cribl-control-plane 0.0.13__py3-none-any.whl

cribl_control_plane/models/inputwindowsmetrics.py

@@ -0,0 +1,457 @@
+"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT."""
+
+from __future__ import annotations
+from cribl_control_plane import utils
+from cribl_control_plane.types import BaseModel
+from cribl_control_plane.utils import validate_open_enum
+from enum import Enum
+import pydantic
+from pydantic.functional_validators import PlainValidator
+from typing import List, Optional
+from typing_extensions import Annotated, NotRequired, TypedDict
+
+
+class InputWindowsMetricsType(str, Enum, metaclass=utils.OpenEnumMeta):
+    WINDOWS_METRICS = "windows_metrics"
+
+
+class InputWindowsMetricsConnectionTypedDict(TypedDict):
+    output: str
+    pipeline: NotRequired[str]
+
+
+class InputWindowsMetricsConnection(BaseModel):
+    output: str
+
+    pipeline: Optional[str] = None
+
+
+class InputWindowsMetricsPqMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+
+    SMART = "smart"
+    ALWAYS = "always"
+
+
+class InputWindowsMetricsCompression(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Codec to use to compress the persisted data"""
+
+    NONE = "none"
+    GZIP = "gzip"
+
+
+class InputWindowsMetricsPqTypedDict(TypedDict):
+    mode: NotRequired[InputWindowsMetricsPqMode]
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+    max_buffer_size: NotRequired[float]
+    r"""The maximum number of events to hold in memory before writing the events to disk"""
+    commit_frequency: NotRequired[float]
+    r"""The number of events to send downstream before committing that Stream has read them"""
+    max_file_size: NotRequired[str]
+    r"""The maximum size to store in each queue file before closing and optionally compressing. Enter a numeral with units of KB, MB, etc."""
+    max_size: NotRequired[str]
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+    path: NotRequired[str]
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/inputs/<input-id>"""
+    compress: NotRequired[InputWindowsMetricsCompression]
+    r"""Codec to use to compress the persisted data"""
+
+
+class InputWindowsMetricsPq(BaseModel):
+    mode: Annotated[
+        Optional[InputWindowsMetricsPqMode], PlainValidator(validate_open_enum(False))
+    ] = InputWindowsMetricsPqMode.ALWAYS
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+
+    max_buffer_size: Annotated[
+        Optional[float], pydantic.Field(alias="maxBufferSize")
+    ] = 1000
+    r"""The maximum number of events to hold in memory before writing the events to disk"""
+
+    commit_frequency: Annotated[
+        Optional[float], pydantic.Field(alias="commitFrequency")
+    ] = 42
+    r"""The number of events to send downstream before committing that Stream has read them"""
+
+    max_file_size: Annotated[Optional[str], pydantic.Field(alias="maxFileSize")] = (
+        "1 MB"
+    )
+    r"""The maximum size to store in each queue file before closing and optionally compressing. Enter a numeral with units of KB, MB, etc."""
+
+    max_size: Annotated[Optional[str], pydantic.Field(alias="maxSize")] = "5GB"
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+
+    path: Optional[str] = "$CRIBL_HOME/state/queues"
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/inputs/<input-id>"""
+
+    compress: Annotated[
+        Optional[InputWindowsMetricsCompression],
+        PlainValidator(validate_open_enum(False)),
+    ] = InputWindowsMetricsCompression.NONE
+    r"""Codec to use to compress the persisted data"""
+
+
+class InputWindowsMetricsHostMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Select level of detail for host metrics"""
+
+    BASIC = "basic"
+    ALL = "all"
+    CUSTOM = "custom"
+    DISABLED = "disabled"
+
+
+class InputWindowsMetricsSystemMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Select the level of details for system metrics"""
+
+    BASIC = "basic"
+    ALL = "all"
+    CUSTOM = "custom"
+    DISABLED = "disabled"
+
+
+class InputWindowsMetricsSystemTypedDict(TypedDict):
+    mode: NotRequired[InputWindowsMetricsSystemMode]
+    r"""Select the level of details for system metrics"""
+    detail: NotRequired[bool]
+    r"""Generate metrics for all system information"""
+
+
+class InputWindowsMetricsSystem(BaseModel):
+    mode: Annotated[
+        Optional[InputWindowsMetricsSystemMode],
+        PlainValidator(validate_open_enum(False)),
+    ] = InputWindowsMetricsSystemMode.BASIC
+    r"""Select the level of details for system metrics"""
+
+    detail: Optional[bool] = False
+    r"""Generate metrics for all system information"""
+
+
+class InputWindowsMetricsCPUMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Select the level of details for CPU metrics"""
+
+    BASIC = "basic"
+    ALL = "all"
+    CUSTOM = "custom"
+    DISABLED = "disabled"
+
+
+class InputWindowsMetricsCPUTypedDict(TypedDict):
+    mode: NotRequired[InputWindowsMetricsCPUMode]
+    r"""Select the level of details for CPU metrics"""
+    per_cpu: NotRequired[bool]
+    r"""Generate metrics for each CPU"""
+    detail: NotRequired[bool]
+    r"""Generate metrics for all CPU states"""
+    time: NotRequired[bool]
+    r"""Generate raw, monotonic CPU time counters"""
+
+
+class InputWindowsMetricsCPU(BaseModel):
+    mode: Annotated[
+        Optional[InputWindowsMetricsCPUMode], PlainValidator(validate_open_enum(False))
+    ] = InputWindowsMetricsCPUMode.BASIC
+    r"""Select the level of details for CPU metrics"""
+
+    per_cpu: Annotated[Optional[bool], pydantic.Field(alias="perCpu")] = False
+    r"""Generate metrics for each CPU"""
+
+    detail: Optional[bool] = False
+    r"""Generate metrics for all CPU states"""
+
+    time: Optional[bool] = False
+    r"""Generate raw, monotonic CPU time counters"""
+
+
+class InputWindowsMetricsMemoryMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Select the level of details for memory metrics"""
+
+    BASIC = "basic"
+    ALL = "all"
+    CUSTOM = "custom"
+    DISABLED = "disabled"
+
+
+class InputWindowsMetricsMemoryTypedDict(TypedDict):
+    mode: NotRequired[InputWindowsMetricsMemoryMode]
+    r"""Select the level of details for memory metrics"""
+    detail: NotRequired[bool]
+    r"""Generate metrics for all memory states"""
+
+
+class InputWindowsMetricsMemory(BaseModel):
+    mode: Annotated[
+        Optional[InputWindowsMetricsMemoryMode],
+        PlainValidator(validate_open_enum(False)),
+    ] = InputWindowsMetricsMemoryMode.BASIC
+    r"""Select the level of details for memory metrics"""
+
+    detail: Optional[bool] = False
+    r"""Generate metrics for all memory states"""
+
+
+class InputWindowsMetricsNetworkMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Select the level of details for network metrics"""
+
+    BASIC = "basic"
+    ALL = "all"
+    CUSTOM = "custom"
+    DISABLED = "disabled"
+
+
+class InputWindowsMetricsNetworkTypedDict(TypedDict):
+    mode: NotRequired[InputWindowsMetricsNetworkMode]
+    r"""Select the level of details for network metrics"""
+    devices: NotRequired[List[str]]
+    r"""Network interfaces to include/exclude. All interfaces are included if this list is empty."""
+    per_interface: NotRequired[bool]
+    r"""Generate separate metrics for each interface"""
+    detail: NotRequired[bool]
+    r"""Generate full network metrics"""
+
+
+class InputWindowsMetricsNetwork(BaseModel):
+    mode: Annotated[
+        Optional[InputWindowsMetricsNetworkMode],
+        PlainValidator(validate_open_enum(False)),
+    ] = InputWindowsMetricsNetworkMode.BASIC
+    r"""Select the level of details for network metrics"""
+
+    devices: Optional[List[str]] = None
+    r"""Network interfaces to include/exclude. All interfaces are included if this list is empty."""
+
+    per_interface: Annotated[Optional[bool], pydantic.Field(alias="perInterface")] = (
+        False
+    )
+    r"""Generate separate metrics for each interface"""
+
+    detail: Optional[bool] = False
+    r"""Generate full network metrics"""
+
+
+class InputWindowsMetricsDiskMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Select the level of details for disk metrics"""
+
+    BASIC = "basic"
+    ALL = "all"
+    CUSTOM = "custom"
+    DISABLED = "disabled"
+
+
+class InputWindowsMetricsDiskTypedDict(TypedDict):
+    mode: NotRequired[InputWindowsMetricsDiskMode]
+    r"""Select the level of details for disk metrics"""
+    volumes: NotRequired[List[str]]
+    r"""Windows volumes to include/exclude. E.g.: C:, !E:, etc. Wildcards and ! (not) operators are supported. All volumes are included if this list is empty."""
+    per_volume: NotRequired[bool]
+    r"""Generate separate metrics for each volume"""
+
+
+class InputWindowsMetricsDisk(BaseModel):
+    mode: Annotated[
+        Optional[InputWindowsMetricsDiskMode], PlainValidator(validate_open_enum(False))
+    ] = InputWindowsMetricsDiskMode.BASIC
+    r"""Select the level of details for disk metrics"""
+
+    volumes: Optional[List[str]] = None
+    r"""Windows volumes to include/exclude. E.g.: C:, !E:, etc. Wildcards and ! (not) operators are supported. All volumes are included if this list is empty."""
+
+    per_volume: Annotated[Optional[bool], pydantic.Field(alias="perVolume")] = False
+    r"""Generate separate metrics for each volume"""
+
+
+class InputWindowsMetricsCustomTypedDict(TypedDict):
+    system: NotRequired[InputWindowsMetricsSystemTypedDict]
+    cpu: NotRequired[InputWindowsMetricsCPUTypedDict]
+    memory: NotRequired[InputWindowsMetricsMemoryTypedDict]
+    network: NotRequired[InputWindowsMetricsNetworkTypedDict]
+    disk: NotRequired[InputWindowsMetricsDiskTypedDict]
+
+
+class InputWindowsMetricsCustom(BaseModel):
+    system: Optional[InputWindowsMetricsSystem] = None
+
+    cpu: Optional[InputWindowsMetricsCPU] = None
+
+    memory: Optional[InputWindowsMetricsMemory] = None
+
+    network: Optional[InputWindowsMetricsNetwork] = None
+
+    disk: Optional[InputWindowsMetricsDisk] = None
+
+
+class InputWindowsMetricsHostTypedDict(TypedDict):
+    mode: NotRequired[InputWindowsMetricsHostMode]
+    r"""Select level of detail for host metrics"""
+    custom: NotRequired[InputWindowsMetricsCustomTypedDict]
+
+
+class InputWindowsMetricsHost(BaseModel):
+    mode: Annotated[
+        Optional[InputWindowsMetricsHostMode], PlainValidator(validate_open_enum(False))
+    ] = InputWindowsMetricsHostMode.BASIC
+    r"""Select level of detail for host metrics"""
+
+    custom: Optional[InputWindowsMetricsCustom] = None
+
+
+class InputWindowsMetricsSetTypedDict(TypedDict):
+    name: str
+    filter_: str
+    include_children: NotRequired[bool]
+
+
+class InputWindowsMetricsSet(BaseModel):
+    name: str
+
+    filter_: Annotated[str, pydantic.Field(alias="filter")]
+
+    include_children: Annotated[
+        Optional[bool], pydantic.Field(alias="includeChildren")
+    ] = False
+
+
+class InputWindowsMetricsProcessTypedDict(TypedDict):
+    sets: NotRequired[List[InputWindowsMetricsSetTypedDict]]
+    r"""Configure sets to collect process metrics"""
+
+
+class InputWindowsMetricsProcess(BaseModel):
+    sets: Optional[List[InputWindowsMetricsSet]] = None
+    r"""Configure sets to collect process metrics"""
+
+
+class InputWindowsMetricsMetadatumTypedDict(TypedDict):
+    name: str
+    value: str
+    r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)"""
+
+
+class InputWindowsMetricsMetadatum(BaseModel):
+    name: str
+
+    value: str
+    r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)"""
+
+
+class InputWindowsMetricsDataCompressionFormat(str, Enum, metaclass=utils.OpenEnumMeta):
+    NONE = "none"
+    GZIP = "gzip"
+
+
+class InputWindowsMetricsPersistenceTypedDict(TypedDict):
+    enable: NotRequired[bool]
+    r"""Spool metrics to disk for Cribl Edge and Search"""
+    time_window: NotRequired[str]
+    r"""Time span for each file bucket"""
+    max_data_size: NotRequired[str]
+    r"""Maximum disk space allowed to be consumed (examples: 420MB, 4GB). When limit is reached, older data will be deleted."""
+    max_data_time: NotRequired[str]
+    r"""Maximum amount of time to retain data (examples: 2h, 4d). When limit is reached, older data will be deleted."""
+    compress: NotRequired[InputWindowsMetricsDataCompressionFormat]
+    dest_path: NotRequired[str]
+    r"""Path to use to write metrics. Defaults to $CRIBL_HOME/state/windows_metrics"""
+
+
+class InputWindowsMetricsPersistence(BaseModel):
+    enable: Optional[bool] = False
+    r"""Spool metrics to disk for Cribl Edge and Search"""
+
+    time_window: Annotated[Optional[str], pydantic.Field(alias="timeWindow")] = "10m"
+    r"""Time span for each file bucket"""
+
+    max_data_size: Annotated[Optional[str], pydantic.Field(alias="maxDataSize")] = "1GB"
+    r"""Maximum disk space allowed to be consumed (examples: 420MB, 4GB). When limit is reached, older data will be deleted."""
+
+    max_data_time: Annotated[Optional[str], pydantic.Field(alias="maxDataTime")] = "24h"
+    r"""Maximum amount of time to retain data (examples: 2h, 4d). When limit is reached, older data will be deleted."""
+
+    compress: Annotated[
+        Optional[InputWindowsMetricsDataCompressionFormat],
+        PlainValidator(validate_open_enum(False)),
+    ] = InputWindowsMetricsDataCompressionFormat.GZIP
+
+    dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = (
+        "$CRIBL_HOME/state/windows_metrics"
+    )
+    r"""Path to use to write metrics. Defaults to $CRIBL_HOME/state/windows_metrics"""
+
+
+class InputWindowsMetricsTypedDict(TypedDict):
+    id: str
+    r"""Unique ID for this input"""
+    type: InputWindowsMetricsType
+    disabled: NotRequired[bool]
+    pipeline: NotRequired[str]
+    r"""Pipeline to process data from this Source before sending it through the Routes"""
+    send_to_routes: NotRequired[bool]
+    r"""Select whether to send data to Routes, or directly to Destinations."""
+    environment: NotRequired[str]
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+    pq_enabled: NotRequired[bool]
+    r"""Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers)."""
+    streamtags: NotRequired[List[str]]
+    r"""Tags for filtering and grouping in @{product}"""
+    connections: NotRequired[List[InputWindowsMetricsConnectionTypedDict]]
+    r"""Direct connections to Destinations, and optionally via a Pipeline or a Pack"""
+    pq: NotRequired[InputWindowsMetricsPqTypedDict]
+    interval: NotRequired[float]
+    r"""Time, in seconds, between consecutive metric collections. Default is 10 seconds."""
+    host: NotRequired[InputWindowsMetricsHostTypedDict]
+    process: NotRequired[InputWindowsMetricsProcessTypedDict]
+    metadata: NotRequired[List[InputWindowsMetricsMetadatumTypedDict]]
+    r"""Fields to add to events from this input"""
+    persistence: NotRequired[InputWindowsMetricsPersistenceTypedDict]
+    disable_native_module: NotRequired[bool]
+    r"""Enable to use built-in tools (PowerShell) to collect metrics instead of native API (default) [Learn more](https://docs.cribl.io/edge/sources-windows-metrics/#advanced-tab)"""
+    description: NotRequired[str]
+
+
+class InputWindowsMetrics(BaseModel):
+    id: str
+    r"""Unique ID for this input"""
+
+    type: Annotated[InputWindowsMetricsType, PlainValidator(validate_open_enum(False))]
+
+    disabled: Optional[bool] = False
+
+    pipeline: Optional[str] = None
+    r"""Pipeline to process data from this Source before sending it through the Routes"""
+
+    send_to_routes: Annotated[Optional[bool], pydantic.Field(alias="sendToRoutes")] = (
+        True
+    )
+    r"""Select whether to send data to Routes, or directly to Destinations."""
+
+    environment: Optional[str] = None
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+
+    pq_enabled: Annotated[Optional[bool], pydantic.Field(alias="pqEnabled")] = False
+    r"""Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers)."""
+
+    streamtags: Optional[List[str]] = None
+    r"""Tags for filtering and grouping in @{product}"""
+
+    connections: Optional[List[InputWindowsMetricsConnection]] = None
+    r"""Direct connections to Destinations, and optionally via a Pipeline or a Pack"""
+
+    pq: Optional[InputWindowsMetricsPq] = None
+
+    interval: Optional[float] = 10
+    r"""Time, in seconds, between consecutive metric collections. Default is 10 seconds."""
+
+    host: Optional[InputWindowsMetricsHost] = None
+
+    process: Optional[InputWindowsMetricsProcess] = None
+
+    metadata: Optional[List[InputWindowsMetricsMetadatum]] = None
+    r"""Fields to add to events from this input"""
+
+    persistence: Optional[InputWindowsMetricsPersistence] = None
+
+    disable_native_module: Annotated[
+        Optional[bool], pydantic.Field(alias="disableNativeModule")
+    ] = False
+    r"""Enable to use built-in tools (PowerShell) to collect metrics instead of native API (default) [Learn more](https://docs.cribl.io/edge/sources-windows-metrics/#advanced-tab)"""
+
+    description: Optional[str] = None

cribl_control_plane/models/inputwineventlogs.py

@@ -0,0 +1,222 @@
+"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT."""
+
+from __future__ import annotations
+from cribl_control_plane import utils
+from cribl_control_plane.types import BaseModel
+from cribl_control_plane.utils import validate_open_enum
+from enum import Enum
+import pydantic
+from pydantic.functional_validators import PlainValidator
+from typing import List, Optional
+from typing_extensions import Annotated, NotRequired, TypedDict
+
+
+class InputWinEventLogsType(str, Enum, metaclass=utils.OpenEnumMeta):
+    WIN_EVENT_LOGS = "win_event_logs"
+
+
+class InputWinEventLogsConnectionTypedDict(TypedDict):
+    output: str
+    pipeline: NotRequired[str]
+
+
+class InputWinEventLogsConnection(BaseModel):
+    output: str
+
+    pipeline: Optional[str] = None
+
+
+class InputWinEventLogsMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+
+    SMART = "smart"
+    ALWAYS = "always"
+
+
+class InputWinEventLogsCompression(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Codec to use to compress the persisted data"""
+
+    NONE = "none"
+    GZIP = "gzip"
+
+
+class InputWinEventLogsPqTypedDict(TypedDict):
+    mode: NotRequired[InputWinEventLogsMode]
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+    max_buffer_size: NotRequired[float]
+    r"""The maximum number of events to hold in memory before writing the events to disk"""
+    commit_frequency: NotRequired[float]
+    r"""The number of events to send downstream before committing that Stream has read them"""
+    max_file_size: NotRequired[str]
+    r"""The maximum size to store in each queue file before closing and optionally compressing. Enter a numeral with units of KB, MB, etc."""
+    max_size: NotRequired[str]
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+    path: NotRequired[str]
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/inputs/<input-id>"""
+    compress: NotRequired[InputWinEventLogsCompression]
+    r"""Codec to use to compress the persisted data"""
+
+
+class InputWinEventLogsPq(BaseModel):
+    mode: Annotated[
+        Optional[InputWinEventLogsMode], PlainValidator(validate_open_enum(False))
+    ] = InputWinEventLogsMode.ALWAYS
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+
+    max_buffer_size: Annotated[
+        Optional[float], pydantic.Field(alias="maxBufferSize")
+    ] = 1000
+    r"""The maximum number of events to hold in memory before writing the events to disk"""
+
+    commit_frequency: Annotated[
+        Optional[float], pydantic.Field(alias="commitFrequency")
+    ] = 42
+    r"""The number of events to send downstream before committing that Stream has read them"""
+
+    max_file_size: Annotated[Optional[str], pydantic.Field(alias="maxFileSize")] = (
+        "1 MB"
+    )
+    r"""The maximum size to store in each queue file before closing and optionally compressing. Enter a numeral with units of KB, MB, etc."""
+
+    max_size: Annotated[Optional[str], pydantic.Field(alias="maxSize")] = "5GB"
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+
+    path: Optional[str] = "$CRIBL_HOME/state/queues"
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/inputs/<input-id>"""
+
+    compress: Annotated[
+        Optional[InputWinEventLogsCompression],
+        PlainValidator(validate_open_enum(False)),
+    ] = InputWinEventLogsCompression.NONE
+    r"""Codec to use to compress the persisted data"""
+
+
+class ReadMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Read all stored and future event logs, or only future events"""
+
+    OLDEST = "oldest"
+    NEWEST = "newest"
+
+
+class EventFormat(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Format of individual events"""
+
+    JSON = "json"
+    XML = "xml"
+
+
+class InputWinEventLogsMetadatumTypedDict(TypedDict):
+    name: str
+    value: str
+    r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)"""
+
+
+class InputWinEventLogsMetadatum(BaseModel):
+    name: str
+
+    value: str
+    r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)"""
+
+
+class InputWinEventLogsTypedDict(TypedDict):
+    type: InputWinEventLogsType
+    log_names: List[str]
+    r"""Enter the event logs to collect. Run \"Get-WinEvent -ListLog *\" in PowerShell to see the available logs."""
+    id: NotRequired[str]
+    r"""Unique ID for this input"""
+    disabled: NotRequired[bool]
+    pipeline: NotRequired[str]
+    r"""Pipeline to process data from this Source before sending it through the Routes"""
+    send_to_routes: NotRequired[bool]
+    r"""Select whether to send data to Routes, or directly to Destinations."""
+    environment: NotRequired[str]
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+    pq_enabled: NotRequired[bool]
+    r"""Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers)."""
+    streamtags: NotRequired[List[str]]
+    r"""Tags for filtering and grouping in @{product}"""
+    connections: NotRequired[List[InputWinEventLogsConnectionTypedDict]]
+    r"""Direct connections to Destinations, and optionally via a Pipeline or a Pack"""
+    pq: NotRequired[InputWinEventLogsPqTypedDict]
+    read_mode: NotRequired[ReadMode]
+    r"""Read all stored and future event logs, or only future events"""
+    event_format: NotRequired[EventFormat]
+    r"""Format of individual events"""
+    disable_native_module: NotRequired[bool]
+    r"""Enable to use built-in tools (PowerShell for JSON, wevtutil for XML) to collect event logs instead of native API (default) [Learn more](https://docs.cribl.io/edge/sources-windows-event-logs/#advanced-settings)"""
+    interval: NotRequired[float]
+    r"""Time, in seconds, between checking for new entries (Applicable for pre-4.8.0 nodes that use Windows Tools)"""
+    batch_size: NotRequired[float]
+    r"""The maximum number of events to read in one polling interval. A batch size higher than 500 can cause delays when pulling from multiple event logs. (Applicable for pre-4.8.0 nodes that use Windows Tools)"""
+    metadata: NotRequired[List[InputWinEventLogsMetadatumTypedDict]]
+    r"""Fields to add to events from this input"""
+    max_event_bytes: NotRequired[float]
+    r"""The maximum number of bytes in an event before it is flushed to the pipelines"""
+    description: NotRequired[str]
+
+
+class InputWinEventLogs(BaseModel):
+    type: Annotated[InputWinEventLogsType, PlainValidator(validate_open_enum(False))]
+
+    log_names: Annotated[List[str], pydantic.Field(alias="logNames")]
+    r"""Enter the event logs to collect. Run \"Get-WinEvent -ListLog *\" in PowerShell to see the available logs."""
+
+    id: Optional[str] = None
+    r"""Unique ID for this input"""
+
+    disabled: Optional[bool] = False
+
+    pipeline: Optional[str] = None
+    r"""Pipeline to process data from this Source before sending it through the Routes"""
+
+    send_to_routes: Annotated[Optional[bool], pydantic.Field(alias="sendToRoutes")] = (
+        True
+    )
+    r"""Select whether to send data to Routes, or directly to Destinations."""
+
+    environment: Optional[str] = None
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+
+    pq_enabled: Annotated[Optional[bool], pydantic.Field(alias="pqEnabled")] = False
+    r"""Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers)."""
+
+    streamtags: Optional[List[str]] = None
+    r"""Tags for filtering and grouping in @{product}"""
+
+    connections: Optional[List[InputWinEventLogsConnection]] = None
+    r"""Direct connections to Destinations, and optionally via a Pipeline or a Pack"""
+
+    pq: Optional[InputWinEventLogsPq] = None
+
+    read_mode: Annotated[
+        Annotated[Optional[ReadMode], PlainValidator(validate_open_enum(False))],
+        pydantic.Field(alias="readMode"),
+    ] = ReadMode.OLDEST
+    r"""Read all stored and future event logs, or only future events"""
+
+    event_format: Annotated[
+        Annotated[Optional[EventFormat], PlainValidator(validate_open_enum(False))],
+        pydantic.Field(alias="eventFormat"),
+    ] = EventFormat.JSON
+    r"""Format of individual events"""
+
+    disable_native_module: Annotated[
+        Optional[bool], pydantic.Field(alias="disableNativeModule")
+    ] = False
+    r"""Enable to use built-in tools (PowerShell for JSON, wevtutil for XML) to collect event logs instead of native API (default) [Learn more](https://docs.cribl.io/edge/sources-windows-event-logs/#advanced-settings)"""
+
+    interval: Optional[float] = 10
+    r"""Time, in seconds, between checking for new entries (Applicable for pre-4.8.0 nodes that use Windows Tools)"""
+
+    batch_size: Annotated[Optional[float], pydantic.Field(alias="batchSize")] = 500
+    r"""The maximum number of events to read in one polling interval. A batch size higher than 500 can cause delays when pulling from multiple event logs. (Applicable for pre-4.8.0 nodes that use Windows Tools)"""
+
+    metadata: Optional[List[InputWinEventLogsMetadatum]] = None
+    r"""Fields to add to events from this input"""
+
+    max_event_bytes: Annotated[
+        Optional[float], pydantic.Field(alias="maxEventBytes")
+    ] = 51200
+    r"""The maximum number of bytes in an event before it is flushed to the pipelines"""
+
+    description: Optional[str] = None