Skip to main content

search_audit

Creates, updates, deletes, gets or lists a search_audit resource.

Overview

Namesearch_audit
TypeResource
Idsumologic.policies.search_audit

Fields

The following fields are returned by SELECT queries:

The Search Audit policy.

NameDatatypeDescription
enabledbooleanWhether the Search Audit policy is enabled.

Methods

The following methods are available for this resource:

NameAccessible byRequired ParamsOptional ParamsDescription
getSearchAuditPolicyselectregionGet the Search Audit policy. This policy specifies whether search records for your account are enabled. You can access details about your account's search capacity, queries run by users from the Sumo Search Audit Index. Learn More
setSearchAuditPolicyexecregion, enabledSet the Search Audit policy. This policy specifies whether search records for your account are enabled. You can access details about your account's search capacity, queries run by users from the Sumo Search Audit Index. Learn More

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

NameDatatypeDescription
regionstringSumoLogic region (enum: [us2, au, ca, de, eu, fed, in, jp], default: us2)

SELECT examples

Get the Search Audit policy. This policy specifies whether search records for your account are enabled. You can access details about your account's search capacity, queries run by users from the Sumo Search Audit Index. Learn More

SELECT
enabled
FROM sumologic.policies.search_audit
WHERE region = '{{ region }}' -- required
;

Lifecycle Methods

Set the Search Audit policy. This policy specifies whether search records for your account are enabled. You can access details about your account's search capacity, queries run by users from the Sumo Search Audit Index. Learn More

EXEC sumologic.policies.search_audit.setSearchAuditPolicy 
@region='{{ region }}' --required 
@@json=
'{
"enabled": {{ enabled }}
}'
;