        hoverText:
          type: string
          description: Text to be displayed when hovered over in UI.
          example: Sumo Config App
        iconURL:
          type: string
          description: App icon URL.
          example: https://sumologic-app-data.sumologic.com/icons/sumoconfig.png
        screenshotURLs:
          type: array
          description: App screenshot URLs.
          example:
          - https://sumologic-app-data.sumologic.com/icons/sumoconfig/overview.png
          - https://sumologic-app-data.sumologic.com/screenshots/sumoconfig/details.png
          items:
            type: string
        helpURL:
          type: string
          description: App help page URL.
          example: https://help.sumologic.com/
        helpDocIdMap:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: the IDs of the docs pages for this app
        communityURL:
          type: string
          description: App community page URL.
          example: https://support.sumologic.com/hc/en-us/community/topics/200263058-Applications-and-Integrations
        requirements:
          type: array
          description: Requirements for the app.
          example: []
          items:
            type: string
        accountTypes:
          type: array
          description: Account types that are allowed to install the app
          example:
          - free
          items:
            type: string
        requiresInstallationInstructions:
          type: boolean
          description: Indicates whether installation instructions are required or
            not.
          example: false
        installationInstructions:
          type: string
          description: Installation instructions for the app.
          example: ''
        parameters:
          type: array
          description: Content identifier of the app.
          items:
            $ref: '#/components/schemas/ServiceManifestDataSourceParameter'
        author:
          type: string
          description: App author.
          example: Sumo Logic
        authorWebsite:
          type: string
          description: App author website URL.
          example: https://www.sumologic.com
    ServiceManifestDataSourceParameter:
      required:
      - parameterId
      - parameterType
      type: object
      properties:
        parameterType:
          pattern: ^DATA_SOURCE$
          type: string
          description: Parameter type.
          example: DATA_SOURCE
          x-pattern-message: 'Supported parameter types include: DATA_SOURCE'
        parameterId:
          type: string
          description: Parameter identifier.
          example: paramId1
        dataSourceType:
          pattern: ^(LOG|METRICS)$
          type: string
          description: Data source type.
          example: LOG
          x-pattern-message: 'Supported data source types include: LOG, METRICS'
        label:
          type: string
          description: Label.
          example: Log label
        description:
          type: string
          description: Description.
          example: Log data source
        example:
          type: string
          description: Example.
          example: ''
        hidden:
          type: boolean
          description: Should the UI display?
          default: false
    ErrorResponse:
      required:
      - errors
      - id
      type: object
      properties:
        id:
          type: string
          description: An identifier for the error; this is unique to the specific
            API request.
          example: IUUQI-DGH5I-TJ045
        errors:
          type: array
          description: A list of one or more causes of the error.
          example:
          - code: auth:password_too_short
            message: Your password was too short.
          - code: auth:password_character_classes
            message: Your password did not contain any non-alphanumeric characters
          items:
            $ref: '#/components/schemas/ErrorDescription'
    ErrorDescription:
      required:
      - code
      - message
      type: object
      properties:
        code:
          type: string
          description: An error code describing the type of error.
          example: auth:password_too_short
        message:
          type: string
          description: A short English-language description of the error.
          example: Your password was too short.
        detail:
          type: string
          description: An optional fuller English-language description of the error.
          example: Your password was 5 characters long, the minimum length is 12 characters.
            See http://example.com/password for more information.
        meta:
          type: object
          description: An optional list of metadata about the error.
          example:
            minLength: 12
            actualLength: 5
    BeginAsyncJobResponse:
      required:
      - id
      type: object
      properties:
        id:
          type: string
          description: Identifier to get the status of an asynchronous job.
          example: C03E086C137F38B4
    AsyncJobStatus:
      required:
      - status
      type: object
      properties:
        status:
          type: string
          description: Whether or not the request is in progress (`InProgress`), has
            completed successfully (`Success`), or has completed with an error (`Failed`).
        statusMessage:
          type: string
          description: Additional status message generated if the status is not `Failed`.
        error:
          $ref: '#/components/schemas/ErrorDescription'
      example:
        status: Success
        statusMessage: ''
    AppItemsList:
      required:
      - items
      type: object
      properties:
        items:
          type: array
          description: Items associated with the app.
          items:
            $ref: '#/components/schemas/AppListItem'
    AppListItem:
      required:
      - itemType
      - name
      type: object
      properties:
        itemType:
          type: string
          description: Type of the item. Can be `Dashboard`, `Report`, `Search`, `ScheduledSearch`,
            `MetricsSearch` or `Folder`.
          example: Dashboard
        name:
          type: string
          description: Name of the item.
          example: AWS CloudTrail - Overview
        description:
          type: string
          description: Description of the item.
          example: See an overview of your AWS users, resources, network and security
            events.
        query:
          type: string
          description: Search query for the item. Applicable only for `Search`, `ScheduledSearch`
            and `MetricsSearch` itemType.
          example: _sourceCategory=aws
        screenshotUrl:
          type: string
          description: URL for the screenshot of the item. Applicable only for `Dashboard`
            and `Report` itemType.
          example: https://my-app-data.s3.amazonaws.com/dashboards/AWSCloudTrail/Overview.PNG
        panels:
          type: array
          description: Panels associated with the item. Applicable only for `Dashboard`
            and `Report` itemType.
          items:
            $ref: '#/components/schemas/PanelItem'
        children:
          type: array
          description: Child content items. Applicable only for `Folder` itemType.
          items:
            $ref: '#/components/schemas/AppListItem'
    PanelItem:
      required:
      - name
      type: object
      properties:
        name:
          type: string
          description: Name of the panel.
          example: Failed Logins
        description:
          type: string
          description: Description of the panel.
          example: Details about failed logins
    AppInstallRequest:
      required:
      - description
      - destinationFolderId
      - name
      type: object
      properties:
        name:
          maxLength: 128
          minLength: 1
          type: string
          description: Preferred name of the app to be installed. This will be the
            name of the app in the selected installation folder.
          example: Sumo Logic Configuration App
        description:
          maxLength: 255
          minLength: 1
          type: string
          description: Preferred description of the app to be installed. This will
            be displayed as the app description in the selected installation folder.
          example: Sumo Logic Configuration App to configure collectors and data sources
        destinationFolderId:
          type: string
          description: Identifier of the folder in which the app will be installed
            in hexadecimal format.
          example: 00000000000001C8
        dataSourceValues:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Dictionary of properties specifying log-source name and value.
          example:
            logsrc: _sourceCategory = api
      description: JSON object containing name, description, destinationFolderId,
        and dataSourceType.
    ListAppRecommendations:
      type: array
      description: List of app recommendations
      items:
        $ref: '#/components/schemas/AppRecommendation'
    AppRecommendation:
      required:
      - confidence
      - description
      - iconURL
      - name
      - uuid
      type: object
      properties:
        uuid:
          type: string
          description: Unique identifier for the app.
          format: uuid
          example: ebcbd463-b38b-47b0-819c-8d44ca859c3b
        name:
          type: string
          description: Name of the app.
          example: Data Volume
        description:
          type: string
          description: Description of the app.
          example: 'The Sumo Logic App for Data Volume uses predefined searches and
            Dashboards to provide real-time visibility and analysis of your account''s
            data usage volume for both logs and metrics. Use this app to identify
            your top Collectors and monitor your ingest activity and trends. NOTE:
            Please enable Data Volume Index before installing this app.'
        iconURL:
          type: string
          description: URL of the app icon.
          example: https://app_icons.s3.amazonaws.com/volumeview.png
        confidence:
          type: number
          description: Percentage relevance of recommendation.
          format: double
          example: 0.98
      description: App recommendation details
    AsyncInstallAppRequest:
      type: object
      properties:
        version:
          type: string
          description: 'Version of the app to install. You can either specify a specific
            version of the app or use `latest` to install the latest version of the
            app. _If version is not specified, the latest version of the app will
            be installed_.

            '
          example: 1.0.1
          default: latest
        parameters:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Map of additional parameters for the app installation.
          example:
            db_system: redis
      description: Install app request.
    BeginAsyncJobResponseV2:
      required:
      - jobId
      type: object
      properties:
        jobId:
          type: string
          description: Identifier of the asynchronous job. Use it to get status of
            the job.
          example: C03E086C137F38B4
    AsyncInstallAppJobStatus:
      required:
      - status
      type: object
      properties:
        status:
          type: string
          description: Whether or not the request is in progress (`InProgress`), has
            completed successfully (`Success`), or has completed with an error (`Failed`).
          example: Success
        instanceId:
          type: string
          description: Instance identifier of the installed app. This field is not
            set yet but is a placeholder for future use.
          example: 0000000001578BE8
        path:
          type: string
          description: Path of the folder in which the app was installed.
          example: /Library/Installed Apps/AWS CloudTrail
        folderId:
          type: string
          description: Identifier of the folder in which the app was installed.
          example: 0000000001578BE8
        error:
          $ref: '#/components/schemas/ErrorDescription'
      description: Status of the install app async job.
    AsyncUninstallAppJobStatus:
      required:
      - status
      type: object
      properties:
        status:
          type: string
          description: Whether or not the request is in progress (`InProgress`), has
            completed successfully (`Success`), or has completed with an error (`Failed`).
          example: Success
        errors:
          type: array
          description: More information about the failure if the status is `Failed`.
          items:
            $ref: '#/components/schemas/ErrorDescription'
      description: Status of an uninstall app job.
    AsyncUpgradeAppRequest:
      type: object
      properties:
        version:
          type: string
          description: 'Version of the app to upgrade. You can either specify a specific
            version of the app or use `latest` to install the latest version of the
            app. _If version is not specified, the latest version of the app will
            be installed_.

            '
          example: 1.0.1
          default: latest
        parameters:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Map of additional parameters for the app installation.
          example:
            db_system: redis
      description: Upgrade app request.
    AsyncUpgradeAppJobStatus:
      required:
      - status
      type: object
      properties:
        status:
          type: string
          description: Whether or not the request is in progress (`InProgress`), has
            completed successfully (`Success`), or has completed with an error (`Failed`).
          example: Success
        instanceId:
          type: string
          description: Instance identifier of the upgraded app. This field is not
            set yet but is a placeholder for future use.
          example: 0000000001578BE8
        path:
          type: string
          description: Path of the folder in which the app was upgraded.
          example: /Library/Installed Apps/AWS CloudTrail
        folderId:
          type: string
          description: Identifier of the folder in which the app was upgraded.
          example: 0000000001578BE8
        error:
          $ref: '#/components/schemas/ErrorDescription'
      description: Status of the upgrade app async job.
    ListAppsV2Response:
      required:
      - apps
      type: object
      properties:
        apps:
          type: array
          description: An array of apps.
          items:
            $ref: '#/components/schemas/AppV2'
      description: List of all apps from the apps
    AppV2:
      required:
      - accountTypes
      - attributes
      - author
      - beta
      - description
      - family
      - icon
      - installable
      - latestVersion
      - name
      - showOnMarketplace
      - uuid
      type: object
      properties:
        uuid:
          type: string
          description: UUID of the app.
          example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5
        name:
          type: string
          description: Name of the app.
          example: AWS CloudTrail
        description:
          type: string
          description: Description of the app.
          example: AWS CloudTrail app description
        latestVersion:
          type: string
          description: Latest version of the app.
          example: 1.1.0
        icon:
          type: string
          description: URL of the icon for the app.
          example: https://some-bucket.s3.amazonaws.com/AWSCloudTrail.png
        author:
          type: string
          description: Author of the app.
          example: Sumo Logic
        accountTypes:
          type: array
          description: Account types of which the app is available to.
          example:
          - All
          items:
            type: string
        beta:
          type: boolean
          description: Whether the app is in beta.
          example: false
        installs:
          type: integer
          description: Number of times the app was installed.
          format: int32
          example: 3452
        attributes:
          maxProperties: 3
          type: object
          additionalProperties:
            type: array
            items:
              type: string
          description: A map of attributes for this app. Attributes allow to group
            apps based on different criteria.
          example:
            category:
            - Web Server
            - IT Infrastructure
            - Amazon Web Services
            useCase:
            - security
            - observability
            collection:
            - OpenTelemetry
        installable:
          type: boolean
          description: Whether the app is installable or not as not all apps are installable.
          example: true
        showOnMarketplace:
          type: boolean
          description: Whether the app should show up on sumologic.com/applications
            webpage.
          example: true
        modifiedAt:
          type: string
          description: The timestamp in UTC of the most recent modification of the
            app.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
      description: An app object.
    RegisterAppResponse:
      required:
      - uuid
      type: object
      properties:
        uuid:
          type: string
          description: UUID of the app.
          format: uuid
          example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5
      description: UUID of the registered app.
    CreatePublicAppRequest:
      required:
      - name
      type: object
      properties:
        name:
          maxLength: 128
          minLength: 3
          pattern: ^([ -~]+)$
          type: string
          description: Name of the app.
          example: AWS CloudTrail
          x-pattern-message: Should consist only of printable ASCII characters
      description: Information about the new public app.
    GetAppDetailsResponse:
      required:
      - baseUrl
      - manifest
      - uuid
      - version
      type: object
      properties:
        uuid:
          type: string
          description: UUID of the app.
          format: uuid
          example: ceb7fac5-1127-4a04-a5b8-2e49190be3d5
        version:
          type: string
          description: Version of the app.
          example: 1.0.0
        baseUrl:
          type: string
          description: URL prefix for where the app is stored.
          format: url
          example: https://some_bucket.s3.amazonaws.com/path/to/app/version/
        manifest:
          type: string
          description: Content of the manifest YAML file, as Base64-encoded string.
          format: byte
        config:
          type: string
          description: Content of the config YAML file, as Base64-encoded string.
          format: byte
        readme:
          type: string
          description: Content of the README markdown file, as Base64-encoded string.
          format: byte
        files:
          maxProperties: 100
          type: object
          additionalProperties:
            type: string
            format: byte
          description: Content of various files part of app package, as Base64-encoded
            string.
          example:
            config: ICAtIGNvbXBvbmVudFR5cGU6IHNjb3BlCiAgICBsYWJlbDog4oCYQXBhY2hlIEVycm9yIExvZyBT
              b3VyY2XigJkKICAgIHRmVmFyOiBlcnJMb2dTY29wZQogICAgCiAgLSBjb21wb25lbnRUeXBlOiBz
              Y29wZQogICAgbGFiZWw6IOKAmEFwYWNoZSBBY2Nlc3MgTG9nIFNvdXJjZeKAmQogICAgdGZWYXI6
              IGFjY2Vzc0xvZ1Njb3BlCgogIC0gY29tcG9uZW50VHlwZTogY3VzdG9tCiAgICBkYXRhVHlwZTog
              U3RyaW5nCiAgICBsYWJlbDog4oCYQXBhY2hlIEVuZ2luZSBUeXBl4oCYCiAgICBoZWxwVGV4dDog
              4oCYVGhlIGVuZ2luZSB0eXBlIG9mIHlvdXIgQXBhY2hlIEluc3RhbmNl4oCYCiAgICByZXF1aXJl
              ZDogRmFsc2UKICAgIGRlZmF1bHQ6IOKAmHYxLjDigJkKICAgIHRmVmFyOiBlbmdpbmVUeXBlCg==
            readme: IyBPdmVydmlldwoKVGhlIEFwYWNoZSBhcHAgaXMgYSB1bmlmaWVkIGxvZ3MgYW5kIG1ldHJpY3Mg
              YXBwIHRoYXQgaGVscHMgeW91IG1vbml0b3IgdGhlIGF2YWlsYWJpbGl0eSwgcGVyZm9ybWFuY2Us
              IGhlYWx0aCBhbmQgcmVzb3VyY2UgdXRpbGl6YXRpb24gb2YgQXBhY2hlIHdlYiBzZXJ2ZXIgZmFy
              bXMuICBQcmVjb25maWd1cmVkIGRhc2hib2FyZHMgYW5kIHNlYXJjaGVzIHByb3ZpZGUgaW5zaWdo
              dCBpbnRvIHZpc2l0b3IgbG9jYXRpb25zLCB2aXNpdG9yIGFjY2VzcyB0eXBlcywgdHJhZmZpYyBw
              YXR0ZXJucywgZXJyb3JzLCB3ZWIgc2VydmVyIG9wZXJhdGlvbnMsIHJlc291cmNlIHV0aWxpemF0
              aW9uIGFuZCBhY2Nlc3MgZnJvbSBrbm93biBtYWxpY2lvdXMgc291cmNlcy4KCiMgU2V0dXAKVGhp
              cyBpcyB0aGUgc2VjdGlvbiBmb3IgQXBhY2hlIC0gT3BlblRlbGVtZXRyeSBjb2xsZWN0aW9uIHNl
              dHVwLgo=
            manifest: CnNjaGVtYVZlcnNpb246ICIxLjAiCgpuYW1lOiBBcGFjaGUKCmRlc2NyaXB0aW9u
              OiA+LQogIFRoZSBBcGFjaGUgYXBwIGlzIGEgdW5pZmllZCBsb2dzIGFuZCBtZXRy aWNzIGFwcCB0aGF0IGhlbHBzIHlvdSBtb25pdG9yIHRoZSBhdmFpbGFiaWxpdHks
              IHBlcmZvcm1hbmNlLAogIGhlYWx0aCBhbmQgcmVzb3VyY2UgdXRpbGl6YXRpb24g b2YgQXBhY2hlIHdlYiBzZXJ2ZXIgZmFybXMuICBQcmVjb25maWd1cmVkIGRhc2hi
              b2FyZHMgYW5kIHNlYXJjaGVzCiAgcHJvdmlkZSBpbnNpZ2h0IGludG8gdmlzaXRv ciBsb2NhdGlvbnMsIHZpc2l0b3IgYWNjZXNzIHR5cGVzLCB0cmFmZmljIHBhdHRl
              cm5zLCBlcnJvcnMsIHdlYiBzZXJ2ZXIKICBvcGVyYXRpb25zLCByZXNvdXJjZSB1 dGlsaXphdGlvbiBhbmQgYWNjZXNzIGZyb20ga25vd24gbWFsaWNpb3VzIHNvdXJj
              ZXMuCmF1dGhvcjogU3VtbyBMb2dpYwoKdmVyc2lvbjogMS4wLjAKCgo=
      description: Information about an app.
    SubscriptionStatusResponse:
      required:
      - status
      type: object
      properties:
        status:
          type: boolean
          description: Show if the user has subscribed to the app or not. value is
            true, if the user has subscribed to the app
          example: true
      description: Subscription Status
    ListConnectionsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of connections.
          items:
            $ref: '#/components/schemas/Connection'
        next:
          type: string
          description: Next continuation token.
    Connection:
      required:
      - createdAt
      - createdBy
      - description
      - id
      - modifiedAt
      - modifiedBy
      - name
      - type
      type: object
      properties:
        type:
          type: string
          description: Type of connection. Valid values are `WebhookConnection`, `ServiceNowConnection`.
        id:
          type: string
          description: Unique identifier for the connection.
        name:
          type: string
          description: Name of the connection.
        description:
          type: string
          description: Description of the connection.
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
        createdBy:
          type: string
          description: Identifier of the user who created the resource.
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
        modifiedBy:
          type: string
          description: Identifier of the user who last modified the resource.
      discriminator:
        propertyName: type
    ConnectionDefinition:
      required:
      - name
      - type
      type: object
      properties:
        type:
          pattern: ^(WebhookDefinition|ServiceNowDefinition)$
          type: string
          description: Type of connection. Valid values are `WebhookDefinition`, `ServiceNowDefinition`.
          x-pattern-message: must be either `WebhookDefinition` or `ServiceNowDefinition`
        name:
          maxLength: 127
          minLength: 1
          type: string
          description: Name of the connection.
        description:
          maxLength: 1024
          type: string
          description: Description of the connection.
          default: ''
      discriminator:
        propertyName: type
        mapping:
          ServiceNowDefinition: '#/components/schemas/ServiceNowDefinition'
          WebhookDefinition: '#/components/schemas/WebhookDefinition'
    ConnectionType:
      pattern: ^(AWSLambda|Azure|Datadog|HipChat|PagerDuty|Slack|Webhook|NewRelic|Jira|Opsgenie|MicrosoftTeams|ServiceNow|SumoCloudSOAR)$
      type: string
      description: Type of webhook connection. Valid values are `AWSLambda`, `Azure`,
        `Datadog`, `HipChat`, `Jira`, `NewRelic`, `Opsgenie`, `PagerDuty`, `Slack`,
        `MicrosoftTeams`, `ServiceNow`, `SumoCloudSOAR` and `Webhook`.
      x-pattern-message: must be `AWSLambda`, `Azure`, `Datadog`, `HipChat`, `PagerDuty`,
        `Slack`, `Webhook`, `NewRelic`, `Jira`, `Opsgenie`, `MicrosoftTeams`, `ServiceNow`
        or `SumoCloudSOAR`
    TestConnectionResponse:
      required:
      - responseContent
      - statusCode
      type: object
      properties:
        statusCode:
          type: integer
          description: Status code of the response of the connection test.
        responseContent:
          type: string
          description: Content of the response of the connection test.
        alertStatusCode:
          type: integer
          description: Status code of the response of alert payload test.
          format: int32
          example: 200
        alertResponseContent:
          type: string
          description: Content of the response of alert payload test.
          example: ok
        resolutionStatusCode:
          type: integer
          description: Status code of the response of resolution payload test.
          format: int32
          example: 200
        resolutionResponseContent:
          type: string
          description: Content of the response of resolution payload test.
          example: ok
    GetIncidentTemplatesResponse:
      required:
      - templates
      type: object
      properties:
        templates:
          type: array
          description: List of incident templates.
          items:
            $ref: '#/components/schemas/IncidentTemplate'
    IncidentTemplate:
      required:
      - id
      - name
      type: object
      properties:
        id:
          type: integer
          description: Unique identifier of the incident template.
        name:
          type: string
          description: Name of the incident template.
    GetIncidentTemplatesRequest:
      type: object
      properties:
        url:
          type: string
          description: Optional CloudSOAR domain URL to use for the API call to get
            incident templates.
          example: https://staging.soar.sumologic.com/
        authHeader:
          type: string
          description: Optional CloudSOAR authorization header to use for the API
            call to get incident templates.
          example: SOMEAUTHHEADERSTRING
        connectionId:
          type: string
          description: Optional connectionId to get incident templates for an existing
            CloudSOAR connection. If provided, the authHeader and url will be taken
            from the existing connection object.
          example: 0000000000123ABC
    ListScheduledViewsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of scheduled views.
          items:
            $ref: '#/components/schemas/ScheduledView'
        next:
          type: string
          description: Next continuation token.
    ScheduledView:
      type: object
      allOf:
      - $ref: '#/components/schemas/CreateScheduledViewDefinition'
      - $ref: '#/components/schemas/ViewRetentionProperties'
      - required:
        - id
        properties:
          id:
            type: string
            description: Identifier for the scheduled view.
          indexId:
            type: string
            description: The `id` of the Index where the output from Scheduled view
              is stored.
            example: '1'
          createdAt:
            type: string
            description: Creation timestamp in UTC.
            format: date-time
          modifiedAt:
            type: string
            description: Last modification timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
              format.
            format: date-time
          createdByOptimizeIt:
            type: boolean
            description: If the scheduled view is created by OptimizeIt.
          error:
            type: string
            description: Errors related to the scheduled view.
          status:
            type: string
            description: "Status of the scheduled view. Possible values are:\n  1.\
              \ `NOT_STARTED`\n  2. `FILLING`\n  3. `STOPPED`\n  4. `COMPLETE`\n \
              \ 5. `FAILED`\n  6. `PAUSED`"
          totalBytes:
            type: integer
            description: Total storage consumed by the scheduled view.
            format: int64
          totalMessageCount:
            type: integer
            description: Total number of messages for the scheduled view.
            format: int64
          createdBy:
            type: string
            description: Identifier of the user who created the scheduled view.
            example: 0000000006743FE8
          modifiedBy:
            type: string
            description: Identifier of the user who last modified the resource.
            example: 0000000006743FE8
          filledRanges:
            type: array
            description: List of the different units of filled ranges since the autoview
              has been created.
            items:
              $ref: '#/components/schemas/FilledRange'
          lastAccessedAt:
            type: string
            description: Last accessed timestamp in UTC
            format: date-time
      x-tf-generated-properties: id,query,indexName,startTime,retentionPeriod,parsingMode
      x-tf-resource-name: ScheduledView
    CreateScheduledViewDefinition:
      required:
      - indexName
      - query
      - startTime
      type: object
      properties:
        query:
          maxLength: 16384
          minLength: 1
          type: string
          description: The query that defines the data to be included in the scheduled
            view.
          example: _sourceCategory=*/Apache
        indexName:
          maxLength: 255
          minLength: 0
          type: string
          description: Name of the index for the scheduled view.
          example: TestScheduledView
        startTime:
          type: string
          description: Start timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
        retentionPeriod:
          type: integer
          description: The number of days to retain data in the scheduled view, or
            -1 to use the default value for your account. Only relevant if your account
            has multi-retention enabled.
          format: int32
          example: 60
          default: -1
        dataForwardingId:
          type: string
          description: An optional ID of a data forwarding configuration to be used
            by the scheduled view.
        parsingMode:
          pattern: ^(AutoParse|Manual)$
          type: string
          description: "Define the parsing mode to scan the JSON format log messages.\
            \ Possible values are:\n  1. `AutoParse`\n  2. `Manual`\nIn AutoParse\
            \ mode, the system automatically figures out fields to parse based on\
            \ the search query. While in the Manual mode, no fields are parsed out\
            \ automatically. For more information see [Dynamic Parsing](https://help.sumologic.com/?cid=0011)."
          example: AutoParse
          default: Manual
          x-pattern-message: should be either AutoParse or Manual
        timeZone:
          type: string
          description: Time zone for ingesting data in scheduled view. Follow the
            format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
          example: America/Los_Angeles
          default: UTC
    FilledRange:
      required:
      - endTime
      - startTime
      type: object
      properties:
        startTime:
          type: string
          description: Start of the timestamp for each unit of filled ranges, expressed
            in UTC.
          format: date-time
        endTime:
          type: string
          description: End of the timestamp for each unit of filled ranges, expressed
            in UTC.
          format: date-time
      description: Range of timestamps already filled since the autoview has been
        created.
    UpdateScheduledViewDefinition:
      type: object
      properties:
        dataForwardingId:
          type: string
          description: An optional ID of a data forwarding configuration to be used
            by the scheduled view.
        retentionPeriod:
          type: integer
          description: The number of days to retain data in the scheduled view, or
            -1 to use the default value for your account.  Only relevant if your account
            has multi-retention. enabled.
          format: int32
          example: 365
          default: -1
        reduceRetentionPeriodImmediately:
          type: boolean
          description: This is required if the newly specified `retentionPeriod` is
            less than the existing retention period.  In such a situation, a value
            of `true` says that data between the existing retention period and the
            new retention period should be deleted immediately; if `false`, such data
            will be deleted after seven days. This property is optional and ignored
            if the specified `retentionPeriod` is greater than or equal to the current
            retention period.
          default: false
        timeZone:
          type: string
          description: Updates the time zone for ingesting data in scheduled view
            to the specified timezone ( does nothing if not specified ). Follow the
            format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
          example: America/Los_Angeles
    ScheduledViewsQuotaUsage:
      required:
      - quota
      - remaining
      type: object
      properties:
        quota:
          type: integer
          description: Maximum number of Scheduled Views allowed.
          format: int32
          example: 200
        remaining:
          type: integer
          description: Remaining number of Scheduled Views allowed.
          format: int32
          example: 121
    LookupTable:
      required:
      - id
      type: object
      description: Lookup table definition and metadata.
      allOf:
      - $ref: '#/components/schemas/MetadataModel'
      - $ref: '#/components/schemas/LookupTableDefinition'
      - properties:
          id:
            type: string
            description: Identifier of the lookup table as a content item.
            example: 0000000001C41EE4
          contentPath:
            type: string
            description: 'Address/path of the parent folder of this lookup table in
              content library. For example, a lookup table existing  in the personal/lookupTable
              folder for user johndoe would be: /Library/Users/johndoe@acme.com/lookupTable'
            example: /Library/Users/johndoe@acme.com/lookupTable
          size:
            type: integer
            description: The current size of the lookup table in bytes
            format: int64
            example: 100
    LookupTableDefinition:
      required:
      - name
      - parentFolderId
      type: object
      description: Definition of the lookup table.
      allOf:
      - $ref: '#/components/schemas/ExportableLookupTableInfo'
      - properties:
          name:
            maxLength: 255
            type: string
            description: The name of the lookup table.
            example: SampleLookupTable
          parentFolderId:
            type: string
            description: The parent-folder-path identifier of the lookup table in
              the Library.
            example: 0000000001C41EE4
    ExportableLookupTableInfo:
      required:
      - description
      - fields
      - primaryKeys
      type: object
      properties:
        description:
          maxLength: 1000
          type: string
          description: The description of the lookup table.
          example: This is a sample lookup table description.
        fields:
          minItems: 1
          type: array
          description: The list of fields in the lookup table.
          items:
            $ref: '#/components/schemas/LookupTableField'
        primaryKeys:
          minItems: 1
          uniqueItems: true
          type: array
          description: The names of the fields that make up the primary key for the
            lookup table. These will be a subset of the fields that the table will
            contain.
          example:
          - FieldName1
          items:
            type: string
        ttl:
          maximum: 525600
          minimum: 0
          type: integer
          description: A time to live for each entry in the lookup table (in minutes).
            365 days is the maximum time to live for each entry that you can specify.
            Setting it to 0 means that the records will not expire automatically.
          format: int32
          example: 100
          default: 0
        sizeLimitAction:
          pattern: ^(StopIncomingMessages|DeleteOldData)$
          type: string
          description: The action that needs to be taken when the size limit is reached
            for the table. The possible values can be `StopIncomingMessages` or `DeleteOldData`.
            DeleteOldData will start deleting old data once size limit is reached
            whereas StopIncomingMessages will discard all the updates made to the
            lookup table once size limit is reached.
          example: DeleteOldData
          default: StopIncomingMessages
          x-pattern-message: must be either `StopIncomingMessages` or `DeleteOldData`
      description: The lookup table definition independent of its location in the
        Library and name.
    LookupTableField:
      required:
      - fieldName
      - fieldType
      type: object
      properties:
        fieldName:
          type: string
          description: The name of the field.
          example: FieldName1
        fieldType:
          pattern: ^(boolean|int|long|double|string)$
          type: string
          description: "The data type of the field. Supported types:\n  - `boolean`\n\
            \  - `int`\n  - `long`\n  - `double`\n  - `string`"
          example: boolean
          x-pattern-message: 'must be one of the following: `boolean`, `int`, `long`,
            `double`, `string`'
      description: The definition of the field.
    LookupUpdateDefinition:
      required:
      - description
      - ttl
      type: object
      properties:
        ttl:
          maximum: 525600
          minimum: 0
          type: integer
          description: A time to live for each entry in the lookup table (in minutes).
            0 is a special value. A TTL of 0 implies entry will never be deleted from
            the table.
          format: int32
          example: 100
          default: 0
        description:
          maxLength: 1000
          type: string
          description: The description of the lookup table. The description cannot
            be blank.
          example: This is a sample lookup table description.
        sizeLimitAction:
          type: string
          description: The action that needs to be taken when the size limit is reached
            for the table. The possible values can be `StopIncomingMessages` or `DeleteOldData`.
            DeleteOldData will starting deleting old data once size limit is reached
            whereas StopIncomingMessages will discard all the updates made to the
            lookup table once size limit is reached.
          example: DeleteOldData
          default: StopIncomingMessages
      description: The updated lookup table parameters.
    LookupRequestToken:
      required:
      - id
      type: object
      properties:
        id:
          type: string
          description: The identifier used to track the request.
          example: 0000000001C41EF2
      description: Allows you to track the status of an upload or export request.
    LookupAsyncJobStatus:
      required:
      - createdAt
      - eventType
      - jobId
      - lookupContentId
      - lookupContentPath
      - lookupName
      - modifiedAt
      - status
      - userId
      type: object
      properties:
        jobId:
          type: string
          description: An identifier returned in response to an asynchronous request.
          example: 0000000001C41EF2
        status:
          type: string
          description: Whether or not the request is pending (`Pending`), in progress
            (`InProgress`), has completed successfully (`Success`), has completed
            partially with warnings (`PartialSuccess`) or has completed with an error
            (`Failed`).
        statusMessages:
          type: array
          description: Additional status messages generated if any if the status is
            `Success`.
          items:
            type: string
        errors:
          type: array
          description: More information about the failures, if the status is `Failed`.
          items:
            $ref: '#/components/schemas/ErrorDescription'
        warnings:
          type: array
          description: More information about the warnings, if the status is `PartialSuccess`.
          items:
            $ref: '#/components/schemas/warningDescription'
        lookupContentId:
          type: string
          description: Content id of lookup table on which this operation was performed.
          example: 0000000001C41EE4
        lookupName:
          type: string
          description: Name of lookup table on which this operation was performed.
          example: sampleLookup
        lookupContentPath:
          type: string
          description: Content path of lookup table on which this operation was performed.
          example: /Library/Users/xyz@demo.com/sampleLookup
        requestType:
          type: string
          description: "Type of asynchronous request made:\n  - `BulkMerge`\n  - `BulkReplace`\n\
            \  - `Truncate`"
          example: BulkMerge
        userId:
          type: string
          description: User id of user who initiated this operation.
          example: 0000000006743FDD
        createdAt:
          type: string
          description: Creation time of this job in UTC.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        modifiedAt:
          type: string
          description: Timestamp in UTC when status was last updated.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
      description: Lookup table async job status.
    warningDescription:
      required:
      - message
      type: object
      properties:
        message:
          type: string
          description: Description of the warning.
          example: 60 rows were dropped.
        cause:
          type: string
          description: An optional cause of this warning.
          example: Primary key values were duplicate.
      description: Warning description
    LookupPreviewData:
      type: object
      properties:
        fieldProperties:
          type: array
          description: The field properties of the lookup table. This includes the
            field name, field description, and an identifier associated with each
            field.
          items:
            $ref: '#/components/schemas/PreviewLookupTableField'
        fieldValueMapList:
          type: array
          description: The data of the lookup table as a list of field identifiers
            mapped to their values.
          items:
            maxProperties: 1000
            type: object
            additionalProperties:
              type: string
            description: A map of all the field identifiers and their corresponding
              values.
      description: The preview data of the lookup table.
    PreviewLookupTableField:
      required:
      - fieldId
      - fieldName
      - fieldType
      type: object
      properties:
        fieldName:
          type: string
          description: The name of the field.
          example: sampleFieldName
        fieldType:
          type: string
          description: "The data type of the field. Supported types:\n  - `boolean`\n\
            \  - `int`\n  - `long`\n  - `double`\n  - `string`"
          example: boolean
        fieldId:
          type: string
          description: Identifier associated with each field of the table.
          example: '1'
      description: The properties of the field.
    RowUpdateDefinition:
      required:
      - row
      type: object
      properties:
        row:
          maxItems: 1000
          type: array
          description: A list of all the field identifiers and their corresponding
            values.
          items:
            $ref: '#/components/schemas/TableRow'
      description: Lookup table data to be uploaded.
    TableRow:
      required:
      - columnName
      - columnValue
      type: object
      properties:
        columnName:
          type: string
          description: Name of the column of the table.
          example: user_id
        columnValue:
          type: string
          description: Value of the specified column.
          example: user1
      description: Lookup table row column and column value.
    RowDeleteDefinition:
      required:
      - primaryKey
      type: object
      properties:
        primaryKey:
          maxItems: 1000
          type: array
          description: A list of all the primary key field identifiers and their corresponding
            values which defines the row to delete.
          items:
            $ref: '#/components/schemas/TableRow'
      description: Lookup table primary key of the row to be deleted.
    SecondaryKeysDefinition:
      maxItems: 20
      minItems: 1
      type: array
      description: The secondary keys of the lookup table
      example:
      - - ip
      - - latitude
        - longitude
      items:
        type: array
        items:
          type: string
    LookupTablesLimits:
      type: object
      properties:
        tablesCreated:
          type: integer
          description: Number of lookup tables currently created.
          format: int32
          example: 8
        tableCapacityRemaining:
          type: integer
          description: Remaining count of lookup tables that can be created.
          format: int32
          example: 2
        totalTableCapacity:
          type: integer
          description: Total capacity of lookup tables that can be created for the
            given org id.
          format: int32
          example: 10
      description: Properties related to lookup tables being allowed and created.
    ListPartitionsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of partitions.
          items:
            $ref: '#/components/schemas/Partition'
        next:
          type: string
          description: Next continuation token.
          example: '1'
    Partition:
      type: object
      allOf:
      - $ref: '#/components/schemas/CreatePartitionDefinition'
      - $ref: '#/components/schemas/ViewRetentionProperties'
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - id
        - totalBytes
        properties:
          id:
            type: string
            description: Unique identifier for the partition.
            example: '1'
          totalBytes:
            type: integer
            description: Size of data in partition in bytes.
            format: int64
            example: 42
          isActive:
            type: boolean
            description: This has the value `true` if the partition is active and
              `false` if it has been decommissioned.
          indexType:
            pattern: ^(DefaultIndex|AuditIndex|Partition)$
            type: string
            description: This has the value `DefaultIndex`, `AuditIndex`or `Partition`
              depending upon the type of partition.
            example: Partition
          dataForwardingId:
            type: string
            description: Id of the data forwarding configuration to be used by the
              partition.
    CreatePartitionDefinition:
      required:
      - name
      - routingExpression
      type: object
      properties:
        name:
          maxLength: 255
          type: string
          description: The name of the partition.
          example: apache
        routingExpression:
          maxLength: 16384
          minLength: 1
          type: string
          description: The query that defines the data to be included in the partition.
          example: _sourcecategory=*/Apache
        analyticsTier:
          type: string
          description: "The Data Tier where the data in the partition will reside.\
            \ Possible values are:\n              1. `continuous`\n              2.\
            \ `frequent`\n              3. `infrequent`\nNote: The \"infrequent\"\
            \ and \"frequent\" tiers are only available to Cloud Flex Credits Enterprise\
            \ Suite accounts."
          example: continuous
          x-limited-description: The Data Tier where the data in the partition will
            reside. You can leave it empty or send `flex`. It is the only value applicable
            on your account.
          x-limited-example: flex
        retentionPeriod:
          type: integer
          description: The number of days to retain data in the partition, or -1 to
            use the default value for your account.  Only relevant if your account
            has variable retention enabled.
          example: 365
          default: -1
        isCompliant:
          type: boolean
          description: Whether the partition is compliant or not. Mark a partition
            as compliant if it contains data used for compliance or audit purpose.
            Retention for a compliant partition can only be increased and cannot be
            reduced after the partition is marked compliant. A partition once marked
            compliant, cannot be marked non-compliant later.
          example: false
          default: false
        isIncludedInDefaultSearch:
          type: boolean
          description: Indicates whether the partition is included in the default
            search scope. When executing a  query such as "error | count," certain
            partitions are automatically part of the search scope.  However, for specific
            partitions, the user must explicitly mention the partition using the _index  term,
            as in "_index=webApp error | count". This property governs the default
            inclusion of the  partition in the search scope. Configuring this property
            is exclusively permitted for flex partitions.
          example: true
    ViewRetentionProperties:
      type: object
      properties:
        newRetentionPeriod:
          type: integer
          description: If the retention period is scheduled to be updated in the future
            (i.e., if retention period is previously reduced with value of reduceRetentionPeriodImmediately
            as false), this property gives the future value of retention period while
            retentionPeriod gives the current value. retentionPeriod will take up
            the value of newRetentionPeriod after the scheduled time.
          format: int32
          example: 300
        retentionEffectiveAt:
          type: string
          description: When the newRetentionPeriod will become effective in UTC format.
          format: date-time
    ListPartitionsInfoResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of partitions information
          items:
            $ref: '#/components/schemas/PartitionInfo'
        next:
          type: string
          description: Next continuation token.
          example: '1'
    PartitionInfo:
      required:
      - name
      type: object
      properties:
        name:
          maxLength: 255
          type: string
          description: The name of the partition.
          example: apache
        analyticsTier:
          type: string
          description: "The Data Tier where the data in the partition will reside.\
            \ Possible values are:\n              1. `continuous`\n              2.\
            \ `frequent`\n              3. `infrequent`\nNote: The \"infrequent\"\
            \ and \"frequent\" tiers are only available to Cloud Flex Credits Enterprise\
            \ Suite accounts."
          example: continuous
          x-limited-description: The Data Tier where the data in the partition will
            reside. `flex` is the default value.
          x-limited-example: flex
        dataFilterGroup:
          type: string
          description: "The Data Filter Group to which this parition belongs to. Possible\
            \ values are :\n              1. `LOGS`\n              2. `SECURITY`\n\
            \              3. `AUDIT`"
          example: LOGS
    UpdatePartitionDefinition:
      type: object
      properties:
        retentionPeriod:
          type: integer
          description: The number of days to retain data in the partition, or -1 to
            use the default value for your account. Only relevant if your account
            has variable retention enabled.
          example: 365
        reduceRetentionPeriodImmediately:
          type: boolean
          description: This is required if the newly specified `retentionPeriod` is
            less than the existing retention period.  In such a situation, a value
            of `true` says that data between the existing retention period and the
            new  retention period should be deleted immediately; if `false`, such
            data will be deleted after seven days.  This property is optional and
            ignored if the specified `retentionPeriod` is greater than or equal to
            the  current retention period.
          default: false
        isCompliant:
          type: boolean
          description: Whether to mark a partition as compliant. Mark a partition
            as compliant if it contains data used for compliance or audit purpose.
            Retention for a compliant partition can only be increased and cannot be
            reduced after the partition marked as compliant. A partition once marked
            compliant, cannot be marked non-compliant later.
          example: false
          default: false
        isIncludedInDefaultSearch:
          type: boolean
          description: Indicates whether the partition is included in the default
            search scope. When executing a  query such as "error | count," certain
            partitions are automatically part of the search scope.  However, for specific
            partitions, the user must explicitly mention the partition using the _index  term,
            as in "_index=webApp error | count". This property governs the default
            inclusion of the  partition in the search scope. Configuring this property
            is exclusively permitted for flex partitions.
        routingExpression:
          maxLength: 16384
          minLength: 1
          type: string
          description: The query that defines the data to be included in the partition.
          example: _sourcecategory=*/Apache
    PartitionsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: Array of partitions.
          items:
            $ref: '#/components/schemas/Partition'
    PartitionsQuotaUsage:
      required:
      - quota
      - remaining
      type: object
      properties:
        quota:
          type: integer
          description: Maximum number of Partitions allowed.
          format: int32
          example: 200
        remaining:
          type: integer
          description: Remaining number of Partitions allowed.
          format: int32
          example: 121
    GetDataForwardingDestinations:
      type: object
      properties:
        nextToken:
          type: string
          description: Next continuation token.
          example: VEZuRU4veXF2UWFCUURYSDNQUzJxWlpRRUsvTlBieXA
        data:
          type: array
          description: List of data forwarding destinations.
          items:
            $ref: '#/components/schemas/BucketDefinition'
    BucketDefinition:
      type: object
      allOf:
      - $ref: '#/components/schemas/CreateBucketDefinition'
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - bucketName
        - destinationName
        - id
        properties:
          id:
            type: string
            description: The unique identifier of the data forwarding destination.
            example: '1'
          invalidatedBySystem:
            type: boolean
            description: True if invalidated by the system.
    CreateBucketDefinition:
      type: object
      allOf:
      - $ref: '#/components/schemas/UpdateBucketDefinition'
      - $ref: '#/components/schemas/CreateBucketDefinitionItems'
    UpdateBucketDefinition:
      required:
      - authenticationMode
      type: object
      properties:
        destinationName:
          type: string
          description: Name of the S3 data forwarding destination.
          example: df-destination
        description:
          type: string
          description: Description of the S3 data forwarding destination.
        authenticationMode:
          type: string
          description: 'AWS IAM authentication method used for access. Possible values
            are: 1. `AccessKey` 2. `RoleBased`'
          example: RoleBased
        accessKeyId:
          type: string
          description: The AWS Access ID to access the S3 bucket.
          example: accessKeyId
        secretAccessKey:
          type: string
          description: The AWS Secret Key to access the S3 bucket.
          example: secretAccessKey
        roleArn:
          type: string
          description: The AWS Role ARN to access the S3 bucket.
          example: roleArn
        region:
          type: string
          description: The region where the S3 bucket is located.
          example: us-east-1
        encrypted:
          type: boolean
          description: Enable S3 server-side encryption.
        enabled:
          type: boolean
          description: True if the destination is Active.
          example: true
    CreateBucketDefinitionItems:
      required:
      - authenticationMode
      - bucketName
      - destinationName
      type: object
      properties:
        bucketName:
          pattern: (?!(^xn--|-s3alias$))^[a-z0-9][a-z0-9-.]{1,61}[a-z0-9]$
          type: string
          description: The name of the Amazon S3 bucket.
          example: df-bucket
          x-pattern-message: Must be a valid AWS S3 Bucket name.
    GetRulesAndBucketsResult:
      type: object
      properties:
        data:
          type: array
          description: List of S3 data forwarding rules.
          items:
            $ref: '#/components/schemas/RuleAndBucketDetail'
        nextToken:
          type: string
          description: Next continuation token.
          example: VEZuRU4veXF2UWFCUURYSDNQUzJxWlpRRUsvTlBieXA
    RuleAndBucketDetail:
      allOf:
      - $ref: '#/components/schemas/DataForwardingRule'
      - type: object
        properties:
          bucket:
            $ref: '#/components/schemas/logs-data-forwarding-rule-management'
    DataForwardingRule:
      allOf:
      - $ref: '#/components/schemas/CreateDataForwardingRule'
      - $ref: '#/components/schemas/MetadataModel'
      - type: object
        properties:
          id:
            type: string
            description: The unique identifier of the data forwarding rule.
            example: '1'
    CreateDataForwardingRule:
      required:
      - destinationId
      - indexId
      type: object
      properties:
        indexId:
          type: string
          description: The `id` of the Partition or Scheduled View the rule applies
            to.
          example: '1'
        destinationId:
          type: string
          description: The data forwarding destination id.
          example: '1'
        enabled:
          type: boolean
          description: True when the data forwarding rule is enabled.
          example: true
        fileFormat:
          type: string
          description: Specify the path prefix to a directory in the S3 bucket and
            how to format the file name.
          example: '{index}_{day}_{hour}_{minute}_{second}'
        payloadSchema:
          pattern: ^(builtInFields|allFields|raw)$
          type: string
          description: Schema for the payload. Default value of the payload schema
            is "allFields" for scheduled view, and "builtInFields" for partition.
            "raw" payloadSchema should be used in conjunction with "text" format and
            vice-versa.
          example: builtInFields
          x-pattern-message: 'should be one of the following: ''builtInFields'', ''allFields''
            or ''raw'''
        format:
          pattern: ^(csv|json|text)$
          type: string
          description: Format of the payload. Default format will be "csv". "text"
            format should be used in conjunction with "raw" payloadSchema and vice-versa.
          example: csv
          x-pattern-message: 'should be one of the following: ''csv'', ''json'' or
            ''text'''
    UpdateDataForwardingRule:
      type: object
      properties:
        destinationId:
          type: string
          description: Data forwarding destination id.
          example: '1'
        enabled:
          type: boolean
          description: True when the data forwarding rule is enabled.
          example: true
        fileFormat:
          type: string
          description: Specify the path prefix to a directory in the S3 bucket and
            how to format the file name.
          example: '{index}_{day}_{hour}_{minute}_{second}'
        payloadSchema:
          pattern: ^(builtInFields|allFields|raw)$
          type: string
          description: Schema for the payload. Default value of the payload schema
            is "allFields" for scheduled view, and "builtInFields" for partition.
            "raw" payloadSchema should be used in conjunction with "text" format and
            vice-versa.
          example: builtInFields
          x-pattern-message: 'should be one of the following: ''builtInFields'', ''allFields''
            or ''raw'''
        format:
          pattern: ^(csv|json|text)$
          type: string
          description: Format of the payload. Default format will be "csv". "text"
            format should be used in conjunction with "raw" payloadSchema and vice-versa.
          example: csv
          x-pattern-message: 'should be one of the following: ''csv'', ''json'' or
            ''text'''
    PaginatedLogSearches:
      required:
      - logSearches
      type: object
      properties:
        logSearches:
          type: array
          description: List of log searches.
          items:
            $ref: '#/components/schemas/LogSearch'
        warnings:
          type: array
          description: List of warning messages for invalid log search definitions.
          items:
            type: string
            example: 'Invalid saved search: <saved_search_name>. Please validate your
              saved search.'
        token:
          type: string
          description: Next continuation token. `token` is set to null when no more
            pages are left.
          example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
    LogSearch:
      allOf:
      - $ref: '#/components/schemas/LogSearchDefinition'
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - id
        type: object
        properties:
          id:
            type: string
            description: Identifier of the saved log search.
            example: 000000000000001A
          parentId:
            type: string
            description: Identifier of the parent element in the content library,
              such as folder.
            example: 0000000000007D2B
      x-tf-generated-properties: id,parentId,name,description,schedule,queryString,timeRange,runByReceiptTime,queryParameters,parsingMode,intervalTimeType
      x-tf-resource-name: LogSearch
    LogSearchDefinition:
      type: object
      allOf:
      - $ref: '#/components/schemas/LogSearchQueryTimeRangeBase'
      - required:
        - name
        properties:
          name:
            maxLength: 255
            minLength: 1
            pattern: ^[a-zA-Z0-9 +%-@.,_()\\]+$
            type: string
            description: Name of the item in the content library.
            example: Short title
          description:
            maxLength: 255
            type: string
            description: Item description in the content library.
            example: Long and detailed description
          schedule:
            $ref: '#/components/schemas/LogSearchScheduleSyncDefinition'
          properties:
            maxLength: 65536
            type: string
            description: 'Aggregate Results Settings and View configurations, Legends
              settings, and different visualisation settings overrides. Leave this
              field empty to use the defaults.

              This property contains JSON object encoded as a string.

              '
            example: '{ "key": "value" }'
    LogSearchQueryTimeRangeBase:
      description: Definition of the saved log search with query and timerange.
      allOf:
      - $ref: '#/components/schemas/LogSearchQueryTimeRangeBaseExceptParsingMode'
      - $ref: '#/components/schemas/LogSearchQueryParsingMode'
    LogSearchQueryTimeRangeBaseExceptParsingMode:
      required:
      - queryString
      - timeRange
      type: object
      properties:
        queryString:
          maxLength: 15000
          type: string
          description: Query to perform.
          example: error {{sourceCategory}}| count by _sourceCategory
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
        runByReceiptTime:
          type: boolean
          description: This has the value `true` if the search is to be run by receipt
            time and `false` if it is to be run by message time.
          example: false
          default: false
        queryParameters:
          maxLength: 50
          type: array
          description: 'Values for search template used in the search query. Learn
            more about the search templates here : https://help.sumologic.com/docs/search/get-started-with-search/build-search/search-templates/'
          items:
            $ref: '#/components/schemas/LogSearchQueryParameterSyncDefinitionBase'
        intervalTimeType:
          pattern: ^(messageTime|receiptTime|searchableTime)$
          type: string
          description: This parameter defines whether you want to run the search by
            messageTime, receiptTime, or searchableTime.  By default, the search will
            run by messageTime. If both runByReceiptTime and intervalTimeType parameters
            are present then  the preference will be given to the intervalTimeType.
          example: messageTime
          default: messageTime
          x-pattern-message: should be either 'messageTime' or 'receiptTime' or 'searchableTime'
      description: Definition of the saved log search with query and timerange.
    LogSearchQueryParameterSyncDefinitionBase:
      required:
      - dataType
      - name
      - value
      type: object
      properties:
        autoComplete:
          $ref: '#/components/schemas/AutoCompleteDefinition'
        name:
          maxLength: 50
          pattern: ^[a-zA-Z0-9_]+$
          type: string
          description: The name of the parameter.
          example: sourceCategory
          x-pattern-message: Name must be between 1 and 50 Characters. Can only consist
            alphanumeric and underscore characters.
        description:
          maxLength: 256
          pattern: ^[a-zA-Z0-9@ \-_\.]+$
          type: string
          description: A description of the parameter.
          example: source category for the string
          x-pattern-message: Description must be between 1 and 256 Characters. Can
            only consist alphanumeric, @, underscore and dash characters.
        dataType:
          pattern: ^(NUMBER|STRING|ANY|KEYWORD)$
          type: string
          description: "The data type of the parameter. Supported values are:\n  1.\
            \ `NUMBER`\n  2. `STRING`\n  3. `ANY`\n  4. `KEYWORD`"
          example: STRING
        value:
          maxLength: 256
          type: string
          description: A value for the parameter. Should be compatible with the type
            set in dataType field.
          example: apache
    LogSearchQueryParsingMode:
      type: object
      properties:
        parsingMode:
          pattern: ^(AutoParse|Manual)$
          type: string
          description: "Define the parsing mode to scan the JSON format log messages.\
            \ Possible values are:\n  1. `AutoParse`\n  2. `Manual`\nIn AutoParse\
            \ mode, the system automatically figures out fields to parse based on\
            \ the search query. While in the Manual mode, no fields are parsed out\
            \ automatically. For more information see [Dynamic Parsing](https://help.sumologic.com/?cid=0011)."
          example: AutoParse
          default: Manual
      description: Definition of log search parsing mode
    SaveLogSearchRequest:
      type: object
      description: The definition of the log search to save in the content library.
      allOf:
      - $ref: '#/components/schemas/LogSearchDefinition'
      - required:
        - parentId
        properties:
          parentId:
            type: string
            description: Identifier of a folder where to save the log search.
            example: 000000000000001A
    ListDeletionRulesResponse:
      required:
      - deletionRulesList
      type: object
      properties:
        deletionRulesList:
          type: array
          description: List of data deletion rules.
          items:
            $ref: '#/components/schemas/DeletionRuleDefinition'
        next:
          type: string
          description: Next Continuation token
    DeletionRuleDefinition:
      allOf:
      - $ref: '#/components/schemas/CreateDeletionRuleRequest'
      - type: object
        properties:
          id:
            type: string
            description: Identifier for the deletion rule.
          createdAt:
            type: string
            description: Creation timestamp in UTC.
            format: date-time
          modifiedAt:
            type: string
            description: Last modification timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
              format.
            format: date-time
          error:
            type: string
            description: Errors related to the deletion rule.
          status:
            type: string
            description: Status of the deletion rule.
          createdBy:
            type: string
            description: Identifier of the user who created the deletion rule.
            example: 0000000006743FE8
          modifiedBy:
            type: string
            description: Identifier of the user who last modified the resource.
            example: 0000000006743FE8
          deletedRanges:
            type: array
            description: List of the different units of deleted ranges since the deletion
              rule has been created.
            items:
              $ref: '#/components/schemas/DeletedRange'
    CreateDeletionRuleRequest:
      required:
      - endMillis
      - query
      - ruleName
      - ruleReason
      - startMillis
      type: object
      properties:
        ruleName:
          maxLength: 127
          minLength: 1
          type: string
          description: Name of the deletion rule.
        ruleReason:
          maxLength: 255
          minLength: 1
          type: string
          description: Reason mentioning what data is being deleted and why.
        query:
          maxLength: 15000
          minLength: 0
          type: string
          description: query to filter out the logs that need to be deleted.
        startMillis:
          type: integer
          description: Start time of the search as a number of milliseconds.
          format: int64
          example: 1704976268773
        endMillis:
          type: integer
          description: End time of the search as a number of milliseconds.
          format: int64
          example: 1704977168773
        byReceiptTime:
          type: boolean
          description: Flag to order the search results in the order collector received
            it. This has the value `true` if the search is to be run by receipt time
            and `false` if it is to be run by message time.
          default: false
        timezone:
          type: string
          description: Timezone for the resolving timerange from startMillis,endMillis
          default: UTC
        parsingMode:
          pattern: ^(AutoParse|Manual)$
          type: string
          description: "Define the parsing mode to scan the JSON format log messages.\
            \ Possible values are:\n  1. `AutoParse`\n  2. `Manual`\nIn AutoParse\
            \ mode, the system automatically figures out fields to parse based on\
            \ the search query. While in the Manual mode, no fields are parsed out\
            \ automatically. For more information see [Dynamic Parsing](https://help.sumologic.com/?cid=0011)."
          example: AutoParse
          default: Manual
    DeletedRange:
      required:
      - endTime
      - startTime
      type: object
      properties:
        startTime:
          type: string
          description: Start of the timestamp for each unit of filled ranges, expressed
            in timeZone specified in rule.
          format: date-time
        endTime:
          type: string
          description: End of the timestamp for each unit of filled ranges, expressed
            in timeZone specified in rule.
          format: date-time
      description: Range of timestamps from which logs obtained from the query have
        been deleted.
    ListDataMaskingRulesResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of data masking rules.
          items:
            $ref: '#/components/schemas/DataMaskingRule'
        next:
          type: string
          description: Next continuation token. Null if this is the last page.
    DataMaskingRule:
      type: object
      allOf:
      - $ref: '#/components/schemas/DataMaskingRuleDefinition'
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - id
        properties:
          id:
            type: string
            description: Unique identifier for the data masking rule.
            example: 00000000FF42A0C3
      x-tf-generated-properties: id,name,description,regexPattern,maskString,enabled
      x-tf-resource-name: DataMaskingRule
    DataMaskingRuleDefinition:
      type: object
      allOf:
      - $ref: '#/components/schemas/BaseDataMaskingRuleDefinition'
      - required:
        - name
        properties:
          name:
            maxLength: 128
            minLength: 1
            type: string
            description: Name of the data masking rule. Use a name that makes it easy
              to identify the rule. Must be unique within the organization. This field
              is immutable and cannot be changed after creation.
            example: Email Masking
    BaseDataMaskingRuleDefinition:
      required:
      - enabled
      - regexPattern
      type: object
      properties:
        description:
          maxLength: 512
          type: string
          description: Optional description of the data masking rule. Provide context
            about what PII this rule masks and why it's needed.
          example: Masks email addresses in application logs
        regexPattern:
          maxLength: 2048
          minLength: 1
          type: string
          description: Regular expression pattern to match PII data that should be
            masked. The pattern must be valid according to Java regex syntax. All
            matches in search results will be replaced with the mask string.
          example: \b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b
        maskString:
          maxLength: 64
          minLength: 1
          type: string
          description: The string to replace matched PII with. Defaults to '##redactedPII##'
            if not specified. Use descriptive mask strings like 'EMAIL_REDACTED' or
            'PHONE_REDACTED' for clarity.
          example: EMAIL_REDACTED
          default: '##redactedPII##'
        enabled:
          type: boolean
          description: Whether the data masking rule is active. Only enabled rules
            are applied to search results. Set to false to temporarily disable a rule
            without deleting it.
          default: true
    ListExtractionRulesResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of field extraction rules.
          items:
            $ref: '#/components/schemas/ExtractionRule'
        next:
          type: string
          description: Next continuation token.
    ExtractionRule:
      type: object
      allOf:
      - $ref: '#/components/schemas/ExtractionRuleDefinition'
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - id
        properties:
          id:
            type: string
            description: Unique identifier for the field extraction rule.
          fieldNames:
            type: array
            description: List of extracted fields from "parseExpression".
            items:
              type: string
      x-tf-generated-properties: id,name,scope,parseExpression,enabled
      x-tf-resource-name: ExtractionRule
    ExtractionRuleDefinition:
      allOf:
      - $ref: '#/components/schemas/BaseExtractionRuleDefinition'
      - type: object
        properties:
          enabled:
            type: boolean
            description: Is the field extraction rule enabled.
            default: true
    BaseExtractionRuleDefinition:
      required:
      - name
      - parseExpression
      - scope
      type: object
      properties:
        name:
          maxLength: 256
          minLength: 1
          type: string
          description: Name of the field extraction rule. Use a name that makes it
            easy to identify the rule.
          example: ExtractionRule123
        scope:
          maxLength: 2048
          minLength: 0
          type: string
          description: Scope of the field extraction rule. This could be a sourceCategory,
            sourceHost, or any other metadata that describes the data you want to
            extract from. Think of the Scope as the first portion of an ad hoc search,
            before the first pipe ( | ). You'll use the Scope to run a search against
            the rule.
          example: _sourceHost=127.0.0.1
        parseExpression:
          maxLength: 16384
          type: string
          description: Describes the fields to be parsed.
          example: csv _raw extract 1 as f1
    UpdateExtractionRuleDefinition:
      allOf:
      - $ref: '#/components/schemas/BaseExtractionRuleDefinition'
      - required:
        - enabled
        type: object
        properties:
          enabled:
            type: boolean
            description: Is the field extraction rule enabled.
    ListDynamicRulesResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of dynamic parsing rules.
          items:
            $ref: '#/components/schemas/DynamicRule'
        next:
          type: string
          description: Next continuation token.
          example: 0000000001C51FF7
    DynamicRule:
      type: object
      allOf:
      - $ref: '#/components/schemas/DynamicRuleDefinition'
      - $ref: '#/components/schemas/Metadata'
      - required:
        - id
        - isSystemRule
        properties:
          id:
            type: string
            description: Unique identifier for the dynamic parsing rule.
            example: 0000000001C41EE4
          isSystemRule:
            type: boolean
            description: Whether the rule has been defined by the system, rather than
              by a user.
            example: false
    DynamicRuleDefinition:
      required:
      - enabled
      - name
      - scope
      type: object
      properties:
        name:
          maxLength: 256
          minLength: 1
          type: string
          description: Name of the dynamic parsing rule. Use a name that makes it
            easy to identify the rule.
          example: DynamicParsingRule123
        scope:
          maxLength: 2048
          minLength: 1
          type: string
          description: Scope of the dynamic parsing rule. This could be a sourceCategory,
            sourceHost, or any other metadata that describes the data you want to
            extract from. Think of the Scope as the first portion of an ad hoc search,
            before the first pipe ( | ). You'll use the Scope to run a search against
            the rule.
          example: _sourceHost=127.0.0.1
        enabled:
          type: boolean
          description: Is the dynamic parsing rule enabled.
          example: false
          default: true
    ListCustomFieldsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of custom fields.
          items:
            $ref: '#/components/schemas/CustomField'
    CustomField:
      allOf:
      - $ref: '#/components/schemas/FieldName'
      - required:
        - dataType
        - fieldId
        - state
        type: object
        properties:
          fieldId:
            type: string
            description: Identifier of the field.
            example: 00000000031D02DA
          dataType:
            pattern: ^(String|Long|Int|Double|Boolean)$
            type: string
            description: Field type. Possible values are `String`, `Long`, `Int`,
              `Double`, and `Boolean`.
            example: String
            x-pattern-message: Must be `String`, `Long`, `Int`, `Double` or `Boolean`
          state:
            pattern: ^(Enabled|Disabled)$
            type: string
            description: Indicates whether the field is enabled and its values are
              being accepted. Possible values are `Enabled` and `Disabled`.
            example: Enabled
            x-pattern-message: Must be `Enabled` or `Disabled`
    FieldName:
      required:
      - fieldName
      type: object
      properties:
        fieldName:
          maxLength: 255
          minLength: 1
          type: string
          description: Field name.
          example: hostIP
    ListDroppedFieldsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of dropped fields.
          items:
            $ref: '#/components/schemas/DroppedField'
    DroppedField:
      allOf:
      - $ref: '#/components/schemas/FieldName'
    ListBuiltinFieldsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of built-in fields.
          items:
            $ref: '#/components/schemas/BuiltinField'
    BuiltinField:
      allOf:
      - $ref: '#/components/schemas/FieldName'
      - required:
        - dataType
        - fieldId
        - state
        type: object
        properties:
          fieldId:
            type: string
            description: Identifier of the field.
            example: 00000000031D02DA
          dataType:
            pattern: ^(String|Long|Int|Double|Boolean)$
            type: string
            description: Field type. Possible values are `String`, `Long`, `Int`,
              `Double`, and `Boolean`.
            example: String
            x-pattern-message: Must be `String`, `Long`, `Int`, `Double` or `Boolean`
          state:
            pattern: ^(Enabled|Disabled)$
            type: string
            description: Indicates whether the field is enabled and its values are
              being accepted. Possible values are `Enabled` and `Disabled`.
            example: Enabled
            x-pattern-message: Must be `Enabled` or `Disabled`
    FieldQuotaUsage:
      required:
      - quota
      - remaining
      type: object
      properties:
        quota:
          type: integer
          description: Maximum number of fields available.
          format: int32
          example: 200
        remaining:
          type: integer
          description: Current number of fields available.
          format: int32
          example: 121
    ListFieldNamesResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of all built-in and custom field names.
          items:
            $ref: '#/components/schemas/FieldName'
    ListCustomFieldsUsageResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of fields with their usages.
          items:
            $ref: '#/components/schemas/CustomFieldUsage'
    CustomFieldUsage:
      allOf:
      - $ref: '#/components/schemas/FieldName'
      - required:
        - dataType
        - fieldId
        - state
        type: object
        properties:
          fieldId:
            type: string
            description: Identifier of the field.
            example: 00000000031D02DA
          dataType:
            pattern: ^(String|Long|Int|Double|Boolean)$
            type: string
            description: Field type. Possible values are `String`, `Long`, `Int`,
              `Double`, `Boolean`.
            example: String
            x-pattern-message: Must be `String`, `Long`, `Int`, `Double` or `Boolean`
          state:
            pattern: ^(Enabled|Disabled)$
            type: string
            description: Indicates whether the field is enabled and its values are
              being accepted. Possible values are `Enabled` and `Disabled`.
            example: Enabled
            x-pattern-message: Must be `Enabled` or `Disabled`
          fieldExtractionRules:
            type: array
            description: An array of hexadecimal identifiers of field extraction rules
              which use this field.
            items:
              type: string
          roles:
            type: array
            description: An array of hexadecimal identifiers of roles which use this
              field in the search filter.
            items:
              type: string
          partitions:
            type: array
            description: An array of hexadecimal identifiers of partitions which use
              this field in the routing expression.
            items:
              type: string
          collectorsCount:
            type: integer
            description: Total number of collectors using this field.
            format: int32
            example: 228
          sourcesCount:
            type: integer
            description: Total number of sources using this field.
            format: int32
            example: 228
    ListBuiltinFieldsUsageResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of fields with their usages.
          items:
            $ref: '#/components/schemas/BuiltinFieldUsage'
    BuiltinFieldUsage:
      allOf:
      - $ref: '#/components/schemas/FieldName'
      - required:
        - dataType
        - fieldId
        - state
        type: object
        properties:
          fieldId:
            type: string
            description: Identifier of the field.
            example: 00000000031D02DA
          dataType:
            pattern: ^(String|Long|Int|Double|Boolean)$
            type: string
            description: Field type. Possible values are `String`, `Long`, `Int`,
              `Double`, `Boolean`.
            example: String
            x-pattern-message: Must be `String`, `Long`, `Int`, `Double` or `Boolean`
          state:
            pattern: ^(Enabled|Disabled)$
            type: string
            description: Indicates whether the field is enabled and its values are
              being accepted. Possible values are `Enabled` and `Disabled`.
            example: Enabled
            x-pattern-message: Must be `Enabled` or `Disabled`
          fieldExtractionRules:
            type: array
            description: An array of hexadecimal identifiers of field extraction rules
              which use this field.
            items:
              type: string
          roles:
            type: array
            description: An array of hexadecimal identifiers of roles which use this
              field in the search filter.
            items:
              type: string
          partitions:
            type: array
            description: An array of hexadecimal identifiers of partitions which use
              this field in the routing expression.
            items:
              type: string
    GetCollectorsUsageResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of collectors.
          items:
            $ref: '#/components/schemas/Collector'
        next:
          type: string
          description: Next continuation token.
    Collector:
      required:
      - collectorId
      - collectorName
      type: object
      properties:
        collectorId:
          type: string
          description: Identifier of a collector.
          example: 000000000000000F
        collectorName:
          type: string
          description: Name of a collector.
          example: SyslogCollector
    GetSourcesUsageResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of sources.
          items:
            $ref: '#/components/schemas/Source'
        next:
          type: string
          description: Next continuation token.
    Source:
      required:
      - sourceId
      - sourceName
      type: object
      properties:
        sourceId:
          type: string
          description: Identifier of a source.
          example: 000000000000000F
        sourceName:
          type: string
          description: Name of a source.
          example: Collector
    ListIngestBudgetsResponseV2:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of ingest budgets.
          items:
            $ref: '#/components/schemas/IngestBudgetV2'
        next:
          type: string
          description: Next continuation token.
    IngestBudgetV2:
      type: object
      allOf:
      - $ref: '#/components/schemas/IngestBudgetDefinitionV2'
      - required:
        - createdAt
        - createdBy
        - id
        - modifiedAt
        - modifiedBy
        - version
        properties:
          id:
            type: string
            description: Unique identifier for the ingest budget.
            example: 0000000003343FDD
          usageBytes:
            type: integer
            description: Current usage since the last reset, in bytes.
            format: int64
            example: 900
          usageStatus:
            pattern: ^(Normal|Approaching|Exceeded|Unknown)$
            type: string
            description: Status of the current usage. Can be `Normal`, `Approaching`,
              `Exceeded`, or `Unknown` (unable to retrieve usage).
            example: Approaching
            x-pattern-message: must be either `Normal`, `Approaching`, `Exceeded`,
              or `Unknown`
          createdAt:
            type: string
            description: The creation timestamp in UTC of the Ingest Budget.
            format: date-time
            example: 2018-10-16 09:10:00+00:00
          createdBy:
            type: string
            description: The identifier of the user who created the Ingest Budget.
            example: 0000000006743FDD
          modifiedAt:
            type: string
            description: The modified timestamp in UTC of the Ingest Budget.
            format: date-time
            example: 2018-10-16 09:10:00+00:00
          modifiedBy:
            type: string
            description: The identifier of the user who modified the Ingest Budget.
            example: 0000000001243FDD
          budgetVersion:
            type: integer
            description: The version of the Ingest Budget
            format: int32
            example: 2
    IngestBudgetDefinitionV2:
      required:
      - action
      - capacityBytes
      - name
      - scope
      type: object
      properties:
        name:
          maxLength: 128
          minLength: 1
          type: string
          description: Display name of the ingest budget.
          example: Developer Budget
        scope:
          maxLength: 1024
          minLength: 1
          type: string
          description: A scope is a constraint that will be used to identify the messages
            on which budget needs to be applied. A scope is consists of key and value
            separated by =. The field must be enabled in the fields table. Value supports
            wildcard. e.g. _sourceCategory=*prod*payment*, cluster=kafka. If the scope
            is defined _sourceCategory=*nginx* in this budget will be applied on messages
            having fields _sourceCategory=prod/nginx, _sourceCategory=dev/nginx, or
            _sourceCategory=dev/nginx/error
          example: _sourceCategory=*prod*nginx*
        capacityBytes:
          minimum: 1
          type: integer
          description: Capacity of the ingest budget, in bytes. It takes a few minutes
            for Collectors to stop collecting when capacity is reached. We recommend
            setting a soft limit that is lower than your needed hard limit. The capacity
            bytes unit varies based on the budgetType field. For `dailyVolume` budgetType
            the capacity specified is in bytes/day whereas for `minuteVolume` budgetType
            its bytes/min.
          format: int64
          example: 1000
        timezone:
          type: string
          description: Time zone of the reset time for the ingest budget. Follow the
            format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
          example: America/Los_Angeles
          default: Etc/UTC
        resetTime:
          maxLength: 5
          minLength: 5
          type: string
          description: Reset time of the ingest budget in HH:MM format.
          example: 1410
          default: 00:00
        description:
          maxLength: 1024
          minLength: 0
          type: string
          description: Description of the ingest budget.
        action:
          pattern: ^(keepCollecting|stopCollecting)$
          type: string
          description: "Action to take when ingest budget's capacity is reached. All\
            \ actions are audited. Supported values are:\n  * `stopCollecting`\n \
            \ * `keepCollecting`"
          example: stopCollecting
          x-pattern-message: must be either `keepCollecting` or `stopCollecting`
        auditThreshold:
          maximum: 99
          minimum: 1
          type: integer
          description: The threshold as a percentage of when an ingest budget's capacity
            usage is logged in the Audit Index.
          format: int32
          example: 85
    ListUserModelsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of users.
          items:
            $ref: '#/components/schemas/UserModel'
        next:
          type: string
          description: Next continuation token.
          example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
    UserModel:
      type: object
      allOf:
      - $ref: '#/components/schemas/CreateUserDefinition'
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - id
        properties:
          id:
            type: string
            description: Unique identifier for the user.
            example: 000000000FE20FE2
          isActive:
            type: boolean
            description: True if the user is active.
            example: true
          isLocked:
            type: boolean
            description: This has the value `true` if the user's account has been
              locked. If a user tries to log into their account several times and
              fails, his or her account will be locked for security reasons.
            example: false
          isMfaEnabled:
            type: boolean
            description: True if multi factor authentication is enabled for the user.
            example: false
          lastLoginTimestamp:
            type: string
            description: Timestamp of the last login for the user in UTC. Will be
              null if the user has never logged in.
            format: date-time
    CreateUserDefinition:
      required:
      - email
      - firstName
      - lastName
      - roleIds
      type: object
      properties:
        firstName:
          maxLength: 128
          minLength: 1
          type: string
          description: First name of the user.
          example: John
        lastName:
          maxLength: 128
          minLength: 0
          type: string
          description: Last name of the user.
          example: Doe
        email:
          maxLength: 255
          type: string
          description: Email address of the user.
          format: email
          example: johndoe@acme.com
        roleIds:
          type: array
          description: List of roleIds associated with the user.
          example:
          - 00000000000001DF
          - 00000000000002D2
          items:
            type: string
    ListUserId:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of users.
          items:
            type: string
    UpdateUserDefinition:
      required:
      - firstName
      - lastName
      type: object
      properties:
        firstName:
          maxLength: 128
          minLength: 1
          type: string
          description: First name of the user. If the caller has `manageUsersAndRoles`
            capability, this field can be updated for any user. If the caller does
            NOT have `manageUsersAndRoles` capability, then only the calling user's
            firstName can be updated.
          example: John
        lastName:
          maxLength: 128
          minLength: 0
          type: string
          description: Last name of the user. If the caller has `manageUsersAndRoles`
            capability, this field can be updated for any user. If the caller does
            NOT have `manageUsersAndRoles` capability, then only the calling user's
            lastName can be updated.
          example: Doe
        isActive:
          type: boolean
          description: This has the value `true` if the user is active and `false`
            if they have been deactivated. To modify this field you must have the
            `manageUserAndRoles` capability.
          example: true
        roleIds:
          type: array
          description: List of role identifiers associated with the user. To modify
            this field you must have the `manageUserAndRoles` capability.
          example:
          - 00000000000001DF
          - 00000000000002D2
          items:
            type: string
    ChangeEmailRequest:
      required:
      - email
      type: object
      properties:
        email:
          maxLength: 255
          type: string
          description: New email address of the user.
          format: email
          example: johndoe@acme.com
    DisableMfaRequest:
      required:
      - email
      - password
      type: object
      properties:
        email:
          maxLength: 255
          type: string
          description: Email of user whose mfa is being disabled.
          format: email
          example: johndoe@cme.com
        password:
          type: string
          description: Password of user whose mfa is being disabled.
    UserInterests:
      required:
      - interests
      type: object
      properties:
        interests:
          type: array
          description: Labels of user interests.
          example:
          - Kubernetes
          - AWS
          items:
            type: string
    ListRoleModelsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of roles.
          items:
            $ref: '#/components/schemas/RoleModel'
        next:
          type: string
          description: Next continuation token.
          example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
    RoleModel:
      type: object
      allOf:
      - $ref: '#/components/schemas/CreateRoleDefinition'
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - id
        properties:
          id:
            type: string
            description: Unique identifier for the role.
            example: 0000000000E20FE3
          systemDefined:
            type: boolean
            description: Role is system or user defined.
            example: false
      x-tf-generated-properties: id,name,description,filterPredicate,capabilities
      x-tf-resource-name: Role
    CreateRoleDefinition:
      required:
      - name
      type: object
      properties:
        name:
          maxLength: 128
          minLength: 1
          type: string
          description: Name of the role.
          example: DataAdmin
        description:
          maxLength: 255
          minLength: 0
          type: string
          description: Description of the role.
          example: Manage data of the org.
        filterPredicate:
          type: string
          description: A search filter to restrict access to specific logs. The filter
            is silently added to the beginning of each query a user runs. For example,
            using '!_sourceCategory=billing' as a filter predicate will prevent users
            assigned to the role from viewing logs from the source category named
            'billing'.
          example: '!_sourceCategory=billing'
        users:
          type: array
          description: List of user identifiers to assign the role to.
          example:
          - 0000000006743FE0
          - 0000000005FCE0EE
          items:
            type: string
        capabilities:
          type: array
          description: "List of [capabilities](https://help.sumologic.com/docs/manage/users-roles/roles/role-capabilities/)\
            \ associated with this role. Valid values are\n### Data Management\n \
            \ - viewCollectors\n  - manageCollectors\n  - manageBudgets\n  - manageDataVolumeFeed\n\
            \  - viewFieldExtraction\n  - manageFieldExtractionRules\n  - manageS3DataForwarding\n\
            \  - manageContent\n  - manageApps\n  - dataVolumeIndex\n  - manageConnections\n\
            \  - viewScheduledViews\n  - manageScheduledViews\n  - viewPartitions\n\
            \  - managePartitions\n  - viewFields\n  - manageFields\n  - viewAccountOverview\n\
            \  - manageTokens\n  - downloadSearchResults\n  - manageIndexes\n  - manageDataStreams\n\
            \  - viewParsers\n  - viewDataStreams\n\n### Entity management\n  - manageEntityTypeConfig\n\
            \n### Metrics\n  - metricsTransformation\n  - metricsExtraction\n  - metricsRules\n\
            \n### Security\n  - managePasswordPolicy\n  - ipAllowlisting\n  - ipWhitelisting\n\
            \  - createAccessKeys\n  - manageAccessKeys\n  - manageSupportAccountAccess\n\
            \  - manageAuditDataFeed\n  - manageSaml\n  - shareDashboardOutsideOrg\n\
            \  - manageOrgSettings\n  - changeDataAccessLevel\n\n### Dashboards\n\
            \  - shareDashboardWorld\n  - shareDashboardAllowlist\n  - shareDashboardWhitelist\n\
            \n### UserManagement\n  - manageUsersAndRoles\n\n### Observability\n \
            \ - searchAuditIndex\n  - auditEventIndex\n\n### Cloud SIEM Enterprise\n\
            \  - viewCse\n  - cseViewAutomations\n  - cseManageContextActions\n  -\
            \ cseViewNetworkBlocks\n  - cseManageInsightTags\n  - cseViewRules\n \
            \ - cseViewThreatIntelligence\n  - cseCommentOnInsights\n  - cseViewEntityGroups\n\
            \  - cseManageEntityConfiguration\n  - cseManageNetworkBlocks\n  - cseManageMatchLists\n\
            \  - cseViewCustomInsights\n  - cseManageActions\n  - cseManageAutomations\n\
            \  - cseManageMappings\n  - cseManageThreatIntelligence\n  - cseViewActions\n\
            \  - cseCreateInsights\n  - cseManageTagSchemas\n  - cseInvokeInsights\n\
            \  - cseManageCustomEntityType\n  - cseViewTagSchemas\n  - cseDeleteInsights\n\
            \  - cseManageCustomInsights\n  - cseViewFileAnalysis\n  - cseManageFileAnalysis\n\
            \  - cseManageEntityCriticality\n  - cseViewEntityCriticality\n  - cseViewEntity\n\
            \  - cseManageCustomInsightStatuses\n  - cseViewContextActions\n  - cseViewMappings\n\
            \  - cseViewCustomEntityType\n  - cseManageEntityGroups\n  - cseViewCustomInsightStatuses\n\
            \  - cseViewEnrichments\n  - cseManageInsightSignals\n  - cseManageRules\n\
            \  - cseManageArtifacts\n  - cseViewMatchLists\n  - cseManageInsightPolicy\n\
            \  - cseManageEnrichments\n  - cseViewEntityConfiguration\n  - cseManageEntity\n\
            \  - cseExecuteAutomations\n  - cseManageSuppressedEntities\n  - cseManageInsightStatus\
            \  \n  - cseManageInsightAssignee\n  - cseManageFavoriteFields\n  - cseViewSuppressedEntities\n\
            \n### Alerting\n  - viewMonitorsV2\n  - manageMonitorsV2\n  - viewAlerts\n\
            \  - viewMutingSchedules\n  - manageMutingSchedules\n  - adminMonitorsV2\n\
            \n### SLO\n  - viewSlos\n  - manageSlos\n\n### CloudSoar\n  - cloudSoarPlaybooksAccess\n\
            \  - cloudSoarNotificationConfigure\n  - cloudSoarReportAll\n  - cloudSoarIncidentTriageAccess\n\
            \  - cloudSoarIncidentTaskView\n  - cloudSoarIncidentChangeOwnership\n\
            \  - cloudSoarIncidentNotesEdit\n  - cloudSoarAPIEmailEdit\n  - cloudSoarIncidentTemplatesAccess\n\
            \  - cloudSoarIncidentPlaybooksManage\n  - cloudSoarGeneralConfigure\n\
            \  - cloudSoarEntitiesAccess\n  - cloudSoarEntitiesBulkPhysicalDelete\n\
            \  - cloudSoarIncidentAttachmentsAccess\n  - cloudSoarAppCentralAccess\n\
            \  - cloudSoarBridgeMonitoringAccess\n  - viewCloudSoar\n  - cloudSoarIncidentView\n\
            \  - cloudSoarObservabilityAccess\n  - cloudSoarAPIEmailRead\n  - cloudSoarAppCentralExport\n\
            \  - cloudSoarWidgetsAll\n  - cloudSoarIncidentTaskReassign\n  - cloudSoarIntegrationsAccess\n\
            \  - cloudSoarCustomizationIncidentLabels\n  - cloudSoarAutomationRulesConfigure\n\
            \  - cloudSoarIncidentTaskAccessAll\n  - cloudSoarAuditAndInformationConfigureAuditTrail\n\
            \  - cloudSoarIncidentTriageEdit\n  - cloudSoarIncidentEdit\n  - cloudSoarNotificationTriage\n\
            \  - cloudSoarIncidentTriageBulkPhysicalDelete\n  - cloudSoarIncidentNotesAccess\n\
            \  - cloudSoarAPIUse\n  - cloudSoarIncidentPlaybooksEdit\n  - cloudSoarDashboardAll\n\
            \  - cloudSoarEntitiesManage\n  - cloudSoarIncidentTemplatesConfigure\n\
            \  - cloudSoarIncidentTriageAccessAll\n  - cloudSoarPlaybooksConfigure\n\
            \  - cloudSoarIncidentAccessAll\n  - cloudSoarCustomizationLogo\n  - cloudSoarIncidentTaskAccess\n\
            \  - cloudSoarIncidentTriageView\n  - cloudSoarIntegrationsConfigure\n\
            \  - cloudSoarIncidentManageInvestigators\n  - cloudSoarIncidentAccess\n\
            \  - cloudSoarAuditAndInformationLicenseInformation\n  - cloudSoarIncidentBulkOperations\n\
            \  - cloudSoarCustomizationFields\n  - cloudSoarIncidentTaskEdit\n  -\
            \ cloudSoarDashboardAccess\n  - cloudSoarIncidentAttachmentsEdit\n  -\
            \ cloudSoarIncidentFoldersEdit\n  - cloudSoarUserManagementGroups\n  -\
            \ cloudSoarIncidentPlaybooksAccess\n  - cloudSoarIncidentWarRoomUse\n\
            \  - cloudSoarReportAccess\n  - cloudSoarAuditAndInformationAuditTrail\n\
            \  - cloudSoarAutomationRulesAccess\n  - cloudSoarIncidentTriageChangeOwnership\n\
            \  - cloudSoarObservabilityManagement"
          example:
          - manageContent
          - manageDataVolumeFeed
          - manageFieldExtractionRules
          - manageS3DataForwarding
          items:
            type: string
        autofillDependencies:
          type: boolean
          description: Set this to true if you want to automatically append all missing
            capability requirements. If set to false an error will be thrown if any
            capabilities are missing their dependencies.
          default: true
    UpdateRoleDefinition:
      required:
      - capabilities
      - description
      - filterPredicate
      - name
      - users
      type: object
      properties:
        name:
          maxLength: 128
          minLength: 1
          type: string
          description: Name of the role.
          example: DataAdmin
        description:
          maxLength: 255
          minLength: 0
          type: string
          description: Description of the role.
          example: Manage data of the org.
        filterPredicate:
          type: string
          description: A search filter to restrict access to specific logs. The filter
            is silently added to the beginning of each query a user runs. For example,
            using '!_sourceCategory=billing' as a filter predicate will prevent users
            assigned to the role from viewing logs from the source category named
            'billing'.
          example: '!_sourceCategory=billing'
        users:
          type: array
          description: List of user identifiers to assign the role to.
          example:
          - 0000000006743FE0
          - 0000000005FCE0EE
          items:
            type: string
        capabilities:
          type: array
          description: "List of [capabilities](https://help.sumologic.com/Manage/Users-and-Roles/Manage-Roles/Role-Capabilities)\
            \ associated with this role. Valid values are\n### Data Management\n \
            \ - viewCollectors\n  - manageCollectors\n  - manageBudgets\n  - manageDataVolumeFeed\n\
            \  - viewFieldExtraction\n  - manageFieldExtractionRules\n  - manageS3DataForwarding\n\
            \  - manageContent\n  - manageApps\n  - dataVolumeIndex\n  - manageConnections\n\
            \  - viewScheduledViews\n  - manageScheduledViews\n  - viewPartitions\n\
            \  - managePartitions\n  - viewFields\n  - manageFields\n  - viewAccountOverview\n\
            \  - manageTokens\n  - downloadSearchResults\n\n### Entity management\n\
            \  - manageEntityTypeConfig\n\n### Metrics\n  - metricsTransformation\n\
            \  - metricsExtraction\n  - metricsRules\n\n### Security\n  - managePasswordPolicy\n\
            \  - ipAllowlisting\n  - createAccessKeys\n  - manageAccessKeys\n  - manageSupportAccountAccess\n\
            \  - manageAuditDataFeed\n  - manageSaml\n  - shareDashboardOutsideOrg\n\
            \  - manageOrgSettings\n  - changeDataAccessLevel\n\n### Dashboards\n\
            \  - shareDashboardWorld\n  - shareDashboardAllowlist\n\n### UserManagement\n\
            \  - manageUsersAndRoles\n\n### Observability\n  - searchAuditIndex\n\
            \  - auditEventIndex\n\n### Cloud SIEM Enterprise\n  - viewCse\n\n###\
            \ Alerting\n  - viewMonitorsV2\n  - manageMonitorsV2\n  - viewAlerts"
          example:
          - manageContent
          - manageDataVolumeFeed
          - manageFieldExtractionRules
          - manageS3DataForwarding
          items:
            type: string
        autofillDependencies:
          type: boolean
          description: Set this to true if you want to automatically append all missing
            capability requirements. If set to false an error will be thrown if any
            capabilities are missing their dependencies.
          default: true
    CapabilityMap:
      required:
      - capabilities
      type: object
      properties:
        capabilities:
          maxProperties: 1000
          type: object
          additionalProperties:
            $ref: '#/components/schemas/CapabilityDefinition'
          description: Map of capabilities to their attributes
    CapabilityDefinition:
      required:
      - dependsOn
      - group
      - id
      - label
      type: object
      properties:
        id:
          type: string
          description: The name of the capability
          example: manageParsers
        label:
          type: string
          description: The UI label for the capability.
          example: Manage Parsers
        dependsOn:
          type: array
          description: Any capabilities that are required for this capability to be
            enabled.
          example:
          - ViewParsers
          - EditParsers
          items:
            type: string
        group:
          required:
          - id
          - label
          type: object
          properties:
            id:
              type: string
              description: The backend name for the capability group
              example: CloudSiem
            label:
              type: string
              description: The label for the capability group
              example: Insights
            parentId:
              type: string
              description: The ID of the parent capability group
              example: Cloud Siem
          description: The group that the capability belongs to.
        message:
          type: string
          description: Warning message that appears when this capability is enabled.
          example: By enabling this capability, you are allowing any user in this
            role to share a dashboard, including its contents, with ANYONE who has
            the URL. This URL can be shared with users outside of your organization,
            allowing them to view the dashboard and its contents. Are you sure you
            want to enable this permission?
    CapabilityList:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of capabilities
          items:
            $ref: '#/components/schemas/CapabilityDefinition'
    ListRoleModelsResponseV2:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of roles.
          items:
            $ref: '#/components/schemas/GetRoleDefinitionV2'
        next:
          type: string
          description: Next continuation token.
          example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
    GetRoleDefinitionV2:
      type: object
      allOf:
      - $ref: '#/components/schemas/RoleDefinition'
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - id
        properties:
          id:
            type: string
            description: Unique identifier for the role.
            example: 0000000000E20FE3
          systemDefined:
            type: boolean
            description: Role is system or user defined.
            example: false
    RoleDefinition:
      required:
      - name
      type: object
      properties:
        name:
          maxLength: 128
          minLength: 1
          type: string
          description: Name of the role.
          example: DataAdmin
        description:
          maxLength: 255
          minLength: 0
          type: string
          description: Description of the role.
          example: Manage data of the org.
        logAnalyticsFilter:
          type: string
          description: A search filter which would be applied on partitions which
            belong to Log Analytics product area.
          example: '!_sourceCategory=collector'
        auditDataFilter:
          type: string
          description: 'A search filter which would be applied on partitions which
            belong to Audit Data product area. Help Doc : (https://help.sumologic.com/docs/manage/security/audit-index/).'
          example: info
        securityDataFilter:
          type: string
          description: A search filter which would be applied on partitions which
            belong to Security Data product area.
          example: error
        selectionType:
          type: string
          description: "Describes the Permission Construct for the list of views in\
            \ \"selectedViews\" parameter. \n### Valid Values are : \n  - `All` selectionType\
            \ would allow access to all views in the org.\n  - `Allow` selectionType\
            \ would allow access to specific views mentioned in \"selectedViews\"\
            \ parameter.\n  - `Deny` selectionType would deny access to specific views\
            \ mentioned in \"selectedViews\" parameter."
          example: All
        selectedViews:
          type: array
          description: List of views which with specific view level filters in accordance
            to the selectionType chosen.
          items:
            $ref: '#/components/schemas/GetViewFilterDefinition'
        users:
          type: array
          description: List of user identifiers to assign the role to.
          example:
          - 0000000006743FE0
          - 0000000005FCE0EE
          items:
            type: string
        capabilities:
          type: array
          description: "List of [capabilities](https://help.sumologic.com/Manage/Users-and-Roles/Manage-Roles/Role-Capabilities)\
            \ associated with this role. Valid values are\n### Data Management\n \
            \ - viewCollectors\n  - manageCollectors\n  - manageBudgets\n  - manageDataVolumeFeed\n\
            \  - viewFieldExtraction\n  - manageFieldExtractionRules\n  - manageS3DataForwarding\n\
            \  - manageContent\n  - manageApps\n  - dataVolumeIndex\n  - manageConnections\n\
            \  - viewScheduledViews\n  - manageScheduledViews\n  - viewPartitions\n\
            \  - managePartitions\n  - viewFields\n  - manageFields\n  - viewAccountOverview\n\
            \  - manageTokens\n  - downloadSearchResults\n\n### Entity management\n\
            \  - manageEntityTypeConfig\n\n### Metrics\n  - metricsTransformation\n\
            \  - metricsExtraction\n  - metricsRules\n\n### Security\n  - managePasswordPolicy\n\
            \  - ipAllowlisting\n  - createAccessKeys\n  - manageAccessKeys\n  - manageSupportAccountAccess\n\
            \  - manageAuditDataFeed\n  - manageSaml\n  - shareDashboardOutsideOrg\n\
            \  - manageOrgSettings\n  - changeDataAccessLevel\n\n### Dashboards\n\
            \  - shareDashboardWorld\n  - shareDashboardAllowlist\n\n### UserManagement\n\
            \  - manageUsersAndRoles\n\n### Observability\n  - searchAuditIndex\n\
            \  - auditEventIndex\n\n### Cloud SIEM Enterprise\n  - viewCse\n\n###\
            \ Alerting\n  - viewMonitorsV2\n  - manageMonitorsV2\n  - viewAlerts"
          example:
          - manageContent
          - manageDataVolumeFeed
          - manageFieldExtractionRules
          - manageS3DataForwarding
          items:
            type: string
        autofillDependencies:
          type: boolean
          description: Set this to true if you want to automatically append all missing
            capability requirements. If set to false an error will be thrown if any
            capabilities are missing their dependencies.
          default: true
    GetViewFilterDefinition:
      required:
      - viewName
      type: object
      properties:
        viewName:
          type: string
          description: Name of the view. Help Doc:- (https://help.sumologic.com/docs/manage/partitions-data-tiers/)
          example: auditData
    RoleModelV2:
      type: object
      allOf:
      - $ref: '#/components/schemas/CreateRoleDefinitionV2'
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - id
        properties:
          id:
            type: string
            description: Unique identifier for the role.
            example: 0000000000E20FE3
          systemDefined:
            type: boolean
            description: Role is system or user defined.
            example: false
      x-tf-generated-properties: id,name,description,logAnalyticsFilter,auditDataFilter,securityDataFilter,selectionType,selectedViews,capabilities
      x-tf-resource-name: RoleV2
    CreateRoleDefinitionV2:
      required:
      - name
      type: object
      properties:
        name:
          maxLength: 128
          minLength: 1
          type: string
          description: Name of the role.
          example: DataAdmin
        description:
          maxLength: 255
          minLength: 0
          type: string
          description: Description of the role.
          example: Manage data of the org.
        logAnalyticsFilter:
          type: string
          description: A search filter which would be applied on partitions which
            belong to Log Analytics product area.
          example: '!_sourceCategory=collector'
        auditDataFilter:
          type: string
          description: 'A search filter which would be applied on partitions which
            belong to Audit Data product area. Help Doc : (https://help.sumologic.com/docs/manage/security/audit-index/).'
          example: info
        securityDataFilter:
          type: string
          description: A search filter which would be applied on partitions which
            belong to Security Data product area.
          example: error
        selectionType:
          type: string
          description: "Describes the Permission Construct for the list of views in\
            \ \"selectedViews\" parameter. \n### Valid Values are : \n  - `All` selectionType\
            \ would allow access to all views in the org.\n  - `Allow` selectionType\
            \ would allow access to specific views mentioned in \"selectedViews\"\
            \ parameter.\n  - `Deny` selectionType would deny access to specific views\
            \ mentioned in \"selectedViews\" parameter."
          example: All
        selectedViews:
          type: array
          description: List of views which with specific view level filters in accordance
            to the selectionType chosen.
          items:
            $ref: '#/components/schemas/ViewFilterDefinition'
        users:
          type: array
          description: List of user identifiers to assign the role to.
          example:
          - 0000000006743FE0
          - 0000000005FCE0EE
          items:
            type: string
        capabilities:
          type: array
          description: "List of [capabilities](https://help.sumologic.com/docs/manage/users-roles/roles/role-capabilities/)\
            \ associated with this role. Valid values are\n### Data Management\n \
            \ - viewCollectors\n  - manageCollectors\n  - manageBudgets\n  - manageDataVolumeFeed\n\
            \  - viewFieldExtraction\n  - manageFieldExtractionRules\n  - manageS3DataForwarding\n\
            \  - manageContent\n  - manageApps\n  - dataVolumeIndex\n  - manageConnections\n\
            \  - viewScheduledViews\n  - manageScheduledViews\n  - viewPartitions\n\
            \  - managePartitions\n  - viewFields\n  - manageFields\n  - viewAccountOverview\n\
            \  - manageTokens\n  - downloadSearchResults\n  - manageIndexes\n  - manageDataStreams\n\
            \  - viewParsers\n  - viewDataStreams\n\n### Entity management\n  - manageEntityTypeConfig\n\
            \n### Metrics\n  - metricsTransformation\n  - metricsExtraction\n  - metricsRules\n\
            \n### Security\n  - managePasswordPolicy\n  - ipAllowlisting\n  - ipWhitelisting\n\
            \  - createAccessKeys\n  - manageAccessKeys\n  - manageSupportAccountAccess\n\
            \  - manageAuditDataFeed\n  - manageSaml\n  - shareDashboardOutsideOrg\n\
            \  - manageOrgSettings\n  - changeDataAccessLevel\n\n### Dashboards\n\
            \  - shareDashboardWorld\n  - shareDashboardAllowlist\n  - shareDashboardWhitelist\n\
            \n### UserManagement\n  - manageUsersAndRoles\n\n### Observability\n \
            \ - searchAuditIndex\n  - auditEventIndex\n\n### Cloud SIEM Enterprise\n\
            \  - viewCse\n  - cseViewAutomations\n  - cseManageContextActions\n  -\
            \ cseViewNetworkBlocks\n  - cseManageInsightTags\n  - cseViewRules\n \
            \ - cseViewThreatIntelligence\n  - cseCommentOnInsights\n  - cseViewEntityGroups\n\
            \  - cseManageEntityConfiguration\n  - cseManageNetworkBlocks\n  - cseManageMatchLists\n\
            \  - cseViewCustomInsights\n  - cseManageActions\n  - cseManageAutomations\n\
            \  - cseManageMappings\n  - cseManageThreatIntelligence\n  - cseViewActions\n\
            \  - cseCreateInsights\n  - cseManageTagSchemas\n  - cseInvokeInsights\n\
            \  - cseManageCustomEntityType\n  - cseViewTagSchemas\n  - cseDeleteInsights\n\
            \  - cseManageCustomInsights\n  - cseViewFileAnalysis\n  - cseManageFileAnalysis\n\
            \  - cseManageEntityCriticality\n  - cseViewEntityCriticality\n  - cseViewEntity\n\
            \  - cseManageCustomInsightStatuses\n  - cseViewContextActions\n  - cseViewMappings\n\
            \  - cseViewCustomEntityType\n  - cseManageEntityGroups\n  - cseViewCustomInsightStatuses\n\
            \  - cseViewEnrichments\n  - cseManageInsightSignals\n  - cseManageRules\n\
            \  - cseManageArtifacts\n  - cseViewMatchLists\n  - cseManageInsightPolicy\n\
            \  - cseManageEnrichments\n  - cseViewEntityConfiguration\n  - cseManageEntity\n\
            \  - cseExecuteAutomations\n  - cseManageSuppressedEntities\n  - cseManageInsightStatus\
            \  \n  - cseManageInsightAssignee\n  - cseManageFavoriteFields\n  - cseViewSuppressedEntities\n\
            \n### Alerting\n  - viewMonitorsV2\n  - manageMonitorsV2\n  - viewAlerts\n\
            \  - viewMutingSchedules\n  - manageMutingSchedules\n  - adminMonitorsV2\n\
            \n### SLO\n  - viewSlos\n  - manageSlos\n\n### CloudSoar\n  - cloudSoarPlaybooksAccess\n\
            \  - cloudSoarNotificationConfigure\n  - cloudSoarReportAll\n  - cloudSoarIncidentTriageAccess\n\
            \  - cloudSoarIncidentTaskView\n  - cloudSoarIncidentChangeOwnership\n\
            \  - cloudSoarIncidentNotesEdit\n  - cloudSoarAPIEmailEdit\n  - cloudSoarIncidentTemplatesAccess\n\
            \  - cloudSoarIncidentPlaybooksManage\n  - cloudSoarGeneralConfigure\n\
            \  - cloudSoarEntitiesAccess\n  - cloudSoarEntitiesBulkPhysicalDelete\n\
            \  - cloudSoarIncidentAttachmentsAccess\n  - cloudSoarAppCentralAccess\n\
            \  - cloudSoarBridgeMonitoringAccess\n  - viewCloudSoar\n  - cloudSoarIncidentView\n\
            \  - cloudSoarObservabilityAccess\n  - cloudSoarAPIEmailRead\n  - cloudSoarAppCentralExport\n\
            \  - cloudSoarWidgetsAll\n  - cloudSoarIncidentTaskReassign\n  - cloudSoarIntegrationsAccess\n\
            \  - cloudSoarCustomizationIncidentLabels\n  - cloudSoarAutomationRulesConfigure\n\
            \  - cloudSoarIncidentTaskAccessAll\n  - cloudSoarAuditAndInformationConfigureAuditTrail\n\
            \  - cloudSoarIncidentTriageEdit\n  - cloudSoarIncidentEdit\n  - cloudSoarNotificationTriage\n\
            \  - cloudSoarIncidentTriageBulkPhysicalDelete\n  - cloudSoarIncidentNotesAccess\n\
            \  - cloudSoarAPIUse\n  - cloudSoarIncidentPlaybooksEdit\n  - cloudSoarDashboardAll\n\
            \  - cloudSoarEntitiesManage\n  - cloudSoarIncidentTemplatesConfigure\n\
            \  - cloudSoarIncidentTriageAccessAll\n  - cloudSoarPlaybooksConfigure\n\
            \  - cloudSoarIncidentAccessAll\n  - cloudSoarCustomizationLogo\n  - cloudSoarIncidentTaskAccess\n\
            \  - cloudSoarIncidentTriageView\n  - cloudSoarIntegrationsConfigure\n\
            \  - cloudSoarIncidentManageInvestigators\n  - cloudSoarIncidentAccess\n\
            \  - cloudSoarAuditAndInformationLicenseInformation\n  - cloudSoarIncidentBulkOperations\n\
            \  - cloudSoarCustomizationFields\n  - cloudSoarIncidentTaskEdit\n  -\
            \ cloudSoarDashboardAccess\n  - cloudSoarIncidentAttachmentsEdit\n  -\
            \ cloudSoarIncidentFoldersEdit\n  - cloudSoarUserManagementGroups\n  -\
            \ cloudSoarIncidentPlaybooksAccess\n  - cloudSoarIncidentWarRoomUse\n\
            \  - cloudSoarReportAccess\n  - cloudSoarAuditAndInformationAuditTrail\n\
            \  - cloudSoarAutomationRulesAccess\n  - cloudSoarIncidentTriageChangeOwnership\n\
            \  - cloudSoarObservabilityManagement"
          example:
          - manageContent
          - manageDataVolumeFeed
          - manageFieldExtractionRules
          - manageS3DataForwarding
          items:
            type: string
        autofillDependencies:
          type: boolean
          description: Set this to true if you want to automatically append all missing
            capability requirements. If set to false an error will be thrown if any
            capabilities are missing their dependencies.
          default: true
    ViewFilterDefinition:
      required:
      - viewName
      type: object
      properties:
        viewName:
          type: string
          description: Name of the view.
          example: auditData
    UpdateRoleDefinitionV2:
      required:
      - auditDataFilter
      - capabilities
      - description
      - logAnalyticsFilter
      - name
      - securityDataFilter
      - selectedViews
      - selectionType
      - users
      type: object
      properties:
        name:
          maxLength: 128
          minLength: 1
          type: string
          description: Name of the role.
          example: DataAdmin
        description:
          maxLength: 255
          minLength: 0
          type: string
          description: Description of the role.
          example: Manage data of the org.
        logAnalyticsFilter:
          type: string
          description: A search filter which would be applied on partitions which
            belong to Log Analytics product area.
          example: '!_sourceCategory=collector'
        auditDataFilter:
          type: string
          description: 'A search filter which would be applied on partitions which
            belong to Audit Data product area. Help Doc : (https://help.sumologic.com/docs/manage/security/audit-index/).'
          example: info
        securityDataFilter:
          type: string
          description: A search filter which would be applied on partitions which
            belong to Security Data product area.
          example: error
        selectionType:
          type: string
          description: "Describes the Permission Construct for the list of views in\
            \ \"selectedViews\" parameter. \n### Valid Values are : \n  - `All` selectionType\
            \ would allow access to all views in the org.\n  - `Allow` selectionType\
            \ would allow access to specific views mentioned in \"selectedViews\"\
            \ parameter.\n  - `Deny` selectionType would deny access to specific views\
            \ mentioned in \"selectedViews\" parameter."
          example: All
        selectedViews:
          type: array
          description: List of views which with specific view level filters in accordance
            to the selectionType chosen.
          items:
            $ref: '#/components/schemas/ViewFilterDefinition'
        users:
          type: array
          description: List of user identifiers to assign the role to.
          example:
          - 0000000006743FE0
          - 0000000005FCE0EE
          items:
            type: string
        capabilities:
          type: array
          description: "List of [capabilities](https://help.sumologic.com/Manage/Users-and-Roles/Manage-Roles/Role-Capabilities)\
            \ associated with this role. Valid values are\n### Data Management\n \
            \ - viewCollectors\n  - manageCollectors\n  - manageBudgets\n  - manageDataVolumeFeed\n\
            \  - viewFieldExtraction\n  - manageFieldExtractionRules\n  - manageS3DataForwarding\n\
            \  - manageContent\n  - manageApps\n  - dataVolumeIndex\n  - manageConnections\n\
            \  - viewScheduledViews\n  - manageScheduledViews\n  - viewPartitions\n\
            \  - managePartitions\n  - viewFields\n  - manageFields\n  - viewAccountOverview\n\
            \  - manageTokens\n  - downloadSearchResults\n\n### Entity management\n\
            \  - manageEntityTypeConfig\n\n### Metrics\n  - metricsTransformation\n\
            \  - metricsExtraction\n  - metricsRules\n\n### Security\n  - managePasswordPolicy\n\
            \  - ipAllowlisting\n  - createAccessKeys\n  - manageAccessKeys\n  - manageSupportAccountAccess\n\
            \  - manageAuditDataFeed\n  - manageSaml\n  - shareDashboardOutsideOrg\n\
            \  - manageOrgSettings\n  - changeDataAccessLevel\n\n### Dashboards\n\
            \  - shareDashboardWorld\n  - shareDashboardAllowlist\n\n### UserManagement\n\
            \  - manageUsersAndRoles\n\n### Observability\n  - searchAuditIndex\n\
            \  - auditEventIndex\n\n### Cloud SIEM Enterprise\n  - viewCse\n\n###\
            \ Alerting\n  - viewMonitorsV2\n  - manageMonitorsV2\n  - viewAlerts"
          example:
          - manageContent
          - manageDataVolumeFeed
          - manageFieldExtractionRules
          - manageS3DataForwarding
          items:
            type: string
        autofillDependencies:
          type: boolean
          description: Set this to true if you want to automatically append all missing
            capability requirements. If set to false an error will be thrown if any
            capabilities are missing their dependencies.
          default: true
    Folder:
      allOf:
      - $ref: '#/components/schemas/Content'
      - type: object
        properties:
          description:
            maxLength: 255
            minLength: 0
            type: string
            description: The description of the folder.
            example: This is a sample folder.
          children:
            type: array
            description: A list of the content items.
            items:
              $ref: '#/components/schemas/Content'
    FolderDefinition:
      required:
      - name
      - parentId
      type: object
      properties:
        name:
          maxLength: 128
          minLength: 1
          type: string
          description: The name of the folder.
          example: SampleFolder
        description:
          maxLength: 255
          minLength: 0
          type: string
          description: The description of the folder.
          example: This is a sample folder.
        parentId:
          type: string
          description: The identifier of the parent folder.
    UpdateFolderRequest:
      required:
      - name
      type: object
      properties:
        name:
          maxLength: 128
          minLength: 1
          type: string
          description: The name of the folder.
          example: SampleFolder
        description:
          maxLength: 255
          minLength: 0
          type: string
          description: The description of the folder.
          example: This is a sample folder.
    ContentList:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: A list of the content items.
          items:
            $ref: '#/components/schemas/Content'
    ContentPermissionResult:
      required:
      - explicitPermissions
      type: object
      properties:
        explicitPermissions:
          type: array
          description: Explicitly assigned content permissions.
          items:
            $ref: '#/components/schemas/ContentPermissionAssignment'
        implicitPermissions:
          type: array
          description: Implicitly inherited content permissions.
          items:
            $ref: '#/components/schemas/ContentPermissionAssignment'
    ContentPermissionAssignment:
      required:
      - contentId
      - permissionName
      - sourceId
      - sourceType
      type: object
      properties:
        permissionName:
          pattern: ^(View|GrantView|Edit|GrantEdit|Manage|GrantManage)$
          type: string
          description: 'Content permission name. Valid values are: `View`, `GrantView`,
            `Edit`, `GrantEdit`, `Manage`, and `GrantManage`.'
          x-pattern-message: 'must be one of the following: `View`, `GrantView`, `Edit`,
            `GrantEdit`, `Manage`, `GrantManage`'
        sourceType:
          pattern: ^(user|role|org)$
          type: string
          description: 'Type of source for the permission. Valid values are: `user`,
            `role`, and `org`.'
          example: role
          x-pattern-message: 'must be one of the following: `user`, `role`, `org`'
        sourceId:
          type: string
          description: An identifier that belongs to the source type chosen above.
            For e.g. if the sourceType is set to "user", sourceId should be identifier
            of a user (same goes for `role` and `org` sourceType)
        contentId:
          type: string
          description: Unique identifier for the content item.
    ContentPermissionUpdateRequest:
      required:
      - contentPermissionAssignments
      - notificationMessage
      - notifyRecipients
      type: object
      properties:
        contentPermissionAssignments:
          type: array
          description: Content permissions to be updated.
          items:
            $ref: '#/components/schemas/ContentPermissionAssignment'
        notifyRecipients:
          type: boolean
          description: Set this to "true" to notify the users who had a permission
            update.
        notificationMessage:
          type: string
          description: The notification message sent to the users who had a permission
            update.
    Content:
      type: object
      allOf:
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - id
        - itemType
        - name
        - parentId
        - permissions
        properties:
          id:
            type: string
            description: Identifier of the content item.
            example: 000000000C1C17C6
          name:
            type: string
            description: The name of the content item.
            example: Personal
          itemType:
            type: string
            description: "Type of the content item. Supported values are:\n  1. Folder\n\
              \  2. Search\n  3. Report (for old dashboards)\n  4. Dashboard (for\
              \ new dashboards)\n  5. Lookups"
            example: Folder
          parentId:
            type: string
            description: Identifier of the parent content item.
            example: 0000000001C41EF2
          permissions:
            type: array
            description: List of permissions the user has on the content item.
            example:
            - View
            - GrantView
            - Edit
            items:
              type: string
          description:
            type: string
            description: Description of the content item.
            example: Personal folder for John Doe
          isScheduled:
            type: boolean
            description: Indicates whether the content item refers to scheduled search.
              This field is only relevant to `Search` content type.
            example: false
            default: false
    MetadataModel:
      required:
      - createdAt
      - createdBy
      - modifiedAt
      - modifiedBy
      type: object
      properties:
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        createdBy:
          type: string
          description: Identifier of the user who created the resource.
          example: 0000000006743FDD
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        modifiedBy:
          type: string
          description: Identifier of the user who last modified the resource.
          example: 0000000006743FE8
    ContentPath:
      required:
      - path
      type: object
      properties:
        path:
          type: string
          description: Path of the content item.
          example: /Library/Users/user@test.com/SampleFolder
        pathItems:
          type: array
          description: The items in the path of the content.
          items:
            $ref: '#/components/schemas/PathSegment'
    PathSegment:
      required:
      - id
      - name
      type: object
      properties:
        id:
          type: string
          description: The identifier of the path segment.
          example: 0000000013D98A2A
        name:
          type: string
          description: The name of the path segment.
          example: Test Folder
        description:
          type: string
          description: An optional description of the path segment.
          example: This is a test folder
      description: A segment of a path.
    ContentSyncDefinition:
      required:
      - name
      - type
      type: object
      properties:
        type:
          type: string
          description: "The content item type.\n**Note:**\n - `MewboardSyncDefinition`\
            \ _is depreciated, and will soon be removed. Please use_ `DashboardV2SyncDefinition`\n\
            \   _instead_.\n - Dashboard links are not supported for dashboards."
        name:
          type: string
          description: The name of the item.
      discriminator:
        propertyName: type
    ImportResult:
      type: object
      properties:
        status:
          type: string
          description: Whether or not the request is in progress (`InProgress`), has
            completed successfully (`Success`), or has completed with an error (`Failed`).
        summary:
          type: object
          properties:
            totalItems:
              type: integer
              description: Total content items attempted in the import.
              example: 15
            successCount:
              type: integer
              description: Number of content items successfully imported.
              example: 12
            failureCount:
              type: integer
              description: Number of content items that failed to import.
              example: 3
          description: Summary about the import job indicating total, success and
            failure count.
        failures:
          type: array
          description: Detailed listing of failed import items.
          items:
            $ref: '#/components/schemas/ImportErrorResultItem'
    ImportErrorResultItem:
      type: object
      properties:
        path:
          type: string
          description: Full folder path to the failed item.
          example: /Marketing/Website Analytics/Daily Traffic Report
        type:
          type: string
          description: The type of the content item (e.g., Folder, Search, Dashboard).
          example: Dashboard
        error:
          type: string
          description: Reason why the item failed to import.
          example: Invalid JSON format in widget configuration.
    IdArray:
      type: array
      items:
        type: string
    BulkBeginAsyncJobResponse:
      required:
      - errors
      - jobIds
      type: object
      properties:
        jobIds:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Map of content identifiers to job identifiers.
        errors:
          maxProperties: 1000
          type: object
          additionalProperties:
            $ref: '#/components/schemas/BulkErrorResponse'
          description: Map of content identifiers to error messages for all failed
            job requests
    BulkErrorResponse:
      required:
      - errorResponse
      - status
      type: object
      properties:
        status:
          type: integer
          description: HTTP status code of individual request
        errorResponse:
          $ref: '#/components/schemas/ErrorResponse'
    BulkAsyncStatusResponse:
      required:
      - errors
      - jobStatuses
      type: object
      properties:
        jobStatuses:
          maxProperties: 1000
          type: object
          additionalProperties:
            $ref: '#/components/schemas/AsyncJobStatus'
          description: Map of job identifiers to job statuses.
        errors:
          maxProperties: 1000
          type: object
          additionalProperties:
            $ref: '#/components/schemas/BulkErrorResponse'
          description: Map of content identifiers to error messages for all failed
            job requests
    FolderNameDescription:
      type: object
      properties:
        name:
          type: string
          description: Name of the folder.
          example: User Activity
        description:
          type: string
          description: Description of the folder.
          example: Content related to User activity
      description: Information about folder.
    TransformationRulesResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of transformation rules.
          items:
            $ref: '#/components/schemas/TransformationRuleResponse'
        next:
          type: string
          description: Next continuation token.
          example: aGNzTmZBN1ZZWFk9
      description: A generic response for transformation rule.
    TransformationRuleResponse:
      type: object
      description: A generic response for transformation rule.
      allOf:
      - $ref: '#/components/schemas/TransformationRuleRequest'
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - id
        properties:
          id:
            type: string
            description: Unique identifier for the transformation rule.
    TransformationRuleRequest:
      required:
      - enabled
      - ruleDefinition
      type: object
      properties:
        ruleDefinition:
          $ref: '#/components/schemas/TransformationRuleDefinition'
        enabled:
          type: boolean
          description: True if the rule is enabled.
          example: true
      description: A request for creating or updating a transformation rule.
    TransformationRuleDefinition:
      required:
      - name
      - retention
      - selector
      type: object
      properties:
        name:
          type: string
          description: Name of the transformation rule.
          example: Transformation Rule 1
        selector:
          type: string
          description: Selector of the transformation rule.
          example: _sourceCategory=metricsstore
        dimensionTransformations:
          type: array
          description: Dimension transformations of the transformation rule.
          example:
          - transformationType: AggregateOnTransformation
            aggregateOn:
            - metric
          - transformationType: AddOrReplaceTransformation
            dimensionToReplace: metric
            value: '{{metric}}_aggregated'
          items:
            $ref: '#/components/schemas/DimensionTransformation'
          default: []
        transformedMetricsRetention:
          type: integer
          description: Retention period in days for the transformed metrics that are
            generated by this rule. The supported retention periods for transformed
            metrics are 8 days, and 400 days. If no dimension transformations are
            defined, this value will be set to 0.
          format: int64
          example: 8
          default: 0
        retention:
          type: integer
          description: Retention period in days for the metrics that are selected
            by the selector. The supported retention periods for selected metrics
            are 8 days, 400 days, and 0 (Do not store) if this rule contains dimension
            transformation.
          format: int64
          example: 8
          default: 400
      description: The properties that define a transformation rule.
    DimensionTransformation:
      required:
      - transformationType
      type: object
      properties:
        transformationType:
          type: string
          description: This is the base type of all dimension transformations.
      description: Base class of all transformation types.
      discriminator:
        propertyName: transformationType
    ContractDetails:
      required:
      - contractPeriod
      - currentBillingPeriod
      - entitlements
      - orgId
      - planType
      type: object
      properties:
        orgId:
          type: string
          description: Organization identifier of the account.
        planType:
          type: string
          description: Plan name of the account.
          example: Sumo Logic Logs and Metrics Analytics Service - Enterprise Edition
            (Cloud Flex)
        entitlements:
          type: array
          description: List of the entitlements of the account. Entitlements of the
            account are the list of products subscribed by the user.
          items:
            $ref: '#/components/schemas/Entitlements'
        sharedBuckets:
          type: array
          description: Contains list of buckets. Bucket means shared pool from which
            multiple entitlements can use capacity.
          items:
            $ref: '#/components/schemas/SharedBucket'
        contractPeriod:
          $ref: '#/components/schemas/ContractPeriod'
        currentBillingPeriod:
          $ref: '#/components/schemas/CurrentBillingPeriod'
      description: 'Contract details include Entitlements of the customer such as
        ContinuousLogs, FrequentLogs, Metrics, Storage, and Dashboards along with
        the entitlement value of each entitlement.

        '
    Entitlements:
      required:
      - capacity
      - contractType
      - entitlementType
      - label
      type: object
      properties:
        contractType:
          type: string
          description: Details of the contract type. `AnnualBucket` are contracts
            that buy and consume ingest on yearly basis. `Credits` are contracts that
            buy a single unit called credits for all our features. `DailyAverage`
            are contracts that buy and consume ingest on a monthly basis.
          example: AnnualBucket, Credits, DailyAverage
        entitlementType:
          type: string
          description: Text denoting the type of entitlement. - `continuous` for Continuous
            Analytics, - `frequent` for Frequent Analytics, - `storage` for Total
            Storage, - `metrics` for Metrics.
        label:
          type: string
          description: The label of an entitlement is the plan name displayed on the
            accounts page in our user interface.
          example: Continuous log entitlement is represented by `Daily Log Ingest
            (Continuous Analytics)`.
        capacity:
          $ref: '#/components/schemas/Capacity'
        capacities:
          type: array
          description: Contains the capacities that were part of the contract.
          items:
            $ref: '#/components/schemas/Capacity'
    Capacity:
      required:
      - unit
      - value
      type: object
      properties:
        value:
          type: number
          description: The value of the entitlement in units.
          format: double
          example: 61425.23
        unit:
          type: string
          description: The unit of the entitlement. Units are provided in `GB` or
            `DPM`(data points per minute).
          example: GB
        capacityType:
          pattern: ^(Paid|Free)$
          type: string
          description: 'Type of capacity. Valid values are: 1) `Paid` : This means
            that the capacity is chargeable. 2) `Free` : This means that this capacity
            is not chargeable.'
      description: Amount of entitlement provided by Sumo Logic for the entitlement
        type of the account.
    SharedBucket:
      required:
      - capacities
      - label
      - linkedEntitlementTypes
      - name
      type: object
      properties:
        name:
          type: string
          description: Name of the bucket.
          example: totalReservedCredits
        label:
          type: string
          description: The text to be displayed on UI for this bucket.
          example: Sumo Credits
        linkedEntitlementTypes:
          type: array
          description: List of entitlement types which can consume from this bucket.
          example:
          - continuous
          - frequent
          - metrics
          - storage
          items:
            type: string
        capacitites:
          type: array
          description: List of capacities alloted.
          items:
            $ref: '#/components/schemas/Capacity'
      description: A shared bucket contains capacities which can be used my multiple
        entitlements which are linked to the bucket. There will be a 1:many mapping
        between SharedBucket:Entitlement.
    ContractPeriod:
      required:
      - endDate
      - startDate
      type: object
      properties:
        startDate:
          type: string
          description: Start date of the contract.
          format: date
        endDate:
          type: string
          description: End date of the contract.
          format: date
    CurrentBillingPeriod:
      required:
      - endDate
      - startDate
      type: object
      properties:
        startDate:
          type: string
          description: Start date of the current billing period.
          format: date
          example: 2012-02-02
        endDate:
          type: string
          description: End date of the current billing period.
          format: date
          example: 2012-02-02
    ConsumptionDetails:
      required:
      - endDate
      - entitlementConsumptions
      - startDate
      type: object
      properties:
        entitlementConsumptions:
          type: array
          description: An array of entitlements.
          items:
            $ref: '#/components/schemas/EntitlementConsumption'
        startDate:
          type: string
          description: Start date of the data usage.
          format: date
          example: 2019-07-20
        endDate:
          type: string
          description: End date of the data usage.
          format: date
          example: 2019-10-20
      description: List of entitlements consumption.
    EntitlementConsumption:
      required:
      - contractType
      - dataPoints
      - entitlementType
      - operators
      type: object
      properties:
        entitlementType:
          type: string
          description: String value denoting the type of entitlement. - `continuous`
            for Continuous Analytics, - `frequent` for Frequent Analytics, - `storage`
            for Total Storage, - `metrics` for Metrics.
        datapoints:
          type: array
          description: Array of data points of the entitlement with their respective
            date range.
          items:
            $ref: '#/components/schemas/DataPoints'
        operators:
          type: array
          description: Operators used on the data. Available operators are `sum`,
            `average`, `usagePercentage`, `forecastValue`, `forecastPercentage`, and
            `forecastRemainingDays`. sum - Returns the sum of the usages. average
            - Returns the average of the usages. usagePercentage - Returns percentage
            of total capacity used for the startDate and endDate. forecastValue -
            Returns expected usage value assuming current usage behavior continues.
            forecastPercentage - Returns expected percentage usage by the endDate
            assuming current usage behavior continues. forecastRemainingDays- Returns
            the number of expected days, from today, that consumption will last assuming
            current usage behavior continues.
          items:
            $ref: '#/components/schemas/Operator'
        contractType:
          type: string
          description: Consumption model of the entitlements, available values are
            `DailyAverage`, `AnnualBucket`, and `Credits`.
          example: DailyAverage
    DataPoints:
      required:
      - timeRange
      - value
      type: object
      properties:
        timeRange:
          $ref: '#/components/schemas/BeginBoundedTimeRange'
        values:
          type: array
          description: An array of objects denoting the value and unit of the data
            points.
          items:
            $ref: '#/components/schemas/DataValue'
      description: Denotes the data points as a result of the groupBy function performed
        on the usage data.
    DataValue:
      required:
      - unit
      - value
      type: object
      properties:
        value:
          type: number
          description: The value of the data point in units.
          format: double
          example: 425
        unit:
          type: string
          description: The unit of the entitlement, possible values are `GB`, `DPM`,
            or `Credits`.
          example: GB
    Operator:
      required:
      - name
      - values
      type: object
      properties:
        values:
          type: array
          description: An array of objects denoting the value and unit of the results.
          items:
            $ref: '#/components/schemas/DataValue'
        name:
          type: string
          description: The name of the operator applied to the data.
          example: sum
      description: Result of the aggregations performed on the usages. Operator can
        be `sum`, `average`, `usagePercentage`, `forecastValue`,`forecastPercentage`,
        or `forecastRemainingDays`.
    PlansCatalog:
      required:
      - plans
      type: object
      properties:
        plans:
          type: array
          description: List of plans available.
          items:
            $ref: '#/components/schemas/SelfServicePlan'
      description: Plans available for the account to update.
    SelfServicePlan:
      required:
      - productGroups
      - productId
      - productName
      - productSubscriptionOptions
      type: object
      properties:
        productId:
          $ref: '#/components/schemas/ProductId'
        productName:
          $ref: '#/components/schemas/ProductName'
        productGroups:
          type: array
          description: A list of product group for preview.
          items:
            $ref: '#/components/schemas/ProductGroup'
        productSubscriptionOptions:
          type: array
          description: A list of product subscription option.
          items:
            $ref: '#/components/schemas/ProductSubscriptionOption'
      description: Details about a Plan, along with its product groups and subscription
        options
    ProductId:
      pattern: ^(Essentials|Trial|Free|EnterpriseOps|EnterpriseSec|EnterpriseSuite)$
      type: string
      description: 'Unique identifier of the product in current plan. Valid values
        are: 1. `Free` 2. `Trial` 3. `Essentials` 4. `EnterpriseOps` 5. `EnterpriseSec`
        6. `EnterpriseSuite`

        '
      example: Essentials
      x-pattern-message: 'must be one of the following: `Essentials`, `Trial`, `Free`,
        `EnterpriseOps`, `EnterpriseSec`, `EnterpriseSuite`'
    ProductName:
      type: string
      description: Name for the product.
      example: Sumo Logic Continuous Intelligence Service - Essentials Edition
    ProductGroup:
      required:
      - productGroupName
      - productVariables
      type: object
      properties:
        productGroupName:
          type: string
          description: 'Name of the Product group:

            '
          example: Continuous Analytics
        productGroupId:
          type: string
          description: Id of the Product group
          example: CSE
        productVariables:
          type: array
          description: Different product variables of the product group
          items:
            $ref: '#/components/schemas/ProductVariable'
        provisioningSupported:
          type: boolean
          description: Is provisioning supported on this Product Group. This is applicable
            for product variables which are not enabled by default.
          example: true
        description:
          type: string
          description: Description about the Product group
          example: CSE activations can take upto 24 hours.
        learnMoreLink:
          type: string
          description: Link to learn more about the Product group
          example: https://help.sumologic.com/Manage/01Manage_Subscription/08Create_and_Manage_Orgs
      description: Details of product group and its quantity.
    ProductVariable:
      required:
      - possibleValues
      - productVariableId
      - productVariableName
      - unit
      type: object
      properties:
        productVariableName:
          type: string
          description: Name of a product variable.
          example: Continuous Log Ingest
        productVariableId:
          pattern: ^(continuousIngest|continuousStorage|frequentIngest|frequentStorage|infrequentIngest|infrequentStorage|infrequentScannedData|cseIngest|cseStorage|metrics)$
          type: string
          description: Unique Identifier of the product variable.
          example: continuousIngest
          x-pattern-message: 'must be one of the following: `continuousIngest`, `continuousStorage`,
            `frequentIngest`, `frequentStorage`, `infrequentIngest`, `infrequentStorage`,
            `infrequentScannedData`, `cseIngest`, `cseStorage`, `metrics`'
        unit:
          type: string
          description: Unit of measure for the productvariable.
          example: GB
        possibleValues:
          type: array
          description: Possible values allowed for the productvariable.
          example:
          - 3
          - 5
          - 10
          - 20
          items:
            type: integer
            format: int64
      description: Details of product variable and its quantity.
    ProductSubscriptionOption:
      required:
      - billingFrequency
      - discountPercentage
      type: object
      properties:
        billingFrequency:
          $ref: '#/components/schemas/BillingFrequency'
        discountPercentage:
          type: integer
          description: Discount percentage for this plan's subscription.
          example: 20
      description: Subscription option containing billing frequency and discount details.
    BillingFrequency:
      pattern: ^(Monthly|Annually)$
      type: string
      description: "Identifier for the plans billing term. Valid values are:\n 1.\
        \ Monthly\n 2. Annually\n"
      example: Monthly
      x-pattern-message: 'must be one of the following: `Monthly`, `Annually`'
    CurrentPlan:
      required:
      - billingFrequency
      - planCost
      - productId
      type: object
      properties:
        productId:
          pattern: ^(Essentials|Trial|Free|EnterpriseOps|EnterpriseSec|EnterpriseSuite)$
          type: string
          description: 'Unique identifier of the product in current plan. Valid values
            are: 1. `Free` 2. `Trial` 3. `Essentials` 4. `EnterpriseOps` 5. `EnterpriseSec`
            6. `EnterpriseSuite`

            '
          example: Essentials
          x-pattern-message: 'must be one of the following: `Essentials`, `Trial`,
            `Free`, `EnterpriseOps`, `EnterpriseSec`, `EnterpriseSuite`'
        planCost:
          type: number
          description: Cost incurred for the current plan.
          format: double
          example: 725.46
        billingFrequency:
          pattern: ^(Monthly|Annually)$
          type: string
          description: 'Billing frequency for the current plan. Valid values are:
            1. `Monthly` 2. `Annually`

            '
          example: Monthly
          x-pattern-message: 'must be one of the following: `Monthly` or `Annually`'
        consumables:
          type: array
          description: Consumables in the current plan.
          items:
            $ref: '#/components/schemas/Consumable'
        planType:
          pattern: ^(Free|Trial|Paid)$
          type: string
          description: Whether the account is `Free`/`Trial`/`Paid`
          example: Free
          x-pattern-message: 'must be one of the following: `Free`, `Trial` or `Paid`'
        planName:
          type: string
          description: The plan name for the product being used.
        discountAmount:
          type: integer
          description: The discount offered for the given contract period.
        contractPeriod:
          $ref: '#/components/schemas/ContractPeriod'
        currentBillingPeriod:
          $ref: '#/components/schemas/CurrentBillingPeriod'
        credits:
          type: integer
          description: Numerical value of the amount of credits
          format: int64
          example: 300
        baselines:
          $ref: '#/components/schemas/Baselines'
        pendingUpdateRequest:
          type: boolean
          description: True if there is a pending update request
        prorationDetails:
          $ref: '#/components/schemas/ProrationDetails'
      description: Current plan of the account.
    Consumable:
      required:
      - consumableId
      - quantity
      type: object
      properties:
        consumableId:
          pattern: ^(Storage|Metrics|Continuous|Credits)$
          type: string
          description: 'Unique identifier of the consumable. Valid values are: 1.
            `Storage` 2. `Metrics` 3. `Continuous` 4. `Credits`

            '
          example: Metrics
          x-pattern-message: 'must be one of the following: `Storage`, `Metrics`,
            `Continuous`, `Credits`'
        quantity:
          $ref: '#/components/schemas/Quantity'
      description: Details of consumable and its quantity.
    Quantity:
      required:
      - unit
      - value
      type: object
      properties:
        value:
          type: integer
          description: The value of the consumable in units.
          format: int64
          example: 61425
        unit:
          pattern: ^(GB|DPM|Credits|Days)$
          type: string
          description: 'The unit of the consumable. Units are provided in: 1. `GB`
            2. `DPM`(Data Points Per Minute) 3. `Credits` 4. `Days`

            '
          example: GB
          x-pattern-message: 'must be one of the following: `GB`, `DPM`, `Credits`,
            `Days`'
      description: Details of unit of consumption and its value.
    Baselines:
      type: object
      properties:
        continuousIngest:
          maximum: 1000000
          minimum: 0
          type: integer
          description: The amount of continuous logs ingest to allocate to the organization,
            in GBs.
          format: int64
          example: 50000
          default: 0
        continuousStorage:
          maximum: 30
          minimum: 30
          type: integer
          description: Number of days of continuous logs storage to allocate to the
            organization, in Days.
          format: int64
          example: 30
          default: 30
        frequentIngest:
          maximum: 1000000
          minimum: 0
          type: integer
          description: The amount of frequent logs ingest to allocate to the organization,
            in GBs.
          format: int64
          example: 50000
          default: 0
        frequentStorage:
          maximum: 30
          minimum: 30
          type: integer
          description: Number of days of frequent logs storage to allocate to the
            organization, in Days.
          format: int64
          example: 30
          default: 30
        infrequentIngest:
          maximum: 1000000
          minimum: 0
          type: integer
          description: The amount of infrequent logs ingest to allocate to the organization,
            in GBs.
          format: int64
          example: 50000
          default: 0
        infrequentStorage:
          maximum: 30
          minimum: 30
          type: integer
          description: The amount of infrequent logs storage to allocate to the organization,
            in Days.
          format: int64
          example: 30
          default: 30
        infrequentScan:
          maximum: 1000000
          minimum: 0
          type: integer
          description: The amount of infrequent logs scan to allocate to the organization,
            in GBs.
          format: int64
          example: 50000
          default: 0
        metrics:
          maximum: 5000000
          minimum: 0
          type: integer
          description: The amount of Metrics usage to allocate to the organization,
            in DPMs (Data Points per Minute).
          format: int64
          example: 50000
          default: 0
        cseIngest:
          maximum: 1000000
          minimum: 0
          type: integer
          description: The amount of CSE ingest to allocate to the organization, in
            GBs.
          format: int64
          example: 50000
          default: 0
        cseStorage:
          maximum: 1000000
          minimum: 0
          type: integer
          description: The amount of CSE storage to allocate to the organization,
            in GBs.
          format: int64
          example: 50000
          default: 0
        tracingIngest:
          maximum: 1000000
          minimum: 0
          type: integer
          description: The amount of tracing data ingest to allocate to the organization,
            in GBs.
          format: int64
          example: 50000
          default: 0
        flexIngest:
          maximum: 1000000
          minimum: 0
          type: integer
          description: The amount of flex logs ingest to allocate to the organization,
            in GBs.
          format: int64
          example: 5
          default: 0
        flexStorage:
          maximum: 1000000
          minimum: 0
          type: integer
          description: Number of days of flex logs storage to allocate to the organization,
            in Days.
          format: int64
          example: 30
          default: 0
        flexScanRatio:
          maximum: 1000000
          minimum: 0
          type: integer
          description: The amount of flex logs ingest scan ratio.
          format: int64
          example: 5
          default: 0
        aiInvestigation:
          maximum: 1000000
          minimum: 0
          type: integer
          description: The amount of AI Investigations needed to allocate to the organization.
          format: int64
          example: 5
          default: 0
      description: Details of consumable and its quantity.
    ProrationDetails:
      required:
      - proratedCost
      - proratedCredits
      - remainingDays
      type: object
      properties:
        remainingDays:
          type: integer
          description: Remaining days in the billing cycle for which the new plan
            is prorated.
          format: int32
        proratedCredits:
          type: integer
          description: Total prorated credits that get added to the bucket based on
            the remaining billing period.
          format: int32
        proratedCost:
          type: number
          description: Cost of the total prorated credits.
          format: double
      description: Details about the prorated credits and prorated cost in case of
        immediate monthly to monthly cycle upgrades.
    UpdateRequest:
      required:
      - baselines
      - billingFrequency
      - productId
      type: object
      properties:
        productId:
          $ref: '#/components/schemas/ProductId'
        billingFrequency:
          $ref: '#/components/schemas/BillingFrequency'
        baselines:
          $ref: '#/components/schemas/SelfServiceCreditsBaselines'
        immediate:
          type: boolean
          description: true in case the subscription baselines need to be updated
            immediately(only for monthly customers who are staying on the monthly
            plan)
          default: false
      description: Update request for the account.
    SelfServiceCreditsBaselines:
      type: object
      properties:
        continuousIngest:
          minimum: 0
          type: integer
          description: The amount of continuous logs ingest to allocate to the organization,
            in GBs.
          format: int64
          example: 5
          default: 0
        continuousStorage:
          minimum: 0
          type: integer
          description: Number of days of continuous logs storage to allocate to the
            organization, in Days.
          format: int64
          example: 30
          default: 0
        metrics:
          minimum: 0
          type: integer
          description: The amount of Metrics usage to allocate to the organization,
            in DPMs (Data Points per Minute).
          format: int64
          example: 20000
          default: 0
        tracingIngest:
          minimum: 0
          type: integer
          description: The amount of tracing data ingest to allocate to the organization,
            in GBs.
          format: int64
          example: 1
          default: 0
        flexIngest:
          minimum: 0
          type: integer
          description: The amount of flex logs ingest to allocate to the organization,
            in GBs.
          format: int64
          example: 5
          default: 0
        flexStorage:
          minimum: 0
          type: integer
          description: Number of days of flex logs storage to allocate to the organization,
            in Days.
          format: int64
          example: 30
          default: 0
        flexScanRatio:
          minimum: 0
          type: integer
          description: The amount of flex logs ingest scan ratio.
          format: int64
          example: 5
          default: 0
      description: Details of product variables and its quantity as required for credits.
    UpgradePlans:
      required:
      - plans
      type: object
      properties:
        plans:
          type: array
          description: List of plans available.
          items:
            $ref: '#/components/schemas/Plan'
      description: Upgrade plans available for the account.
    Plan:
      required:
      - productGroups
      - productId
      - productName
      type: object
      properties:
        productId:
          $ref: '#/components/schemas/ProductId'
        productName:
          $ref: '#/components/schemas/ProductName'
        productGroups:
          type: array
          description: A list of product group for preview.
          items:
            $ref: '#/components/schemas/ProductGroup'
      description: Upgrade preview request for the account.
    AccountStatusResponse:
      required:
      - applicationUse
      - canUpdatePlan
      - planType
      - pricingModel
      type: object
      properties:
        pricingModel:
          pattern: ^(credits|cloudflex)$
          type: string
          description: Whether the account is `cloudflex` or `credits`
          example: credits
        canUpdatePlan:
          type: boolean
          description: If the plan can be updated by the given user
          example: true
        planType:
          pattern: ^(Free|Trial|Paid)$
          type: string
          description: Whether the account is `Free`/`Trial`/`Paid`
          example: Free
        planExpirationDays:
          type: integer
          description: The number of days in which the plan will expire
          example: 20
        applicationUse:
          pattern: ^(ALLOWED|ALLOWED_WITH_WARNING|THROTTLED|RESTRICTED)$
          type: string
          description: The current usage of the application.
          example: ALLOWED
        accountActivated:
          type: boolean
          description: If the account is activated or not
          example: true
        totalCredits:
          type: integer
          description: Total amount of credits assigned to the account
          example: 400
        logModel:
          pattern: ^(Flex|Tiered|FlexPlusTiered)$
          type: string
          description: The log model of the account
          example: Flex
      description: Information about the account's plan and payment.
    SubdomainDefinitionResponse:
      required:
      - createdAt
      - createdBy
      - modifiedAt
      - modifiedBy
      - subdomain
      - url
      type: object
      properties:
        createdAt:
          type: string
          description: 'Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.

            '
          format: date-time
        createdBy:
          type: string
          description: Identifier of the user who created the resource.
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
        modifiedBy:
          type: string
          description: Identifier of the user who last modified the resource.
        subdomain:
          type: string
          description: The new subdomain.
          example: my-company
        url:
          type: string
          description: Login URL corresponding to the subdomain.
          example: https://your-company.sumologic.com
    ConfigureSubdomainRequest:
      required:
      - subdomain
      type: object
      properties:
        subdomain:
          maxLength: 63
          minLength: 4
          pattern: ^(?!xn--)[a-z0-9]([a-z0-9-]*[a-z0-9])?$
          type: string
          description: The new subdomain.
          example: my-company
    SubdomainAvailabilityResponse:
      required:
      - isAvailable
      type: object
      properties:
        isAvailable:
          type: boolean
          description: Subdomain is available for use or not.
          example: false
    SubdomainUrlResponse:
      required:
      - url
      type: object
      properties:
        url:
          type: string
          description: Login URL corresponding to the subdomain.
          example: https://your-company.sumologic.com
    TotalCredits:
      required:
      - totalCredits
      type: object
      properties:
        totalCredits:
          type: number
          description: Numerical value of the amount of credits
          format: double
          example: 300.0
        breakdown:
          $ref: '#/components/schemas/CreditsBreakdown'
      description: Total amount of credits to be deducted from the parent organization
        corresponding to the baselines
    CreditsBreakdown:
      required:
      - allocatedCredits
      - deploymentChargeCredits
      type: object
      properties:
        deploymentChargeCredits:
          type: number
          description: The total credits deducted from the parent organization in
            the form of deployment charge.
          format: double
          example: 100.0
        allocatedCredits:
          type: number
          description: The total useable credits allocated to the child organization.
          format: double
          example: 200.0
      description: Breakdown of the credits.
    CalculatorRequest:
      type: object
      properties:
        parentDeploymentId:
          type: string
          description: Identifier of the deployment in which the parent org is present.
          example: us2
        deploymentId:
          type: string
          description: Identifier of the deployment in which the child org is present.
          example: us2
        trialPlanPeriod:
          type: integer
          description: length of the trial period.
          example: 45
        baselines:
          $ref: '#/components/schemas/Baselines'
      description: Details of the request
    PlanUpdateEmail:
      required:
      - baselines
      - emailId
      type: object
      properties:
        emailId:
          maxLength: 255
          type: string
          description: email id on which support team will contact on
          format: email
          example: johndoe@acme.com
        phoneNumber:
          maxLength: 30
          type: string
          description: contact number on which support team can call user
          example: +01-87789-65749
        billingFrequency:
          pattern: ^(Monthly|Annually|)$
          type: string
          description: The frequency with with the customer needs to be billed at.
            The current supported values are Monthly and Annually
          example: Monthly
          x-pattern-message: 'must be one of the following: `Monthly`, `Annually`'
        baselines:
          $ref: '#/components/schemas/SelfServiceCreditsBaselines'
        details:
          type: string
          description: option details the user might want to inform
          example: I need some help with my plan.
      description: details of the plan for updating with contact information
    UsageDetails:
      required:
      - endDate
      - entitlementUsages
      - startDate
      type: object
      properties:
        entitlementUsages:
          type: array
          description: An array of usages.
          items:
            $ref: '#/components/schemas/EntitlementUsage'
        startDate:
          type: string
          description: Start date of the data usage.
          format: date
          example: 2019-07-20
        endDate:
          type: string
          description: End date of the data usage.
          format: date
          example: 2019-10-20
      description: List of entitlements usages.
    EntitlementUsage:
      required:
      - dataPoints
      - entitlementType
      - label
      - operators
      - tier
      type: object
      properties:
        entitlementType:
          type: string
          description: String value denoting the type of entitlement. - `continuous`
            for Continuous Analytics, - `frequent` for Frequent Analytics, - `storage`
            for Total Storage, - `metrics` for Metrics, - `inFrequentIngest` for  Infrequent
            Ingest, - `inFrequentsStorage` for Infrequent Storage, - `inFrequentScannedBytes`
            for Infrequent Scan, - `cloudSIEMContinuous` for CSE Ingest, - `tracing`
            for Tracing Ingest, - `soarCount` for Soar Count, - `dataForwarding` for
            Data Forwarding
        datapoints:
          type: array
          description: Array of data points of the entitlement with their respective
            date range.
          items:
            $ref: '#/components/schemas/DataPoints'
        operators:
          type: array
          description: Operators used on the data. Available operators are `sum`,
            `average`, `usagePercentage`, `forecastValue`, `forecastPercentage`, and
            `forecastRemainingDays`. sum - Returns the sum of the usages. average
            - Returns the average of the usages. usagePercentage - Returns percentage
            of total capacity used for the startDate and endDate. forecastValue -
            Returns expected usage value assuming current usage behavior continues.
            forecastPercentage - Returns expected percentage usage by the endDate
            assuming current usage behavior continues. forecastRemainingDays- Returns
            the number of expected days, from today, that consumption will last assuming
            current usage behavior continues.
          items:
            $ref: '#/components/schemas/Operator'
        tier:
          type: string
          description: Tier defines the priority in which the usage for an entitlement
            is calculated. For example `promotional`  for promotional tier.
        label:
          type: string
          description: The label for the entitlement.
    UsageReportResponse:
      type: object
      properties:
        jobId:
          type: string
          description: Job Id for export
          example: '12345678'
      description: Export Usage response containing the jobId
    UsageReportRequest:
      type: object
      properties:
        startDate:
          type: string
          description: Start date, without the time, of the usage data to fetch. If
            no value is provided startDate is used as the start of the subscription.
            The start date cannot be before the start of the subscription.
          example: 2019-07-20
        endDate:
          type: string
          description: End date, without the time, of usage data to fetch. If no value
            is provided endDate is used as the end of the subscription. The end date
            cannot be after the end of the subscription.
          example: 2019-08-20
        groupBy:
          pattern: ^(day|week|month)$
          type: string
          description: 'Perform a groupBy operation on the usage details. If no value
            is provided data is grouped by `Day` - `day`: Aggregate the data by day
            - `week`: Aggregate the data by week. Week starts at Monday and ends at
            sunday night. - `month`: Aggregate the data by calendar month.'
          example: day
          default: day
        reportType:
          pattern: ^(standard|detailed|childDetailed)$
          type: string
          description: Specifies the type of report to be exported. Available types
            are `standard` and `detailed`. An additional `childDetailed` type is available
            for Sumo Orgs parents. Detailed report will have raw consumption along
            with the credits breakdown. If no value is provided Standard reports will
            be exported.
          example: standard
          default: standard
        includeDeploymentCharge:
          type: boolean
          description: Deployment charges will be applied to the returned usages csv
            if this is set to true and the organization  is a part of Sumo Organizations
            as a child organization.
          example: false
          default: false
      description: Usage Export Report Request
    UsageReportStatusResponse:
      allOf:
      - $ref: '#/components/schemas/ErrorDescription'
      - type: object
        properties:
          status:
            pattern: ^(Success|InProgress|Failed)$
            type: string
            description: Status export
            example: Success
          statusMessage:
            type: string
            description: Status message export
            example: Successful request
          reportDownloadURL:
            type: string
            description: S3 presigned download URL for the report. It is valid for
              10 minutes.
            example: www.example.com
        description: Status response containing status and downloadURL if successful
    UsageForecastResponse:
      type: object
      properties:
        averageUsage:
          type: number
          description: Average credit usage per day till now.
          format: double
          example: 4.0
        usagePercentage:
          type: number
          description: Percentage of total credits used till date.
          format: double
          example: 7.0
        forecastedUsage:
          type: number
          description: Total expected usage by the end of contract period.
          format: double
          example: 10.0
        forecastedUsagePercentage:
          type: number
          description: Percentage of allocated credits that will be used in the contract
            period.
          format: double
          example: 5.0
        remainingDays:
          type: number
          description: Days remaining till all the credits are consumed.
          format: double
          example: 10.0
      description: Usage forecast for the organization.
    PendingUpdateRequest:
      required:
      - createdOn
      - plan
      type: object
      properties:
        createdOn:
          type: string
          description: The date on which the update request was created.
          format: date
        plan:
          $ref: '#/components/schemas/CurrentPlan'
      description: The pending plan update request for the account
    SumoOrgsUsageBackfillRequest:
      required:
      - customerId
      - from
      - to
      type: object
      properties:
        customerId:
          type: integer
          description: the customer ID of a mam org
          format: int64
          example: 12345
        from:
          type: integer
          description: epoch millis of date from which usage is to be copied
          format: int64
          example: 1661106600000
        to:
          type: integer
          description: epoch millis of date upto which usage is to be copied
          format: int64
          example: 1661426182666
    UsageAlertConfig:
      required:
      - monitorTemplateId
      type: object
      properties:
        monitorTemplateId:
          type: string
          description: ID of the monitor template
        monitorId:
          type: string
          description: ID of the monitor instance
      description: Usage alert configuration
    UsageAlertRequest:
      required:
      - monitorId
      - monitorTemplateId
      type: object
      properties:
        monitorTemplateId:
          type: string
          description: ID of the monitor template
        monitorId:
          type: string
          description: ID of the monitor instance
      description: Usage alert configuration request
    ChildUsageDetailsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: Usage details of the child orgs.
          items:
            $ref: '#/components/schemas/ChildUsageDetail'
    ChildUsageDetail:
      required:
      - orgId
      - status
      - usages
      type: object
      properties:
        status:
          pattern: ^(Active|Delinked|Deactivated)$
          type: string
          description: Status of the child org.
          example: Active
          x-pattern-message: Valid values are `Active`, `Delinked`, and `Deactivated`
        orgName:
          type: string
          description: Name of the child org.
          example: DSW Corp - Prod/Main
        orgId:
          maxLength: 23
          minLength: 19
          type: string
          description: The unique identifier of an organization. It consists of the
            deployment ID and the hexadecimal account ID separated by a dash `-` character.
          example: us2-00000000FF42A0C3
        allocatedCredits:
          type: number
          description: Denotes the total number of credits provisioned for the child
            organization to use.
          format: double
          example: 10000.0
        usages:
          $ref: '#/components/schemas/ChildUsage'
    ChildUsage:
      required:
      - totalCreditsUsed
      type: object
      properties:
        totalCreditsUsed:
          type: number
          description: Total Credits used by the child org.
          format: double
          example: 10000.0
        usagePercentage:
          type: number
          description: Percentage of used credits from the allocated credits.
          format: double
          example: 10000.0
        forecastPercentage:
          type: number
          description: Forecasted percentage of credits will be used in the given
            time period.
          format: double
          example: 10000.0
        usagePercentChangeWoW:
          type: number
          description: Week over week usage percentage for the subscription period.
          format: double
          example: 10000.0
        usagePercentChange:
          type: number
          description: Percentage of usage change over the given time period.
          format: double
          example: 10000.0
    ChildUsageDetailsRequest:
      type: object
      properties:
        startDate:
          type: string
          description: Start date, without the time, of the usage data to fetch.
          example: 2019-07-20
        endDate:
          type: string
          description: End date, without the time, of usage data to fetch.
          example: 2019-10-20
      description: The child usage details request for the parent account
    FlexPlanUpdateEmail:
      required:
      - emailId
      type: object
      properties:
        emailId:
          maxLength: 255
          type: string
          description: email id on which support team will contact on
          format: email
          example: johndoe@acme.com
        phoneNumber:
          maxLength: 15
          type: string
          description: contact number on which support team can call user
          example: +01-87789-65749
        details:
          type: string
          description: option details the user might want to inform
          example: I need some help with my plan.
      description: details of the flex plan for updating with contact information
    IngestionLimitsResponse:
      type: object
      properties:
        logs:
          $ref: '#/components/schemas/UsageDetails_1'
        metrics:
          $ref: '#/components/schemas/UsageDetails_1'
        traces:
          $ref: '#/components/schemas/UsageDetails_1'
    UsageDetails_1:
      type: object
      properties:
        ingestionRate:
          type: integer
          description: Current average ingestion rate. In bytes per minute for logs,
            spans per minute for traces, DPM for metrics.
          format: int64
        threshold:
          type: integer
          description: Quota threshold. This is the per minute ingestion rate that
            is allowed. In bytes per minute for logs, spans per minute for traces,
            DPM for metrics.
          format: int64
        remainingCapacity:
          type: integer
          description: Remaining token bucket capacity. In bytes for logs, spans for
            traces, DP for metrics.
          format: int64
    SuccessResponse:
      type: object
      properties:
        message:
          type: string
          description: some message about success
      description: Response object for success
    IngestionLogRequest:
      type: object
      properties:
        viewName:
          maxLength: 255
          type: string
          description: view name
          example: sumologic_system_events
        messageTier:
          maxLength: 255
          type: string
          description: message tier
          example: Flex
        team:
          type: string
          description: team
          example: business enablement
      description: Describe ingestion usage log
    MetricsSearchInstance:
      allOf:
      - $ref: '#/components/schemas/MetricsSearchV1'
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - id
        type: object
        properties:
          id:
            type: string
            description: Identifier of the metrics search.
            example: 000000000000001A
          parentId:
            type: string
            description: Identifier of the parent element in the content library,
              such as folder.
            example: 0000000000007D2B
    MetricsSearchV1:
      required:
      - description
      - metricsQueries
      - timeRange
      - title
      type: object
      properties:
        title:
          maxLength: 255
          minLength: 1
          pattern: ^[a-zA-Z0-9 +%-@.,_()]+$
          type: string
          description: Item title in the content library.
          example: Short title
        description:
          maxLength: 8192
          type: string
          description: Item description in the content library.
          example: Long and detailed description
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
        logQuery:
          maxLength: 10240
          type: string
          description: Log query used to add an overlay to the chart.
          example: my_metric | timeslice 1m | count by _timeslice
        metricsQueries:
          type: array
          description: Metrics queries, up to the maximum of six.
          items:
            $ref: '#/components/schemas/MetricsSearchQuery'
        desiredQuantizationInSecs:
          minimum: 0
          type: integer
          description: Desired quantization in seconds.
          format: int32
          example: 60
          default: 0
        properties:
          type: string
          description: 'Chart properties, like line width, color palette, and the
            fill missing data method. Leave this field empty to use the defaults.

            This property contains JSON object encoded as a string.

            '
          example: '{ \"key\": \"value\" }'
      description: Definition of a metrics search.
    MetricsSearchQuery:
      required:
      - query
      - rowId
      type: object
      properties:
        rowId:
          type: string
          description: Row identifier. All row IDs are represented by subsequent upper
            case letters starting with `A`.
          example: A
        query:
          type: string
          description: Metrics query.
          example: my_metric | avg
      description: Definition of a metrics query.
    SaveMetricsSearchRequest:
      type: object
      description: The definition of the metrics search to save in the content library.
      allOf:
      - $ref: '#/components/schemas/MetricsSearchV1'
      - required:
        - parentId
        type: object
        properties:
          parentId:
            type: string
            description: Identifier of a folder to which the metrics search should
              be added.
            example: 000000000000001A
    ListTokensBaseResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of tokens.
          items:
            $ref: '#/components/schemas/TokenBaseResponse'
    TokenBaseResponse:
      required:
      - createdAt
      - createdBy
      - description
      - id
      - modifiedAt
      - modifiedBy
      - name
      - status
      - type
      - version
      type: object
      properties:
        id:
          type: string
          description: Identifier of the token.
        name:
          maxLength: 255
          minLength: 1
          type: string
          description: Name of the token.
          example: token-name
        description:
          maxLength: 4096
          minLength: 0
          type: string
          description: Description of the token.
          example: 'token description: for test.'
        status:
          pattern: ^(Active|Inactive)$
          type: string
          description: Status of the token. Can be `Active`, or `Inactive`.
          example: Active
          x-pattern-message: must be either `Active` or `Inactive`
        type:
          pattern: ^(CollectorRegistrationTokenResponse)$
          type: string
          description: 'Type of the token. Valid values: 1) CollectorRegistrationTokenResponse'
          example: CollectorRegistrationTokenResponse
          x-pattern-message: must be `CollectorRegistrationTokenResponse`
        version:
          type: integer
          description: Version of the token.
          format: int64
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
        createdBy:
          type: string
          description: Identifier of the user who created the resource.
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
        modifiedBy:
          type: string
          description: Identifier of the user who last modified the resource.
      discriminator:
        propertyName: type
    TokenBaseDefinition:
      required:
      - name
      - status
      - type
      type: object
      properties:
        name:
          maxLength: 255
          minLength: 1
          type: string
          description: Name of the token.
          example: token-name
        description:
          maxLength: 4096
          minLength: 0
          type: string
          description: Description of the token.
          example: 'token description: for test.'
        status:
          pattern: ^(Active|Inactive)$
          type: string
          description: Status of the token. Can be `Active`, or `Inactive`.
          example: Active
          x-pattern-message: must be either `Active` or `Inactive`
        type:
          pattern: ^(CollectorRegistration)$
          type: string
          description: 'Type of the token. Valid values: 1) CollectorRegistration'
          example: CollectorRegistration
          x-pattern-message: must be `CollectorRegistration`
    TokenBaseDefinitionUpdate:
      required:
      - name
      - status
      - type
      - version
      type: object
      properties:
        name:
          maxLength: 255
          minLength: 1
          type: string
          description: Name of the token.
          example: token-name
        description:
          maxLength: 4096
          minLength: 0
          type: string
          description: Description of the token.
          example: 'token description: for test.'
        status:
          pattern: ^(Active|Inactive)$
          type: string
          description: Status of the token. Can be `Active`, or `Inactive`.
          example: Active
          x-pattern-message: must be either `Active` or `Inactive`
        type:
          pattern: ^(CollectorRegistration)$
          type: string
          description: 'Type of the token. Valid values: 1) CollectorRegistration'
          example: CollectorRegistration
          x-pattern-message: must be `CollectorRegistration`
        version:
          type: integer
          description: Version of the token.
          format: int64
    PaginatedListAccessKeysResult:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: An array of access keys.
          items:
            $ref: '#/components/schemas/AccessKeyPublic'
        next:
          type: string
          description: Next continuation token.
          example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
      description: List of access keys.
    AccessKeyPublic:
      required:
      - createdAt
      - createdBy
      - disabled
      - id
      - label
      - modifiedAt
      - modifiedBy
      type: object
      properties:
        id:
          type: string
          description: Identifier of the access key.
          example: su0w3Q37CBzHUM
        label:
          type: string
          description: The name of the access key.
          example: collector access key
        corsHeaders:
          type: array
          description: "An array of domains for which the access key is valid. Whether\
            \ Sumo Logic accepts or rejects an API request depends on whether it contains\
            \ an ORIGIN header and the entries in the allowlist. Sumo Logic will reject:\n\
            \  1. Requests with an ORIGIN header but the allowlist is empty.\n  2.\
            \ Requests with an ORIGIN header that don't match any entry in the allowlist."
          example:
          - https://my-app.com
          - https://mail.my-app.com
          items:
            type: string
        disabled:
          type: boolean
          description: Indicates whether the access key is disabled or not.
          example: false
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        createdBy:
          type: string
          description: Identifier of the user who created the access key.
          example: 0000000006743FDD
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        modifiedBy:
          type: string
          description: Identifier of the user who modified the access key.
          example: 0000000006743FDD
        serviceAccountId:
          type: string
          description: Identifier of the service account who owns the access key.
          example: 0000000006743FDA
        lastUsed:
          type: string
          description: Last used timestamp in UTC.  <br> **Note:** Property not in
            use, it is part of an upcoming feature.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        scopes:
          type: array
          description: "Scopes assigned to the key.\n### Alerting\n  - adminMonitorsV2\n\
            \  - viewMonitorsV2\n  - manageMonitorsV2\n\n### Data Management\n  -\
            \ manageApps\n  - viewCollectors\n  - manageCollectors\n  - viewConnections\n\
            \  - manageConnections\n  - contentAdmin\n  - viewFieldExtractionRules\n\
            \  - manageFieldExtractionRules            \n  - viewFields\n  - manageFields\n\
            \  - manageBudgets\n  - viewLibrary\n  - manageLibrary\n  - viewPartitions\n\
            \  - managePartitions \n  - manageS3DataForwarding\n  - viewScheduledViews\n\
            \  - manageScheduledViews\n  - manageTokens\n\n### Logs\n  - runLogSearch\n\
            \n### Metrics\n  - runMetricsQuery \n\n### Reliability Management\n  -\
            \ viewSlos\n  - manageSlos\n\n### Security\n  - manageAccessKeys\n  -\
            \ viewPersonalAccessKeys\n  - managePersonalAccessKeys\n\n### UserManagement\n\
            \  - viewUsersAndRoles\n  - manageUsersAndRoles"
          example:
          - manageUsersAndRoles
          - viewCollectors
          items:
            type: string
        effectiveScopes:
          type: array
          description: Effective scopes based on the intersection of the user's RBAC
            capabilities and the assigned scopes.
          example:
          - manageUsersAndRoles
          - viewCollectors
          items:
            type: string
    AccessKey:
      allOf:
      - $ref: '#/components/schemas/AccessKeyPublic'
      - required:
        - key
        type: object
        properties:
          key:
            type: string
            description: The key for the created access key. This field will have
              values only in the response for an access key create request. The value
              will be an empty string while listing all keys.
            example: F9GZvb4fISxUZHM7pqHCsGXGWf4OArgmt9Tz8ewZ
    AccessKeyCreateRequest:
      required:
      - label
      type: object
      properties:
        label:
          maxLength: 128
          type: string
          description: A name for the access key to be created.
          example: automation access key
        corsHeaders:
          maxItems: 20
          type: array
          description: "An array of domains for which the access key is valid. Whether\
            \ Sumo Logic accepts or rejects an API request\ndepends on whether it\
            \ contains an ORIGIN header and the entries in the allowlist.\nSumo Logic\
            \ will reject:\n  1. Requests with an ORIGIN header but the allowlist\
            \ is empty.\n  2. Requests with an ORIGIN header that don't match any\
            \ entry in the allowlist."
          example:
          - https://my-app.com
          - https://mail.my-app.com
          items:
            type: string
        scopes:
          type: array
          description: "Scopes assigned to the key.\n### Alerting\n  - adminMonitorsV2\n\
            \  - viewMonitorsV2\n  - manageMonitorsV2\n\n### Data Management\n  -\
            \ manageApps\n  - viewCollectors\n  - manageCollectors\n  - viewConnections\n\
            \  - manageConnections\n  - contentAdmin\n  - viewFieldExtractionRules\n\
            \  - manageFieldExtractionRules            \n  - viewFields\n  - manageFields\n\
            \  - manageBudgets\n  - viewLibrary\n  - manageLibrary\n  - viewPartitions\n\
            \  - managePartitions\n  - manageS3DataForwarding\n  - viewScheduledViews\n\
            \  - manageScheduledViews\n  - manageTokens\n\n### Logs\n  - runLogSearch\n\
            \n### Metrics\n  - runMetricsQuery \n\n### Reliability Management\n  -\
            \ viewSlos\n  - manageSlos\n\n### Security\n  - manageAccessKeys\n  -\
            \ viewPersonalAccessKeys\n  - managePersonalAccessKeys\n\n### UserManagement\n\
            \  - viewUsersAndRoles\n  - manageUsersAndRoles"
          example:
          - manageUsersAndRoles
          - viewCollectors
          items:
            type: string
    ListAccessKeysResult:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: An array of access keys.
          items:
            $ref: '#/components/schemas/AccessKeyPublic'
      description: List of access keys.
    ScopesList:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of scopes
          items:
            $ref: '#/components/schemas/ScopeDefinition'
    ScopeDefinition:
      required:
      - dependsOn
      - group
      - id
      - label
      - type
      type: object
      properties:
        id:
          type: string
          description: The name of the scope.
          example: managePartitions
        label:
          type: string
          description: The UI label for the scope.
          example: Manage Partitions
        type:
          type: string
          description: Type of scope.
          example: Manage
        dependsOn:
          type: array
          description: Any scopes that are required for this scope to be enabled.
          example:
          - viewPartitions
          items:
            type: string
        group:
          required:
          - id
          - label
          type: object
          properties:
            id:
              type: string
              description: The name of the scope group
              example: dataManagement
            label:
              type: string
              description: The label for the scope group
              example: Data Management
            parentId:
              type: string
              description: The ID of the parent scope group
          description: The group that the scope belongs to.
    AccessKeyUpdateRequest:
      required:
      - disabled
      type: object
      properties:
        disabled:
          type: boolean
          description: Indicates whether the access key is disabled or not.
          example: true
        corsHeaders:
          maxItems: 20
          type: array
          description: "An array of domains for which the access key is valid. Whether\
            \ Sumo Logic accepts or rejects an API request depends on whether it contains\
            \ an ORIGIN header and the entries in the allowlist. Sumo Logic will reject:\n\
            \  1. Requests with an ORIGIN header but the allowlist is empty.\n  2.\
            \ Requests with an ORIGIN header that don't match any entry in the allowlist."
          example:
          - https://my-app.com
          - https://mail.my-app.com
          items:
            type: string
        scopes:
          type: array
          description: "Scopes assigned to the key. <br><br> Note: Updates to scopes\
            \ will take up to 5m to reflect due to caching in the system.\n### Alerting\n\
            \  - adminMonitorsV2\n  - viewMonitorsV2\n  - manageMonitorsV2\n\n###\
            \ Data Management\n  - manageApps\n  - viewCollectors\n  - manageCollectors\n\
            \  - viewConnections\n  - manageConnections\n  - contentAdmin\n  - viewFieldExtractionRules\n\
            \  - manageFieldExtractionRules            \n  - viewFields\n  - manageFields\n\
            \  - manageBudgets\n  - viewLibrary\n  - manageLibrary\n  - viewPartitions\n\
            \  - managePartitions\n  - manageS3DataForwarding\n  - viewScheduledViews\n\
            \  - manageScheduledViews\n  - manageTokens\n\n### Logs\n  - runLogSearch\n\
            \n### Metrics\n  - runMetricsQuery \n\n### Reliability Management\n  -\
            \ viewSlos\n  - manageSlos\n\n### Security\n  - manageAccessKeys\n  -\
            \ viewPersonalAccessKeys\n  - managePersonalAccessKeys\n\n### UserManagement\n\
            \  - viewUsersAndRoles\n  - manageUsersAndRoles"
          example:
          - manageUsersAndRoles
          - viewCollectors
          items:
            type: string
    SamlIdentityProvider:
      type: object
      allOf:
      - $ref: '#/components/schemas/SamlIdentityProviderRequest'
      - $ref: '#/components/schemas/AuthnCertificateResult'
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - id
        properties:
          id:
            type: string
            description: Unique identifier of the SAML Identity Provider.
            example: 00000000361130F7
          assertionConsumerUrl:
            type: string
            description: The URL on Sumo Logic where the IdP will redirect to with
              its authentication response.
            example: https://service.sumologic.com/sumo/saml/consume/9483922
            default: ''
          entityId:
            type: string
            description: A unique identifier that is the intended audience of the
              SAML assertion.
            example: https://service.sumologic.com/sumo/saml/9483922
            default: ''
          metadataUrl:
            type: string
            description: The URL to fetch SAML metadata XML.
            example: https://api.sumologic.com/api/v1/saml/identityProviders/00000000361130F7/metadata
            default: ''
    SamlIdentityProviderRequest:
      required:
      - configurationName
      - issuer
      - x509cert1
      type: object
      properties:
        spInitiatedLoginPath:
          type: string
          description: This property has been deprecated and is no longer used.
          example: http://www.okta.com/abxcseyuiwelflkdjh
          deprecated: true
          default: ''
        configurationName:
          type: string
          description: Name of the SSO policy or another name used to describe the
            policy internally.
          example: SumoLogic
        issuer:
          type: string
          description: The unique URL assigned to the organization by the SAML Identity
            Provider.
          example: http://www.okta.com/abxcseyuiwelflkdjh
        spInitiatedLoginEnabled:
          type: boolean
          description: True if Sumo Logic redirects users to your identity provider
            with a SAML AuthnRequest when signing in.
          default: false
        authnRequestUrl:
          type: string
          description: The URL that the identity provider has assigned for Sumo Logic
            to submit SAML authentication requests to the identity provider.
          example: https://www.okta.com/app/sumologic/abxcseyuiwelflkdjh/sso/saml
          default: ''
        x509cert1:
          type: string
          description: The certificate is used to verify the signature in SAML assertions.
        x509cert2:
          type: string
          description: The backup certificate used to verify the signature in SAML
            assertions when x509cert1 expires.
          default: ''
        x509cert3:
          type: string
          description: The backup certificate used to verify the signature in SAML
            assertions when x509cert1 expires and x509cert2 is empty.
          default: ''
        onDemandProvisioningEnabled:
          $ref: '#/components/schemas/OnDemandProvisioningInfo'
        rolesAttribute:
          type: string
          description: The role that Sumo Logic will assign to users when they sign
            in.
          example: Sumo_Role
          default: ''
        logoutEnabled:
          type: boolean
          description: True if users are redirected to a URL after signing out of
            Sumo Logic.
          default: false
        logoutUrl:
          type: string
          description: The URL that users will be redirected to after signing out
            of Sumo Logic.
          example: https://www.sumologic.com
          default: ''
        emailAttribute:
          type: string
          description: The email address of the new user account.
          example: attribute/subject
          default: ''
        debugMode:
          type: boolean
          description: True if additional details are included when a user fails to
            sign in.
          default: false
        signAuthnRequest:
          type: boolean
          description: True if Sumo Logic will send signed Authn requests to the identity
            provider.
          default: false
        disableRequestedAuthnContext:
          type: boolean
          description: True if Sumo Logic will include the RequestedAuthnContext element
            of the SAML AuthnRequests it sends to the identity provider.
          default: false
        isRedirectBinding:
          type: boolean
          description: True if the SAML binding is of HTTP Redirect type.
          default: false
    OnDemandProvisioningInfo:
      required:
      - onDemandProvisioningRoles
      type: object
      properties:
        firstNameAttribute:
          type: string
          description: First name attribute of the new user account.
          example: http://schemas.microsoft.com/ws/2008/06/identity/claims/givenname
          default: ''
        lastNameAttribute:
          type: string
          description: Last name attribute of the new user account.
          example: http://schemas.microsoft.com/ws/2008/06/identity/claims/surname
          default: ''
        onDemandProvisioningRoles:
          type: array
          description: Sumo Logic RBAC roles to be assigned when user accounts are
            provisioned.
          example: '["Analyst", "Administrator"]'
          items:
            type: string
          default: []
    AuthnCertificateResult:
      required:
      - certificate
      type: object
      properties:
        certificate:
          type: string
          description: Authentication Request Signing Certificate for the user.
    AllowlistedUserResult:
      required:
      - canManageSaml
      - email
      - firstName
      - isActive
      - lastLogin
      - lastName
      - userId
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier of the user.
        firstName:
          type: string
          description: First name of the user.
        lastName:
          type: string
          description: Last name of the user.
        email:
          type: string
          description: Email of the user.
          example: john@sumologic.com
        canManageSaml:
          type: boolean
          description: If the user can manage SAML Configurations.
        isActive:
          type: boolean
          description: Checks if the user is active.
        lastLogin:
          type: string
          description: Timestamp of the last login of the user.
          format: date-time
    CidrList:
      required:
      - data
      type: object
      properties:
        data:
          maxItems: 50
          type: array
          description: An array of CIDR notations and/or IP addresses.
          items:
            $ref: '#/components/schemas/Cidr'
      description: A list of CIDR notations and/or IP addresses.
    Cidr:
      required:
      - cidr
      type: object
      properties:
        cidr:
          pattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))?$
          type: string
          description: The string representation of the CIDR notation or IP address.
          example: 192.35.24.1
          x-pattern-message: Invalid CIDR/IP
        description:
          type: string
          description: Description of the CIDR notation or IP address.
          example: Accountant
      description: A CIDR notation or IP address along with its description.
    AllowlistingStatus:
      required:
      - contentEnabled
      - loginEnabled
      type: object
      properties:
        contentEnabled:
          type: boolean
          description: Whether service allowlisting is enabled for Content.
        loginEnabled:
          type: boolean
          description: Whether service allowlisting is enabled for Login.
      description: The status of service allowlisting for Content and Login.
    AuditPolicy:
      required:
      - enabled
      type: object
      properties:
        enabled:
          type: boolean
          description: Whether the Audit policy is enabled.
          example: true
      description: Audit policy.
    SearchAuditPolicy:
      required:
      - enabled
      type: object
      properties:
        enabled:
          type: boolean
          description: Whether the Search Audit policy is enabled.
          example: true
      description: Search Audit policy.
    ShareDashboardsOutsideOrganizationPolicy:
      required:
      - enabled
      type: object
      properties:
        enabled:
          type: boolean
          description: Whether the Share Dashboards Outside Organization policy is
            enabled.
          example: true
      description: Share Dashboards Outside Organization policy.
    DataAccessLevelPolicy:
      required:
      - enabled
      type: object
      properties:
        enabled:
          type: boolean
          description: Whether the Data Access Level policy is enabled.
          example: true
      description: Data Access Level policy.
    UserConcurrentSessionsLimitPolicy:
      required:
      - enabled
      type: object
      properties:
        enabled:
          type: boolean
          description: Whether the User Concurrent Sessions Limit policy is enabled.
          example: true
        maxConcurrentSessions:
          maximum: 100
          minimum: 1
          type: integer
          description: Maximum number of concurrent sessions a user may have.
          format: int32
          example: 50
          default: 100
      description: User Concurrent Sessions Limit policy.
    MaxUserSessionTimeoutPolicy:
      required:
      - maxUserSessionTimeout
      type: object
      properties:
        maxUserSessionTimeout:
          pattern: ^(5m|15m|30m|1h|2h|6h|12h|1d|2d|3d|5d|7d)$
          type: string
          description: 'Maximum web session timeout users are able to configure within
            their user preferences. Valid values are: `5m`, `15m`, `30m`, `1h`, `2h`,
            `6h`, `12h`, `1d`, `2d`, `3d`, `5d`, or `7d`'
          example: 1d
          x-pattern-message: 'must be one of the following: `5m`, `15m`, `30m`, `1h`,
            `2h`, `6h`, `12h`, `1d`, `2d`, `3d`, `5d`, or `7d`'
      description: Max User Session Timeout policy.
    DisableUnusedAccessKeysPolicy:
      required:
      - unusedAccessKeysDisableAfterInDays
      type: object
      properties:
        unusedAccessKeysDisableAfterInDays:
          maximum: 365
          minimum: 0
          type: integer
          description: The number of days it will take for an unused access key to
            automatically disable. Setting it to 0 (never) means that the accessKeys
            will not be disabled automatically.
          format: int32
          example: 60
      description: Disable Unused Access Keys policy.
    AccessKeysLifetimePolicy:
      required:
      - accessKeysLifetimeInDays
      type: object
      properties:
        accessKeysLifetimeInDays:
          pattern: ^(0|30|45|60|90|180|365)$
          type: string
          description: 'The number of days it will take for an access key to expire
            without being rotated/copied. Setting it to 0 (never) means that access
            keys will never expire. Valid values are: `0`, `30`, `45`, `60`, `90`,
            `180`, or `365`'
          example: '60'
          x-pattern-message: 'must be one of the following: `0`, `30`, `45`, `60`,
            `90`, `180`, or `365`'
      description: Access Keys Lifetime policy.
    DataDeletionPolicy:
      required:
      - enabled
      type: object
      properties:
        enabled:
          type: boolean
          description: Whether the Data Deletion policy is enabled.
          example: true
      description: Whether the Data Deletion policy is enabled.
    DashboardAutoRefreshPolicy:
      required:
      - minRefreshInterval
      type: object
      properties:
        minRefreshInterval:
          maximum: 86400
          minimum: 0
          type: integer
          description: Minimum refresh interval in seconds. A value of 0 disables
            automatic refresh.
          format: int32
          example: 60
      description: Dashboard Auto-Refresh policy.
    DashboardAutoRunPolicy:
      required:
      - enabled
      type: object
      properties:
        enabled:
          type: boolean
          description: Whether the Dashboard Auto-Run policy is enabled. When enabled,
            dashboard queries will run automatically on load. When disabled, users
            must manually trigger query execution.
          example: true
      description: Dashboard Auto-Run policy.
    CheckDataIngestionPolicy:
      required:
      - enabled
      type: object
      properties:
        enabled:
          type: boolean
          description: Whether the Check Data Ingestion policy is enabled for OT collectors.
          example: true
        noDataThreshold:
          pattern: ^(1h|2h|4h|8h|16h|24h)$
          type: string
          description: 'Duration threshold after which an OT collector not sending
            data will trigger an alert. Valid values are: `1h`, `2h`, `4h`, `8h`,
            `16h`, or `24h`'
          example: 24h
          default: 24h
          x-pattern-message: 'must be one of the following: `1h`, `2h`, `4h`, `8h`,
            `16h`, or `24h`'
      description: Check Data Ingestion policy.
    ListHealthEventResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of health events.
          items:
            $ref: '#/components/schemas/HealthEvent'
        next:
          type: string
          description: Next continuation token.
    HealthEvent:
      required:
      - details
      - eventId
      - eventName
      - eventTime
      - resourceIdentity
      - severityLevel
      - subsystem
      type: object
      properties:
        eventId:
          type: string
          description: The unique identifier of the event.
          example: e801dc7d-f483-46e9-bcc9-410f08f96497
        eventName:
          type: string
          description: The name of the event.
          example: InstalledCollectorOffline
        details:
          $ref: '#/components/schemas/TrackerIdentity'
        resourceIdentity:
          $ref: '#/components/schemas/ResourceIdentity'
        eventTime:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        subsystem:
          type: string
          description: The product area of the event.
        severityLevel:
          type: string
          description: The criticality of the event. It is either `Error` or `Warning`
    ResourceIdentities:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: A list of the resources.
          items:
            $ref: '#/components/schemas/ResourceIdentity'
    ListArchiveJobsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of Archive Jobs.
          items:
            $ref: '#/components/schemas/ArchiveJob'
        next:
          type: string
          description: Next continuation token.
    ArchiveJob:
      type: object
      allOf:
      - $ref: '#/components/schemas/CreateArchiveJobRequest'
      - required:
        - createdAt
        - createdBy
        - id
        - status
        - totalBytesIngested
        - totalObjectsIngested
        - totalObjectsScanned
        properties:
          id:
            type: string
            description: The unique identifier of the ingestion job.
            example: 4e214571-cf27-4114-93e6-69a98c017f3
          totalObjectsScanned:
            type: integer
            description: The total number of objects scanned by the ingestion job.
            format: int64
            example: 25
          totalObjectsIngested:
            type: integer
            description: The total number of objects ingested by the ingestion job.
            format: int64
            example: 10
          totalBytesIngested:
            type: integer
            description: The total bytes ingested by the ingestion job.
            format: int64
            example: 100
          status:
            type: string
            description: The status of the ingestion job, either `Pending`,`Scanning`,`Ingesting`,`Failed`,
              or `Succeeded`.
            example: Scanning
          createdAt:
            type: string
            description: The creation timestamp in UTC of the ingestion job.
            format: date-time
            example: 2018-10-16 09:10:00+00:00
          createdBy:
            type: string
            description: The identifier of the user who created the ingestion job.
            example: 0000000006743FDD
    CreateArchiveJobRequest:
      required:
      - endTime
      - name
      - startTime
      type: object
      properties:
        name:
          maxLength: 128
          minLength: 1
          type: string
          description: The name of the ingestion job.
        startTime:
          type: string
          description: The starting timestamp of the ingestion job.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        endTime:
          type: string
          description: The ending timestamp of the ingestion job.
          format: date-time
          example: 2018-10-16 10:10:00+00:00
    ListArchiveJobsCount:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of archive sources with count of jobs having various statuses.
          items:
            $ref: '#/components/schemas/ArchiveJobsCount'
    ArchiveJobsCount:
      required:
      - failed
      - ingesting
      - pending
      - scanning
      - sourceId
      - succeeded
      type: object
      properties:
        sourceId:
          type: string
          description: Identifier for the archive source.
          example: 000000000606C009
        pending:
          type: integer
          description: The total number of archive jobs with pending status for the
            archive source.
          format: int64
          example: 4
        scanning:
          type: integer
          description: The total number of archive jobs with scanning status for the
            archive source.
          format: int64
          example: 1
        ingesting:
          type: integer
          description: The total number of archive jobs with ingesting status for
            the archive source.
          format: int64
          example: 2
        failed:
          type: integer
          description: The total number of archive jobs with failed status for the
            archive source.
          format: int64
          example: 5
        succeeded:
          type: integer
          description: The total number of archive jobs with succeeded status for
            the archive source.
          format: int64
          example: 20
    LogSearchEstimatedUsageDefinition:
      allOf:
      - $ref: '#/components/schemas/LogSearchEstimatedUsageRequest'
      - required:
        - estimatedUsageDetails
        type: object
        properties:
          estimatedUsageDetails:
            $ref: '#/components/schemas/EstimatedUsageDetails'
    LogSearchEstimatedUsageRequest:
      allOf:
      - $ref: '#/components/schemas/LogSearchQueryTimeRangeBase'
      - required:
        - timezone
        type: object
        properties:
          timezone:
            type: string
            description: 'Time zone to get the estimated usage details. Follow the
              format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).

              '
            example: America/Los_Angeles
    EstimatedUsageDetails:
      type: object
      properties:
        dataScannedInBytes:
          type: integer
          description: Amount of data scanned in bytes, to run the query.
          format: int64
          example: 114086541
    LogSearchEstimatedUsageByTierDefinition:
      allOf:
      - $ref: '#/components/schemas/LogSearchEstimatedUsageRequestV2'
      - required:
        - estimatedUsageDetails
        type: object
        properties:
          estimatedUsageDetails:
            type: array
            items:
              $ref: '#/components/schemas/EstimatedUsageDetailsWithTier'
    LogSearchEstimatedUsageRequestV2:
      allOf:
      - $ref: '#/components/schemas/LogSearchQueryTimeRangeBaseExceptParsingMode'
      - required:
        - timezone
        type: object
        properties:
          timezone:
            type: string
            description: 'Time zone to get the estimated usage details. Follow the
              format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).

              '
            example: America/Los_Angeles
    EstimatedUsageDetailsWithTier:
      type: object
      properties:
        tier:
          type: string
          description: Name of the data tier. Supported Values are Continuous, Frequent,
            Infrequent
          example: Continuous
        dataScannedInBytes:
          type: integer
          description: Amount of data scanned in bytes, to run the query.
          format: int64
          example: 114086541
    LogSearchEstimatedUsageByMeteringTypeDefinition:
      allOf:
      - $ref: '#/components/schemas/LogSearchEstimatedUsageRequestV3'
      - required:
        - estimatedUsageDetails
        type: object
        properties:
          estimatedUsageDetails:
            type: array
            items:
              $ref: '#/components/schemas/EstimatedUsageDetailsWithMeteringType'
    LogSearchEstimatedUsageRequestV3:
      allOf:
      - $ref: '#/components/schemas/LogSearchQueryEstimationQueryDefinition'
      - required:
        - timezone
        type: object
        properties:
          timezone:
            type: string
            description: 'Time zone to get the estimated usage details. Follow the
              format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).

              '
            example: America/Los_Angeles
          emulateSearchContext:
            $ref: '#/components/schemas/EmulateSearchContext'
    LogSearchQueryEstimationQueryDefinition:
      description: Definition of the log search with query and timerange.
      allOf:
      - $ref: '#/components/schemas/LogSearchQueryEstimationBaseDefinition'
      - type: object
        properties:
          runByReceiptTime:
            type: boolean
            description: This has the value `true` if the search is to be run by receipt
              time and `false` if it is to be run by message time.
            example: false
            default: false
    LogSearchQueryEstimationBaseDefinition:
      required:
      - queryString
      - timeRange
      type: object
      properties:
        queryString:
          maxLength: 15000
          type: string
          description: Log search Query to compute the estimated volume of data scanned.
          example: error {{sourceCategory}}| count by _sourceCategory
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
        queryParameters:
          maxLength: 50
          type: array
          description: 'Values for search template used in the search query. Learn
            more about the search templates here : https://help.sumologic.com/docs/search/get-started-with-search/build-search/search-templates/'
          items:
            $ref: '#/components/schemas/LogSearchQueryParameterSyncDefinitionBase'
        intervalTimeType:
          pattern: ^(messageTime|receiptTime|searchableTime)$
          type: string
          description: This parameter defines whether you want to run the search by
            messageTime, receiptTime, or searchableTime.  By default, the search will
            run by messageTime. If both runByReceiptTime and intervalTimeType parameters
            are present then  the preference will be given to the intervalTimeType.
          example: messageTime
          default: messageTime
          x-pattern-message: should be either 'messageTime' or 'receiptTime' or 'searchableTime'
      description: Base definition of the log search with query and timerange (without
        runByReceiptTime).
    EmulateSearchContext:
      type: object
      properties:
        roleIds:
          type: array
          description: List of role IDs to emulate the search context for.
          example:
          - 000000000000000C
          items:
            type: string
        userId:
          type: string
          description: User ID to emulate the search context for.
          example: 000000000000019F
      description: 'Contains keys like "roleIds" with a list of role IDs or "userId"
        as a string.

        '
    EstimatedUsageDetailsWithMeteringType:
      type: object
      properties:
        meteringType:
          type: string
          description: 'Name of the metering type. Metering type indicates how the
            data scanned within a particular data tier is actually metered and billed.
            Supported Values are Continuous, Frequent, Infrequent, ContinuousSecurity
            and FlexSecurity.

            '
          example: Continuous
        dataScannedInBytes:
          type: integer
          description: Amount of data scanned in bytes, to run the query.
          format: int64
          example: 114086541
        tier:
          type: string
          description: Name of the data tier. Supported Values are Continuous, Frequent,
            Infrequent and Flex.
          example: Continuous
        scanCreditAccounted:
          type: boolean
          description: 'Whether particular metering type is accounted against a customer''s
            credit on a per scan basis.  e.g Data belonging to "Flex" and "Infrequent"
            metering type is accounted for credits on per scan basis. For other metering
            types, eg. "Continuous" it''s charged upfront during ingestion.

            '
          example: false
      description: Estimated Usage details for the given log search query with the
        above timerange.
    LogSearchEstimatedUsageByViewDefinition:
      allOf:
      - $ref: '#/components/schemas/LogSearchEstimatedUsageRequestV3'
      - required:
        - estimatedUsageDetails
        type: object
        properties:
          estimatedUsageDetails:
            type: array
            items:
              $ref: '#/components/schemas/EstimatedUsageDetailsPerView'
    EstimatedUsageDetailsPerView:
      required:
      - usageDetails
      - viewName
      type: object
      properties:
        viewName:
          type: string
          description: Name of the view for which usage is estimated.
        usageDetails:
          type: array
          description: The scanning and data retrieval usages to run the query per
            view.
          items:
            $ref: '#/components/schemas/EstimatedUsageDetailsWithMeteringType'
    BulkLogSearchEstimatedUsageResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: Array of estimated usage results corresponding to each input
            query.
          items:
            $ref: '#/components/schemas/BulkLogSearchEstimatedUsageResponseItem'
    BulkLogSearchEstimatedUsageResponseItem:
      required:
      - id
      type: object
      properties:
        id:
          type: string
          description: Unique identifier matching the request query ID.
          example: query-1
        estimatedUsageDetails:
          type: array
          description: Estimated usage details per metering type. Null if query estimation
            failed.
          items:
            $ref: '#/components/schemas/EstimatedUsageDetailsWithMeteringType'
        error:
          $ref: '#/components/schemas/ErrorDescription'
    BulkLogSearchEstimatedUsageRequest:
      required:
      - data
      - timezone
      type: object
      properties:
        data:
          maxItems: 100
          minItems: 1
          type: array
          description: Array of log search queries for estimated usage computation.
          items:
            $ref: '#/components/schemas/BulkLogSearchEstimatedUsageRequestItem'
        emulateSearchContext:
          $ref: '#/components/schemas/EmulateSearchContext'
        timezone:
          type: string
          description: 'Time zone to get the estimated usage details. Follow the format
            in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).

            '
          example: America/Los_Angeles
    BulkLogSearchEstimatedUsageRequestItem:
      allOf:
      - $ref: '#/components/schemas/LogSearchQueryEstimationBaseDefinition'
      - required:
        - id
        type: object
        properties:
          id:
            maxLength: 64
            type: string
            description: Unique identifier for the query to correlate request with
              response.
            example: query-1
    ScheduledSearchEstimatedUsageResponse:
      type: object
      properties:
        scanEstimates:
          type: array
          description: Scan estimate detail for a particular tier.
          items:
            $ref: '#/components/schemas/ScanEstimateDetails'
    ScanEstimateDetails:
      type: object
      properties:
        tier:
          type: string
          description: Name of the tier for which usage is estimated.
          example: Flex
        perScanInBytes:
          type: integer
          description: Amount of data scanned in bytes, to run the schedule search
            once.
          format: int64
          example: 114086541
        perDayInBytes:
          type: integer
          description: Amount of data scanned in bytes, to run the schedule search
            each day.
          format: int64
          example: 3140865413
        perYearInBytes:
          type: integer
          description: Amount of data scanned in bytes, to run the schedule search
            each year.
          format: int64
          example: 51408654155
    ScheduledSearchEstimatedUsageRequest:
      required:
      - queryString
      - scheduleType
      - timeRange
      - timeZone
      type: object
      properties:
        queryString:
          maxLength: 15000
          type: string
          description: The text of a logs search query.
          example: error {{sourceCategory}}| count by _sourceCategory
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
        cronSchedule:
          type: string
          description: Cron-like expression specifying the search's schedule. Field
            scheduleType must be set to "Custom", otherwise, scheduleType takes precedence
            over cronSchedule.
          example: 0 0/15 * * * ? *
        scheduleType:
          pattern: ^(RealTime|15Minutes|1Hour|2Hours|4Hours|6Hours|8Hours|12Hours|1Day|1Week|Custom)$
          type: string
          description: "Run schedule of the scheduled search. Set to \"Custom\" to\
            \ specify the schedule with a CRON expression. Please note that  with\
            \ Custom, 1Day and 1Week schedule types you need to provide the corresponding\
            \ cron expression to determine when to  actually run the search. e.g.\
            \ Sample Valid Cron for 1Day is \"0 0 16 ? * 2-6 *\". Possible schedule\
            \ types are:\n  - `RealTime`\n  - `15Minutes`\n  - `1Hour`\n  - `2Hours`\n\
            \  - `4Hours`\n  - `6Hours`\n  - `8Hours`\n  - `12Hours`\n  - `1Day`\n\
            \  - `1Week`\n  - `Custom`"
          x-pattern-message: 'must be one of the following: `RealTime`, `15Minutes`,
            `1Hour`, `2Hours`, `4Hours`, `6Hours`, `8Hours`, `12Hours`, `1Day`, `1Week`,
            `Custom`'
        byReceiptTime:
          type: boolean
          description: Set it to true to run the search using receipt time. By default,
            searches do not run by receipt time.
          default: false
        queryParameters:
          type: array
          description: An array of search query parameter objects.
          items:
            $ref: '#/components/schemas/QueryParameterSyncDefinition'
        timeZone:
          type: string
          description: Time zone identifier for the estimates. Follow the format in
            the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
          example: America/Los_Angeles
    PaginatedDashboards:
      required:
      - dashboards
      type: object
      properties:
        dashboards:
          type: array
          description: List of dashboards.
          items:
            $ref: '#/components/schemas/Dashboard'
        next:
          type: string
          description: Next continuation token. `next` is set to null when no more
            pages are left.
          example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
    Dashboard:
      allOf:
      - $ref: '#/components/schemas/DashboardRequest'
      - type: object
        properties:
          id:
            type: string
            description: 'Unique identifier for the dashboard. This id is used to
              get detailed information about the dashboard, such as panels, variables
              and the layout.

              '
            example: B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2
          contentId:
            type: string
            description: 'Content identifier for the dashboard. This id is used to
              connect to the Sumo Content Library and get general metadata about the
              dashboard. Use this id if you want to search for dashboards in Sumo
              folders.

              '
            example: '1'
          scheduleId:
            type: string
            description: 'Scheduled report identifier for the dashboard. Only most
              recently modified report schedule is rerun per dashboard. This id is
              used to manage the schedule details through the scheduled report API.

              '
            example: RdQHYPh2jxoS90DXtKfA7nAJV2rsQ9BncpfY7IkjNzQWi52ug85W7r6Rrmtd
          scheduleCount:
            type: integer
            description: Count of report schedules for the dashboard.
            format: int32
            example: 10
    DashboardRequest:
      required:
      - timeRange
      - title
      type: object
      properties:
        title:
          maxLength: 255
          minLength: 1
          type: string
          description: Title of the dashboard.
          example: Kubernetes Dashboard
        description:
          type: string
          description: Description of the dashboard.
          example: A view of pods, namespaces and nodes of your cluster.
        folderId:
          type: string
          description: 'The identifier of the folder to save the dashboard in. By
            default it is saved in your personal folder.

            '
          example: 000000000C1C17C6
        topologyLabelMap:
          $ref: '#/components/schemas/TopologyLabelMap'
        domain:
          type: string
          description: If set denotes that the dashboard concerns a given domain (e.g.
            `aws`, `k8s`, `app`).
          example: aws
          default: ''
        hierarchies:
          maxItems: 20
          type: array
          description: If set to non-empty array denotes that the dashboard concerns
            given hierarchies.
          example:
          - Kubernetes Node View
          items:
            type: string
          default: []
        refreshInterval:
          type: integer
          description: 'Interval of time (in seconds) to automatically refresh the
            dashboard. A value of 0 means we never automatically refresh the dashboard.
            Allowed values are `0`, `30`, `60`, `120`, `300`, `900`, `1800`, `3600`,
            `7200`, `86400`.

            '
          format: int32
          example: 30
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
        panels:
          type: array
          description: Panels in the dashboard.
          items:
            $ref: '#/components/schemas/Panel'
        layout:
          $ref: '#/components/schemas/Layout'
        variables:
          type: array
          description: Variables to apply to the panels.
          items:
            $ref: '#/components/schemas/Variable'
        theme:
          pattern: ^(light|dark|Light|Dark)$
          type: string
          description: Theme for the dashboard. Either `Light` or `Dark`.
          example: light
          default: Light
          x-pattern-message: Must be `Light`, or `Dark`
        isPublic:
          type: boolean
          description: Is the dashboard public
          default: false
        highlightViolations:
          type: boolean
          description: Whether to highlight threshold violations.
          default: false
        organizations:
          $ref: '#/components/schemas/Organizations'
    Organizations:
      type: object
      properties:
        defaultOrgIds:
          type: array
          description: The default list of organization IDs to run the dashboard by
          items:
            $ref: '#/components/schemas/OrgId'
      description: The organization details to run the dashboard by
    OrgId:
      maxLength: 23
      minLength: 19
      type: string
      description: The unique identifier of an organization. It consists of the deployment
        ID and the hexadecimal account ID separated by a dash `-` character.
      example: us2-00000000FF42A0C3
    PublicDashboard:
      allOf:
      - $ref: '#/components/schemas/Dashboard'
      - type: object
        properties:
          dashboardPolicy:
            $ref: '#/components/schemas/DashboardPolicy'
    DashboardPolicy:
      type: object
      properties:
        dashboardAutoRefresh:
          type: object
          properties:
            minRefreshInterval:
              type: integer
              format: int32
              example: 30
          description: Dashboard Auto-Refresh policy settings.
        dashboardAutoRun:
          type: object
          properties:
            enabled:
              type: boolean
              example: true
          description: Dashboard Auto-Run policy settings.
      description: dashboard policy settings.
    DashboardMigrationRequest:
      required:
      - contentIds
      type: object
      properties:
        contentIds:
          maxItems: 50
          type: array
          description: Content identifiers of the Legacy dashboards.
          items:
            type: string
            description: Content identifier of the Legacy dashboard.
            example: 00000000000001C8
    MigrationPreviewResponse:
      required:
      - count
      type: object
      properties:
        count:
          type: integer
          description: Count of dashboards to be migrated.
          example: 5
      description: Preview of the dashboard migration.
    DashboardMigrationResult:
      required:
      - data
      - status
      type: object
      properties:
        data:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: 'A mapping of Legacy Dashboard Content Ids to migrated Dashboard(New)
            Content Ids. Only successful migration are shown here, see errors field
            for failed migrations and the failure reason.

            '
          example:
            '1': 64
        richData:
          maxProperties: 1000
          type: object
          additionalProperties:
            $ref: '#/components/schemas/MigratedDashboardInfo'
          description: 'A mapping of Legacy Dashboard Content Ids to migrated Dashboard(New)
            info. Only successful migration are shown here, see errors field for failed
            migrations and the failure reason.

            '
        status:
          $ref: '#/components/schemas/DashboardMigrationStatus'
        errors:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDescription'
          description: A mapping of Legacy Dashboards Content Identifiers that failed
            validation to the failure reason(s).
        warnings:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDescription'
          description: A mapping of Legacy Dashboards Content Identifiers to warnings.
    MigratedDashboardInfo:
      required:
      - id
      - name
      type: object
      properties:
        id:
          type: string
          description: The id of the Dashboard(New)
          example: jgiJLiFP9dX6YdNG0u9t0yqUVOF0iIlNcX0usw2Uy6g8BYTgBj0vYVeiRjRj
        name:
          type: string
          description: The name of the Dashboard(New)
          example: New Dashboard
    DashboardMigrationStatus:
      required:
      - failedCount
      - successCount
      - totalCount
      type: object
      properties:
        successCount:
          type: integer
          description: A successful migration to Dashboard(New).
          example: 3
        failedCount:
          type: integer
          description: A failed migration to Dashboard(New).
          example: 1
        totalCount:
          type: integer
          description: The total number of Legacy Dashboards to migrate.
          example: 10
    PaginatedReportSchedules:
      required:
      - reportSchedules
      type: object
      properties:
        reportSchedules:
          type: array
          description: List of dashboard report schedules.
          items:
            $ref: '#/components/schemas/ReportSchedule'
        next:
          type: string
          description: Next continuation token. `token` is set to null when no more
            pages are left.
          example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
    ReportSchedule:
      allOf:
      - $ref: '#/components/schemas/ReportScheduleRequest'
      - type: object
        properties:
          scheduleId:
            type: string
            description: Identifier of the dashboard report schedule.
            example: RdQHYPh2jxoS90DXtKfA7nAJV2rsQ9BncpfY7IkjNzQWi52ug85W7r6Rrmtd
    ReportScheduleRequest:
      required:
      - dashboardId
      - emailNotification
      - reportFormat
      - scheduleType
      - timeZone
      type: object
      properties:
        dashboardId:
          type: string
          description: Identifier of dashboard the schedule will generate report for.
          example: B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
        variableValues:
          $ref: '#/components/schemas/VariablesValuesData'
        reportFormat:
          pattern: ^(Pdf|Png)$
          type: string
          description: File format of the report. Can be `Pdf` or `Png`. `Pdf` is
            portable document format. `Png` is portable graphics image format.
          example: Pdf
          x-pattern-message: 'should be one of the following: ''Pdf'', ''Png'''
        scheduleType:
          type: string
          description: "Run schedule of the scheduled report. Set to \"Custom\" to\
            \ specify the schedule with a CRON expression. Possible schedule types\
            \ are:\n  - `RealTime`\n  - `15Minutes`\n  - `1Hour`\n  - `2Hours`\n \
            \ - `4Hours`\n  - `6Hours`\n  - `8Hours`\n  - `12Hours`\n  - `1Day`\n\
            \  - `1Week`\n  - `Custom`"
          example: 1Day
        cronExpression:
          type: string
          description: Cron-like expression specifying the report's schedule. Field
            scheduleType must be set to "Custom", otherwise, scheduleType takes precedence
            over cronExpression.
          example: 0 0/15 * * * ? *
        timeZone:
          maxLength: 1024
          minLength: 1
          type: string
          description: Time zone identifier for time specification. Either an abbreviation
            such as "PST", a full name such as "America/Los_Angeles", or a custom
            ID such as "GMT-8:00". Note that the support of abbreviations is for JDK
            1.1.x compatibility only and full names should be used.
          example: America/Los_Angeles
        emailNotification:
          $ref: '#/components/schemas/Email'
        isActive:
          type: boolean
          description: Is the dashboard report schedule active
          default: true
    PaginatedMetricsSearches:
      required:
      - metricsSearches
      type: object
      properties:
        metricsSearches:
          type: array
          description: List of metrics search pages.
          items:
            $ref: '#/components/schemas/MetricsSearchResponse'
        next:
          type: string
          description: Next continuation token. `token` is set to null when no more
            pages are left.
          example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
    MetricsSearchResponse:
      allOf:
      - $ref: '#/components/schemas/MetricsSearchRequest'
      - type: object
        properties:
          id:
            type: string
            description: Unique identifier for the metrics search page.
            example: B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2
    MetricsSearchRequest:
      allOf:
      - $ref: '#/components/schemas/MetricsSearch'
      - type: object
        properties:
          folderId:
            type: string
            description: 'The identifier of the folder to save the metrics search
              in. By default it is saved in your personal folder.

              '
            example: 000000000C1C17C6
    MetricsSearch:
      required:
      - queries
      - timeRange
      - title
      type: object
      properties:
        title:
          maxLength: 255
          minLength: 1
          pattern: ^\s*\S.*$
          type: string
          description: Title of the metrics search page.
          x-pattern-message: must contain at least 1 non-whitespace character
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
        description:
          type: string
          description: Description of the metrics search page.
        queries:
          type: array
          description: Queries of the metrics search page.
          items:
            $ref: '#/components/schemas/Query'
        visualSettings:
          type: string
          description: Visual settings of the metrics search page.
    MonitorUsageInfo:
      type: array
      description: The usage info of logs and metrics monitors.
      items:
        $ref: '#/components/schemas/MonitorUsage'
    MonitorUsage:
      properties:
        monitorType:
          type: string
          description: The type of monitor usage info (Logs or Metrics).
          example: Logs
          enum:
          - Logs
          - Metrics
        usage:
          type: integer
          description: Current number of active Logs/Metrics monitors.
          example: 100
        limit:
          type: integer
          description: The limit of active Logs/Metrics monitors.
          example: 100
        total:
          type: integer
          description: The total number of monitors created. (Including both active
            and disabled Logs/Metrics monitors)
          example: 100
      description: The usage info of monitors.
    QueriesParametersResult:
      type: object
      properties:
        isValid:
          type: boolean
          description: Whether or not if queries are valid.
          example: false
        errors:
          type: array
          description: Error messages from validation.
          example:
          - Field fieldName not found, please check the spelling and try again.
          items:
            type: string
          default: []
        logsOutlier:
          $ref: '#/components/schemas/LogsOutlier'
        metricsOutlier:
          $ref: '#/components/schemas/MetricsOutlier'
      description: Queries validation and extracted parameters result.
    LogsOutlier:
      type: object
      properties:
        trimmedQuery:
          type: string
          description: The query string after trimming out the outlier clause.
          example: _sourceCategory=search error | timeslice 1m | count by _timeslice
        window:
          type: integer
          description: Sets the trailing number of data points to calculate mean and
            sigma.
          format: int64
          example: 15
          default: 10
        consecutive:
          type: integer
          description: Sets the required number of consecutive indicator data points
            (outliers) to trigger a violation.
          format: int64
          example: 3
          default: 1
        direction:
          $ref: '#/components/schemas/OutlierDirection'
        threshold:
          type: number
          description: Sets the number of standard deviations for calculating violations.
          format: double
          example: 10.0
          default: 3.0
        field:
          type: string
          description: The name of the field that the trigger condition will alert
            on.
          example: _count
      description: The parameters extracted from the logs outlier query.
    OutlierDirection:
      type: string
      description: "Specifies which direction should trigger violations. Valid values:\n\
        \  1. `Both`: Both positive and negative deviations\n  2. `Up`: Positive deviations\
        \ only\n  3. `Down`: Negative deviations only\nexample: \"Up\" pattern: \"\
        ^(Both|Up|Down)$\" default: \"Both\" x-pattern-message: \"should be one of\
        \ the following: 'Both', 'Up', 'Down'\""
    MetricsOutlier:
      type: object
      properties:
        trimmedQuery:
          type: string
          description: The query string after trimming out the outlier clause.
          example: _sourceHost=prod-search-1 metric=CPU_User
        baselineWindow:
          type: string
          description: The time range used to compute the baseline.
          example: 10m
          default: 5m
        baselineTimeRangeWindow:
          $ref: '#/components/schemas/ResolvableTimeRange'
        direction:
          $ref: '#/components/schemas/OutlierDirection'
        threshold:
          type: number
          description: How much should the indicator be different from the baseline
            for each datapoint.
          format: double
          example: 10.0
          default: 3.0
      description: The parameters extracted from the metrics outlier query.
    MonitorQueries:
      required:
      - monitorType
      - queries
      - timeRange
      type: object
      properties:
        monitorType:
          pattern: ^(Logs|Metrics)$
          type: string
          description: "The type of monitor. Valid values:\n  1. `Logs`: A logs query\
            \ monitor.\n  2. `Metrics`: A metrics query monitor."
          example: Logs
          x-pattern-message: should be either 'Logs' or 'Metrics'
        timeRange:
          type: string
          description: The relative time range of the monitor. Valid values of time
            ranges are `5m`, `10m`, `15m`, `30m`, `1h`, `3h`, `6h`, `12h`, or `24h`.
          example: 15m
        queries:
          type: array
          description: Queries to be validated.
          items:
            $ref: '#/components/schemas/UnvalidatedMonitorQuery'
      description: Queries to be validated.
    UnvalidatedMonitorQuery:
      required:
      - query
      - rowId
      type: object
      properties:
        rowId:
          type: string
          description: The unique identifier of the row. Defaults to sequential capital
            letters, `A`, `B`, `C`, etc.
          example: A
        query:
          type: string
          description: The logs or metrics query that defines the stream of data the
            monitor runs on.
          example: _sourceCategory=search error | timeslice 1m | count by _timeslice
            | outlier _count window=5,threshold=3,consecutive=2,direction=+
      description: A search query.
    SeriesData:
      required:
      - dataPoints
      - name
      - seriesAxisRange
      type: object
      properties:
        name:
          type: string
          description: Name of the series.
          example: monitor-manager-cpu-1
        dataPoints:
          type: array
          description: Data points of the series.
          items:
            $ref: '#/components/schemas/DataPoint'
        seriesAxisRange:
          $ref: '#/components/schemas/SeriesAxisRange'
        aggregateInfo:
          $ref: '#/components/schemas/VisualAggregateData'
        seriesMetadata:
          $ref: '#/components/schemas/SeriesMetadata'
      description: The data for visualizing monitor chart.
    DataPoint:
      type: object
      properties:
        dataPointType:
          pattern: ^(OutlierSeriesData|StaticSeriesData)$
          type: string
          description: Type of the data point.
          example: OutlierSeriesData
      description: Data for visualizing monitor chart.
      discriminator:
        propertyName: dataPointType
        mapping:
          OutlierSeriesData: '#/components/schemas/OutlierSeriesDataPoint'
          StaticSeriesData: '#/components/schemas/StaticSeriesDataPoint'
    OutlierDataValue:
      type: object
      properties:
        baseline:
          $ref: '#/components/schemas/OutlierBound'
        critical:
          $ref: '#/components/schemas/OutlierBound'
        warning:
          $ref: '#/components/schemas/OutlierBound'
        value:
          type: number
          description: The value of outlier data point.
          format: double
          example: 70.0
        violation:
          pattern: ^(CriticalUpperViolation|CriticalLowerViolation|WarningUpperViolation|WarningLowerViolation|NoViolation)$
          type: string
          description: The type of violation.
          example: CriticalUpperViolation
          x-pattern-message: 'should be one of the following: ''CriticalUpperViolation'',
            ''CriticalLowerViolation'', ''WarningUpperViolation'', ''WarningLowerViolation'',
            ''NoViolation'''
      description: Data value and bounds of outlier data point.
    OutlierBound:
      type: object
      properties:
        lower:
          type: number
          description: Lower bond value.
          format: double
          example: 50.0
        upper:
          type: number
          description: Upper bond value.
          format: double
          example: 100.0
      description: The upper and lower bound of outlier/baseline.
    SeriesAxisRange:
      type: object
      properties:
        x:
          $ref: '#/components/schemas/AxisRange'
        y:
          $ref: '#/components/schemas/AxisRange'
      description: The axis limitation for chart data.
    AxisRange:
      type: object
      properties:
        min:
          type: integer
          description: minimum limit of x or y axis.
          format: int64
          example: 50
        max:
          type: integer
          description: maximum limit of x or y axis.
          format: int64
          example: 100
      description: The min and max of the x,y axis of the monitor chart.
    SeriesMetadata:
      type: object
      properties:
        rowId:
          type: string
          description: Row ID of the query this time series belongs to.
          example: A
        dimensions:
          type: array
          description: Dimensions for the time series.
          items:
            $ref: '#/components/schemas/DimensionKeyValue'
      description: The metadata of time series for chart.
    DimensionKeyValue:
      type: object
      properties:
        key:
          type: string
          description: The key of the metric dimension.
          example: region
        value:
          type: string
          description: The value of the metric dimension.
          example: us-east-1
      description: The key and value pair for each metric dimension.
    MonitorQuery:
      required:
      - query
      - rowId
      type: object
      properties:
        rowId:
          type: string
          description: The unique identifier of the row. Defaults to sequential capital
            letters, `A`, `B`, `C`, etc.
          example: A
        query:
          type: string
          description: The logs or metrics query that defines the stream of data the
            monitor runs on.
          example: _sourceCategory=search error
      description: A search query.
    LogSearchQuery:
      required:
      - queryString
      type: object
      properties:
        queryString:
          type: string
          description: Query string for which to get log fields.
          example: _sourceCategory=service
      description: Query for which to get log fields.
    GroupFieldsResponse:
      required:
      - groupFields
      - isQueryAggregate
      type: object
      properties:
        groupFields:
          type: array
          description: List of group fields
          items:
            type: string
        isQueryAggregate:
          type: boolean
          description: Whether or not the queries are aggregate.
          example: false
          default: false
      description: Group fields for the monitor
    GroupFieldsRequest:
      required:
      - monitorType
      - queries
      type: object
      properties:
        queries:
          uniqueItems: true
          type: array
          description: All queries from the monitor.
          items:
            $ref: '#/components/schemas/MonitorQuery'
        monitorType:
          pattern: ^(Logs|Metrics)$
          type: string
          description: "The type of monitor. Valid values:\n  1. `Logs`: A logs query\
            \ monitor.\n  2. `Metrics`: A metrics query monitor."
          example: Logs
      description: Monitor type and queries
    DisableMonitorResponse:
      type: object
      properties:
        monitors:
          maxProperties: 1000
          type: object
          additionalProperties:
            $ref: '#/components/schemas/MonitorsLibraryMonitorResponse'
          description: A map between an identifier and its monitor.
        warnings:
          type: array
          description: Warnings from the operation.
          items:
            $ref: '#/components/schemas/DisableMonitorWarning'
      description: Response for disabling monitors.
    DisableMonitorWarning:
      type: object
      properties:
        code:
          type: string
          description: A code for the warning message.
          example: content:not_found
        message:
          type: string
          description: A short message with details about the warning.
          example: Monitor id=0000000000000001 not found.
      description: Warning object from the operation providing details such as when
        a given monitor to disable does not exist.
    MonitorSubscriptionsListResponse:
      required:
      - exhaustive
      - subscriptions
      type: object
      properties:
        subscriptions:
          type: array
          description: List of existing subscriptions.
          items:
            $ref: '#/components/schemas/MonitorSubscription'
        exhaustive:
          type: boolean
          description: If true, the list contains all existing subscriptions.
          example: true
      description: List of existing subscriptions.
    MonitorSubscription:
      type: object
      properties:
        targetId:
          type: string
          description: The id of the subscription target. It can be either a monitor
            or a folder id.
          example: 000000000000676F
      description: The monitor subscription. Alerts can be filtered by a monitor subscription
        status.
    MonitorSubscriptionsTargetsInput:
      maxItems: 100
      minItems: 1
      type: array
      description: Input array with ids of monitors or monitor folders.
      items:
        type: string
    MonitorSubscriptionsStatus:
      required:
      - status
      - targetId
      type: object
      properties:
        targetId:
          type: string
          description: Id of the subscription target.
          example: 000000000000676F
        status:
          pattern: ^(Subscribed|SubscribedByAncestor|NotSubscribed)$
          type: string
          description: Status of the subscription.
          example: Subscribed
          x-pattern-message: 'should be one of the following: ''Subscribed'', ''SubscribedByAncestor'',
            ''NotSubscribed'''
      description: Subscription status of the element.
    MutingInformationResponse:
      required:
      - isMuted
      type: object
      properties:
        id:
          type: string
          description: Identifier of the monitor.
          example: '0000000000000001'
        isMuted:
          type: boolean
          description: Flag to indicate the monitor muted or not.
          example: true
          default: false
        mutingEndTime:
          type: integer
          description: Timestamp in Epoch that this monitor is currently muted until.
          format: int64
          example: 1678084636
        mutingSchedules:
          type: array
          description: Array of muting schedules that this monitor is associated with.
          items:
            $ref: '#/components/schemas/MutingScheduleResponse'
        adhocMuting:
          $ref: '#/components/schemas/AdhocMutingResponse'
      description: Muting information fields for the monitor.
    MutingScheduleResponse:
      required:
      - id
      type: object
      properties:
        id:
          type: string
          description: Id of the muting schedule in hex.
          example: 000000000000676F
      description: Muting information fields for the monitor.
    AdhocMutingResponse:
      required:
      - startTime
      type: object
      properties:
        startTime:
          type: integer
          description: Start time of adhoc muting period in Epoch.
          format: int64
          example: 1678118000
        endTime:
          type: integer
          description: End time of the adhoc muting period in Epoch.If muting indefinitely,
            this will be empty.
          format: int64
          example: 1678118025
      description: Muting information fields for the monitor.
    IdToMutingInformationResponseMap:
      maxProperties: 1000
      type: object
      additionalProperties:
        $ref: '#/components/schemas/MutingInformationResponse'
    DataPointCount:
      required:
      - count
      type: object
      properties:
        count:
          type: integer
          description: The number of data points
          format: int32
          example: 20
      description: The number of anomaly data points in the monitor window.
    AnomalyDataPointsCountRequest:
      required:
      - queries
      - relativeTimeRange
      type: object
      properties:
        relativeTimeRange:
          type: string
          description: The relative time range of the monitor. Valid values of time
            ranges are `-5m`, `-10m`, `-15m`, `-30m`, `-1h`, `-3h`, `-6h`, `-12h`,
            or `-24h`.
          example: -15m
        queries:
          uniqueItems: true
          type: array
          description: All queries from the monitor.
          items:
            $ref: '#/components/schemas/MonitorQuery'
        monitorType:
          pattern: ^(Logs|Metrics)$
          type: string
          description: The type of anomaly monitor (Logs or Metrics).
          default: Logs
          x-pattern-message: should be either 'Logs' or 'Metrics'
      description: Monitor query and time range to calculate the number of data points.
    MonitorGroupInfo:
      type: object
      properties:
        keys:
          type: array
          description: The monitor group keys.
          example:
          - _host
          - _sourceCategory
          items:
            type: string
      description: The monitor group key info for all monitors.
    MonitorScanEstimatesResponse:
      type: object
      properties:
        scanEstimates:
          type: array
          description: array of scan estimates
          items:
            $ref: '#/components/schemas/TierEstimate'
      description: Monitor scan estimates
    TierEstimate:
      type: object
      properties:
        tier:
          type: string
          description: Name of the data tier
          example: Flex
        perScanInBytes:
          type: integer
          description: estimate data scanned per monitor scan in bytes
          format: int64
        perDayInBytes:
          type: integer
          description: estimate data scanned per day in bytes
          format: int64
        perYearInBytes:
          type: integer
          description: estimate data scanned per year in bytes
          format: int64
        trainingScanInBytes:
          type: integer
          description: one-time scan for log anomaly monitor
          format: int64
      description: estimate for a tier
    MonitorScanEstimatesRequest:
      required:
      - query
      - timezone
      - triggers
      type: object
      properties:
        query:
          maxLength: 15000
          type: string
          description: The logs query that defines the stream of data the monitor
            runs on.
          example: _sourceCategory=remix
        triggers:
          type: array
          description: Defines the conditions of when to send notifications.
          items:
            $ref: '#/components/schemas/TriggerCondition'
        timezone:
          type: string
          description: Time zone for the monitor [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
          example: America/Los_Angeles
      description: Request object to get monitor scan estimates
    MonitorPlaybooksList:
      type: array
      description: The list of monitor playbooks.
      items:
        $ref: '#/components/schemas/MonitorPlaybook'
    MonitorPlaybook:
      required:
      - description
      - name
      - playbookId
      - type
      - versionId
      type: object
      properties:
        description:
          type: string
          description: The description of the monitor playbook.
          example: <p>30 Seconds API Will Take To Respond</p>
        playbookId:
          type: string
          description: The id of the playbook.
          example: '1'
        name:
          type: string
          description: The name of the playbook.
          example: Test
        versionId:
          type: string
          description: The version id of the playbook.
          example: '1'
        type:
          type: string
          description: The type of the playbook.
          example: Analytics
      description: The single monitor playbook.
    MonitorContentSyncDefinition:
      required:
      - name
      - type
      type: object
      properties:
        type:
          type: string
          description: The type of the item. Valid values are `MonitorFolderDefinition`,
            `MonitorWithDependenciesDefinition`.
        name:
          type: string
          description: The name of the item.
      discriminator:
        propertyName: type
    NextInstancesResponse:
      type: object
      properties:
        nextInstances:
          type: array
          description: list of next instances in epoch
          items:
            type: integer
            description: epoch in millisecond
            format: int64
            example: 1689119100000
    NextInstancesRequest:
      required:
      - rrule
      - startDate
      - startTime
      - timezone
      type: object
      properties:
        timezone:
          type: string
          description: Time zone for the schedule per [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
        startDate:
          type: string
          description: Schedule start date in the format of `yyyy-mm-dd`
        startTime:
          type: string
          description: Schedule start time in the format of `hh:mm`
        rrule:
          type: string
          description: RRule (Recurrence Rule)
    ListAlertsLibraryAlertResponse:
      type: array
      description: List of Alerts.
      items:
        $ref: '#/components/schemas/AlertsLibraryAlertResponse'
    RelatedAlertsLibraryAlertResponse:
      type: object
      properties:
        data:
          type: array
          description: All alerts related to the given alert and their relationship
            tags.
          items:
            $ref: '#/components/schemas/RelatedAlert'
      description: List of related Alerts.
    RelatedAlert:
      type: object
      properties:
        alert:
          $ref: '#/components/schemas/AlertsLibraryAlertResponse'
        relations:
          type: array
          description: Tags describing the relationship between the two alerts.
          items:
            $ref: '#/components/schemas/RelationTypeTag'
      description: An alert and how it is related to the given alert
    RelationTypeTag:
      pattern: ^(Time|Entity)$
      type: string
      description: "The nature of the relationship between alerts. Valid values:\n\
        \  1. `Time`: Alerts are related by their time of creation.\n  2. `Entity`:\
        \ Alerts are related by the entities linked to their queries."
      example: Time
      x-pattern-message: should be either 'Time' or 'Entity'
    AlertsListPageResponse:
      type: object
      properties:
        data:
          type: array
          description: List of alerts summaries.
          items:
            $ref: '#/components/schemas/AlertsListPageObject'
      description: List of Alert list page objects.
    AlertsListPageObject:
      type: object
      properties:
        id:
          type: string
          description: Identifier of the alert.
          example: 000000000000000A
        name:
          type: string
          description: Name of the alert.
          example: CPU Total above 90
        severity:
          pattern: ^(Critical|Warning|MissingData)$
          type: string
          description: "The severity of the Alert. Valid values:\n  1. `Critical`\n\
            \  2. `Warning`\n  3. `MissingData`"
          example: Warning
          x-pattern-message: should be either 'Critical', 'Warning' or 'MissingData'
        status:
          pattern: ^(Active|Resolved)$
          type: string
          description: "The status of the Alert. Valid values:\n  1. `Active`\n  2.\
            \ `Resolved`"
          example: Active
          x-pattern-message: should be either 'Active' or 'Resolved'
        entitiesInfo:
          type: array
          description: 'List of AlertEntityInfo for primary entities. The primary
            entity is the most concrete entity  (e.g. k8s container) that can be assigned
            per time series or log group,  secondary entities are the less specific
            ones (e.g. k8s cluster or EC2 host).

            '
          items:
            $ref: '#/components/schemas/AlertEntityInfo'
        secondaryEntitiesInfo:
          type: array
          description: 'List of secondary AlertEntityInfo for primary entities. Primary/secondary
            entities are explained in description for `entitiesInfo`.

            '
          items:
            $ref: '#/components/schemas/AlertEntityInfo'
        violationCount:
          type: string
          description: The number of unique result groups that have met the alert
            condition.
          example: '2'
        lastViolation:
          type: string
          description: The condition from the last alert violation.
          example: greater than 90.0 for all of the last 5 minutes
        duration:
          type: string
          description: The current duration of the alert.
          example: 2 hours
        createdAt:
          type: string
          description: The creation time of the alert.
          example: 11:11 AM August 25, 2021
        lastUpdated:
          type: string
          description: The time when this alert was updated with the most recent violation.
          example: 1:11 PM August 25, 2021
        isMuted:
          type: boolean
          description: True if the ARP was created while the monitor was muted
          example: true
          default: false
      description: Alert list page object.
    AlertChartDataResult:
      required:
      - metadata
      - series
      type: object
      properties:
        series:
          type: array
          description: List of time series of the alert chart data.
          items:
            $ref: '#/components/schemas/SeriesData'
        metadata:
          $ref: '#/components/schemas/AlertChartMetadata'
      description: Response for alert response chart data visualization.
    AlertChartMetadata:
      type: object
      properties:
        abnormalityStartTime:
          type: integer
          description: The time stamp at which abnomarlity started.
          format: int64
          example: 1630017549842
        abnormalityEndTime:
          type: integer
          description: The time stamp at which abnomarlity ended.
          format: int64
          example: 1630017549842
        evaluationDelay:
          type: integer
          description: The delay duration for evaluating the monitor (relative to
            current time). The timerange of monitor will be shifted in the past by
            this delay time.
          format: int64
          example: 1630017549842
        alertCreatedAt:
          type: integer
          description: The time stamp at which the alert response page is created.
          format: int64
          example: 1630017549842
        alertResolvedAt:
          type: integer
          description: The time stamp at which the alert response page is resolved.
          format: int64
          example: 1630017549842
      description: The metadata timestamps of alert chart data
    ActiveCount:
      type: integer
      description: The number of currently active alerts.
      format: int32
      example: 205
    PlaybookExecutionResponse:
      type: object
      properties:
        runningId:
          type: string
          description: The id of the playbook which is running.
        playbookExecutedId:
          type: string
          description: The id of the playbook when it is executed.
      description: The response for executing the playbook.
    PlaybookExecutionParameters:
      required:
      - alertId
      - playbookId
      type: object
      properties:
        playbookId:
          type: string
          description: The id of the playbook which needs to run.
          example: '1'
        alertId:
          type: string
          description: The alert id which needs to run the playbook.
      description: The parameters for executing the playbook.
    PlaybookRunningResultList:
      type: array
      items:
        $ref: '#/components/schemas/PlaybookRunningResult'
    PlaybookRunningResult:
      required:
      - id
      - isChild
      - name
      - playbookId
      - status
      - statusCode
      type: object
      properties:
        startDate:
          type: string
          description: The running start date time of the playbook.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        endDate:
          type: string
          description: The running end date time of the playbook.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        id:
          type: string
          description: The id of the playbook running.
        playbookId:
          type: string
          description: The id of the playbook.
        isChild:
          type: boolean
          description: The isChild of other playbook.
          default: false
        name:
          type: string
          description: The name of the playbook running.
        status:
          type: string
          description: The status of the playbook running.
        statusCode:
          type: integer
          description: The status code of the playbook running.
          format: int32
          example: 200
    PlaybookRunningListRequest:
      required:
      - alertId
      type: object
      properties:
        alertId:
          type: string
          description: The alert id.
          example: '0000000000000001'
      description: The request parameters for getting all running playbooks' status.
    CompliancePeriodRef:
      required:
      - complianceRefType
      type: object
      properties:
        complianceRefType:
          pattern: ^(Relative)$
          type: string
          description: Type of reference to the compliance period. Must be `Relative`.
          example: Relative
          x-pattern-message: Must be `Relative`
        relativeShift:
          type: integer
          description: Relative shift of compliance period from the latest/current
            compliance period.
          example: -1
      description: Reference to the compliance period of the SLO.
    DashboardSearchResult:
      required:
      - axes
      - series
      - status
      type: object
      properties:
        status:
          $ref: '#/components/schemas/DashboardSearchStatus'
        axes:
          $ref: '#/components/schemas/VisualDataAxes'
        series:
          type: array
          description: The series returned from a search.
          items:
            $ref: '#/components/schemas/VisualDataSeries'
        errors:
          type: array
          description: Errors returned by backend.
          items:
            $ref: '#/components/schemas/ErrorDescription'
        timeRange:
          $ref: '#/components/schemas/BeginBoundedTimeRange'
        requestToken:
          type: string
          description: A user-generated string to uniquely identify the search request.
            This field can be safely ignored if you don't intend to identify a search
            request.
        fieldOrdering:
          type: array
          description: 'The expected ordering of the column fields in tabular format.
            If null or empty, the ordering is unknown or indeterminate.

            '
          example:
          - _timeslice
          - _sourceHost
          items:
            type: string
        infrequentScannedBytes:
          type: number
          description: The total number of scanned bytes from infrequent tier data
            for the query in bytes.
          format: int64
          example: 350000
        scannedBytes:
          $ref: '#/components/schemas/ScannedBytes'
        backfillPercent:
          type: number
          description: The backfill percentage of a continuous query.
          format: float
    DashboardSearchStatus:
      required:
      - state
      type: object
      properties:
        state:
          type: string
          description: Current state of the search.
        percentCompleted:
          maximum: 100
          minimum: 0
          type: integer
          description: Percentage of search completed.
          format: int32
    VisualDataAxes:
      required:
      - x
      - y
      type: object
      properties:
        x:
          type: array
          description: The data of the primary x axis.
          items:
            $ref: '#/components/schemas/VisualAxisData'
        y:
          type: array
          description: The data of the primary y axis.
          items:
            $ref: '#/components/schemas/VisualAxisData'
        x2:
          type: array
          description: The data of the secondary x axis.
          items:
            $ref: '#/components/schemas/VisualAxisData'
        y2:
          type: array
          description: The data of the secondary y axis.
          items:
            $ref: '#/components/schemas/VisualAxisData'
    VisualAxisData:
      type: object
      properties:
        index:
          type: integer
          description: The value of the axis labels.
          format: int32
          example: 0
    VisualDataSeries:
      required:
      - dataPoints
      - name
      - queryId
      type: object
      properties:
        queryId:
          type: string
          description: The id of the query.
          example: A
        name:
          type: string
          description: "The meaning of 'name' depends on the series type.\n  - For\
            \ results of type 'timeseries', it is the value of the 'metric' key.\n\
            \  - For results of type 'nontimeseries', it is the name of one of the\
            \ fields that is not part of 'xAxisKeys'.\n  - For results of type 'table',\
            \ it is the comma-separated string of names of all fields.\n"
          example: max(Disk_Used)
        dataPoints:
          type: array
          description: A list of data points in the visual series.
          items:
            $ref: '#/components/schemas/VisualPointData'
        aggregateInfo:
          $ref: '#/components/schemas/VisualAggregateData'
        metaData:
          $ref: '#/components/schemas/VisualMetaData'
        seriesType:
          pattern: ^(timeseries|nontimeseries|table)$|^$
          type: string
          description: Type of the visual series.
          example: timeseries
        xAxisKeys:
          type: array
          description: Keys that will be plotted as a point on the x axis.
          example:
          - _sourceCategory
          - _sourceHost
          items:
            type: string
        valueType:
          type: string
          description: Value that represents if the series values are String or Double
          example: Double
        source:
          pattern: ^(Logs|Metrics)$|^$
          type: string
          description: Source of the visual series.
          example: Logs
        xAxisKeyTypes:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Keys that will be plotted as a point on the x axis and their
            data type
          example:
            _sourceCategory: String
          default: {}
        queryInfo:
          $ref: '#/components/schemas/MetricsQueryResultInfo'
    VisualPointData:
      required:
      - y
      type: object
      properties:
        x:
          type: number
          description: Value that represents a point on the x axis.
          format: double
          example: 1.0
        y:
          type: string
          description: Value that represents a point on the y axis.
          example: '12.3'
        isFilled:
          type: boolean
          description: Whether the field is interpolated or extrapolated - not derived
            from underlying data.
          example: false
          default: false
        xAxisValues:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Values that represents a point on the x axis.
          example:
            _sourceCategory: collector
            _collector: stag-index-7
          default: {}
        outlierData:
          $ref: '#/components/schemas/VisualOutlierData'
    VisualOutlierData:
      required:
      - baseline
      - isOutlier
      - lowerBound
      - unit
      - upperBound
      type: object
      properties:
        baseline:
          type: number
          description: The estimated value of the data point.
          format: double
          example: 1.2
        unit:
          type: number
          description: The variation in the estimated value of the data point.
          format: double
          example: 5.6
        lowerBound:
          type: number
          description: The lower bound of the outlier band
          format: double
          example: 5.3
        upperBound:
          type: number
          description: The upper bound of the outlier band
          format: double
          example: 6.3
        isOutlier:
          type: boolean
          description: Indicates if the data point is outlier or not.
          example: false
    VisualAggregateData:
      required:
      - avg
      - latest
      - max
      - min
      - sum
      type: object
      properties:
        max:
          type: number
          description: The maximum value in the series.
          format: double
          example: 10.0
        min:
          type: number
          description: The minimum value in the series.
          format: double
          example: 1.2
        avg:
          type: number
          description: The average value in the series.
          format: double
          example: 5.6
        sum:
          type: number
          description: The sum of all the values in the series.
          format: double
          example: 123.4
        latest:
          type: number
          description: The last value in the series.
          format: double
          example: 23.4
        count:
          type: number
          description: The number of values in the series.
          format: double
          example: 600
    VisualMetaData:
      required:
      - data
      type: object
      properties:
        data:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: The value of the metadata.
          example:
            deployment: dev
            cluster: frontend
            instance: frontend-12
          default: {}
    MetricsQueryResultInfo:
      type: object
      properties:
        rowId:
          type: string
          description: Metrics Query row id.
        resultContext:
          $ref: '#/components/schemas/MetricsQueryResultContext'
    ScannedBytes:
      type: object
      properties:
        infrequent:
          type: integer
          description: The total number of scanned bytes from infrequent tier data
            for the query in bytes.
          format: int64
          example: 350000
        continuous:
          type: integer
          description: The total number of scanned bytes from continuous tier data
            for the query in bytes.
          format: int64
          example: 350000
        frequent:
          type: integer
          description: The total number of scanned bytes from frequent tier data for
            the query in bytes.
          format: int64
          example: 350000
        security:
          type: integer
          description: The total number of scanned bytes from security tier data for
            the query in bytes.
          format: int64
          example: 350000
        tracing:
          type: integer
          description: The total number of scanned bytes from tracing tier data for
            the query in bytes.
          format: int64
          example: 350000
        upfront:
          type: integer
          description: The total number of scanned bytes from upfront tier data for
            the query in bytes.
          format: int64
          example: 350000
        metered:
          type: integer
          description: The total number of scanned bytes from metered tier data for
            the query in bytes.
          format: int64
          example: 350000
        rce:
          type: integer
          description: The total number of scanned bytes from rce tier data for the
            query in bytes.
          format: int64
          example: 350000
        flex:
          type: integer
          description: The total number of scanned bytes from flex tier data for the
            query in bytes.
          format: int64
          example: 350000
        continuousSecurity:
          type: integer
          description: The total number of scanned bytes from continuous security
            tier data for the query in bytes.
          format: int64
          example: 350000
        flexSecurity:
          type: integer
          description: The total number of scanned bytes from flex security tier data
            for the query in bytes.
          format: int64
          example: 350000
        flexUpfront:
          type: integer
          description: The total number of scanned bytes from flex upfront tier data
            for the query in bytes.
          format: int64
          example: 350000
        flexMetered:
          type: integer
          description: The total number of scanned bytes from flex metered tier data
            for the query in bytes.
          format: int64
          example: 350000
      description: 'The total number of scanned bytes from tiered data sources (ex.
        infrequent, continuous, frequent). See https://help.sumologic.com/docs/manage/partitions-data-tiers/data-tiers/
        for a more detailed explaination.

        '
    CompliancePeriods:
      required:
      - periods
      - timezone
      type: object
      properties:
        timezone:
          type: string
          description: Time zone for the compliance periods as per the [IANA Time
            Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
          example: America/Los_Angeles
        periods:
          type: array
          description: List of CompliancePeriodProgress.
          items:
            $ref: '#/components/schemas/CompliancePeriodProgress'
      description: Compliance periods along with SLO data availability progress.
    CompliancePeriodProgress:
      required:
      - endTime
      - irrecoverableError
      - progress
      - relativeReference
      - startTime
      type: object
      properties:
        relativeReference:
          type: integer
          description: Relative shift of compliance period from the latest/current
            compliance period.
          example: -1
        startTime:
          type: string
          description: Start time of the compliance period.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        endTime:
          type: string
          description: End time of the compliance period.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        progress:
          maximum: 100.0
          minimum: 0.0
          type: number
          description: SLO data availability progress.
          format: double
          example: 50.0
        irrecoverableError:
          type: boolean
          description: Whether a permanent error is encountered and no further progress
            is expected.
      description: SLO data availability progress of a compliance period.
    SliQueriesValidationResult:
      type: object
      properties:
        isValid:
          type: boolean
          description: Whether or not if queries are valid.
          example: false
        message:
          type: string
          description: Message from validation.
          example: Field fieldName not found, please check the spelling and try again.
          default: ''
      description: Validation result for the SLI queries.
    SliQueries:
      required:
      - queryGroup
      - queryType
      type: object
      properties:
        queryGroup:
          $ref: '#/components/schemas/SliQueryGroup'
        queryType:
          pattern: ^(Logs|Metrics)$
          type: string
          description: Type of queries for SLI (Logs/Metrics).
          example: Logs
          x-pattern-message: Must be `Logs` or `Metrics`
        evaluationType:
          pattern: ^(Window|Request|Monitor)$
          type: string
          description: SLI evaluation type.
          example: Window
          x-pattern-message: Must be `Window` or `Request` or `Monitor`
        windowSize:
          type: string
          description: Size of the SLI aggregation window (valid only for `Window`
            evaluation type).
          example: 15m
    IdToSliStatusMap:
      maxProperties: 1000
      type: object
      additionalProperties:
        $ref: '#/components/schemas/SliStatus'
      description: Map of SLO identifier to SliStatus object.
    SliStatus:
      required:
      - status
      type: object
      properties:
        status:
          pattern: ^(Success|Error|InProgress)$
          type: string
          description: Whether the SLI computation is complete / had an error / is
            in progress.
          example: Success
        sliPercentage:
          type: number
          description: SLI percentage for the compliance period. Available if `status`
            is `Success`.
          format: double
          example: 95.14
        errorBudgetRemainingPercentage:
          type: number
          description: Percentage of error budget remaining for the compliance period.
            Available if `status` is `Success`.
          format: double
        absoluteErrorBudgetRemaining:
          type: string
          description: Formatted string for the absolute error budget remaining (time
            duration for window-based SLIs, request count for request-based SLIs).
            Available if `status` is `Success`.
          example: 1h56m, -3h45m, -241.3k req, 1.5k req
        progressPercentage:
          type: number
          description: SLI computation progress.
          format: double
      description: Status of the SLI computation. If the status is successful, also
        contains the SLI value and error budget remaining for the current compliance
        period.
    SloUsageInfo:
      type: array
      description: The usage info of logs and metrics SLOs.
      items:
        $ref: '#/components/schemas/SloUsage'
    SloUsage:
      properties:
        sliType:
          pattern: ^(Logs|Metrics|Monitors)$
          type: string
          description: The type of SLO usage info (Logs/Metrics/Monitor based).
          example: Logs
          x-pattern-message: Either `Logs` or `Metrics` or `Monitors`.
        usage:
          type: integer
          description: Current number of active Logs/Metrics/Monitors SLOs.
          example: 100
        limit:
          type: integer
          description: The limit of active Logs/Metrics/Monitors SLOs.
          example: 100
      description: The usage info of SLOs.
    SloScanEstimatesResponse:
      type: object
      properties:
        scanEstimates:
          type: array
          description: Scan estimates by data tier for the SLO configuration.
          items:
            $ref: '#/components/schemas/TierEstimate_1'
      description: SLO scan estimates.
    TierEstimate_1:
      type: object
      properties:
        tier:
          type: string
          description: Name of the data tier
          example: Flex
        perDayInBytes:
          type: integer
          description: estimate data scanned per day in bytes
          format: int64
        perYearInBytes:
          type: integer
          description: estimate data scanned per year in bytes
          format: int64
      description: estimate for a tier
    PasswordPolicy:
      type: object
      properties:
        minLength:
          maximum: 128
          minimum: 8
          type: integer
          description: The minimum length of the password.
          format: int32
          example: 8
          default: 8
        maxLength:
          maximum: 128
          minimum: 128
          type: integer
          description: The maximum length of the password. (Setting this to any value
            other than 128 is no longer supported; this field may be deprecated in
            the future.)
          format: int32
          example: 128
          default: 128
        mustContainLowercase:
          type: boolean
          description: If the password must contain lower case characters.
          example: true
          default: true
        mustContainUppercase:
          type: boolean
          description: If the password must contain upper case characters.
          example: true
          default: true
        mustContainDigits:
          type: boolean
          description: If the password must contain digits.
          example: true
          default: true
        mustContainSpecialChars:
          type: boolean
          description: If the password must contain special characters.
          example: true
          default: true
        maxPasswordAgeInDays:
          maximum: 365
          minimum: -1
          type: integer
          description: Maximum number of days that a password can be used before user
            is required to change it. Put -1 if the user should not have to change
            their password.
          format: int32
          example: 365
          default: 365
        minUniquePasswords:
          maximum: 12
          minimum: 4
          type: integer
          description: The minimum number of unique new passwords that a user must
            use before an old password can be reused.
          format: int32
          example: 10
          default: 10
        accountLockoutThreshold:
          maximum: 10
          minimum: 3
          type: integer
          description: Number of failed login attempts allowed before account is locked-out.
          format: int32
          example: 6
          default: 6
        failedLoginResetDurationInMins:
          maximum: 10
          minimum: 1
          type: integer
          description: The duration of time in minutes that must elapse from the first
            failed login attempt after which failed login count is reset to 0.
          format: int32
          example: 10
          default: 10
        accountLockoutDurationInMins:
          maximum: 120
          minimum: 30
          type: integer
          description: The duration of time in minutes that a locked-out account remained
            locked before getting unlocked automatically.
          format: int32
          example: 30
          default: 30
        requireMfa:
          type: boolean
          description: If MFA should be required to log in. By default, this field
            is set to `false`.
          example: false
          default: false
        rememberMfa:
          type: boolean
          description: If MFA should be remembered on the browser.
          example: true
          default: true
        disallowWeakPasswords:
          type: boolean
          description: If weak passwords should be disallowed. By default, this field
            is set to `false`.
          example: false
          default: false
      description: Password Policy
    Path:
      required:
      - path
      - pathItems
      type: object
      properties:
        pathItems:
          type: array
          description: Elements of the path.
          items:
            $ref: '#/components/schemas/PathItem'
        path:
          type: string
          description: String representation of the path.
    PathItem:
      required:
      - id
      - name
      type: object
      properties:
        id:
          type: string
          description: Identifier of the path element.
        name:
          type: string
          description: Name of the path element.
        description:
          type: string
          description: Description of the path element.
    ContentCopyParams:
      required:
      - parentId
      type: object
      properties:
        parentId:
          type: string
          description: Identifier of the parent folder to copy to.
        name:
          type: string
          description: Optionally provide a new name.
        description:
          type: string
          description: Optionally provide a new description.
    ConfidenceScoreResponse:
      required:
      - confidenceScore
      type: object
      properties:
        confidenceScore:
          type: string
          description: List of confidence scores to the CSE Insights.
      description: CSE insight confidence score.
    CseInsightConfidenceRequest:
      required:
      - cseInsight
      type: object
      properties:
        cseInsight:
          type: string
          description: List of CSE Insight Created logs for which the confidence score
            should be calculated.
          example: '"[{\"timestamp\":\"1605562085024\",\"type\":\"event\",\"name\":\"insight_closed\",\"tenant_hash\":\"d130a603dea563686c911aa5d3f196881b1e6e7a\",\"created\":1605550459107,\"id\":\"ef444d0e-b1f0-351e-aae6-b608d2a4769c\",\"insight_threshold\":12,\"insight_lookback_days\":14,\"resolution\":\"Resolved\",\"source\":\"RULE\",\"entity_id\":\"2254232b-d7b4-567b-b4ce-61466b79e491\",\"entity_type\":\"username\",\"rule_ids\":[\"MATCH-U00018\"],\"mitre_tactics\":[\"Initial
            Access\"],\"signals\":[{\"rule_id\":\"MATCH-U00018\",\"mitre_tactic\":\"Initial
            Access\",\"timestamp\":\"1605549391000\",\"name_hash\":\"091d66fc35b6ad361d7525238d37319b06ff0bd5\",\"severity\":5,\"vendors\":[\"Proofpoint\"],\"products\":[\"Targeted
            Attack Protection\"],\"vendor_products\":[\"Proofpoint Targeted Attack
            Protection\"],\"object_types\":[\"Email\"]}]}]"'
      description: CSE insight JSON object.
    PaginatedListEndpoints:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: An array of endpoints.
          items:
            $ref: '#/components/schemas/EndpointResponse'
        next:
          type: string
          description: Next continuation token.
          example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
      description: List of open analytics endpoints.
    EndpointResponse:
      required:
      - id
      - inputSchema
      - name
      - outputSchema
      - url
      properties:
        id:
          type: string
          description: Identifier of endpoint.
          example: 00000000000001A5
        name:
          type: string
          description: Unique name of endpoint.
          example: linear_regression
        url:
          type: string
          description: Address of endpoint.
          example: http://my-aws-lambda/linear-regression/predict
        inputSchema:
          type: string
          description: Schema of the input table to endpoint.
          example: '[]'
        outputSchema:
          type: string
          description: Schema of the output table from endpoint.
          example: '[]'
      description: Endpoint response object.
    EndpointDefinition:
      required:
      - headers
      - inputSchema
      - name
      - outputSchema
      - url
      properties:
        name:
          type: string
          description: Unique name of endpoint.
          example: linear_regression
        url:
          type: string
          description: Address of endpoint.
          example: http://my-aws-lambda/linear-regression/predict
        inputSchema:
          type: string
          description: Schema of the input table to endpoint.
          example: '["field1", "field2"]'
        outputSchema:
          type: string
          description: Schema of the output table from endpoint.
          example: '["field1", "field2", "score"]'
        headers:
          type: string
          description: HTTP headers for endpoint.
          example: '[{"awsRegion": "us-west-2"}, {"serviceName": "execute-api"}, {"accessKey":
            "myAccessKey"}, {"secretKey": "mySecretKey"}]'
      description: Endpoint creation request object.
    SignalsRequest:
      required:
      - signalContext
      - signalTypes
      type: object
      properties:
        signalTypes:
          maxItems: 1
          minItems: 1
          type: array
          description: 'A list of signal types to compute. Can be `LogFluctuation`,
            `DimensionalityExplanation`, `GisBenchmark` or `Anomalies`

            '
          items:
            pattern: ^(LogFluctuation|DimensionalityExplanation|GisBenchmark|Anomalies)$|^$
            type: string
            x-pattern-message: Must be `LogFluctuation`, `DimensionalityExplanation`,
              `GisBenchmark` or `Anomalies`
        signalContext:
          $ref: '#/components/schemas/SignalContext'
      description: Signal Request object.
    SignalContext:
      required:
      - contextType
      type: object
      properties:
        contextType:
          pattern: ^(Alert)$|^$
          type: string
          description: Type of context of the request object.
          x-pattern-message: Must be `Alert`
      discriminator:
        propertyName: contextType
        mapping:
          Alert: '#/components/schemas/AlertSignalContext'
    SignalsJobResult:
      required:
      - isComplete
      - signals
      - warnings
      type: object
      properties:
        isComplete:
          type: boolean
          description: Whether the signal computing job finished.
          example: true
        signals:
          type: array
          description: Sequence of computed signals.
          items:
            $ref: '#/components/schemas/SignalsResponse'
        warnings:
          type: array
          description: List of warnings while computing signals.
          items:
            $ref: '#/components/schemas/WarningDetails'
      description: The job result containing the job status, computed signals and
        any warnings.
    SignalsResponse:
      required:
      - endTime
      - openInQueries
      - payload
      - signalId
      - signalType
      - startTime
      - summary
      type: object
      properties:
        signalType:
          pattern: ^(LogFluctuation|DimensionalityExplanation|GisBenchmark|Anomalies)$|^$
          type: string
          description: 'The type of the signal to compute. Can be `LogFluctuation`,
            `DimensionalityExplanation`, `GisBenchmark` or `Anomalies`

            '
          x-pattern-message: Must be `LogFluctuation`, `DimensionalityExplanation`,
            `GisBenchmark` or `Anomalies`
        signalId:
          type: string
          description: The id for the signal result in hex format.
          example: 00000000F5000634
        startTime:
          type: string
          description: Start time of the signal.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        endTime:
          type: string
          description: End time of the signal.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        summary:
          type: string
          description: Description of the payload.
          example: Variation in the logs
        payload:
          type: string
          description: Json string for computed signal.
        openInQueries:
          type: array
          description: Raw data queries for the computed signal.
          items:
            $ref: '#/components/schemas/OpenInQuery'
      description: Signal response object.
    OpenInQuery:
      required:
      - endTime
      - query
      - startTime
      type: object
      properties:
        query:
          $ref: '#/components/schemas/Query'
        startTime:
          type: string
          description: Start time of the query.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        endTime:
          type: string
          description: End time of the query.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
      description: Raw data query for the computed signal.
    WarningDetails:
      required:
      - code
      - detail
      - message
      type: object
      properties:
        code:
          type: string
          description: Warning code.
        message:
          type: string
          description: Warning message.
        detail:
          type: string
          description: Details related to warning.
      description: Warning while computing signals.
    ListServiceAccountModelsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of service accounts.
          items:
            $ref: '#/components/schemas/ServiceAccountModel'
    ServiceAccountModel:
      type: object
      allOf:
      - $ref: '#/components/schemas/CreateServiceAccountDefinition'
      - $ref: '#/components/schemas/MetadataModel'
      - required:
        - id
        properties:
          id:
            type: string
            description: Unique identifier for the service account.
            example: 000000000FE20FE2
          isActive:
            type: boolean
            description: True if the service account is active.
            example: true
    CreateServiceAccountDefinition:
      required:
      - email
      - name
      - roleIds
      type: object
      properties:
        name:
          maxLength: 128
          minLength: 0
          type: string
          description: Name of the service account.
          example: Service Account
        email:
          maxLength: 255
          type: string
          description: Email address of the service account.
          format: email
          example: johndoe@acme.com
        roleIds:
          type: array
          description: List of roleIds associated with the service account.
          example:
          - 00000000000001DF
          - 00000000000002D2
          items:
            type: string
    UpdateServiceAccountDefinition:
      type: object
      properties:
        name:
          maxLength: 128
          minLength: 0
          type: string
          description: Name of the service account.
          example: Service Account
        isActive:
          type: boolean
          description: This has the value `true` if the service account is active
            and `false` if it has been deactivated.
          example: true
        roleIds:
          type: array
          description: List of role identifiers associated with the service account.
          example:
          - 00000000000001DF
          - 00000000000002D2
          items:
            type: string
        email:
          maxLength: 255
          type: string
          description: New email address of the service account.
          format: email
          example: johndoe@acme.com
    PaginatedListOAuthConsentsResult:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: An array of OAuth consents.
          items:
            $ref: '#/components/schemas/OAuthConsent'
        next:
          type: string
          description: Next continuation token.
          example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
      description: List of OAuth consents.
    OAuthConsent:
      required:
      - authorizedAt
      - authorizedUser
      - clientId
      - clientName
      - id
      - scopes
      type: object
      properties:
        id:
          type: string
          description: Unique identifier for the consent.
          example: 0000000006743FDE
        clientId:
          type: string
          description: The ID of the registered client that was used in granting consent.
          example: zVplCFHcpTDwtktBIQmFI2K6s9HEo4HAtcQD1f1M5eQ
        clientName:
          type: string
          description: The name of the registered client that was used in granting
            consent.
          example: My OAuth App
        authorizedAt:
          type: string
          description: Timestamp when the consent was authorized in UTC in RFC3339
            format.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        authorizedUser:
          type: string
          description: Identifier of the user who authorized the consent.
          example: 0000000006743FDD
        lastUsedAt:
          type: string
          description: Timestamp when the consent was last used to grant an access
            token in UTC in RFC3339 format. Null if never used.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        scopes:
          type: array
          description: The scopes that were granted in the consent.
          example:
          - manageUsersAndRoles
          - viewCollectors
          items:
            type: string
      description: An OAuth consent granted by a user.
    ListSCIMUserModelsResponse:
      type: object
      properties:
        totalResults:
          type: integer
          description: Total number of users that match the filter criteria
          example: 100
        startIndex:
          minimum: 0
          type: integer
          description: The index of the first returned result
          format: int32
          example: 0
          default: 0
        itemsPerPage:
          type: integer
          description: The number of results returned in this page
          example: 10
        Resources:
          type: array
          description: List of SCIM user resources
          items:
            $ref: '#/components/schemas/SCIMUserModel'
    SCIMUserModel:
      type: object
      allOf:
      - $ref: '#/components/schemas/SCIMCreateUserDefinition'
      - required:
        - id
        properties:
          id:
            type: string
            description: Unique SCIM identifier for the user
            example: 000000000FE20FE2
          active:
            type: boolean
            description: True if the user is active
            example: true
          meta:
            $ref: '#/components/schemas/ResourceData'
    SCIMCreateUserDefinition:
      required:
      - emails
      - name
      - roles
      - schemas
      - userName
      type: object
      properties:
        schemas:
          type: array
          description: Defines the SCIM schemas for the user
          example:
          - urn:ietf:params:scim:schemas:core:2.0:User
          items:
            type: string
        userName:
          maxLength: 64
          type: string
          description: Unique identifier for the user (email)
          example: jdoe@example.com
        name:
          $ref: '#/components/schemas/NameInfo'
        emails:
          type: array
          description: Sumo logic accepts only one email address
          items:
            type: object
            properties:
              value:
                type: string
                format: email
                example: jdoe@example.com
              type:
                type: string
                example: work
              primary:
                type: boolean
                example: true
                default: true
        roles:
          type: array
          description: roles should exactly match with role names within sumologic.
            `roles` can be either `Array of strings` or `Array of objects` as shown
            in the payload. `primary` always set to 'true' as sumologic doesn't have
            a concept of primary/secondary roles
          example:
          - - role1
            - role2
          - - value: role1
              primary: true
            - value: role2
              primary: true
          items: {}
    NameInfo:
      required:
      - familyName
      - givenName
      type: object
      properties:
        givenName:
          type: string
          description: Given name of the user (firstName)
          example: John
        familyName:
          type: string
          description: Family name of the user (lastName)
          example: Doe
    ResourceData:
      type: object
      properties:
        resourceType:
          type: string
          description: The name of the resource type of the resource
          example: User
        created:
          type: string
          description: Creation timestamp in date-time format
          format: date-time
          example: 2024-01-01 12:00:00+00:00
        lastModified:
          type: string
          description: Last modification timestamp in date-time format
          format: date-time
          example: 2024-01-01 12:00:00+00:00
      description: Resource meta data of a user
    ErrorResponseScim:
      required:
      - schemas
      - status
      type: object
      properties:
        status:
          type: integer
          description: The HTTP status code.
          example: 409
        schemas:
          type: array
          description: Defines the SCIM schemas for the user
          example:
          - urn:ietf:params:scim:schemas:core:2.0:User
          items:
            type: string
        scimType:
          type: string
          description: A SCIM detail error keyword.
          example: uniqueness
        detail:
          type: string
          description: An optional fuller English-language description of the error.
          example: Your password was 5 characters long, the minimum length is 12 characters.
            See http://example.com/password for more information.
    SCIMUpdateUserDefinition:
      required:
      - active
      - emails
      - name
      - roles
      - schemas
      type: object
      properties:
        schemas:
          type: array
          description: Defines the SCIM schemas for the user
          example:
          - urn:ietf:params:scim:schemas:core:2.0:User
          items:
            type: string
        name:
          $ref: '#/components/schemas/NameInfo'
        active:
          type: boolean
          description: Indicates if the user is active
          example: true
        emails:
          type: array
          description: Sumo logic accepts only one email address
          items:
            type: object
            properties:
              value:
                type: string
                format: email
                example: jdoe@example.com
              type:
                type: string
                example: work
              primary:
                type: boolean
                example: true
                default: true
        roles:
          type: array
          description: roles should exactly match with role names within sumologic.
            `roles` can be either `Array of strings` or `Array of objects` as shown
            in the payload. `primary` always set to 'true' as sumologic doesn't have
            a concept of primary/secondary roles
          example:
          - - role1
            - role2
          - - value: role1
              primary: true
            - value: role2
              primary: true
          items: {}
    SCIMPatchUserDefinition:
      required:
      - Operations
      - schemas
      type: object
      properties:
        schemas:
          type: array
          description: Defines the SCIM schemas for the patch operation
          example:
          - urn:ietf:params:scim:api:messages:2.0:PatchOp
          items:
            type: string
        Operations:
          type: array
          description: Updates one or more attributes of a SCIM resource using a sequence
            of operations
          items:
            type: object
            properties:
              op:
                pattern: (?i)^(replace|add|remove)$
                type: string
                description: Supports 'add', 'replace' and 'remove' operations
                example: replace
                x-pattern-message: '`replace`, `add`, `remove`'
              path:
                type: string
                description: Attribute path to modify
                example: name.familyName
              value:
                type: object
                allOf:
                - type: object
                  properties:
                    value:
                      type: string
                - type: object
                  properties:
                    value:
                      type: array
                      items:
                        type: string
    MetricsQueryResponse:
      required:
      - errors
      - queryResults
      type: object
      properties:
        queryResult:
          type: array
          description: A list of the time series returned by metric query.
          items:
            $ref: '#/components/schemas/TimeSeriesRow'
        errors:
          type: object
          description: Errors, warnings, and information logged for the query.
          example:
            id: AXDUI-DGH5I-TJ045
            errors:
            - code: metrics:incomplete_results
              message: Incomplete results
          allOf:
          - $ref: '#/components/schemas/ErrorResponse'
    TimeSeriesRow:
      required:
      - rowId
      - timeSeriesList
      type: object
      properties:
        rowId:
          type: string
          description: Row id for the query row as specified in the request.
          example: A
        timeSeriesList:
          $ref: '#/components/schemas/TimeSeriesList'
    TimeSeriesList:
      required:
      - timeSeries
      type: object
      properties:
        timeSeries:
          type: array
          description: A list of timeseries returned by corresponding query.
          items:
            $ref: '#/components/schemas/TimeSeries'
        unit:
          type: string
          description: Unit of the query.
          example: 1/second
        timeShiftLabel:
          type: string
          description: Time shift value if specified in request in human readable
            format.
          example: -1h
        resultContext:
          $ref: '#/components/schemas/MetricsQueryResultContext'
    TimeSeries:
      required:
      - metricDefinition
      - points
      type: object
      properties:
        metricDefinition:
          $ref: '#/components/schemas/MetricDefinition'
        points:
          $ref: '#/components/schemas/Points'
    MetricDefinition:
      type: object
      properties:
        metric:
          type: string
          description: Name of the metric returning the timeseries.
          example: CPU_Total
        dimensions:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Metric dimensions / metadata related to each timeseries.
          example:
            _sourceHost: us2-alert-1
            _sourceCategory: alert
    Points:
      required:
      - timestamps
      - values
      type: object
      properties:
        timestamps:
          type: array
          description: Array of timestamps of datapoints in milliseconds.
          items:
            type: integer
            format: int64
            example: 1623258710000
        values:
          type: array
          description: Array of values of datapoints corresponding to timestamp array.
          items:
            type: number
            format: double
            example: 1.5
      description: The `values` and `timestamps` are of the same length, and points
        are sorted by time ascending.
    MetricsQueryResultContext:
      type: object
      properties:
        quantizationGranularity:
          type: integer
          description: Quantization granularity. Size of the quantization bucket/quant
            in milliseconds.
          format: int64
          example: 30000
        rollup:
          pattern: ^(Avg|Sum|Min|Max|Count|Rate)$|^$
          type: string
          description: We use the term rollup to refer to the aggregation function
            Sumo Logic uses when quantizing metrics. Can be `Avg`, `Sum`, `Min`, `Max`,
            `Count` or `Rate`.
          example: Avg
        actualQueryTimeRange:
          $ref: '#/components/schemas/Iso8601TimeRange'
    MetricsQueryRequest:
      required:
      - queries
      - timeRange
      type: object
      properties:
        queries:
          minItems: 1
          type: array
          description: A list of metrics queries.
          items:
            $ref: '#/components/schemas/MetricsQueryRow'
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
      description: A list of metrics queries to run along with the time range for
        the query.
    MetricsQueryRow:
      required:
      - query
      - rowId
      type: object
      properties:
        rowId:
          pattern: '[A-Z]'
          type: string
          description: Row id for the query row, A to Z letter.
          example: A
          x-pattern-message: Row id must be one character long and must be an upper
            case letter between A and Z
        query:
          maxLength: 3000
          minLength: 3
          type: string
          description: "A metric query consists of a metric, one or more filters and\
            \ optionally, one or more [Metrics Operators](https://help.sumologic.com/?cid=10144).\
            \ Strictly speaking, both filters and operators are optional.\n\nMost\
            \ of the [Metrics Operators](https://help.sumologic.com/?cid=10144) are\
            \ allowed in the query string except `fillmissing`, `outlier`, `quantize`\
            \ and `timeshift`.\n\n  * `fillmissing`: Not supported in API.\n  * `outlier`:\
            \ Not supported in API.\n  * `quantize`: Only supported through `quantization`\
            \ param.\n  * `timeshift`: Only supported through `timeshift` param.\n\
            \n\nIn practice, your metric queries will almost always contain filters\
            \ that narrow the scope of your query. For more information about the\
            \ query language see [Metrics Queries](https://help.sumologic.com/?cid=1079)."
          example: metric=CPU_Idle
        quantization:
          minimum: 1
          type: integer
          description: Segregates time series data by time period. This allows you
            to create aggregated results in buckets of fixed intervals (for example,
            5-minute intervals). The value is in milliseconds.
          format: int64
          example: 60000
        rollup:
          pattern: ^(Count|Min|Max|Sum|Avg|None)$|^$
          type: string
          description: We use the term rollup to refer to the aggregation function
            Sumo Logic uses when quantizing metrics. Can be `Avg`, `Sum`, `Min`, `Max`,
            `Count` or `None`.
          example: Avg
          x-pattern-message: Must be `Avg`, `Sum`, `Min`, `Max`, `Count` or `None`
        timeshift:
          type: integer
          description: Shifts the time series from your metrics query by the specified
            amount of time. This can help when comparing a time series across multiple
            time periods. Specified as a signed duration in milliseconds.
          format: int64
          example: -3600000
    CreateTraceQueryResponse:
      required:
      - queryId
      type: object
      properties:
        queryId:
          type: string
          description: Id of the created query
          example: cafaebf2f4f8320f
    AsyncTraceQueryRequest:
      required:
      - queryRows
      - timeRange
      type: object
      properties:
        queryRows:
          type: array
          description: A list of trace queries.
          items:
            $ref: '#/components/schemas/AsyncTraceQueryRow'
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
    AsyncTraceQueryRow:
      required:
      - query
      - rowId
      type: object
      properties:
        query:
          $ref: '#/components/schemas/TraceQueryExpression'
        rowId:
          maxLength: 16
          type: string
          description: An identifier used to reference this particular row of the
            query request while fetching a query result. Within a query, row ids must
            have distinct values.
          example: '#A'
        orderBy:
          $ref: '#/components/schemas/OrderBy'
    OrderBy:
      required:
      - fieldName
      - order
      type: object
      properties:
        fieldName:
          maxLength: 32
          minLength: 1
          type: string
          description: 'Field based on which results should be sorted. When not provided,
            the default behavior is to sort by timestamp descending. Sortable fields
            values: `trace_id`, `start_timestamp`, `duration`, `spans_number`, `errors`,
            `status_code`.'
          example: start_timestamp
        order:
          pattern: ^(Asc|Desc)$
          type: string
          description: Type of sorting values - descending or ascending.
          example: Asc
          default: Desc
          x-pattern-message: should be either 'Asc' or 'Desc'
    TraceQueryStatusResponse:
      required:
      - queryRows
      - status
      type: object
      properties:
        queryRows:
          type: array
          description: A list of trace queries.
          items:
            $ref: '#/components/schemas/TraceQueryRowStatus'
        status:
          pattern: ^(Processing|Finished|Error|Canceled)$
          type: string
          description: 'Status of the query. Possible values: `Processing`, `Finished`,
            `Error`, `Canceled`.'
          example: Processing
          x-pattern-message: Should be either `Processing`, `Finished`, `Error`, `Canceled`.
    TraceQueryRowStatus:
      required:
      - count
      - rowId
      - status
      type: object
      properties:
        rowId:
          type: string
          description: A unique identifier of the query.
          example: A
        status:
          pattern: ^(Processing|Finished|Error|Canceled)$
          type: string
          description: 'Status of the query. Possible values: `Processing`, `Finished`,
            `Error`, `Canceled`.'
          example: Processing
          x-pattern-message: Should be either `Processing`, `Finished`, `Error`, `Canceled`.
        statusMessage:
          type: string
          description: Descriptive message of the status
          example: Finished successfully
        count:
          minimum: 0
          type: integer
          description: Number of results matching the query
          format: int64
          example: 3215
    TraceQueryResultResponse:
      required:
      - results
      type: object
      properties:
        results:
          type: array
          description: List of traces matching the query.
          items:
            $ref: '#/components/schemas/TraceDetail'
        next:
          type: string
          description: Next continuation token.
          example: '10001'
    TraceDetail:
      required:
      - id
      type: object
      properties:
        id:
          type: string
          description: Trace identifier.
          example: 00000000000120CB
        rootService:
          type: string
          description: 'Root service which started the trace. Examples: `user-service`,
            `authentication-service`, `payment-service`, `/shopping-cart`'
          example: user-service
        rootResource:
          type: string
          description: 'Root resource on which the trace was started. Examples: `db.query`,
            `http.request`, `rpc.call`, `container`'
          example: http.request
        rootStatus:
          $ref: '#/components/schemas/TraceSpanStatus'
        rootOperationName:
          type: string
          description: The name of the operation given to the root span.
          example: retrieveAccount
        metrics:
          maxProperties: 1000
          type: object
          additionalProperties:
            $ref: '#/components/schemas/DoubleTracingValue'
          description: Calculated trace metrics.
          example:
            _duration: 143984411
        startedAt:
          type: string
          description: Date and time the trace was started in [ISO 8601 / RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
          example: 2019-11-22 09:00:00+00:00
        criticalPathServiceBreakdownSummary:
          $ref: '#/components/schemas/CriticalPathServiceBreakdownSummary'
    TraceSpanStatus:
      required:
      - code
      type: object
      properties:
        code:
          type: string
          description: 'Status code of the span. Possible values: `OK`, `ERROR`, `UNKNOWN`.'
          example: OK
        message:
          type: string
          description: Optional descriptive message about the status, could be an
            http status code or the kind of an error, e.g. OSError.
          example: '404'
    CriticalPathServiceBreakdownSummary:
      required:
      - elements
      - idleTime
      - otherServicesDuration
      type: object
      properties:
        elements:
          type: array
          description: List of the elements representing the critical path service
            duration breakdown - contains the first few services with the longest
            overall duration of the spans contributing to the critical path.
          items:
            $ref: '#/components/schemas/CriticalPathServiceBreakdownElementBase'
        otherServicesDuration:
          type: integer
          description: Overall processing time in nanoseconds consumed by the rest
            of the spans in the critical path (a sum of the duration times of the
            spans' critical path segments).
          format: int64
          example: 12957153
        idleTime:
          type: integer
          description: Overall time in nanoseconds when no particular operation was
            in progress.
          format: int64
          example: 60000000
    CriticalPathServiceBreakdownElementBase:
      required:
      - duration
      type: object
      properties:
        service:
          type: string
          description: The name of the service.
          example: user-service
        serviceColor:
          type: string
          description: Color hex code assigned to the service.
          example: '#fa41c6'
        duration:
          type: integer
          description: Overall processing time in nanoseconds consumed by the spans
            belonging to this service in the critical path (a sum of the duration
            times of the spans' critical path segments).
          format: int64
          example: 12957153
    TraceMetricsResponse:
      required:
      - metrics
      type: object
      properties:
        metrics:
          type: array
          description: List of trace metrics.
          items:
            $ref: '#/components/schemas/TraceMetricDetail'
    TraceMetricDetail:
      required:
      - metric
      - type
      type: object
      properties:
        metric:
          type: string
          description: Trace metric name. In trace queries it can be used in `MetricTracingFilter.metric`.
          example: _duration
        description:
          type: string
          description: Short description of the metric.
          example: The duration of a trace in nanoseconds.
        type:
          type: string
          description: 'The type the values of this field will have. Possible values:
            `DoubleTracingValue`, `IntegerTracingValue`.'
          example: IntegerTracingValue
    TraceFieldsResponse:
      required:
      - fields
      type: object
      properties:
        fields:
          type: array
          description: List of filter fields.
          items:
            $ref: '#/components/schemas/TraceFieldDetail'
    TraceFieldDetail:
      required:
      - field
      - fieldType
      - type
      type: object
      properties:
        field:
          type: string
          description: Filter field name.
          example: operation
        fieldType:
          pattern: ^(SpanAttribute|SpanEventAttribute)$
          type: string
          description: 'Indicates the kind of a field. Possible values: `SpanAttribute`,
            `SpanEventAttribute`.'
          example: SpanEventAttribute
          default: SpanAttribute
          x-pattern-message: 'Should be one of: `SpanAttribute`, `SpanEventAttribute`.'
        valueListing:
          type: boolean
          description: Indicates whether values for this field can be listed.
          example: false
        description:
          type: string
          description: Short description of the field.
          example: A piece of the workflow represented by a span
        type:
          type: string
          description: 'The type the values of this field will have. Possible values:
            `DoubleTracingValue`, `IntegerTracingValue`, `StringTracingValue`, `DateTimeTracingValue`.'
          example: StringTracingValue
        noValuesReason:
          $ref: '#/components/schemas/NoTraceFieldValuesReason'
    NoTraceFieldValuesReason:
      required:
      - code
      - message
      type: object
      properties:
        code:
          pattern: ^(HighCardinalityField|AutocompleteDisabled)$
          type: string
          description: 'A code uniquely identifying the reason for the lack of trace
            field values. Possible values: `HighCardinalityField`, `AutocompleteDisabled`.'
          example: HighCardinalityField
          x-pattern-message: Should be either `HighCardinalityField`, `AutocompleteDisabled`.
        message:
          type: string
          description: A short English-language description of the reason.
          example: Autocomplete has been disabled for this field due to high cardinality.
    TraceFieldValuesResponse:
      required:
      - fieldValues
      - totalCount
      type: object
      properties:
        fieldValues:
          type: array
          description: List of filter field values.
          items:
            type: string
        totalCount:
          type: integer
          description: Total number of values for a field matching the query. Can
            be approximated when it's above 3000.
          format: int64
          example: 1234
        next:
          type: string
          description: Next continuation token.
          example: Mi93V0ZqTTBzaW89
    CreateCpcQueryResponse:
      required:
      - queryId
      type: object
      properties:
        queryId:
          type: string
          description: The id of the created query.
          example: cafaebf2f4f8320f
    CpcQueryRequest:
      required:
      - queryRows
      - timeRange
      type: object
      properties:
        queryRows:
          type: array
          description: A list of cpc queries.
          items:
            $ref: '#/components/schemas/CpcQueryRow'
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
    CpcQueryRow:
      required:
      - query
      - rowId
      type: object
      properties:
        query:
          $ref: '#/components/schemas/TraceQueryExpression'
        rowId:
          maxLength: 16
          type: string
          description: An identifier used to reference this particular row of the
            query request while fetching a query result. Within a query, row ids must
            have distinct values.
          example: '#A'
    CpcQueryStatusResponse:
      required:
      - queryRows
      - status
      type: object
      properties:
        queryRows:
          type: array
          description: A list of statuses on a per query row basis.
          items:
            $ref: '#/components/schemas/CpcQueryRowStatus'
        status:
          pattern: ^(Processing|Finished|Error|Canceled)$
          type: string
          description: 'Status of the query. Possible values: `Processing`, `Finished`,
            `Error`, `Canceled`.'
          example: Processing
          x-pattern-message: Should be either `Processing`, `Finished`, `Error`, `Canceled`.
    CpcQueryRowStatus:
      required:
      - buckets
      - rowId
      - status
      type: object
      properties:
        rowId:
          type: string
          description: A unique identifier of the query.
          example: A
        buckets:
          type: array
          description: A list of CPC query statuses on a per time bucket basis.  Each
            status corresponds to the status of calculating aggregated CPC data from
            a sample of traces  matching search criteria falling within a specific
            time slice.
          items:
            $ref: '#/components/schemas/CpcQueryBucketStatus'
        status:
          pattern: ^(Processing|Finished|Error|Canceled)$
          type: string
          description: 'Status of the query. Possible values: `Processing`, `Finished`,
            `Error`, `Canceled`.'
          example: Processing
          x-pattern-message: Should be either `Processing`, `Finished`, `Error`, `Canceled`.
    CpcQueryBucketStatus:
      required:
      - bucketId
      - status
      type: object
      properties:
        bucketId:
          type: string
          description: A unique identifier of the bucket.
          example: A
        status:
          pattern: ^(Processing|Finished|Error|Canceled)$
          type: string
          description: 'Status of the query. Possible values: `Processing`, `Finished`,
            `Error`, `Canceled`.'
          example: Processing
          x-pattern-message: Should be either `Processing`, `Finished`, `Error`, `Canceled`.
        statusMessage:
          type: string
          description: Descriptive message of the status.
          example: Finished successfully
    CpcQueryResultResponse:
      required:
      - buckets
      type: object
      properties:
        buckets:
          type: array
          description: A list of CPC query results on a per time bucket basis.  Each
            bucket result corresponds to the aggregated CPC data from a sample of
            traces matching search criteria falling within a specific time slice.
          items:
            $ref: '#/components/schemas/CpcQueryBucketResult'
    CpcQueryBucketResult:
      required:
      - avgTraceDuration
      - bucketId
      - idleTimeCpcSummary
      - length
      - otherServicesCpcSummary
      - perServiceCpcSummaries
      - startTimestamp
      - totalNumOfTraces
      type: object
      properties:
        bucketId:
          type: string
          description: A unique identifier of a time bucket.
          example: bucket1
        startTimestamp:
          type: string
          description: A start of the time bucket in the [ISO 8601 / RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
          example: 2021-04-19 17:36:57.476230+00:00
        length:
          type: integer
          description: The length of a time bucket expressed in milliseconds.
          format: int64
          example: 60000
        totalNumOfTraces:
          type: integer
          description: The total number of traces matching the search criteria based
            on which the CPC data is aggregated.
          format: int64
          example: 500
        avgTraceDuration:
          type: number
          description: The average duration in nanoseconds of the traces matching
            the search criteria  based on which the CPC data is aggregated.
          format: double
          example: 5000
        perServiceCpcSummaries:
          type: array
          description: The summary of aggregated Critical Path Contribution data on
            a per service basis.  Each element of the array corresponds to a summary
            for a specific service.
          items:
            $ref: '#/components/schemas/CpcServiceSummary'
        otherServicesCpcSummary:
          $ref: '#/components/schemas/CpcSummary'
        idleTimeCpcSummary:
          $ref: '#/components/schemas/CpcSummary'
    CpcServiceSummary:
      required:
      - color
      - cpcSummary
      - service
      type: object
      properties:
        service:
          type: string
          description: The name of the service.
          example: user-service
        color:
          type: string
          description: The color hex code assigned to the service.
          example: '#fa41c6'
        cpcSummary:
          $ref: '#/components/schemas/CpcSummary'
    CpcSummary:
      required:
      - avgPercentageInTrace
      - avgTimeInTrace
      - numOfTraces
      - totalTimeTaken
      type: object
      properties:
        numOfTraces:
          type: integer
          description: The total number of traces matching the search criteria for
            a given service  based on which the CPC data is aggregated.
          format: int64
          example: 200
        avgPercentageInTrace:
          type: number
          description: The total fraction (value between 0.0 and 1.0) of the trace
            duration time consumed  by a given service (or a group of services) in
            the critical path of analyzed traces.
          format: double
          example: 0.24
        avgTimeInTrace:
          type: number
          description: The average time in nanoseconds spent by a given service (or
            a group of services) in the critical path of analyzed traces.
          format: double
          example: 520000
        totalTimeTaken:
          type: integer
          description: The total time in nanoseconds spent by a given service (or
            a group of services) in the critical path  of analyzed traces.
          format: int64
          example: 600000
    CpcQueryResultRequest:
      required:
      - bucketIds
      type: object
      properties:
        bucketIds:
          type: array
          description: A list of the identifiers of CPC query buckets for which aggregated
            Critical Path Contribution data should be fetched.
          example:
          - bucket1
          - bucket2
          items:
            type: string
    CreateAggregationQueryResponse:
      required:
      - queryId
      type: object
      properties:
        queryId:
          type: string
          description: The id of the created query.
          example: cafaebf2f4f8320f
    AggregationQueryRequest:
      required:
      - queryRows
      - timeRange
      - xAxisGroupByAttribute
      type: object
      properties:
        queryRows:
          type: array
          description: A list of tracing queries.
          items:
            $ref: '#/components/schemas/AggregationQueryRow'
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
        xAxisGroupByAttribute:
          $ref: '#/components/schemas/AggregationGroupByAttribute'
    AggregationQueryRow:
      required:
      - query
      - rowId
      type: object
      properties:
        query:
          $ref: '#/components/schemas/TraceQueryExpression'
        rowId:
          maxLength: 16
          type: string
          description: An identifier used to reference this particular row of the
            query request while fetching a query result. Within a query, row ids must
            have distinct values.
          example: '#A'
    AggregationGroupByAttribute:
      required:
      - attributeType
      type: object
      properties:
        attributeType:
          type: string
          description: Attribute type of the object model.
      description: Base group by attribute object.
      discriminator:
        propertyName: attributeType
    AggregationQueryStatusResponse:
      required:
      - queryRows
      - status
      type: object
      properties:
        queryRows:
          type: array
          description: A list of statuses on a per query row basis.
          items:
            $ref: '#/components/schemas/AggregationQueryRowStatus'
        status:
          pattern: ^(Processing|Finished|Error|Canceled)$
          type: string
          description: 'Status of the query. Possible values: `Processing`, `Finished`,
            `Error`, `Canceled`.'
          example: Processing
          x-pattern-message: Should be either `Processing`, `Finished`, `Error`, `Canceled`.
        statusMessage:
          type: string
          description: Descriptive message of the status.
          example: Finished successfully
    AggregationQueryRowStatus:
      required:
      - rowId
      - status
      type: object
      properties:
        rowId:
          type: string
          description: A unique identifier of the query.
          example: A
        status:
          pattern: ^(Processing|Finished|Error|Canceled)$
          type: string
          description: 'Status of the query. Possible values: `Processing`, `Finished`,
            `Error`, `Canceled`.'
          example: Processing
          x-pattern-message: Should be either `Processing`, `Finished`, `Error`, `Canceled`.
        statusMessage:
          type: string
          description: Descriptive message of the status.
          example: Finished successfully
    AggregationQueryResultResponse:
      required:
      - buckets
      type: object
      properties:
        buckets:
          type: array
          description: A list of an aggregation query results on a per bucket basis.  Each
            bucket result corresponds to the number of trace query results falling
            into the bucket.
          items:
            $ref: '#/components/schemas/AggregationQueryBucketResult'
    AggregationQueryBucketResult:
      required:
      - bucketKey
      - bucketValue
      type: object
      properties:
        bucketKey:
          $ref: '#/components/schemas/BucketKey'
        bucketValue:
          $ref: '#/components/schemas/BucketValue'
    BucketKey:
      required:
      - bucketKeyType
      type: object
      properties:
        bucketKeyType:
          type: string
          description: Bucket value type of the object model.
      description: Base bucket key object.
      discriminator:
        propertyName: bucketKeyType
    BucketValue:
      required:
      - bucketValueType
      - traceCount
      type: object
      properties:
        bucketValueType:
          type: string
          description: Bucket value type of the object model.
        traceCount:
          type: integer
          description: The number of traces per bucket.
          format: int64
          example: 42
      description: Base bucket value object.
      discriminator:
        propertyName: bucketValueType
    TraceExistsResponse:
      required:
      - exists
      type: object
      properties:
        exists:
          type: boolean
          description: Indicates whether the trace with the given trace id exists.
          example: true
        url:
          type: string
          description: A path to the trace view page in Sumo Logic UI.
          example: '#/trace/00000000000120CB'
    TraceSpansResponse:
      required:
      - spans
      - totalCount
      type: object
      properties:
        spanPage:
          type: array
          description: List of trace spans.
          items:
            $ref: '#/components/schemas/TraceSpan'
        totalCount:
          type: integer
          description: Total count of spans for this trace.
          format: int64
          example: 1234
        next:
          type: string
          description: Next continuation token.
          example: dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI
    TraceSpan:
      required:
      - duration
      - id
      - operationName
      - startedAt
      - status
      type: object
      properties:
        id:
          type: string
          description: Identifier of the span.
          example: 00000000002317A9
        parentId:
          type: string
          description: Identifier of the parent span, if any. If the span has no parent
            it's considered a root span.
          example: 000000000003C7BE
        operationName:
          type: string
          description: The name of the operation given to the span.
          example: retrieveAccount
        resource:
          type: string
          description: The name of the resource attached to the span.
          example: http.request
        service:
          type: string
          description: The name of the service this span is part of.
          example: user-service
        serviceColor:
          type: string
          description: Color hex code assigned to the service.
          example: '#fa41c6'
        serviceType:
          $ref: '#/components/schemas/ServiceType'
        duration:
          type: integer
          description: Number of nanoseconds the span lasted.
          format: int64
          example: 212957153
        startedAt:
          type: string
          description: Date and time the span was started in the [ISO 8601 / RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
          example: 2019-11-22 09:00:00+00:00
        status:
          $ref: '#/components/schemas/TraceSpanStatus'
        kind:
          pattern: ^(CLIENT|SERVER|PRODUCER|CONSUMER|INTERNAL)$
          type: string
          description: 'Span kind describes the relationship between the Span, its
            parents, and its children in a Trace. Possible values: `CLIENT`, `SERVER`,
            `PRODUCER`, `CONSUMER`, `INTERNAL`.'
          example: SERVER
          x-pattern-message: Should be either `CLIENT`, `SERVER`, `PRODUCER`, `CONSUMER`
            or `INTERNAL`.
        remoteService:
          type: string
          description: Name of the possible remote span's service.
          example: external-service
        remoteServiceColor:
          type: string
          description: Color hex code assigned to the remote service.
          example: '#fa41c6'
        remoteServiceType:
          $ref: '#/components/schemas/ServiceType'
        info:
          $ref: '#/components/schemas/TraceSpanInfo'
        numberOfLinks:
          type: integer
          description: Number of span links in this span.
          format: int32
          example: 2
    ServiceType:
      pattern: ^(Db|HTTP|MQ|Web|Mixed|Unknown|Cpp|DotNET|Erlang|Go|Java|NodeJS|Php|Python|Ruby|WebJS|Swift|MSSQL|MySQL|Oracle|Db2|PostgreSQL|Redshift|Hive|Cloudscape|HSQLDB|Progress|MaxDB|HANADB|Ingres|FirstSQL|EnterpriseDB|Cache|Adabas|Firebird|ApacheDerby|FileMaker|Informix|InstantDB|InterBase|MariaDB|Netezza|PervasivePSQL|PointBase|SQLite|Sybase|Teradata|Vertica|H2|ColdFusion|Cassandra|HBase|MongoDB|Redis|Couchbase|CouchDB|CosmosDB|DynamoDB|Neo4j|Geode|Elasticsearch|Memcached|CockroachDB|RPC|gRPC|JavaRMI|DotNETWCF|ApacheDubbo)$
      type: string
      description: Defines type of service.
      example: HTTP
      x-pattern-message: Should be either `Db`, `HTTP`, `MQ`, `Web`, `Mixed`, `Unknown`,
        `Cpp`, `DotNET`, `Erlang`, `Go`, `Java`, `NodeJS`, `Php`, `Python`, `Ruby`,
        `WebJS`, `Swift`, `MSSQL`, `MySQL`, `Oracle`, `Db2`, `PostgreSQL`, `Redshift`,
        `Hive`, `Cloudscape`, `HSQLDB`, `Progress`, `MaxDB`, `HANADB`, `Ingres`, `FirstSQL`,
        `EnterpriseDB`, `Cache`, `Adabas`, `Firebird`, `ApacheDerby`, `FileMaker`,
        `Informix`, `InstantDB`, `InterBase`, `MariaDB`, `Netezza`, `PervasivePSQL`,
        `PointBase`, `SQLite`, `Sybase`, `Teradata`, `Vertica`, `H2`, `ColdFusion`,
        `Cassandra`, `HBase`, `MongoDB`, `Redis`, `Couchbase`, `CouchDB`, `CosmosDB`,
        `DynamoDB`, `Neo4j`, `Geode`, `Elasticsearch`, `Memcached`, `CockroachDB`,
        `RPC`, `gRPC`, `JavaRMI`, `DotNETWCF` or `ApacheDubbo`
    TraceSpanInfo:
      required:
      - type
      type: object
      properties:
        type:
          type: string
          description: 'Type of this span. Possible values: `TraceHttpSpanInfo`, `TraceDbSpanInfo`,
            `TraceMessageBusSpanInfo`.'
          example: TraceHttpSpanInfo
      discriminator:
        propertyName: type
    TagsReversedIndexResponse:
      type: object
      properties:
        tagsIndices:
          maxItems: 1000
          minItems: 0
          type: array
          description: List of spans tag values indices.
          items:
            $ref: '#/components/schemas/TagReversedIndex'
        attributesIndices:
          maxItems: 1000
          minItems: 0
          type: array
          description: List of spans attribute values indices.
          items:
            $ref: '#/components/schemas/AttributeReversedIndex'
        next:
          type: string
          description: Next continuation token.
          example: dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI
    TagReversedIndex:
      required:
      - tagName
      - tagValueStatistics
      type: object
      properties:
        tagName:
          maxLength: 128
          minLength: 1
          type: string
          description: Name of the tag.
          example: k8s.container.name
        tagValueStatistics:
          maxItems: 1000
          minItems: 1
          type: array
          description: List of value statistics of the given tag.
          items:
            $ref: '#/components/schemas/TagValueReversedIndex'
    TagValueReversedIndex:
      required:
      - spanIds
      - tagValue
      type: object
      properties:
        tagValue:
          maxLength: 128
          minLength: 1
          type: string
          description: Value of the tag.
          example: web-proxy
        spanIds:
          maxItems: 1000
          minItems: 1
          type: array
          description: List of span ids which have the given tag and value.
          example:
          - 52c3f60425aba353
          - 432630b74ac37c60
          items:
            type: string
    AttributeReversedIndex:
      required:
      - attributeName
      - attributeValueStatistics
      type: object
      properties:
        attributeName:
          maxLength: 128
          minLength: 1
          type: string
          description: Name of the attribute.
          example: service
        attributeValueStatistics:
          maxItems: 1000
          minItems: 1
          type: array
          description: List of value statistics of the given attribute.
          items:
            $ref: '#/components/schemas/AttributeValueReversedIndex'
    AttributeValueReversedIndex:
      required:
      - attributeValue
      - spanIds
      type: object
      properties:
        attributeValue:
          maxLength: 128
          minLength: 1
          type: string
          description: Value of the attribute.
          example: rest-soa
        spanIds:
          maxItems: 1000
          minItems: 1
          type: array
          description: List of span ids which have the given attribute and value.
          example:
          - 52c3f60425aba343
          - 432630b74ac37c50
          items:
            type: string
    TraceLightEventsResponse:
      type: object
      properties:
        spanEvents:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/LightSpanEvent'
          description: Map of span ids to lists of their events, without their attributes.
        next:
          type: string
          description: Next continuation token.
          example: dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI
    LightSpanEvent:
      required:
      - name
      - timestamp
      type: object
      properties:
        timestamp:
          type: string
          description: Time when an event happened in the [ISO 8601 / RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
          example: 2021-04-19 17:36:57.476230+00:00
        name:
          type: string
          description: Name of the event.
          example: domContentLoadedEventStart
      description: Light version of Span Event, without the attributes.
    CriticalPathResponse:
      required:
      - segments
      type: object
      properties:
        segments:
          type: array
          description: List of span segments from the critical path.
          items:
            $ref: '#/components/schemas/SpanPathSegment'
        next:
          type: string
          description: Next continuation token.
          example: Mi93V0ZqTTBzaW89
    SpanPathSegment:
      required:
      - duration
      - ratio
      - spanId
      - startOffset
      type: object
      properties:
        spanId:
          type: string
          description: Span identifier.
          example: 00000000000120CB
        service:
          type: string
          description: The name of the service this span is part of.
          example: user-service
        serviceColor:
          type: string
          description: Color hex code assigned to the service.
          example: '#fa41c6'
        startOffset:
          type: integer
          description: Number of nanoseconds from the span startedAt the segment started.
          format: int64
          example: 311285715
        duration:
          type: integer
          description: Number of nanoseconds the span segment lasted.
          format: int64
          example: 12957153
        fraction:
          type: number
          description: The fraction (value between 0.0 and 1.0) from the trace duration
            time this segment took.
          format: double
          example: 0.4
    CriticalPathServiceBreakdownResponse:
      required:
      - elements
      - idleTime
      type: object
      properties:
        elements:
          type: array
          description: List of elements representing the critical path service breakdown.
          items:
            $ref: '#/components/schemas/CriticalPathServiceBreakdownElementDetail'
        idleTime:
          type: integer
          description: Overall time in nanoseconds when no particular operation was
            in progress.
          format: int64
          example: 60000000
    CriticalPathServiceBreakdownElementDetail:
      allOf:
      - $ref: '#/components/schemas/CriticalPathServiceBreakdownElementBase'
      - required:
        - longestSegmentDuration
        - numSpans
        type: object
        properties:
          numSpans:
            type: integer
            description: Number of spans that are part of this service.
            format: int32
            example: 12957153
          longestSegmentDuration:
            type: integer
            description: Number of nanoseconds the longest span segment in the critical
              path lasted.
            format: int64
            example: 12957153
    TraceSpanDetail:
      allOf:
      - $ref: '#/components/schemas/TraceSpan'
      - type: object
        properties:
          errorMessage:
            type: string
            description: Produced error message (could be a stack trace, database
              error code, ..)
            example: "Exception in thread \"local[9]\" java.lang.OutOfMemoryError:\
              \ Java heap space\n    at my.app.force.fields.SpaceShipForceField.main(SpaceShipForceField.java:17)\n"
          fields:
            type: object
            additionalProperties:
              $ref: '#/components/schemas/TracingValue'
            description: Fields attached to this span.
            example:
              component:
                type: StringTracingValue
                value: http
              http.request.method:
                type: StringTracingValue
                value: GET
              url.full:
                type: StringTracingValue
                value: https://example.com/v1/users/123
              http.response.status_code:
                type: StringTracingValue
                value: '200'
          criticalPathContribution:
            $ref: '#/components/schemas/TraceSpanCriticalPathContribution'
          logs:
            type: array
            description: Logs attached to this span.
            example:
            - '[19/Dec/2019:10:58:21 +0000] ''GET /v1/users/123 HTTP/1.1'' 200 8215
              ''http://111.111.11.1/'' ''Mozilla/5.0 (Macintosh; Intel Mac OS X 11_11_1)
              AppleWebKit/111.11 (KHTML, like Gecko) Chrome/11.1.1111.11 Safari/111.11'''
            - '[19/Dec/2019:10:58:24 +0000] ''GET /logo.png HTTP/1.1'' 404 555 ''http://111.111.11.1/''
              ''Mozilla/5.0 (Macintosh; Intel Mac OS X 11_11_1) AppleWebKit/111.11
              (KHTML, like Gecko) Chrome/11.1.1111.11 Safari/111.11'''
            items:
              type: string
          events:
            type: array
            description: Events attached to this span.
            items:
              $ref: '#/components/schemas/SpanEvent'
          links:
            type: array
            description: List of casually related spans.
            items:
              $ref: '#/components/schemas/SpanLink'
    TraceSpanCriticalPathContribution:
      required:
      - duration
      - fraction
      type: object
      properties:
        duration:
          type: integer
          description: Overall processing time in nanoseconds consumed by this span
            in the critical path of its trace (a sum of the duration times of this
            span's critical path segments).
          format: int64
          example: 12957153
        fraction:
          type: number
          description: The total fraction (value between 0.0 and 1.0) of the trace
            duration time consumed by this span in the critical path of its trace.
          format: double
          example: 0.4
    SpanEvent:
      description: Span event containing all information (in particular attributes).
      allOf:
      - $ref: '#/components/schemas/LightSpanEvent'
      - type: object
        properties:
          attributes:
            type: array
            description: Span event attributes.
            items:
              $ref: '#/components/schemas/SpanEventAttribute'
    SpanEventAttribute:
      type: object
      properties:
        attributeName:
          type: string
          description: Name of the attribute.
          example: message_details
        attributeValue:
          $ref: '#/components/schemas/EventAttributeValue'
    SpanLink:
      required:
      - spanId
      - traceId
      type: object
      properties:
        traceId:
          type: string
          description: Trace identifier of the linked span.
          example: 00000000002317A9
        spanId:
          type: string
          description: Span identifier of the linked span.
          example: 000000000003C7BE
      description: Details of the linked span.
    TraceSpanBillingInfo:
      required:
      - billedBytes
      - billedFormat
      type: object
      properties:
        billedBytes:
          type: integer
          description: Number of bytes that were charged for the span.
          example: 529
        billedFormat:
          type: string
          description: Billing format of the span. Number of bytes of this representation
            of the span is equal to `billedBytes`.
          example: traceId=2ff9c457b1aa00f4;spanId=97872e33215c4275;parentSpanId=98bcdfc5da874c40;operation=spanId-97872e33215c4275;startTimestamp=1603283111874000000;endTimestamp=1603283112268000000;service=ServiceA;status.code=ERROR;status.message=ERROR;kind=SERVER;custom-tag-2=value2;_sourcehost=127.0.0.1;url.full=https://example.com/api/operation-x;message=Some
            error message;_sourcecategory=Http Input;custom-tag-1=value1;error=true;_sourcename=Http
            Input;error.kind=InvalidInput;_collector=trace-generator-collector;http.request.method=GET;
    SpanQueryResponse:
      required:
      - queryId
      - queryRows
      type: object
      properties:
        queryId:
          type: string
          description: Id of the created query
        queryRows:
          type: array
          description: A list of row responses with details about individual queries.
          items:
            $ref: '#/components/schemas/SpanQueryRowResponse'
        hasErrors:
          type: boolean
          description: Indicates whether there was an error while executing the query.
          example: true
          default: false
        timeRange:
          $ref: '#/components/schemas/BeginBoundedTimeRange'
    SpanQueryRowResponse:
      required:
      - isAggregation
      - rowId
      type: object
      properties:
        rowId:
          type: string
          description: A unique identifier of the query.
          example: A
        errors:
          type: array
          description: List of errors which occured when executing the query
          items:
            $ref: '#/components/schemas/SpanQueryRowError'
        isAggregation:
          type: boolean
          description: Indicates whether this query is an aggregation
          example: true
          default: false
        executedQuery:
          type: string
          description: The executed query after rewriting
          example: _index=_trace_spans traceId=00000000002317A9
    SpanQueryRowError:
      required:
      - code
      - message
      type: object
      properties:
        code:
          type: string
          description: The error code.
          example: spanquery:query_validation_error
        message:
          type: string
          description: Short description of the occured error.
          example: Query A was invalid
        details:
          type: string
          description: Details about the occured error.
          example: '[1.78] failure: ''('' expected but '')'' found.'
    SpanQueryRequest:
      required:
      - queryRows
      - timeRange
      type: object
      properties:
        queryRows:
          type: array
          description: A list of span analytics queries.
          items:
            $ref: '#/components/schemas/SpanQueryRow'
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
        timeZone:
          type: string
          description: Time zone for the query time ranges. Follow the format in the
            [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
          example: America/Los_Angeles
          default: UTC
    SpanQueryRow:
      required:
      - queryString
      - rowId
      type: object
      properties:
        queryString:
          type: string
          description: Query string using the log search syntax.
        rowId:
          pattern: ^[a-zA-Z0-9_]*$
          type: string
          description: An identifier used to reference this particular row of the
            query request. Within a query, row ids must have distinct values.
          example: A
    SpanQueryStatusResponse:
      required:
      - queryRows
      - status
      type: object
      properties:
        queryRows:
          type: array
          description: A list of span analytics queries.
          items:
            $ref: '#/components/schemas/SpanQueryRowStatus'
        status:
          pattern: ^(Processing|Finished|Error|Paused)$
          type: string
          description: 'Status of the query. Possible values: `Processing`, `Finished`,
            `Error`, `Paused`'
          example: Processing
          x-pattern-message: Should be either `Processing`, `Finished`, `Error`, `Paused`.
    SpanQueryRowStatus:
      required:
      - count
      - rowId
      - status
      type: object
      properties:
        rowId:
          type: string
          description: A unique identifier of the query.
          example: A
        status:
          pattern: ^(Processing|Finished|Error|Paused)$
          type: string
          description: 'Status of the query. Possible values: `Processing`, `Finished`,
            `Error`, `Paused`.'
          example: Processing
          x-pattern-message: Should be either `Processing`, `Finished`, `Error`, `Paused`.
        statusMessage:
          type: string
          description: Descriptive message of the status.
          example: Finished successfully
        count:
          minimum: 0
          type: integer
          description: Number of results matching the query
          format: int64
          example: 3215
        approximatedFieldCounts:
          type: boolean
          description: Indicates whether facet field cardinality counts are approximated
            or not.
          example: false
        facetsCompleted:
          type: boolean
          description: Indicates whether facets calculation has completed.
          example: false
    SpanQueryResultSpansResponse:
      required:
      - spanPage
      type: object
      properties:
        spanPage:
          type: array
          description: List of trace spans.
          items:
            $ref: '#/components/schemas/SpanQuerySpanData'
        next:
          type: string
          description: Next continuation token.
          example: Mi93V0ZqTTBzaW89
    SpanQuerySpanData:
      required:
      - duration
      - startedAt
      type: object
      properties:
        spanId:
          type: string
          description: Identifier of the span.
          example: 00000000002317A9
        traceId:
          type: string
          description: Identifier of the trace.
          example: 1BB004A0005213C2
        parentSpanId:
          type: string
          description: Identifier of the parent span, if any. If the span has no parent
            it's considered a root span.
          example: 000000000003C7BE
        operationName:
          type: string
          description: The name of the operation given to the span.
          example: retrieveAccount
        service:
          type: string
          description: The name of the service this span is part of.
          example: user-service
        remoteService:
          type: string
          description: Name of the possible remote span's service.
          example: external-service
        duration:
          type: integer
          description: Number of nanoseconds the span lasted.
          format: int64
          example: 212957153
        startedAt:
          type: string
          description: Date and time the span was started in [ISO 8601 / RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
          example: 2019-11-22 09:00:00+00:00
        status:
          $ref: '#/components/schemas/TraceSpanStatus'
        kind:
          pattern: ^(CLIENT|SERVER|PRODUCER|CONSUMER|INTERNAL)$
          type: string
          description: 'Span kind describes the relationship between the Span, its
            parents, and its children in a Trace. Possible values: `CLIENT`, `SERVER`,
            `PRODUCER`, `CONSUMER`, `INTERNAL`.'
          example: SERVER
          x-pattern-message: Should be either `CLIENT`, `SERVER`, `PRODUCER`, `CONSUMER`
            or `INTERNAL`.
        tagsJSON:
          type: string
          description: Tags attached to this span as JSON.
          example: "{\n  &quot;http.host&quot;:&quot;http://example.com&quot;,\n \
            \ &quot;http.request.method&quot;:&quot;GET&quot;\n}"
        metadata:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Metadata attached to the span.
          example:
            _sourceCategory: account-backend
    SpanQueryResultFacetsResponse:
      required:
      - facets
      type: object
      properties:
        facets:
          type: array
          description: List of facets.
          items:
            $ref: '#/components/schemas/SpanQueryRowFacet'
    SpanQueryRowFacet:
      required:
      - cardinality
      - dataType
      - name
      type: object
      properties:
        name:
          type: string
          description: Name of the field facet.
          example: _sourceHost
        cardinality:
          type: integer
          description: The number of unique values this field occured.
          format: int32
          example: 3
        dataType:
          pattern: ^(String|Int|Long|Double|Boolean)$
          type: string
          description: Data type of the field.
          example: String
          x-pattern-message: Should be either `String`, `Int`, `Long`, `Double` or
            `Boolean`.
        inSchema:
          type: boolean
          description: Indicates whether the field is available in the span schema.
          example: false
        valueFrequency:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: integer
            format: int64
          description: Map of field value frequencies.
          example:
            _sourceHost: 34099
    SpanQueryAggregateResponse:
      required:
      - result
      type: object
      properties:
        result:
          $ref: '#/components/schemas/SpanQueryAggregateResult'
    SpanQueryAggregateResult:
      required:
      - series
      - status
      type: object
      properties:
        status:
          pattern: ^(Processing|Finished|Error|Paused)$
          type: string
          description: 'Status of the query. Possible values: `Processing`, `Finished`,
            `Error`, `Paused`.'
          example: Processing
          x-pattern-message: Should be either `Processing`, `Finished`, `Error`, `Paused`.
        statusMessage:
          type: string
          description: Descriptive message of the status
          example: Finished successfully
        series:
          type: array
          description: The series returned from a search.
          items:
            $ref: '#/components/schemas/SpanQueryAggregateDataSeries'
    SpanQueryAggregateDataSeries:
      required:
      - dataPoints
      - name
      - queryId
      type: object
      properties:
        queryId:
          type: string
          description: The id of the query.
          example: A
        name:
          type: string
          description: "The meaning of 'name' depends on the series type.\n  - For\
            \ results of type 'timeseries', it is the value of the x axis 'field'\
            \ key.\n  - For results of type 'nontimeseries', it is the name of one\
            \ of the fields that is not part of 'xAxisKeys'.\n  - For results of type\
            \ 'table', it is the comma-separated string of names of all fields.\n"
          example: max(Disk_Used)
        dataPoints:
          type: array
          description: A list of data points in the series.
          items:
            $ref: '#/components/schemas/SpanQueryAggregatePointData'
        aggregateInfo:
          $ref: '#/components/schemas/SpanQueryAggregateAggregateData'
        metaData:
          $ref: '#/components/schemas/SpanQueryAggregateMetaData'
        seriesType:
          pattern: ^(TIMESERIES|NONTIMESERIES|TABLE)$
          type: string
          description: Type of the visual series.
          example: TIMESERIES
          x-pattern-message: Should be either `TIMESERIES`, `NONTIMESERIES`, `TABLE`.
        xAxisKeys:
          type: array
          description: Keys that will be plotted as a point on the x axis.
          example:
          - _sourceCategory
          - _sourceHost
          items:
            type: string
        valueType:
          pattern: ^(STRING|DOUBLE)$
          type: string
          description: Type of the values in the series.
          example: DOUBLE
          x-pattern-message: Should be either `STRING`, `DOUBLE`.
    SpanQueryAggregatePointData:
      required:
      - y
      type: object
      properties:
        x:
          type: number
          description: Value that represents a point on the x axis.
          format: double
          example: 1.0
        y:
          type: string
          description: Value that represents a point on the y axis.
          example: '12.3'
        xAxisValues:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Values that represents a point on the x axis.
          example:
            operation: /get/accounts
            service: accountService
          default: {}
    SpanQueryAggregateAggregateData:
      required:
      - avg
      - latest
      - max
      - min
      - sum
      type: object
      properties:
        max:
          type: number
          description: The maximum value in the series.
          format: double
          example: 10.0
        min:
          type: number
          description: The minimum value in the series.
          format: double
          example: 1.2
        avg:
          type: number
          description: The average value in the series.
          format: double
          example: 5.6
        sum:
          type: number
          description: The sum of all the values in the series.
          format: double
          example: 123.4
        latest:
          type: number
          description: The last value in the series.
          format: double
          example: 23.4
        count:
          type: number
          description: The number of values in the series.
          format: double
          example: 600
    SpanQueryAggregateMetaData:
      required:
      - data
      type: object
      properties:
        data:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: The value of the metadata.
          example:
            deployment: dev
            cluster: frontend
            instance: frontend-12
          default: {}
    SpanQueryFieldsResponse:
      required:
      - fields
      type: object
      properties:
        fields:
          type: array
          description: List of span fields.
          items:
            $ref: '#/components/schemas/SpanQueryFieldDetail'
    SpanQueryFieldDetail:
      allOf:
      - $ref: '#/components/schemas/TraceFieldDetail'
      - required:
        - inSchema
        type: object
        properties:
          inSchema:
            type: boolean
            description: Indicates whether the field is available in the schema.
            example: false
    ServiceMapResponse:
      required:
      - edges
      - nodes
      type: object
      properties:
        nodes:
          type: array
          description: List of service map nodes.
          items:
            $ref: '#/components/schemas/ServiceMapNode'
        edges:
          type: array
          description: List of service map edges.
          items:
            $ref: '#/components/schemas/ServiceMapEdge'
    ServiceMapNode:
      required:
      - isRemote
      - lastSeenAt
      - serviceName
      - serviceType
      type: object
      properties:
        serviceName:
          type: string
          description: Name of a service in a service map.
          example: service_name_1
        serviceColor:
          type: string
          description: Color hex code assigned to the service.
          example: '#fa41c6'
        lastSeenAt:
          type: string
          description: The last time in UTC a service has been seen. Formatted as
            defined by date-time - RFC3339.
          format: date-time
          example: 2019-11-22 09:00:00+00:00
        isRemote:
          type: boolean
          description: Indicates whether node comes from inferred remote service or
            instrumented one.
          example: true
        serviceType:
          $ref: '#/components/schemas/ServiceType'
    ServiceMapEdge:
      required:
      - lastSeenAt
      - source
      - target
      type: object
      properties:
        source:
          type: string
          description: Name of a source service. Edge is directed from source to target.
          example: service_name_1
        target:
          type: string
          description: Name of a target service. Edge is directed from source to target.
          example: service_name_2
        lastSeenAt:
          type: string
          description: The last time in UTC an edge has been seen. Formatted as defined
            by date-time - RFC3339.
          format: date-time
          example: 2019-11-22 09:00:00+00:00
    DatastoreStatusResponse:
      required:
      - diskSize
      - indicatorCount
      - indicatorLimit
      - sourceStatus
      type: object
      properties:
        diskSize:
          type: integer
          description: Total DB size in terms of disk bytes
          format: int64
          example: 1024
        indicatorCount:
          type: integer
          description: Total number of indicators in the DB
          format: int64
          example: 100
        indicatorLimit:
          type: integer
          description: Limit number of indicators supported in the DB
          format: int64
          example: 10000000
        sourceStatus:
          type: array
          description: A list of sources and their individual DB sizes and indicator
            counts
          items:
            $ref: '#/components/schemas/DatastoreSourceStatusResponse'
    DatastoreSourceStatusResponse:
      required:
      - source
      type: object
      properties:
        source:
          type: string
          description: The source name
          example: unit42_source
        description:
          type: string
          description: The source description
          example: This is a stix1.2 indicators source
        diskSize:
          type: integer
          description: Disk utilization in bytes estimate for the indicator source
          format: int64
          example: 1024
        indicatorCount:
          type: integer
          description: Number of indicators for the indicator source
          format: int64
          example: 1024
        sumoProvided:
          type: boolean
          description: True if sumo provided source
          example: false
        supportsCat:
          type: boolean
          description: True if can be used in cat operator
          example: false
        enabled:
          type: boolean
          description: True if enabled
          example: true
      description: DB sizes and indicator counts for an individual source
    DatastoreRetentionPeriod:
      required:
      - retentionPeriod
      type: object
      properties:
        retentionPeriod:
          type: integer
          description: Retention period in days.
          format: int64
          example: 120
    UploadNormalizedIndicatorRequest:
      required:
      - indicators
      type: object
      properties:
        indicators:
          type: array
          description: The list of normalized threat intel indicators to upload.
          items:
            $ref: '#/components/schemas/NormalizedIndicator'
    NormalizedIndicator:
      required:
      - confidence
      - id
      - indicator
      - source
      - threatType
      - type
      - validFrom
      type: object
      properties:
        id:
          type: string
          description: ID of the indicator
          example: indicator--d81f86b9-975b-4c0b-875e-810c5ad45a4f
        indicator:
          type: string
          description: Value of the indicator
          example: 182.158.1.1
        type:
          type: string
          description: Type of indicator
          example: ipv4-addr
        source:
          type: string
          description: User-provided text to identify the source of the indicator
          example: FreeTAXII
        updated:
          type: string
          description: When this indicator was most recently updated in Sumo. Timestamp
            in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339) format.
          format: date-time
          example: 2023-03-21 12:00:00+00:00
        validFrom:
          type: string
          description: Beginning time this indicator is valid. Timestamp in UTC in
            [RFC3339](https://tools.ietf.org/html/rfc3339) format.
          format: date-time
          example: 2023-03-21 12:00:00+00:00
        validUntil:
          type: string
          description: 'Time at which this indicator expires. If not set, a default
            TTL is applied based on indicator type and confidence. File hash indicators
            (type prefix `file:hashes`): 30/365/730 days for low/medium/high confidence.
            All other indicator types: 30/90/180 days for low/medium/high confidence.
            Confidence bands: low 0-49, medium 50-74, high 75-100. Timestamp in UTC
            in [RFC3339](https://tools.ietf.org/html/rfc3339) format.'
          format: date-time
          example: 2023-03-21 12:00:00+00:00
        confidence:
          maximum: 100
          minimum: 1
          type: integer
          description: Confidence that the creator has in the correctness of their
            data, where 100 is highest
        threatType:
          type: string
          description: Type of indicator ( https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html#_cvhfwe3t9vuo
            )
          example: benign
        actors:
          type: string
          description: Actors as a comma separated list.
          example: actor1,actor2
        killChain:
          type: string
          description: Kill Chain as a comma separated list.
          example: KC1,KC2
        fields:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Flattened fields from the original indicator object (e.g. flattened
            STIX fields)
    UploadStixIndicatorsResponse:
      required:
      - invalidIndicators
      type: object
      properties:
        invalidIndicators:
          type: array
          description: A list of invalid indicator IDs that were not ingested
          example:
          - indicator--foo
          - indicator--bar
          items:
            type: string
    UploadStixIndicatorsRequest:
      required:
      - indicators
      - source
      type: object
      properties:
        source:
          type: string
          description: User-provided text to identify the source of the indicator
          example: FreeTAXII
        indicators:
          type: array
          description: The list of stix threat intel indicators to upload.
          items:
            $ref: '#/components/schemas/StixIndicator'
    StixIndicator:
      required:
      - created
      - id
      - modified
      - pattern
      - pattern_type
      - spec_version
      - type
      - valid_from
      type: object
      properties:
        type:
          type: string
          description: The type property identifies the type of STIX Object.
          example: indicator
        spec_version:
          type: string
          description: The STIX version
          example: '2.1'
        id:
          type: string
          description: The ID of the indicator
          example: acme:indicator-bf8bc5d5-c7e6-46b0-8d22-7500fea77196
        created:
          type: string
          description: The time from which this Indicator is considered a valid indicator
            of the behaviors it is related or represents.
          format: date-time
          example: 2023-03-21 12:00:00+00:00
        modified:
          type: string
          description: The time from which this Indicator is considered a valid indicator
            of the behaviors it is related or represents.
          format: date-time
          example: 2023-03-21 12:00:00+00:00
        created_by_ref:
          type: string
          description: Identifier of type identity
          example: identity--f431f809-377b-45e0-aa1c-6a4751cae5ff
        revoked:
          type: boolean
          description: The revoked property is only used by STIX Objects that support
            versioning and indicates whether the object has been revoked.
        labels:
          type: array
          description: The labels property specifies a set of terms used to describe
            this object. The terms are user-defined or trust-group defined and their
            meaning is outside the scope of this specification and MAY be ignored.
          example:
          - heartbleed
          - has-logo
          items:
            type: string
        confidence:
          maximum: 100
          minimum: 1
          type: integer
          description: Confidence that the creator has in the correctness of their
            data, where 100 is highest
        lang:
          type: string
          description: The lang property identifies the language of the text content
            in this object. When present, it MUST be a language code conformant to
            [RFC5646]. If the property is not present, then the language of the content
            is en (English)
          example: en
        external_references:
          type: array
          description: A list of external references which refer to non-STIX information.
            This property MAY be used to provide one or more Vulnerability identifiers,
            such as a CVE ID
          items:
            $ref: '#/components/schemas/ExternalReference'
        object_marking_refs:
          type: array
          description: The object_marking_refs property specifies a list of id properties
            of marking-definition objects that apply to this object.
          example:
          - marking-definition--089a6ecb-cc15-43cc-9494-767639779123
          items:
            type: string
        granular_markings:
          type: array
          description: The granular_markings property specifies a list of granular
            markings applied to this object
          items:
            $ref: '#/components/schemas/GranularMarkingType'
        extensions:
          maxProperties: 1000
          type: object
          additionalProperties:
            $ref: '#/components/schemas/Extension'
          description: Specifies any extensions of the object, as a dictionary
        name:
          type: string
          description: The name of the object
        description:
          type: string
          description: A human readable description
        indicator_types:
          type: array
          description: A set of categorizations for this indicator.
          example:
          - malicious-activity
          items:
            type: string
        pattern:
          type: string
          description: The detection pattern for this Indicator expressed as a STIX
            patter.
          example: '[ipv4-addr:value = ''1.2.3.4'']'
        pattern_type:
          type: string
          description: The type of pattern
          example: stix
        pattern_version:
          type: string
          description: The version of the pattern language that is used for the data
            in the pattern property which MUST match the type of pattern data included
            in the pattern property.
        valid_from:
          type: string
          description: The time from which this Indicator is considered a valid indicator
            of the behaviors it is related or represents.
          format: date-time
          example: 2023-03-21 12:00:00+00:00
        valid_until:
          type: string
          description: 'The time at which this Indicator should no longer be considered
            a valid indicator of the behaviors it is related to or represents. If
            not set, a default TTL is applied based on indicator type and confidence.
            File hash indicators (type prefix `file:hashes`): 30/365/730 days for
            low/medium/high confidence. All other indicator types: 30/90/180 days
            for low/medium/high confidence. Confidence bands: low 0-49, medium 50-74,
            high 75-100.'
          format: date-time
          example: 2023-03-21 12:00:00+00:00
        kill_chain_phases:
          type: array
          description: The list of Kill Chain Phases for which this Attack Pattern
            is used
          items:
            $ref: '#/components/schemas/KillChainPhase'
    ExternalReference:
      required:
      - source_name
      type: object
      properties:
        source_name:
          type: string
          description: The name of the source that the external-reference is defined
            within
          example: system
        description:
          type: string
          description: A human readable description
        url:
          type: string
          description: A URL reference to an external resource
          example: https://github.com/vz-risk/0001AA7F-C601-424A-B2B8-BE6C9F5164E7.json
        hashes:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Specifies a dictionary of hashes for the contents of the url
          example:
            SHA-256: 6db12788c37247f2316052e142f42f4b259d6561751e5f401a1ae2a6df9c674b
        external_id:
          type: string
          description: An identifier for the external reference content
          example: 0001AA7F-C601-424A-B2B8-BE6C9F5164E7
    GranularMarkingType:
      required:
      - selectors
      type: object
      properties:
        lang:
          type: string
          description: The lang property identifies the language of the text identified
            by this marking
          example: en
        marking_ref:
          type: string
          description: The marking_ref property specifies the ID of the marking-definition
            object that describes the marking
          example: marking-definition--089a6ecb-cc15-43cc-9494-767639779123
        selectors:
          type: array
          description: The selectors property specifies a list of selectors for content
            contained within the STIX Object in which this property appears
          example:
          - description
          - labels
          items:
            type: string
    Extension:
      required:
      - created
      - created_by_ref
      - extension_types
      - id
      - modified
      - name
      - schema
      - spec_version
      - type
      - version
      type: object
      properties:
        type:
          type: string
          description: The type property identifies the type of object
          example: indicator
        spec_version:
          type: string
          description: The STIX version
          example: '2.1'
        id:
          type: string
          description: The ID of the indicator
          example: acme:indicator-bf8bc5d5-c7e6-46b0-8d22-7500fea77196
        created:
          type: string
          description: The time from which this Indicator is considered a valid indicator
            of the behaviors it is related or represents.
          format: date-time
          example: 2023-03-21 12:00:00+00:00
        modified:
          type: string
          description: The time from which this Indicator is considered a valid indicator
            of the behaviors it is related or represents.
          format: date-time
          example: 2023-03-21 12:00:00+00:00
        created_by_ref:
          type: string
          description: Identifier of type identity
          example: identity--f431f809-377b-45e0-aa1c-6a4751cae5ff
        revoked:
          type: boolean
          description: The revoked property is only used by STIX Objects that support
            versioning and indicates whether the object has been revoked.
        labels:
          type: array
          description: The labels property specifies a set of terms used to describe
            this object. The terms are user-defined or trust-group defined and their
            meaning is outside the scope of this specification and MAY be ignored.
          example:
          - heartbleed
          - has-logo
          items:
            type: string
        external_references:
          type: array
          description: A list of external references which refer to non-STIX information.
            This property MAY be used to provide one or more Vulnerability identifiers,
            such as a CVE ID
          items:
            $ref: '#/components/schemas/ExternalReference'
        object_marking_refs:
          type: array
          description: The object_marking_refs property specifies a list of id properties
            of marking-definition objects that apply to this object.
          example:
          - marking-definition--089a6ecb-cc15-43cc-9494-767639779123
          items:
            type: string
        granular_markings:
          type: array
          description: The granular_markings property specifies a list of granular
            markings applied to this object
          items:
            $ref: '#/components/schemas/GranularMarkingType'
        name:
          type: string
          description: The name of the object
        description:
          type: string
          description: A human readable description
        schema:
          type: string
          description: The normative definition of the extension, either as a URL
            or as plain text explaining the definition
          example: https://www.example.com/schema-my-favorite-sdo-1/v1
        version:
          type: string
          description: The version of this extension
        extension_types:
          type: array
          description: This property specifies one or more extension types contained
            within this extension
          items:
            type: string
            enum:
            - new-sdo
            - new-sco
            - new-sro
            - property-extension
            - toplevel-property-extension
        extension_properties:
          type: array
          description: This property contains the list of new property names that
            are added to an object by an extension
          items:
            type: string
    KillChainPhase:
      required:
      - kill_chain_name
      type: object
      properties:
        kill_chain_name:
          type: string
          description: The name of the kill chain. The value of this property SHOULD
            be all lowercase and SHOULD use hyphens instead of spaces or underscores
            as word separators
          example: lockheed-martin-cyber-kill-chain
        phase_name:
          type: string
          description: The name of the phase in the kill chain. The value of this
            property SHOULD be all lowercase and SHOULD use hyphens instead of spaces
            or underscores as word separators
          example: reconnaissance
    RemoveIndicatorsRequest:
      required:
      - indicatorIds
      - source
      type: object
      properties:
        source:
          type: string
          description: The source of the indicator ID to match against
          example: Crowdstrike
        indicatorIds:
          type: array
          description: The list of indicator IDs to match against
          example:
          - indicator--abcd
          - indicator--ef012
          items:
            type: string
    DataSourceProperties:
      type: object
      properties:
        enabled:
          type: boolean
          description: True if enabled.
          example: true
        description:
          type: string
          description: The data source description.
          example: This is a stix1.2 data source.
    ListTagResult:
      required:
      - result
      type: object
      properties:
        result:
          type: array
          description: List of Tag Dictionary Values (e.g. Tag Keys or Tag Values).
          example:
          - aTagKeyOrValue01
          - aTagKeyOrValue02
          items:
            type: string
    OTCollector:
      required:
      - createdAt
      - createdBy
      - id
      - modifiedAt
      - modifiedBy
      - name
      - systemInfo
      - version
      type: object
      properties:
        id:
          type: string
          description: Unique identifier of the OT Collector.
          example: 0000000005F5E105
        name:
          type: string
          description: Name of the OT Collector.
          example: test OT Collector
        version:
          required:
          - currentVersion
          type: object
          properties:
            currentVersion:
              type: string
              description: Current version of the OT Collector.
            latestAvailableVersion:
              type: string
              description: Latest available version of the OT Collector.
          description: Version information of the OT Collector.
        category:
          type: string
          description: Category of the OT Collector.
          example: apache
        description:
          type: string
          description: Description of the OT Collector.
        tags:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Tags associated with the OT Collector.
          example:
            team: app-dev
            showIcon: true
        healthIncidentsTracker:
          type: object
          properties:
            errorsCount:
              type: integer
              description: Number of errors associated with the OT Collector.
              format: int32
              example: 0
            warningsCount:
              type: integer
              description: Number of warnings associated with the OT Collector.
              format: int32
              example: 1
          description: Health incident information.
        ephemeral:
          type: boolean
          description: Ephemeral Status of the OT Collector.
          example: false
        alive:
          type: boolean
          description: Alive Status of the OT Collector based on heartbeat.
          example: true
        isRemotelyManaged:
          type: boolean
          description: Management Status of the OT Collector based on if it is remotely
            or locally managed.
          example: true
        effectiveConfig:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Config map that includes Base 64 Encoded Effective Configuration
            Yaml of the Remotely managed OT Collector.
          example:
            00000000000000A3: ZGVtbyBjb25maWc=
            00000000000000D5: XFVtbfe34tgcvefv=
        systemInfo:
          type: object
          properties:
            hostName:
              type: string
              description: Host name of the OT Collector.
              example: app.test.com
            hostOsName:
              type: string
              description: Host OS name of the OT Collector.
              example: Linux
            hostOsVersion:
              type: string
              description: Host OS version of the OT Collector.
              example: 5.4.144-69.257.amzn2.x86_64
            hostIpAddress:
              type: string
              description: Host IP address of the OT Collector.
              example: 19.123.24.66
            hostEnv:
              type: string
              description: Host environment of the OT Collector.
              example: EKS-1.20.2
          description: System information of the OT Collector.
        timeZone:
          type: string
          description: timezone of the collector
          example: UTC
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        createdBy:
          type: string
          description: Identifier of the user who created the resource.
          example: 0000000006A5C7A2
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        modifiedBy:
          type: string
          description: Identifier of the user who last modified the resource.
          example: 0000000006A5C7A2
        sourceTemplateLinkedCount:
          type: integer
          description: Count of the source templates linked to a collector
          example: 1
      description: An OT Collector definition.
    OtTag:
      required:
      - key
      - values
      type: object
      properties:
        key:
          type: string
          description: key of the given tag.
          example: key1
        values:
          type: array
          description: values of the given tag.
          items:
            type: string
            example: value1
    VersionRange:
      type: object
      properties:
        minVersion:
          pattern: ^v(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-sumo.+)?$
          type: string
          description: Minimum version of otCollector.
        maxVersion:
          pattern: ^v(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-sumo.+)?$
          type: string
          description: Maximum version of the collector.
        rangeType:
          type: string
          description: 'Specifies how filtering should be applied when `minVersion`
            and `maxVersion` are defined. - `Within`: Filtering includes the specified
            range. - `Outside`: Filtering excludes the specified range. By default,
            filtering includes the specified range.'
      description: Version range for otCollector.
    SourceTemplateListResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of source templates.
          items:
            $ref: '#/components/schemas/SourceTemplateDefinition'
    SourceTemplateDefinition:
      type: object
      properties:
        schemaRef:
          $ref: '#/components/schemas/SchemaRef'
        id:
          type: string
          description: id of source template.
          example: 0000000003343FDD
        inputJson:
          maxProperties: 1000
          type: object
          additionalProperties: true
          description: inputJson of source template
          example: {}
        config:
          type: string
          description: configuration of source template
          example: apache.yaml.example
        selector:
          $ref: '#/components/schemas/Selector'
        totalCollectorLinked:
          type: integer
          description: count of total collector linked with this source template.
          format: int32
          default: 0
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        modifiedAt:
          type: string
          description: Modification timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        createdBy:
          type: string
          description: Id of the user who created source template
          example: 0000000006743FDD
        modifiedBy:
          type: string
          description: Id of the user who last modified the source template
          example: 0000000006243FDD
        status:
          type: string
          description: Status of Source template
          enum:
          - enable
          - disable
        isEnabled:
          type: boolean
          description: A boolean parameter to get if the source template is enabled.
          example: true
          default: true
      description: response definition of source template.
    SchemaRef:
      required:
      - type
      type: object
      properties:
        type:
          type: string
          description: type of source template.
          example: Apache
      description: schema reference for source template.
    Selector:
      type: object
      properties:
        tags:
          type: array
          description: tags filter for agents
          items:
            type: array
            items:
              $ref: '#/components/schemas/OtTag'
        names:
          type: array
          description: names to select custom agents
          items:
            type: string
            example: demo_macOS
      description: Agent selector conditions
    CollectorCompatibility:
      type: object
      properties:
        os:
          type: string
          description: Name of the Operating System.
          example: linux
        collectorVersionRange:
          $ref: '#/components/schemas/CollectorVersionRange'
    CollectorVersionRange:
      type: object
      properties:
        minVersion:
          type: string
          description: Minimum compatible version of otCollector.
        maxVersion:
          type: string
          description: Maximum compatible version of the otcollector. if this is null,
            then latest otcollector is also compatible.
          nullable: true
      example:
        minVersion: v0.89.0
        maxVersion: v0.90.0
    SourceTemplateRequest:
      required:
      - inputJson
      - schemaRef
      type: object
      properties:
        schemaRef:
          $ref: '#/components/schemas/SchemaRef'
        inputJson:
          maxProperties: 1000
          required:
          - name
          - receivers
          type: object
          properties:
            name:
              type: string
              description: name of source template.
              example: apache_test_source_template
            receivers:
              type: object
              description: receiver information of source template
              example: {}
            description:
              type: string
              description: description of source template
              example: Demo Description for Source Template
            processors:
              type: object
              description: processors for source template
              example: {}
          additionalProperties: true
          description: inputJson of source template
        selector:
          $ref: '#/components/schemas/Selector'
        isEnabled:
          type: boolean
          description: Indicates whether the source template is enabled - **Create
            operation:** Defaults to `true` (the template is enabled when created).
            - **Update operation:** If omitted, the existing status is preserved.
          example: true
      description: request body for creating source template.
    SourceTemplateUpdateRequest:
      required:
      - inputJson
      - schemaRef
      type: object
      properties:
        schemaRef:
          $ref: '#/components/schemas/SchemaRef'
        inputJson:
          maxProperties: 1000
          required:
          - name
          - receivers
          type: object
          properties:
            name:
              type: string
              description: Name of source template.
              example: apache_test_source_template
            receivers:
              type: object
              description: Receiver information of source template
              example: {}
            description:
              type: string
              description: Description of source template
              example: Demo Description for source template
            processors:
              type: object
              description: Processors for source template
              example: {}
          additionalProperties: true
          description: InputJson of source template
        selector:
          $ref: '#/components/schemas/Selector'
        isEnabled:
          type: boolean
          description: Indicates whether the source template is enabled. If omitted,
            the existing status is preserved.
          example: true
      description: Request body for updating source template.
    SourceTemplateStatusUpdateRequest:
      required:
      - status
      type: object
      properties:
        status:
          type: string
          description: status to set for the source template (enable or disable).
          enum:
          - enable
          - disable
      example:
        status: enable
    SourceTemplateUpgradeRequest:
      required:
      - inputJson
      - schemaRef
      type: object
      properties:
        schemaRef:
          $ref: '#/components/schemas/UpgradeSchemaRef'
        inputJson:
          maxProperties: 1000
          required:
          - name
          - receivers
          type: object
          properties:
            name:
              type: string
              description: name of source template.
              example: apache_test_source_template
            receivers:
              type: object
              description: receiver information of source template
              example:
                hostmetrics:
                  receiverType: hostmetrics
                  collection_interval: 5m
            description:
              type: string
              description: description of source template
              example: Demo Description for source template
            processors:
              type: object
              description: processors for source template
              example:
                resource:
                  processorType: resource
          additionalProperties: true
          description: inputJson of source template
      description: request body for creating source template.
    UpgradeSchemaRef:
      required:
      - type
      - version
      type: object
      properties:
        type:
          type: string
          description: type of source template.
          example: Apache
        version:
          type: string
          description: version of source template.
          example: 1.0.0
      description: schema reference for upgrade source template request.
    LinkedSourceTemplatesUpdateResponse:
      required:
      - collectorId
      type: object
      properties:
        collectorId:
          type: string
          description: otCollector id for which tags are edited.
          example: 00005AF3107BF0D6
        addedSourceTemplates:
          type: array
          description: list of sourceTemplates which are linked to otCollector.
          items:
            $ref: '#/components/schemas/LinkingUpdatedSourceTemplateDetails'
        removedSourceTemplates:
          type: array
          description: list of sourceTemplates which are removed from otCollector
            linking.
          items:
            $ref: '#/components/schemas/LinkingUpdatedSourceTemplateDetails'
      description: linked source template details based on the ot-collector tags user
        wants to update.
    LinkingUpdatedSourceTemplateDetails:
      required:
      - reasonTags
      - sourceTemplateDefinition
      type: object
      properties:
        sourceTemplateDefinition:
          $ref: '#/components/schemas/SourceTemplateDefinition'
        reasonTags:
          type: array
          description: tags which are responsible for source template and collector
            linking impact.
          items:
            type: array
            items:
              $ref: '#/components/schemas/CollectorTag'
      description: source template details with tags responsible for otCollector Linking
        update.
    CollectorTag:
      required:
      - key
      - values
      type: object
      properties:
        key:
          type: string
          description: Key of the given tag.
          example: key1
        value:
          type: string
          description: Values of the given tag.
          example: value1
    LinkedSourceTemplatesUpdateRequest:
      required:
      - collectorId
      type: object
      properties:
        collectorId:
          type: string
          description: otCollector id for which tags are edited.
          example: 00005AF3107BF0D6
        tags:
          maxProperties: 50
          type: object
          additionalProperties:
            type: string
          description: JSON map of key-value metadata to apply to the otCollector.
          example:
            environment: production
            location: us-west-2
          default: {}
        updatedName:
          type: string
          description: Updated Name of the otCollector.
          example: demo_macOS
    ListSchemaBaseTypeToVersionsResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of maps containing the mappings schema type -> versions.
          items:
            $ref: '#/components/schemas/SchemaBaseTypeToVersionsResponse'
    SchemaBaseTypeToVersionsResponse:
      required:
      - type
      - versions
      type: object
      properties:
        type:
          type: string
          description: The type of the schema.
          example: Okta
        versions:
          type: array
          description: List of schema base identities sorted by latest version for
            a specific schema type.
          items:
            $ref: '#/components/schemas/SchemaBaseComplete'
      description: Map of the schema base type to its list of schema base identities.
    SchemaBaseComplete:
      type: object
      allOf:
      - $ref: '#/components/schemas/SchemaBaseIdentityWithMetadata'
      - $ref: '#/components/schemas/SchemaBaseTemplateYaml'
    SchemaBaseIdentityWithMetadata:
      type: object
      allOf:
      - $ref: '#/components/schemas/SchemaBaseIdentity'
      - required:
        - id
        - type
        - version
        properties:
          id:
            type: string
            description: Unique identifier of the schema.
          createdAt:
            type: string
            description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
              format.
            format: date-time
            example: 2018-10-16 09:10:00+00:00
          modifiedAt:
            type: string
            description: Last modification timestamp in UTC.
            format: date-time
            example: 2018-10-16 09:10:00+00:00
    SchemaBaseIdentity:
      required:
      - family
      - schema
      - type
      - version
      type: object
      properties:
        type:
          maxLength: 128
          minLength: 1
          type: string
          description: The type of the integration.
          example: Okta
        version:
          maxLength: 128
          minLength: 5
          pattern: ^([0-9]+)\.([0-9]+)\.([0-9]+)$
          type: string
          description: The version (or image tag) of the integration. Follows the
            Major.Minor.Patch semantic versioning format.
          example: 1.0.0
          x-pattern-message: 'must follow semantic versioning: https://semver.org/'
        description:
          maxLength: 1024
          minLength: 0
          type: string
          description: The description of the integration.
          example: An Okta integration that collects Okta event logs into Sumo Logic.
        manifest:
          maxProperties: 1000
          type: object
          additionalProperties: true
          description: The manifest of the integration.
        schema:
          maxProperties: 1000
          type: object
          additionalProperties: true
          description: The schema in JSON Schema specification.
        family:
          type: string
          description: The family to which schema belong.
          enum:
          - OTC_Source_Template
    SchemaBaseTemplateYaml:
      type: object
      properties:
        templateYaml:
          maxLength: 10960
          minLength: 1
          type: string
          description: The template yaml of schema.
          example: example templateYaml
    EventContext:
      required:
      - eventContextType
      type: object
      properties:
        eventContextType:
          pattern: ^(SearchQueryContext)$
          type: string
          description: Context for which correlated events are to be fetched.
          example: SearchQueryContext
      discriminator:
        propertyName: eventContextType
        mapping:
          SearchQueryContext: '#/components/schemas/SearchQueryContext'
    CorrelatedEvents:
      required:
      - correlationFinished
      - events
      type: object
      properties:
        correlationFinished:
          type: boolean
          description: Flag indicating correlation completion.
          example: true
        events:
          type: array
          description: List of events.
          items:
            $ref: '#/components/schemas/CorrelatedEvent'
    CorrelatedEvent:
      required:
      - eventPriority
      - eventSource
      - eventType
      - name
      - startTimeMs
      type: object
      properties:
        name:
          type: string
          description: The name of the event.
          example: monitor-manager deployed.
        description:
          type: string
          description: Description of the events.
          example: 2 containers in monitor-manager were upgraded.
        eventType:
          type: string
          description: The type of event.
          example: Deploy
        eventPriority:
          type: string
          description: The priority of event.
          example: High
        eventSource:
          type: string
          description: The source of the event.
          example: Jenkins
        startTimeMs:
          type: integer
          description: The start time of the event.
          format: int64
          example: 16794589390
        metadataJson:
          type: string
          description: JSON string containing metadata of the event.
      description: Object specifying an event.
    ListEventExtractionRulesResponse:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of event extraction rules.
          items:
            $ref: '#/components/schemas/EventExtractionRuleWithDetails'
    EventExtractionRuleWithDetails:
      type: object
      description: Event extraction rule object.
      allOf:
      - $ref: '#/components/schemas/EventExtractionRule'
      - required:
        - id
        type: object
        properties:
          id:
            type: string
            description: Id of the event extraction rule.
            example: '0000000001213227'
          createdAt:
            type: string
            description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
              format.
            format: date-time
          createdBy:
            type: string
            description: Identifier of the user who created the resource.
          modifiedAt:
            type: string
            description: Last modification timestamp in UTC.
            format: date-time
          modifiedBy:
            type: string
            description: Identifier of the user who last modified the resource.
          enabled:
            type: boolean
            description: Flag indicating whether the event extraction rule is enabled
              or disabled.
            example: true
          disableReason:
            type: string
            description: Reason for disabling the event extraction rule, if applicable.
            example: Event Extraction Rule output exceeded maximum allowed rate of
              1000 events per hour in last 24 hours.
    EventExtractionRule:
      required:
      - configuration
      - name
      - query
      type: object
      properties:
        name:
          maxLength: 256
          minLength: 1
          type: string
          description: Name of event extraction rule.
          example: foo
        description:
          maxLength: 1024
          type: string
          description: Description of event extraction rule.
          example: foo
        query:
          type: string
          description: "Query string for the Event Extraction Rule. Logs matching\
            \ this query are periodically ingested into the `sumologic_userdata_events`\
            \ index (**Events**).\n\nGuidelines for creating the query:\n  - Optimize\
            \ the query to limit the number of returned log messages (intended for\
            \ special logs only).\n  - The query runs in `Manual` mode, explicitly\
            \ parse and extract only the necessary fields for event correlation and\
            \ visualization.\n  - Use the `fields` operator to restrict the output\
            \ to required fields.\n"
          example: _sourceCategory=eventSource
        correlationExpression:
          required:
          - eventFieldName
          - queryFieldName
          - stringMatchingAlgorithm
          type: object
          properties:
            queryFieldName:
              type: string
              description: Name of the query field returned by a log search query.
              example: _sourcecategory
            eventFieldName:
              type: string
              description: Name of the field from event query output.
              example: foo
            stringMatchingAlgorithm:
              pattern: ^(ExactMatch)$
              type: string
              description: Type of string matching algorithm which tells how to match
                eventFieldName and queryFieldName.
              example: ExactMatch
          description: "Correlation Expression specifies how to determine related\
            \ events for a log search query. \nThe value of `eventFieldName` from\
            \ Events is compared with the values of `queryFieldName` from the log\
            \ search query output using the defined stringMatchingAlgorithm. Events\
            \ that match according to this algorithm are considered correlated.\n"
        configuration:
          maxProperties: 1000
          required:
          - eventName
          - eventPriority
          - eventSource
          - eventType
          type: object
          additionalProperties:
            $ref: '#/components/schemas/FieldMapping'
          description: "Configuration for the Event Extraction Rule.\n\nThis object\
            \ defines how event fields are mapped to their corresponding values.\n\
            Each field specifies a `valueSource`, which provides the actual value,\
            \ and an optional `mappingType`,\nindicating the value is hardcoded.\n\
            \nThe following fields are **required**:\n  - `eventType`: Type of the\
            \ event. Accepted values are `Deployment`, `Feature Flag Change`, `Configuration\
            \ Change` or `Infrastructure Change`.\n  - `eventPriority`: Indicates\
            \ the priority of the event. Accepted values are `High`, `Medium`, or\
            \ `Low`.\n  - `eventSource`: Source system or component where the event\
            \ originated (e.g., \"Jenkins\").\n  - `eventName`: Descriptive name of\
            \ the event (e.g., \"monitor-manager deployed.\").\n\nThe following fields\
            \ are **optional**:\n  - `eventDescription`: Additional context or details\
            \ about the event.\n\nCustom fields can also be added as needed to capture\
            \ domain-specific event data.\n"
          example:
            eventType:
              valueSource: Deploy
              mappingType: HardCoded
            eventPriority:
              valueSource: High
              mappingType: HardCoded
            eventSource:
              valueSource: Jenkins
              mappingType: HardCoded
            eventName:
              valueSource: monitor-manager deployed.
              mappingType: HardCoded
            eventDescription:
              valueSource: 2 containers in monitor-manager were upgraded.
              mappingType: HardCoded
    FieldMapping:
      required:
      - valueSource
      type: object
      properties:
        valueSource:
          maxLength: 256
          type: string
          description: The actual value or field reference for the mapping.
          example: Knobs Changes
        mappingType:
          pattern: ^(HardCoded)$
          type: string
          description: Specifies valueSource is hardcoded.
          example: HardCoded
          x-pattern-message: Must be `HardCoded`
    EventExtractionRulesQuotaUsage:
      required:
      - quota
      - remaining
      type: object
      properties:
        quota:
          type: integer
          description: Maximum number of EventExtractionRules allowed.
          format: int32
          example: 200
        remaining:
          type: integer
          description: Remaining number of EventExtractionRules allowed.
          format: int32
          example: 121
    ScanBudgetList:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of scan budgets.
          items:
            $ref: '#/components/schemas/ScanBudget'
        next:
          type: string
          description: Next continuation token.
    ScanBudget:
      allOf:
      - $ref: '#/components/schemas/ScanBudgetDefinition'
      - required:
        - createdAt
        - createdBy
        - id
        - modifiedAt
        - modifiedBy
        - orgId
        - resetDateOfMonth
        - resetDayOfWeek
        - resetTime
        - resetTimeZone
        type: object
        properties:
          id:
            type: string
            description: Id of the budget.
          orgId:
            type: string
            description: Org Id of the org for the budget.
          resetTime:
            maxLength: 5
            minLength: 5
            type: string
            description: Reset time of the time based scan budget in HH:MM format
            example: 1410
            default: 00:00
          resetTimeZone:
            type: string
            description: Time zone of the reset time for the time based scan budget.
              Follow the format in the [IANA Time Zone Database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
            example: America/Los_Angeles
            default: Etc/UTC
          resetDayOfWeek:
            pattern: ^(MONDAY|TUESDAY|WEDNESDAY|THURSDAY|FRIDAY|SATURDAY|SUNDAY)$
            type: string
            description: The day of the week when the budget resets, applicable for
              time based budgets with a Weekly window. Must be a valid day of the
              week.
            default: MONDAY
          resetDateOfMonth:
            maximum: 28
            minimum: 1
            type: integer
            description: The date of the month when the budget resets, applicable
              for time based budgets with a Monthly window. Must be a valid day of
              the month (1-28).
            format: int32
            default: 1
          createdAt:
            type: string
            description: Date & time when budget was created.
            format: date-time
          createdBy:
            type: string
            description: Id of the user who created the budget.
          modifiedAt:
            type: string
            description: Date & time when budget was last modified.
            format: date-time
          modifiedBy:
            type: string
            description: Id of the user who last modified the budget.
    ScanBudgetDefinition:
      required:
      - action
      - applicableOn
      - budgetType
      - capacity
      - groupBy
      - name
      - scope
      - unit
      - window
      type: object
      properties:
        name:
          type: string
          description: Name of the budget.
        capacity:
          type: integer
          description: Capacity of the budget.
          format: int64
        unit:
          pattern: ^(GB|MB|TB|KB)$
          type: string
          description: Unit of the budget.
          example: GB
        budgetType:
          $ref: '#/components/schemas/BudgetType'
        scope:
          $ref: '#/components/schemas/ScanBudgetScope'
        window:
          pattern: ^(Query|Daily|Weekly|Monthly)$
          type: string
          description: Window of the budget. Use Daily/Weekly/Monthly for creating
            a time based budget (beta)
          example: Query
        applicableOn:
          pattern: ^(PerEntity|Sum)$
          type: string
          description: Grouping of the budget.
          example: PerEntity
        groupBy:
          pattern: ^(User)$
          type: string
          description: Grouping Entity of the budget.
          example: User
        action:
          pattern: ^(StopForeGroundScan|Warn)$
          type: string
          description: Action to be taken if the budget is breached
          example: Warn
        status:
          pattern: ^(active|inactive)$
          type: string
          description: Signifies the state of the budget. (Active/Inactive)
          example: active
    BudgetType:
      pattern: ^(ScanBudget)$
      type: string
      description: Type of the budget.
      example: ScanBudget
    ScanBudgetScope:
      required:
      - excludedRoles
      - excludedUsers
      - includedRoles
      - includedUsers
      type: object
      properties:
        includedUsers:
          type: array
          description: List of userIds included in the budget.
          example:
          - 00000000000001DF
          - 00000000000002D2
          items:
            type: string
        excludedUsers:
          type: array
          description: List of userIds excluded in the budget.
          example:
          - 00000000000001DF
          - 00000000000002D2
          items:
            type: string
        includedRoles:
          type: array
          description: List of roleIds included in the budget.
          example:
          - 00000000000001DF
          - 00000000000002D2
          items:
            type: string
        excludedRoles:
          type: array
          description: List of roleIds excluded in the budget.
          example:
          - 00000000000001DF
          - 00000000000002D2
          items:
            type: string
    ScanBudgetUsageList:
      required:
      - data
      type: object
      properties:
        data:
          type: array
          description: List of budget usages
          items:
            $ref: '#/components/schemas/ScanBudgetUsage'
        next:
          type: string
          description: Next continuation token.
    ScanBudgetUsage:
      required:
      - budgetId
      - usage
      - usagePercentage
      type: object
      properties:
        budgetId:
          type: string
          description: Budget id.
        usage:
          type: integer
          description: Budget usage (in bytes).
          format: int64
        usagePercentage:
          type: integer
          description: Budget usage percentage.
          format: int64
    ContentSyncResponse:
      required:
      - jobId
      type: object
      properties:
        jobId:
          type: string
          description: Content Sync Job Id.
          example: 68B6D772B616DC06
    ContentSyncRequest:
      required:
      - contentList
      - destinationChildOrgInfo
      - sourceChildOrgInfo
      type: object
      properties:
        sourceChildOrgInfo:
          $ref: '#/components/schemas/ChildOrgInfo'
        destinationChildOrgInfo:
          $ref: '#/components/schemas/DestinationChildOrgInfo'
        contentList:
          type: array
          description: List of Content and Configuration Information.
          items:
            $ref: '#/components/schemas/Content_1'
    ChildOrgInfo:
      required:
      - orgId
      type: object
      properties:
        orgId:
          type: string
          description: Organization Identifier.
          example: us2-0000000000000006
        orgName:
          type: string
          description: Organization Name.
          example: Test Org Name
    DestinationChildOrgInfo:
      required:
      - excluded
      - included
      type: object
      properties:
        included:
          type: array
          description: Organization Info which needs to be included in Destination
            Organisation List.
          items:
            $ref: '#/components/schemas/ChildOrgInfo'
        excluded:
          type: array
          description: Organization Info which needs to be excluded from Destination
            Organisation List.
          items:
            $ref: '#/components/schemas/ChildOrgInfo'
    Content_1:
      required:
      - id
      - options
      - type
      type: object
      properties:
        id:
          type: string
          description: Identifier of Content or Configuration
          example: MATCH-S00574
        type:
          type: string
          description: Type Of Content.
          example: CSE_RULE
          enum:
          - CSE_RULE
          - CSE_TUNING_EXPRESSION
          - LIBRARY_FOLDER
          - DASHBOARD
          - SEARCH
          - SCHEDULED_SEARCH
          - MONITOR
          - MONITOR_FOLDER
          - SOURCE_TEMPLATE
          - LOOKUP_TABLE
        name:
          type: string
          description: Name of Content or Configuration
          example: Test CSE Rule
        options:
          maxProperties: 100
          type: object
          additionalProperties:
            type: string
          description: Advance Settings required for syncing content or configuration.
          example:
            includeCSERule: true
          default: {}
    ContentSyncStatusResponse:
      required:
      - progress
      - status
      type: object
      properties:
        status:
          type: string
          description: Content Sync Job status.
          example: Success
        progress:
          type: integer
          description: Content Sync Job progress percentage.
          example: 100
    RetryOptions:
      type: string
      description: Determines retry scope -> "ALL_CONTENTS" (default) retries all,
        "NON_SUCCESS_CONTENTS" retries only failed ones.
      enum:
      - ALL_CONTENTS
      - NON_SUCCESS_CONTENTS
      default: ALL_CONTENTS
    ContentSyncResult:
      required:
      - contentList
      type: object
      properties:
        contentList:
          type: array
          description: List of content sync items with details.
          items:
            $ref: '#/components/schemas/ContentSyncItemResult'
    ContentSyncItemResult:
      required:
      - childOrganization
      - contentId
      - message
      type: object
      properties:
        contentId:
          type: string
          description: Identifier of Content or Configuration
          example: MATCH-S00574
        message:
          type: string
          description: Message Passed while processing content or configuration sync.
          example: Sync Failed due to an Internal Error, Please check with support
            team for more details.
        childOrganization:
          $ref: '#/components/schemas/ChildOrgInfo'
    ContentSyncJobInfo:
      required:
      - contentList
      - destinationChildOrgInfo
      - sourceChildOrgInfo
      type: object
      properties:
        sourceChildOrgInfo:
          $ref: '#/components/schemas/ChildOrgInfo'
        destinationChildOrgInfo:
          $ref: '#/components/schemas/DestinationChildOrgInfo'
        contentList:
          type: array
          description: List of Content and Configuration Information.
          items:
            $ref: '#/components/schemas/Content_1'
    CreateJobResponse:
      type: object
      properties:
        warning:
          type: string
          description: Warnings value contains the detailed information about the
            warning while creating the search job.
        id:
          type: string
          description: The search job identifier.
        link:
          $ref: '#/components/schemas/Link'
    Link:
      type: object
      properties:
        rel:
          type: string
          description: Relation.
        href:
          type: string
          description: URL of the search job.
    CreateJobRequest:
      required:
      - from
      - query
      - timezone
      - to
      type: object
      properties:
        query:
          type: string
          description: 'The actual search expression. Ensure your query follows [RFC
            8259](https://datatracker.ietf.org/doc/html/rfc8259) and is valid JSON
            format,  you may need to escape certain characters to follow the [RFC
            8259](https://datatracker.ietf.org/doc/html/rfc8259).

            '
          example: _sourceCategory=service
        from:
          maxLength: 20
          type: string
          description: 'The start date and time of the search. This follows the [ISO
            8601](https://www.w3.org/TR/NOTE-datetime) date and time format.

            '
          example: 2017-07-26 00:00:00
        to:
          maxLength: 20
          type: string
          description: 'The end date and time of the search. This follows the [ISO
            8601](https://www.w3.org/TR/NOTE-datetime) date and time format.

            '
          example: 2017-07-26 00:00:00
        timezone:
          type: string
          description: The time zone if from/to is not in milliseconds. See this [Wikipedia
            article](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones)
            for a list of time zone codes.
          default: UTC
        autoParsingMode:
          pattern: ^(Manual|AutoParse)$
          type: string
          description: 'Define the parsing mode to scan the JSON format log messages.
            Possible values are:


            AutoParse - System automatically figures out the fields to parse based
            on the search query.


            Manual - No fields are parsed out automatically. For more information,
            refer to the [Dynamic Parsing](https://help.sumologic.com/docs/manage/field-extractions/create-field-extraction-rule/).

            '
          example: Manual
          default: Manual
          x-pattern-message: should be either 'Manual' or 'AutoParse'
        requiresRawMessages:
          type: string
          description: 'On enabling this field, the log messages applicable to the
            search are returned. Maximum value is 100,000. This is only applicable
            for aggregate queries.

            '
          default: 'false'
        maxRawRecords:
          type: string
          description: Maximum number of raw records to finish the search.
        intervalTimeType:
          pattern: ^(messageTime|receiptTime|searchableTime)$
          type: string
          description: This parameter defines whether you want to run the search by
            messageTime, receiptTime or searchableTime.
          example: messageTime
          default: messageTime
          x-pattern-message: should be either 'messageTime' or 'receiptTime' or 'searchableTime'
    SearchJobStatusResponse:
      type: object
      properties:
        warning:
          type: string
          description: Warnings value contains the detailed information about the
            warning while obtaining the current status of a search job.
        state:
          type: string
          description: Search job state.
          example: DONE GATHERING RESULTS
        histogramBuckets:
          type: array
          description: Histogram buckets for the query.
          items:
            $ref: '#/components/schemas/HistogramBucket'
        messageCount:
          type: integer
          description: Number of messages found or produced so far.
          format: int64
        recordCount:
          type: integer
          description: Number of records found or produced so far.
          format: int64
        pendingWarnings:
          type: array
          description: Pending warnings that have accumulated since the last time
            the status was requested.
          items:
            type: string
        pendingErrors:
          type: array
          description: Pending errors that have accumulated since the last time the
            status was requested.
          items:
            type: string
        usageDetails:
          type: object
          properties:
            dataScannedInBytes:
              type: integer
              description: Data Scanned in Bytes.
              format: int64
          description: Usage details about the search job api. It includes data scanned
            in bytes during the search.
    HistogramBucket:
      required:
      - count
      - length
      - startTimestamp
      type: object
      properties:
        startTimestamp:
          type: integer
          description: Start time of the bucket.
          format: int64
        length:
          type: integer
          description: Length is in milliseconds, tells the width of the bucket.
          format: int64
        count:
          type: integer
          description: Count of messages in this bucket.
    SearchJobDeleteResponse:
      type: object
      properties:
        warning:
          type: string
          description: Warnings value contains the detailed information about the
            warning while deleting a search job.
        jobId:
          type: string
          description: The Id of the search job which is deleted.
    SearchQueryPaginatedMessages:
      required:
      - fields
      - messages
      - warning
      type: object
      properties:
        warning:
          type: string
          description: Detailed information about the warning while paging through
            the messages found by a search job.
        fields:
          type: array
          description: List of all the fields defined for each of the messages returned.
          items:
            $ref: '#/components/schemas/Field'
        messages:
          type: array
          description: Map of the field names to the field values.
          items:
            $ref: '#/components/schemas/Message'
    Field:
      required:
      - fieldType
      - keyField
      - name
      type: object
      properties:
        name:
          type: string
          description: Name of the field.
        fieldType:
          type: string
          description: Type of the field.
          example: long
        keyField:
          type: boolean
          description: Flag if the field is a key field.
    Message:
      type: object
      properties:
        map:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Map message values.
    SearchQueryPaginatedRecords:
      required:
      - fields
      - messages
      type: object
      properties:
        warning:
          type: string
          description: Detailed information about the warning while paging through
            the records found by a search job.
        fields:
          type: array
          description: List of all the fields defined for each of the records returned.
          items:
            $ref: '#/components/schemas/Field'
        records:
          type: array
          description: Map of the field names to the field values.
          items:
            $ref: '#/components/schemas/Record'
    Record:
      type: object
      properties:
        map:
          maxProperties: 1000
          type: object
          additionalProperties:
            type: string
          description: Map Records values.
    PaginatedMacros:
      required:
      - macros
      type: object
      properties:
        data:
          type: array
          description: List of macros.
          items:
            $ref: '#/components/schemas/Macro'
        next:
          type: string
          description: Next continuation token. `token` is set to null when no more
            pages are left.
          example: GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc
    Macro:
      allOf:
      - $ref: '#/components/schemas/MacroRequest'
      - required:
        - createdAt
        - createdBy
        - id
        type: object
        properties:
          id:
            type: string
            description: 'Unique identifier for the macro. This id is used to get
              detailed information about the macro, such as name, definition, arguments
              and argument validations.

              '
            example: C03E086C137F38B4
          createdAt:
            type: string
            description: Creation timestamp of the macro in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
              format.
            format: date-time
            example: 2024-10-01 09:10:00+00:00
          createdBy:
            type: string
            description: The identifier of the user who created the macro.
            example: 0000000006743FDD
    MacroRequest:
      allOf:
      - $ref: '#/components/schemas/BaseMacroRequest'
      - required:
        - name
        type: object
        properties:
          name:
            maxLength: 128
            minLength: 1
            type: string
            description: Name of the macro.
            example: MacroGeoLookup
          macroCreationSuggestionId:
            type: string
            description: Identifier if the suggestion comes from an macro creation
              suggestion. This id is used to track macro creation suggestions, and
              to delete the suggestion once the macro is created.
            example: ABC12
    BaseMacroRequest:
      required:
      - definition
      type: object
      properties:
        description:
          maxLength: 4000
          type: string
          description: Description of the macro.
          example: Macro for geo lookup.
        definition:
          type: string
          description: The definition of the macro. Use a valid Sumo Log Search expression.
          example: 'lookup latitude, longitude from geo://location on ip = {{ip_field}}
            | count by latitude, longitude | sort _count"

            '
        enabled:
          type: boolean
          description: If the macro is enabled or not (default True)
          default: true
        arguments:
          type: array
          description: Arguments used in the macro.
          items:
            $ref: '#/components/schemas/Argument'
        argumentValidations:
          type: array
          description: Validation expressions for the arguments.
          items:
            $ref: '#/components/schemas/ArgumentValidation'
    Argument:
      required:
      - name
      type: object
      properties:
        name:
          type: string
          description: Argument name for the macro.
          example: ip_field
        type:
          pattern: ^(String|Any|Number|Keyword)$
          type: string
          description: The type of the macro.
          example: String
          default: String
          x-pattern-message: Must be `String`, `Any`, `Number or `Keyword`.
    ArgumentValidation:
      required:
      - errorMessage
      - evalExpression
      type: object
      properties:
        evalExpression:
          type: string
          description: The expression to validate a macro argument.
          example: isValidIp(ip_field)
        errorMessage:
          type: string
          description: Error message to be shown if the macro argument validation
            fails.
          example: You need to enter a field name which is a valid ip.
    IdToMonitorTemplatesLibraryBaseResponseMap:
      maxProperties: 1000
      type: object
      additionalProperties:
        $ref: '#/components/schemas/MonitorTemplatesLibraryBaseResponse'
    ListMonitorTemplatesLibraryItemWithPath:
      type: array
      description: Multi-type list of types monitortemplate or folder.
      items:
        $ref: '#/components/schemas/MonitorTemplatesLibraryItemWithPath'
    MonitorTemplatesLibraryItemWithPath:
      required:
      - item
      - path
      type: object
      properties:
        item:
          $ref: '#/components/schemas/MonitorTemplatesLibraryBaseResponse'
        path:
          type: string
          description: Path of the monitortemplate or folder.
          example: /MonitorTemplates/SampleFolder/TestMonitortemplate
    IdToMutingSchedulesLibraryBaseResponseMap:
      maxProperties: 1000
      type: object
      additionalProperties:
        $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse'
    ListMutingSchedulesLibraryItemWithPath:
      type: array
      description: Multi-type list of types mutingschedule or folder.
      items:
        $ref: '#/components/schemas/MutingSchedulesLibraryItemWithPath'
    MutingSchedulesLibraryItemWithPath:
      required:
      - item
      - path
      type: object
      properties:
        item:
          $ref: '#/components/schemas/MutingSchedulesLibraryBaseResponse'
        path:
          type: string
          description: Path of the mutingschedule or folder.
          example: /MutingSchedules/SampleFolder/TestMutingschedule
    IdToSlosLibraryBaseResponseMap:
      maxProperties: 1000
      type: object
      additionalProperties:
        $ref: '#/components/schemas/SlosLibraryBaseResponse'
    ListSlosLibraryItemWithPath:
      type: array
      description: Multi-type list of types slo or folder.
      items:
        $ref: '#/components/schemas/SlosLibraryItemWithPath'
    SlosLibraryItemWithPath:
      required:
      - item
      - path
      type: object
      properties:
        item:
          $ref: '#/components/schemas/SlosLibraryBaseResponse'
        path:
          type: string
          description: Path of the slo or folder.
          example: /Slos/SampleFolder/TestSlo
    IdToMonitorsLibraryBaseResponseMap:
      maxProperties: 1000
      type: object
      additionalProperties:
        $ref: '#/components/schemas/MonitorsLibraryBaseResponse'
    ListMonitorsLibraryItemWithPath:
      type: array
      description: Multi-type list of types monitor or folder.
      items:
        $ref: '#/components/schemas/MonitorsLibraryItemWithPath'
    MonitorsLibraryItemWithPath:
      required:
      - item
      - path
      type: object
      properties:
        item:
          $ref: '#/components/schemas/MonitorsLibraryBaseResponse'
        path:
          type: string
          description: Path of the monitor or folder.
          example: /Monitors/SampleFolder/TestMonitor
    IdToAlertsLibraryBaseResponseMap:
      maxProperties: 1000
      type: object
      additionalProperties:
        $ref: '#/components/schemas/AlertsLibraryBaseResponse'
    ListAlertsLibraryItemWithPath:
      type: array
      description: Multi-type list of types alert or folder.
      items:
        $ref: '#/components/schemas/AlertsLibraryItemWithPath'
    AlertsLibraryItemWithPath:
      required:
      - item
      - path
      type: object
      properties:
        item:
          $ref: '#/components/schemas/AlertsLibraryBaseResponse'
        path:
          type: string
          description: Path of the alert or folder.
          example: /Alerts/SampleFolder/TestAlert
    OperatorData:
      required:
      - operatorName
      - parameters
      type: object
      properties:
        operatorName:
          type: string
          description: The name of the metrics operator.
          example: avg
        parameters:
          type: array
          description: A list of operator parameters for the operator data.
          items:
            $ref: '#/components/schemas/OperatorParameter'
      description: The operator data for metrics query.
      example:
        operatorName: avg
        parameters:
        - key: aggregator
          value: max
        - key: operation
          value: ''
        - key: value
          value: 50
    OperatorParameter:
      required:
      - key
      - value
      type: object
      properties:
        key:
          type: string
          description: The key of the operator parameter.
          example: operation
        value:
          type: string
          description: The value of the operator parameter.
          example: '>'
      description: The operator parameter for operator data.
      example:
        key: aggregator
        value: max
    TracesQueryData:
      required:
      - filters
      type: object
      properties:
        filters:
          type: array
          description: A list of filters for the traces query.
          items:
            $ref: '#/components/schemas/TracesFilter'
      description: The data format describing a basic traces query.
    TracesFilter:
      required:
      - type
      type: object
      properties:
        type:
          pattern: ^(FieldDescriptor|DurationMetricDescriptor|NumericMetricDescriptor|CPCOfFilterDescriptor|MaxCPCOfFilterDescriptor|MaxCPCFilterDescriptor)$|^$
          type: string
          description: The type of the filter.
          example: FieldDescriptor
          x-pattern-message: Must be `FieldDescriptor`, `DurationMetricDescriptor`,
            `NumericMetricDescriptor`, `CPCOfFilterDescriptor`, `MaxCPCOfFilterDescriptor`
            or `MaxCPCFilterDescriptor`
      description: The filter for traces query.
      discriminator:
        propertyName: type
    SpansFilter:
      required:
      - fieldName
      - type
      type: object
      properties:
        type:
          pattern: ^(StandaloneKey|KeyValuePair)$
          type: string
          description: The spans filter type.
          example: StandaloneKey
          x-pattern-message: Must be `StandaloneKey` or `KeyValuePair`.
        fieldName:
          type: string
          description: The name of the filtering field.
          example: service
      discriminator:
        propertyName: type
        mapping:
          StandaloneKey: '#/components/schemas/SpansFilterStandaloneKey'
          KeyValuePair: '#/components/schemas/SpansFilterKeyValuePair'
    SpansVisualization:
      required:
      - name
      - type
      type: object
      properties:
        type:
          pattern: ^(count|calculation)$
          type: string
          description: The visualization type.
          example: count
          x-pattern-message: Must be `count` or `calculation`
        name:
          type: string
          description: A unique name of the visualization.
          example: duration_pct_95
      discriminator:
        propertyName: type
        mapping:
          count: '#/components/schemas/SpansCountVisualization'
          calculation: '#/components/schemas/SpansCalculationVisualization'
    SpansGroupBy:
      required:
      - type
      type: object
      properties:
        type:
          pattern: ^(time|field)$
          type: string
          description: The type of the group-by clause.
          example: time
          x-pattern-message: Must be `time` or `field`
      discriminator:
        propertyName: type
        mapping:
          time: '#/components/schemas/SpansTimeGroupBy'
          field: '#/components/schemas/SpansFieldGroupBy'
    SpansLimitItem:
      required:
      - direction
      - limitValue
      type: object
      properties:
        direction:
          pattern: ^(asc|desc)$
          type: string
          description: Describes whether the results should be sorted in an ascending
            or a descending order.
          example: asc
          x-pattern-message: Must be `asc` or `desc`
        limitValue:
          type: integer
          description: 'The number of aggregated results returned, e.g. if 10 is requested,
            then only the first 10 aggregated results are returned.

            '
          format: int32
          example: 10
      description: 'A representation of the limit operator which reduces the number
        of aggregate results returned:  either the top k results or bottom k results.

        '
    LinkedDashboard:
      required:
      - id
      type: object
      properties:
        id:
          type: string
          description: Identifier of the linked dashboard.
          example: B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2
        relativePath:
          type: string
          description: Relative path of the linked dashboard to the dashboard of the
            linking panel.
          example: ./subdirectory/LinkedDashboard
        includeTimeRange:
          type: boolean
          description: Include time range from the current dashboard to the linked
            dashboard.
          example: true
          default: true
        includeVariables:
          type: boolean
          description: Include variables from the current dashboard to the linked
            dashboard.
          example: true
          default: true
    VariableValuesData:
      required:
      - variableValues
      type: object
      properties:
        variableValues:
          type: array
          description: Values for the variable.
          example:
          - myCluster
          items:
            type: string
        status:
          $ref: '#/components/schemas/DashboardSearchStatus'
        variableType:
          pattern: ^(LogQueryVariableSourceDefinition|MetadataVariableSourceDefinition|CsvVariableSourceDefinition|FilterSourceDefinition)$
          type: string
          description: The type of the variable.
          example: LogQueryVariableSourceDefinition
          x-pattern-message: Must be `LogQueryVariableSourceDefinition`, `MetadataVariableSourceDefinition`
            `CsvVariableSourceDefinition` or `FilterSourceDefinition`.
        valueType:
          type: string
          description: 'The type of value of the variable. Allowed values are `String`,
            Any`, `Numeric`, `Integer`, `Long`, `Double`, `Boolean`. - `String` considers
            as a single phrase and will wrap in double-quotes. - `Any` is all characters.
            - `Numeric` consists of a numeric value for variables, it will be displayed
            differently in the UI. - `Integer` is a variable with an `Int` value.
            - `Long` is a variable with a `Long` value. - `Double` is a variable with
            a `Double` value. - `Boolean` is a variable with a `Boolean` value.

            '
          example: Any
          default: Any
        allowMultiSelect:
          type: boolean
          description: Allow multiple selections in the values dropdown.
          example: false
          default: false
        variableKey:
          type: string
          description: The key of the variable.
          example: _source
        errors:
          type: array
          description: Generic errors returned by backend from downstream assemblies.
            More specific errors will be thrown in the future.
          items:
            $ref: '#/components/schemas/ErrorDescription'
      description: Variable values, status, type and errors for the variable values
        search.
    ParameterAutoCompleteSyncDefinition:
      required:
      - autoCompleteType
      type: object
      properties:
        autoCompleteType:
          type: string
          description: "The autocomplete parameter type. Supported values are:\n \
            \ 1. `SKIP_AUTOCOMPLETE`\n  2. `CSV_AUTOCOMPLETE`\n  3. `AUTOCOMPLETE_KEY`\n\
            \  4. `VALUE_ONLY_AUTOCOMPLETE`\n  5. `VALUE_ONLY_LOOKUP_AUTOCOMPLETE`\n\
            \  6. `LABEL_VALUE_LOOKUP_AUTOCOMPLETE`"
        autoCompleteKey:
          type: string
          description: The autocomplete key to be used to fetch autocomplete values.
          example: Ephemeral-3644138589235809747-1583470806220-parameter
        autoCompleteValues:
          type: array
          description: The array of values of the corresponding autocomplete parameter.
          items:
            $ref: '#/components/schemas/AutoCompleteValueSyncDefinition'
        lookupFileName:
          type: string
          description: The lookup file to use as a source for autocomplete values.
        lookupLabelColumn:
          type: string
          description: The column from the lookup file to use for autocomplete labels.
        lookupValueColumn:
          type: string
          description: The column from the lookup file to fill the actual value when
            a particular label is selected.
    AutoCompleteValueSyncDefinition:
      required:
      - label
      - value
      type: object
      properties:
        label:
          type: string
          description: The label of the autocomplete value.
        value:
          type: string
          description: The value of the autocomplete value.
    MetricsQuerySyncDefinition:
      required:
      - query
      - rowId
      type: object
      properties:
        query:
          type: string
          description: The text of a metrics query.
        rowId:
          type: string
          description: A label referring to the query; used if other metrics queries
            reference this one.
    ReportAutoParsingInfo:
      type: object
      properties:
        mode:
          pattern: ^(intelligent|performance)$|^$
          type: string
          description: Can be `intelligent` or `performance`
          example: performance
          default: performance
      description: Auto-parsing information for the panel. This information tells
        us whether automatic field extraction from JSON log messages is enabled or
        not
    ReportScheduleSyncDefinition:
      required:
      - emailNotification
      - reportFormat
      - scheduleType
      - timeZone
      type: object
      properties:
        timeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
        variableValues:
          $ref: '#/components/schemas/VariablesValuesData'
        reportFormat:
          pattern: ^(Pdf|Png)$
          type: string
          description: File format of the report. Can be `Pdf` or `Png`. `Pdf` is
            portable document format. `Png` is portable graphics image format.
          example: Pdf
          x-pattern-message: 'should be one of the following: ''Pdf'', ''Png'''
        scheduleType:
          type: string
          description: "Run schedule of the scheduled report. Set to \"Custom\" to\
            \ specify the schedule with a CRON expression. Possible schedule types\
            \ are:\n  - `RealTime`\n  - `15Minutes`\n  - `1Hour`\n  - `2Hours`\n \
            \ - `4Hours`\n  - `6Hours`\n  - `8Hours`\n  - `12Hours`\n  - `1Day`\n\
            \  - `1Week`\n  - `Custom`"
          example: 1Day
        cronExpression:
          type: string
          description: Cron-like expression specifying the report's schedule. Field
            scheduleType must be set to "Custom", otherwise, scheduleType takes precedence
            over cronExpression.
          example: 0 0/15 * * * ? *
        timeZone:
          maxLength: 1024
          minLength: 1
          type: string
          description: Time zone identifier for time specification. Either an abbreviation
            such as "PST", a full name such as "America/Los_Angeles", or a custom
            ID such as "GMT-8:00". Note that the support of abbreviations is for JDK
            1.1.x compatibility only and full names should be used.
          example: America/Los_Angeles
        emailNotification:
          $ref: '#/components/schemas/Email'
        isActive:
          type: boolean
          description: Is the dashboard report schedule active
          default: true
    SavedSearchSyncDefinitionBase:
      required:
      - byReceiptTime
      - queryParameters
      - queryText
      type: object
      properties:
        queryText:
          type: string
          description: The text of a Sumo Logic query.
        byReceiptTime:
          type: boolean
          description: Set it to true to run the search using receipt time. By default,
            searches do not run by receipt time.
          default: false
        viewName:
          type: string
          description: The name of the Scheduled View that has indexed the data you
            want to search.
        viewStartTime:
          type: string
          description: Start timestamp of the Scheduled View in UTC format.
          format: date-time
        queryParameters:
          type: array
          description: An array of search query parameter objects.
          items:
            $ref: '#/components/schemas/QueryParameterSyncDefinition'
        parsingMode:
          type: string
          description: "Define the parsing mode to scan the JSON format log messages.\
            \ Possible values are:\n  1. `AutoParse`\n  2. `Manual`\nIn AutoParse\
            \ mode, the system automatically figures out fields to parse based on\
            \ the search query. While in the Manual mode, no fields are parsed out\
            \ automatically. For more information see [Dynamic Parsing](https://help.sumologic.com/?cid=0011)."
          example: AutoParse
          default: Manual
        intervalTimeType:
          pattern: ^(messageTime|receiptTime|searchableTime)$
          type: string
          description: This parameter defines whether you want to run the search by
            messageTime, receiptTime, or searchableTime.  By default, the search will
            run by messageTime. If both runByReceiptTime and intervalTimeType parameters
            are present then the preference will be given to the intervalTimeType.
            This is available in beta only(Contact your sumologic representative to
            enable this feature).
          example: messageTime
          default: messageTime
          x-pattern-message: 'must be one of the following: `messageTime`, `receiptTime`,
            `searchableTime`'
    SearchScheduleWithDependencySyncDefinition:
      type: object
      properties:
        searchSchedule:
          $ref: '#/components/schemas/SearchScheduleSyncDefinition'
        dependencyDetail:
          $ref: '#/components/schemas/ScheduleDependencyDetail'
        lookupTableDependencies:
          type: array
          description: Lookup tables that this search schedule depends on
          items:
            $ref: '#/components/schemas/LookupTableSyncDefinition'
    ScheduleDependencyDetail:
      required:
      - endpointDetail
      type: object
      properties:
        endpointDetail:
          $ref: '#/components/schemas/ConnectionDefinition'
    MetricsSavedSearchQuerySyncDefinition:
      required:
      - query
      - rowId
      type: object
      properties:
        rowId:
          type: string
          description: Row id. All rows ids are represented by subsequent upper case
            letters starting with `A`.
          example: A
        query:
          type: string
          description: Metrics query.
          example: my_metric | avg
      description: Definition of a metrics query.
    ResourceIdentity:
      required:
      - id
      - type
      type: object
      properties:
        id:
          type: string
          description: The unique identifier of the resource.
          example: C03E086C137F38B4
        name:
          type: string
          description: The name of the resource.
          example: S3 Source, Scheduled View name.
          default: Unknown
        type:
          type: string
          description: -> Resource type. Supported types are - `Collector`, `Source`,
            `IngestBudget` and `Organisation`.
          example: Collector
      discriminator:
        propertyName: type
        mapping:
          Collector: '#/components/schemas/CollectorResourceIdentity'
          Source: '#/components/schemas/SourceResourceIdentity'
          IngestBudget: '#/components/schemas/IngestBudgetResourceIdentity'
          Organisation: '#/components/schemas/OrgIdentity'
          LogsToMetricsRule: '#/components/schemas/LogsToMetricsRuleIdentity'
          ScheduledView: '#/components/schemas/ScheduledViewResourceIdentity'
    TrackerIdentity:
      required:
      - description
      - error
      - trackerId
      type: object
      properties:
        trackerId:
          type: string
          description: Name that uniquely identifies the health event. It focuses
            on what happened rather than why.
        error:
          type: string
          description: Description of the underlying reason for the event change.
          example: Access denied to Amazon S3 bucket
        description:
          type: string
          description: A more elaborate description of why the event occurred.
          example: S3 collection is not working as expected because of access issues.
      discriminator:
        propertyName: description
    DataIngestAffectedTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    S3CollectionErrorTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    FileCollectionErrorTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    AwsCloudWatchCollectionErrorTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    AwsInventoryCollectionErrorTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    CSEWindowsErrorTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    CSEWindowsAccessErrorTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    CSEWindowsSensorOutOfStorageTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    CSEWindowsParsingErrorTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    CSEWindowsExcessiveBacklogTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    MetricsMetadataKeyLengthLimitExceededTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker'
    MetricsMetadataLimitsExceededTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    MetricsMetadataValueLengthLimitExceededTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker'
    MetricsMetadataKeyValuePairsLimitExceededTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker'
    MetricsMetadataTotalMetadataSizeLimitExceededTracker:
      allOf:
      - $ref: '#/components/schemas/TrackerIdentity'
      - $ref: '#/components/schemas/MetricsMetadataLimitsExceededTracker'
    MetricNameErrorTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    OTCReceiverErrorTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    OTCExporterErrorTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    OTCProcessErrorTracker:
      type: object
      properties:
        eventType:
          type: string
          description: Event type.
      discriminator:
        propertyName: eventType
    Action:
      required:
      - connectionType
      type: object
      properties:
        connectionType:
          pattern: ^(Email|AWSLambda|AzureFunctions|Datadog|HipChat|Jira|NewRelic|Opsgenie|PagerDuty|Slack|MicrosoftTeams|ServiceNow|SumoCloudSOAR|Webhook)$
          type: string
          description: "Connection type of the connection. Valid values:\n  1.  `Email`\n\
            \  2.  `AWSLambda`\n  3.  `AzureFunctions`\n  4.  `Datadog`\n  5.  `HipChat`\n\
            \  6.  `Jira`\n  7.  `NewRelic`\n  8.  `Opsgenie`\n  9.  `PagerDuty`\n\
            \  10. `Slack`\n  11. `MicrosoftTeams`\n  12. `ServiceNow`\n  13. `SumoCloudSOAR`\n\
            \  14. `Webhook`"
          x-pattern-message: 'should be one of the following: ''Email'', ''AWSLambda'',
            ''AzureFunctions'', ''Datadog'', ''HipChat'', ''Jira'', ''NewRelic'',
            ''Opsgenie'', ''PagerDuty'', ''Slack'', ''MicrosoftTeams'', ''ServiceNow'',
            ''SumoCloudSOAR'' and ''Webhook'''
      description: The base class of all connection types.
      discriminator:
        propertyName: connectionType
    StaticThreshold:
      type: number
      description: The data value for the condition. This defines the threshold for
        when to trigger. Threshold value is not applicable for `MissingData` and `ResolvedMissingData`
        triggerTypes and will be ignored if specified.
      format: double
      example: 50.0
      default: 0.0
    StaticThresholdType:
      pattern: ^(LessThan|GreaterThan|LessThanOrEqual|GreaterThanOrEqual)$
      type: string
      description: "The comparison type for the `threshold` evaluation. This defines\
        \ how you want the data value compared. Valid values:\n  1. `LessThan`: Less\
        \ than than the configured threshold.\n  2. `GreaterThan`: Greater than the\
        \ configured threshold.\n  3. `LessThanOrEqual`: Less than or equal to the\
        \ configured threshold.\n  4. `GreaterThanOrEqual`: Greater than or equal\
        \ to the configured threshold.\nThresholdType value is not applicable for\
        \ `MissingData` and `ResolvedMissingData` triggerTypes and will be ignored\
        \ if specified."
      example: GreaterThanOrEqual
      default: GreaterThanOrEqual
      x-pattern-message: 'should be one of the following: ''LessThan'', ''GreaterThan'',
        ''LessThanOrEqual'', or ''GreaterThanOrEqual'''
    OccurrenceType:
      pattern: ^(AtLeastOnce|Always|ResultCount|MissingData)$
      type: string
      description: "The criteria to evaluate the threshold and thresholdType in the\
        \ given time range. Valid values:\n  1. `AtLeastOnce`: Trigger if the threshold\
        \ is met at least once. (NOTE: This is the only valid value if monitorType\
        \ is `Metrics`.)\n  2. `Always`: Trigger if the threshold is met continuously.\
        \ (NOTE: This is the only valid value if monitorType is `Metrics`.)\n  3.\
        \ `ResultCount`: Trigger if the threshold is met against the count of results.\
        \ (NOTE: This is the only valid value if monitorType is `Logs`.)\n  4. `MissingData`:\
        \ Trigger if the data is missing. (NOTE: This is valid for both `Logs` and\
        \ `Metrics` monitorTypes)"
      example: ResultCount
      x-pattern-message: 'should be one of the following: ''AtLeastOnce'', ''Always'',
        ''ResultCount'' or ''MissingData'''
    TriggerSource:
      pattern: ^(AllTimeSeries|AnyTimeSeries|AllResults)$
      type: string
      description: "Determines which time series from queries to use for Metrics MissingData\
        \ and ResolvedMissingData triggers Valid values:\n  1. `AllTimeSeries`: Evaluate\
        \ the condition against all time series. (NOTE: This option is only valid\
        \ if monitorType is `Metrics`)\n  2. `AnyTimeSeries`: Evaluate the condition\
        \ against any time series. (NOTE: This option is only valid if monitorType\
        \ is `Metrics`)\n  3. `AllResults`: Evaluate the condition against results\
        \ from all queries. (NOTE: This option is only valid if monitorType is `Logs`)"
      example: AllResults
      x-pattern-message: 'should be one of the following: ''AllTimeSeries'', ''AnyTimeSeries'',
        or ''AllResults'''
    OutlierDirection_1:
      pattern: ^(Both|Up|Down)$
      type: string
      description: Specifies which direction should trigger violations.
      example: Up
      default: Both
      x-pattern-message: 'should be one of the following: ''Both'', ''Up'', ''Down'''
    BurnRate:
      required:
      - burnRateThreshold
      - timeRange
      type: object
      properties:
        burnRateThreshold:
          type: number
          description: The error budget depletion percentage.
          format: double
          example: 90
        timeRange:
          type: string
          description: The relative time range for measuring error budget depletion.
          example: -2h
      description: Object containing error budget depletion and alert time range.
    MonitorDependency:
      required:
      - endpointDetail
      type: object
      properties:
        endpointDetail:
          $ref: '#/components/schemas/ConnectionDefinition'
    logs-data-forwarding-rule-management:
      type: object
    LogSearchScheduleSyncDefinition:
      required:
      - notification
      - parseableTimeRange
      - scheduleType
      - timeZone
      type: object
      properties:
        cronExpression:
          type: string
          description: Cron-like expression specifying the search's schedule. Field
            scheduleType must be set to "Custom", otherwise, scheduleType takes precedence
            over cronExpression.
          example: 0 0/15 * * * ? *
        displayableTimeRange:
          type: string
          description: A human-friendly text describing the query time range. For
            e.g. "-2h", "last three days", "team default time". This value can not
            be set via API.
          example: -2h
        parseableTimeRange:
          $ref: '#/components/schemas/ResolvableTimeRange'
        timeZone:
          type: string
          description: Time zone identifier for time specification. Either an abbreviation
            such as "PST", a full name such as "America/Los_Angeles", or a custom
            ID such as "GMT-8:00". Note that the support of abbreviations is for JDK
            1.1.x compatibility only and full names should be used. The GMT time zone
            is chosen if the given time zone cannot be identified.
        threshold:
          $ref: '#/components/schemas/LogSearchNotificationThresholdSyncDefinition'
        notification:
          $ref: '#/components/schemas/ScheduleNotificationSyncDefinition'
        scheduleType:
          pattern: ^(RealTime|15Minutes|1Hour|2Hours|4Hours|6Hours|8Hours|12Hours|1Day|1Week|Custom)$
          type: string
          description: "Run schedule of the scheduled search. Set to \"Custom\" to\
            \ specify the schedule with a CRON expression.Please note that with Custom,\
            \ 1Day and 1Week schedule types you need to provide the corresponding\
            \ cron expression to determine when to actually run the search. e.g. Sample\
            \ Valid Cron for 1Day is \"0 0 16 ? * 2-6 *\". Possible schedule types\
            \ are:\n  - `RealTime`\n  - `15Minutes`\n  - `1Hour`\n  - `2Hours`\n \
            \ - `4Hours`\n  - `6Hours`\n  - `8Hours`\n  - `12Hours`\n  - `1Day`\n\
            \  - `1Week`\n  - `Custom`"
        muteErrorEmails:
          type: boolean
          description: If enabled, emails are not sent out in case of errors with
            the search.
        parameters:
          maxLength: 50
          type: array
          description: 'A list of scheduled search template parameters to be used
            while executing the query. This is different from the queryParameters
            field in parent object as this field will be  used for execution as  per
            the schedule. The parent object field is for search itself, not part of
            execution.  Learn more about the search templates here :  https://help.sumologic.com/docs/search/get-started-with-search/build-search/search-templates/'
          items:
            $ref: '#/components/schemas/ScheduleSearchParameterSyncDefinition'
    LogSearchNotificationThresholdSyncDefinition:
      required:
      - count
      - operator
      type: object
      properties:
        thresholdType:
          pattern: ^(message|group)$
          type: string
          description: "This property is deprecated. The system will automatically\
            \ infer the value of this field from the query going forward, so the user-specified\
            \ value will no longer be honored.\nThreshold type. Possible values are:\n\
            \ 1. `message`\n 2. `group`\n\nUse `group` as threshold type if the search\
            \ query is of aggregate type. For non-aggregate queries, set it to `message`."
        operator:
          pattern: ^(eq|gt|ge|lt|le)$
          type: string
          description: "Criterion to be applied when comparing actual result count\
            \ with expected count. Possible values are:\n 1. `eq`\n 2. `gt`\n 3. `ge`\n\
            \ 4. `lt`\n 5. `le`"
        count:
          type: integer
          description: Expected result count.
    Metadata:
      required:
      - createdAt
      - createdBy
      - modifiedAt
      - modifiedBy
      type: object
      properties:
        createdAt:
          type: string
          description: Creation timestamp in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format.
          format: dateTime
        createdBy:
          type: string
          description: Identifier of the user who created the resource.
        modifiedAt:
          type: string
          description: Last modification timestamp in UTC.
          format: dateTime
        modifiedBy:
          type: string
          description: Identifier of the user who last modified the resource.
    TopologyLabelMap:
      required:
      - data
      type: object
      properties:
        data:
          maxProperties: 1000
          type: object
          additionalProperties:
            $ref: '#/components/schemas/TopologyLabelValuesList'
          description: Map from topology labels to `TopologyLabelValuesList`.
      description: 'Map of the topology labels. Each label has a key and a list of
        values. If a value is `*`, it means the label will match content for all values
        of its key.

        '
      example:
        data:
          service:
          - kube-scheduler
          - kube-dns
    TopologyLabelValuesList:
      type: array
      description: List of values corresponding to a key of a label.
      example:
      - kube-scheduler
      items:
        type: string
        description: Value of the label.
    Iso8601TimeRange:
      required:
      - end
      - start
      type: object
      properties:
        start:
          type: string
          description: Start time in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format
          format: date-time
          example: 2018-10-16 09:10:00+00:00
        end:
          type: string
          description: End time in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339)
            format
          format: date-time
          example: 2018-10-16 09:20:00+00:00
      description: 'A simple time range class, where the start and end points are
        specified in UTC in [RFC3339](https://tools.ietf.org/html/rfc3339) format

        '
  securitySchemes:
    basicAuth:
      type: http
      scheme: basic
x-tagGroups:
- name: Archive Management
  tags:
  - archiveManagement
- name: Health Events
  tags:
  - healthEvents
- name: Infrequent Data Tier
  tags:
  - logSearchesEstimatedUsage
- name: Ingest Budgets Management V2
  tags:
  - ingestBudgetManagementV2
- name: Library Management
  tags:
  - appManagement
  - appManagementV2
  - contentManagement
  - dashboardManagement
  - folderManagement
  - lookupManagement
  - contentPermissions
  - logSearchesManagement
  - parsersLibraryManagement
- name: Metrics
  tags:
  - metricsSearchesManagement
  - transformationRuleManagement
  - metricsQuery
  - metricsSearchesManagementV2
- name: Security Management
  tags:
  - accessKeyManagement
  - oauthManagement
  - accountManagement
  - passwordPolicy
  - policiesManagement
  - samlConfigurationManagement
  - serviceAllowlistManagement
  - serviceAccountManagement
  - scimUserManagement
- name: Organizations Management
  tags:
  - orgsManagement
- name: Settings Management
  tags:
  - connectionManagement
  - dynamicParsingRuleManagement
  - extractionRuleManagement
  - fieldManagementV1
  - partitionManagement
  - scheduledViewManagement
  - logsDataForwardingManagement
  - dataDeletionRules
- name: Tokens Management
  tags:
  - tokensLibraryManagement
- name: Tracing
  tags:
  - traces
  - spanAnalytics
  - serviceMap
- name: Users and Roles Management
  tags:
  - roleManagement
  - roleManagementV2
  - userManagement
- name: Threat Intel Ingest Management
  tags:
  - threatIntelIngest
  - threatIntelIngestProducer
- name: OpenTelemetry Collector Management
  tags:
  - otCollectorManagementExternal
- name: Source Template Management
  tags:
  - sourceTemplateManagementExternal
- name: Schema Base Management
  tags:
  - schemaBaseManagement
- name: Event Analytics Management
  tags:
  - eventAnalytics
- name: Budget Management
  tags:
  - budgetManagement
- name: Macro Management
  tags:
  - macroManagement
- name: Muting Schedules Management
  tags:
  - mutingSchedulesLibraryManagement
- name: SLO Management
  tags:
  - slosLibraryManagement
- name: Monitor Management
  tags:
  - monitorsLibraryManagement