Link Search Menu Expand Document Documentation Menu

You're viewing version 2.11 of the OpenSearch documentation. This version is no longer maintained. For the latest version, see the current documentation. For information about OpenSearch version maintenance, see Release Schedule and Maintenance Policy.

Creating custom log types

Log types represent the different sources of data used for threat detection in Security Analytics. In addition to the standard log types supported by Security Analytics, you can create custom log types for your threat detectors.

Creating a custom log type

To create a custom log type:

  1. From the dashboard, select OpenSearch Plugins > Security Analytics, and then select Detectors > Log types.
  2. Select Create log type.
  3. Enter a name and, optionally, a description for the log type.

    The log type name supports characters a–z (lowercase), 0–9, hyphens, and underscores.

  4. Select a category. The categories are listed in Supported log types.
  5. Select Create log type in the lower-right corner of the screen. The screen returns to the Log types page, and the new log type appears in the list. Note that the source for the new log type indicates Custom.

Log type API

To perform operations for custom log types using the REST API, see Log type APIs.

350 characters left

Have a question? .

Want to contribute? or .