DSL Reference
DSL Reference
Use the filters below to quickly surface DSL inputs, actions, and outputs.
| Type | Name | Summary |
|---|---|---|
| Action | Abort | Abort the job if the condition is met. |
| Action | Add | Add fields to the event. |
| Action | Assert | Validate an event against a JSON Schema, based on IETF's draft v7 (http://json-schema.org). |
| Input | Azure Blob | Retrieve (or list) Microsoft Azure Storage Blobs (Block Storage). |
| Output | Azure Blob | Send data to a Microsoft Azure Storage Blob (Block Storage). |
| Action | Convert | Convert fields from one type to another, e.g. strings to numbers. |
| Action | Copy | Copy fields of an event using JSONPATH expressions. |
| Action | Csv | Parse CSV from field text. |
| Output | Discard | Discard any output from the job. |
| Input | Echo | Create a simple static event. |
| Action | Enrich | Look up values in a CSV or Sqlite database and add matching fields. |
| Input | Exec | Obtain data by executing a shell command. |
| Action | Expand | Expand data in various ways: events, XML, and multiline events. |
| Action | Expand Events | Expand a single JSON document into multiple JSON events. |
| Action | Extract | Extract fields from text using regular expressions. |
| Input | File Store | Read from a local file system object store bucket. |
| Output | File Store | Write to a local file system object store bucket. |
| Action | Filter | Only let certain events pass through. |
| Action | Flatten | Flatten nested JSON Objects and Arrays into a single JSON Object containing only top-level fields. |
| Input | Google Cloud Storage | Read objects from Google Cloud Storage. |
| Output | Google Cloud Storage | Write events to a Google Cloud bucket. |
| Output | HTTP Get | Send event data to a remote server using GET. |
| Input | HTTP Poll | Run HTTP queries. |
| Output | HTTP Post | POST event data to an HTTPS server. |
| Input | HTTP Server | Run an HTTP server and output any received requests. |
| Input | Internal Messages | Receive internal messages. |
| Action | Json | Parse text as JSON. |
| Action | Key Value | Parse key-value pairs, like "k1=v1,k2=v2,....". |
| Output | Log Files | Append events to one or more files. |
| Input | Log Files | Monitor one or more log files for new lines. |
| Action | Message | Conditionally generate a message when an event meets the provided condition. |
| Output | Message | Create a message to the internal message subsystem. |
| Output | Print event payloads to the terminal. | |
| Action | Remove | Remove fields from an event. |
| Action | Rename | Rename event fields. |
| Input | S3 | Stream data from a S3 Object. |
| Output | S3 | Write events to a S3 bucket. |
| Action | Script | Calculated fields. |
| Output | Splunk HEC | Output events to a Splunk HTTP Event Collector endpoint (Splunk HEC). |
| Action | Time | Time processing: parsing and formatting time values. |
| Input | Windows Event Log | Read events from Windows Event Log. |
| Input | Worker Channel | Receive events from a worker managed channel. |
| Output | Worker Channel | Receive events from a worker managed channel. |
| Action | Xml | Expand XML into JSON events. |
No DSL entries match your filters. Clear the search or choose another type.