cribl-control-plane 0.0.13__py3-none-any.whl

cribl_control_plane/models/input.py

@@ -0,0 +1,199 @@
+"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT."""
+
+from __future__ import annotations
+from .inputappscope import InputAppscope, InputAppscopeTypedDict
+from .inputazureblob import InputAzureBlob, InputAzureBlobTypedDict
+from .inputcollection import InputCollection, InputCollectionTypedDict
+from .inputconfluentcloud import InputConfluentCloud, InputConfluentCloudTypedDict
+from .inputcribl import InputCribl, InputCriblTypedDict
+from .inputcriblhttp import InputCriblHTTP, InputCriblHTTPTypedDict
+from .inputcribllakehttp import InputCriblLakeHTTP, InputCriblLakeHTTPTypedDict
+from .inputcriblmetrics import InputCriblmetrics, InputCriblmetricsTypedDict
+from .inputcribltcp import InputCriblTCP, InputCriblTCPTypedDict
+from .inputcrowdstrike import InputCrowdstrike, InputCrowdstrikeTypedDict
+from .inputdatadogagent import InputDatadogAgent, InputDatadogAgentTypedDict
+from .inputdatagen import InputDatagen, InputDatagenTypedDict
+from .inputedgeprometheus import InputEdgePrometheus, InputEdgePrometheusTypedDict
+from .inputelastic import InputElastic, InputElasticTypedDict
+from .inputeventhub import InputEventhub, InputEventhubTypedDict
+from .inputexec import InputExec, InputExecTypedDict
+from .inputfile import InputFile, InputFileTypedDict
+from .inputfirehose import InputFirehose, InputFirehoseTypedDict
+from .inputgooglepubsub import InputGooglePubsub, InputGooglePubsubTypedDict
+from .inputgrafana_union import InputGrafanaUnion, InputGrafanaUnionTypedDict
+from .inputhttp import InputHTTP, InputHTTPTypedDict
+from .inputhttpraw import InputHTTPRaw, InputHTTPRawTypedDict
+from .inputjournalfiles import InputJournalFiles, InputJournalFilesTypedDict
+from .inputkafka import InputKafka, InputKafkaTypedDict
+from .inputkinesis import InputKinesis, InputKinesisTypedDict
+from .inputkubeevents import InputKubeEvents, InputKubeEventsTypedDict
+from .inputkubelogs import InputKubeLogs, InputKubeLogsTypedDict
+from .inputkubemetrics import InputKubeMetrics, InputKubeMetricsTypedDict
+from .inputloki import InputLoki, InputLokiTypedDict
+from .inputmetrics import InputMetrics, InputMetricsTypedDict
+from .inputmodeldriventelemetry import (
+    InputModelDrivenTelemetry,
+    InputModelDrivenTelemetryTypedDict,
+)
+from .inputmsk import InputMsk, InputMskTypedDict
+from .inputnetflow import InputNetflow, InputNetflowTypedDict
+from .inputoffice365mgmt import InputOffice365Mgmt, InputOffice365MgmtTypedDict
+from .inputoffice365msgtrace import (
+    InputOffice365MsgTrace,
+    InputOffice365MsgTraceTypedDict,
+)
+from .inputoffice365service import InputOffice365Service, InputOffice365ServiceTypedDict
+from .inputopentelemetry import InputOpenTelemetry, InputOpenTelemetryTypedDict
+from .inputprometheus import InputPrometheus, InputPrometheusTypedDict
+from .inputprometheusrw import InputPrometheusRw, InputPrometheusRwTypedDict
+from .inputrawudp import InputRawUDP, InputRawUDPTypedDict
+from .inputs3 import InputS3, InputS3TypedDict
+from .inputs3inventory import InputS3Inventory, InputS3InventoryTypedDict
+from .inputsecuritylake import InputSecurityLake, InputSecurityLakeTypedDict
+from .inputsnmp import InputSnmp, InputSnmpTypedDict
+from .inputsplunk import InputSplunk, InputSplunkTypedDict
+from .inputsplunkhec import InputSplunkHec, InputSplunkHecTypedDict
+from .inputsplunksearch import InputSplunkSearch, InputSplunkSearchTypedDict
+from .inputsqs import InputSqs, InputSqsTypedDict
+from .inputsyslog_union import InputSyslogUnion, InputSyslogUnionTypedDict
+from .inputsystemmetrics import InputSystemMetrics, InputSystemMetricsTypedDict
+from .inputsystemstate import InputSystemState, InputSystemStateTypedDict
+from .inputtcp import InputTCP, InputTCPTypedDict
+from .inputtcpjson import InputTcpjson, InputTcpjsonTypedDict
+from .inputwef import InputWef, InputWefTypedDict
+from .inputwindowsmetrics import InputWindowsMetrics, InputWindowsMetricsTypedDict
+from .inputwineventlogs import InputWinEventLogs, InputWinEventLogsTypedDict
+from .inputwiz import InputWiz, InputWizTypedDict
+from .inputzscalerhec import InputZscalerHec, InputZscalerHecTypedDict
+from typing import Union
+from typing_extensions import TypeAliasType
+
+
+InputTypedDict = TypeAliasType(
+    "InputTypedDict",
+    Union[
+        InputCriblTypedDict,
+        InputKubeEventsTypedDict,
+        InputDatagenTypedDict,
+        InputCriblmetricsTypedDict,
+        InputKubeMetricsTypedDict,
+        InputSystemStateTypedDict,
+        InputCollectionTypedDict,
+        InputSystemMetricsTypedDict,
+        InputModelDrivenTelemetryTypedDict,
+        InputWindowsMetricsTypedDict,
+        InputJournalFilesTypedDict,
+        InputRawUDPTypedDict,
+        InputWinEventLogsTypedDict,
+        InputExecTypedDict,
+        InputKubeLogsTypedDict,
+        InputMetricsTypedDict,
+        InputSnmpTypedDict,
+        InputCriblTCPTypedDict,
+        InputNetflowTypedDict,
+        InputGooglePubsubTypedDict,
+        InputTcpjsonTypedDict,
+        InputOffice365ServiceTypedDict,
+        InputTCPTypedDict,
+        InputWizTypedDict,
+        InputFirehoseTypedDict,
+        InputCriblHTTPTypedDict,
+        InputCriblLakeHTTPTypedDict,
+        InputDatadogAgentTypedDict,
+        InputOffice365MgmtTypedDict,
+        InputFileTypedDict,
+        InputSplunkTypedDict,
+        InputWefTypedDict,
+        InputAppscopeTypedDict,
+        InputHTTPRawTypedDict,
+        InputHTTPTypedDict,
+        InputAzureBlobTypedDict,
+        InputZscalerHecTypedDict,
+        InputSqsTypedDict,
+        InputConfluentCloudTypedDict,
+        InputKinesisTypedDict,
+        InputEventhubTypedDict,
+        InputKafkaTypedDict,
+        InputElasticTypedDict,
+        InputSplunkHecTypedDict,
+        InputOffice365MsgTraceTypedDict,
+        InputLokiTypedDict,
+        InputPrometheusRwTypedDict,
+        InputCrowdstrikeTypedDict,
+        InputPrometheusTypedDict,
+        InputEdgePrometheusTypedDict,
+        InputS3TypedDict,
+        InputSecurityLakeTypedDict,
+        InputOpenTelemetryTypedDict,
+        InputS3InventoryTypedDict,
+        InputMskTypedDict,
+        InputSplunkSearchTypedDict,
+        InputSyslogUnionTypedDict,
+        InputGrafanaUnionTypedDict,
+    ],
+)
+
+
+Input = TypeAliasType(
+    "Input",
+    Union[
+        InputCribl,
+        InputKubeEvents,
+        InputDatagen,
+        InputCriblmetrics,
+        InputKubeMetrics,
+        InputSystemState,
+        InputCollection,
+        InputSystemMetrics,
+        InputModelDrivenTelemetry,
+        InputWindowsMetrics,
+        InputJournalFiles,
+        InputRawUDP,
+        InputWinEventLogs,
+        InputExec,
+        InputKubeLogs,
+        InputMetrics,
+        InputSnmp,
+        InputCriblTCP,
+        InputNetflow,
+        InputGooglePubsub,
+        InputTcpjson,
+        InputOffice365Service,
+        InputTCP,
+        InputWiz,
+        InputFirehose,
+        InputCriblHTTP,
+        InputCriblLakeHTTP,
+        InputDatadogAgent,
+        InputOffice365Mgmt,
+        InputFile,
+        InputSplunk,
+        InputWef,
+        InputAppscope,
+        InputHTTPRaw,
+        InputHTTP,
+        InputAzureBlob,
+        InputZscalerHec,
+        InputSqs,
+        InputConfluentCloud,
+        InputKinesis,
+        InputEventhub,
+        InputKafka,
+        InputElastic,
+        InputSplunkHec,
+        InputOffice365MsgTrace,
+        InputLoki,
+        InputPrometheusRw,
+        InputCrowdstrike,
+        InputPrometheus,
+        InputEdgePrometheus,
+        InputS3,
+        InputSecurityLake,
+        InputOpenTelemetry,
+        InputS3Inventory,
+        InputMsk,
+        InputSplunkSearch,
+        InputSyslogUnion,
+        InputGrafanaUnion,
+    ],
+)

cribl_control_plane/models/inputappscope.py

@@ -0,0 +1,448 @@
+"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT."""
+
+from __future__ import annotations
+from cribl_control_plane import utils
+from cribl_control_plane.types import BaseModel
+from cribl_control_plane.utils import validate_open_enum
+from enum import Enum
+import pydantic
+from pydantic.functional_validators import PlainValidator
+from typing import Any, List, Optional
+from typing_extensions import Annotated, NotRequired, TypedDict
+
+
+class InputAppscopeType(str, Enum, metaclass=utils.OpenEnumMeta):
+    APPSCOPE = "appscope"
+
+
+class InputAppscopeConnectionTypedDict(TypedDict):
+    output: str
+    pipeline: NotRequired[str]
+
+
+class InputAppscopeConnection(BaseModel):
+    output: str
+
+    pipeline: Optional[str] = None
+
+
+class InputAppscopeMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+
+    SMART = "smart"
+    ALWAYS = "always"
+
+
+class InputAppscopeCompression(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Codec to use to compress the persisted data"""
+
+    NONE = "none"
+    GZIP = "gzip"
+
+
+class InputAppscopePqTypedDict(TypedDict):
+    mode: NotRequired[InputAppscopeMode]
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+    max_buffer_size: NotRequired[float]
+    r"""The maximum number of events to hold in memory before writing the events to disk"""
+    commit_frequency: NotRequired[float]
+    r"""The number of events to send downstream before committing that Stream has read them"""
+    max_file_size: NotRequired[str]
+    r"""The maximum size to store in each queue file before closing and optionally compressing. Enter a numeral with units of KB, MB, etc."""
+    max_size: NotRequired[str]
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+    path: NotRequired[str]
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/inputs/<input-id>"""
+    compress: NotRequired[InputAppscopeCompression]
+    r"""Codec to use to compress the persisted data"""
+
+
+class InputAppscopePq(BaseModel):
+    mode: Annotated[
+        Optional[InputAppscopeMode], PlainValidator(validate_open_enum(False))
+    ] = InputAppscopeMode.ALWAYS
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+
+    max_buffer_size: Annotated[
+        Optional[float], pydantic.Field(alias="maxBufferSize")
+    ] = 1000
+    r"""The maximum number of events to hold in memory before writing the events to disk"""
+
+    commit_frequency: Annotated[
+        Optional[float], pydantic.Field(alias="commitFrequency")
+    ] = 42
+    r"""The number of events to send downstream before committing that Stream has read them"""
+
+    max_file_size: Annotated[Optional[str], pydantic.Field(alias="maxFileSize")] = (
+        "1 MB"
+    )
+    r"""The maximum size to store in each queue file before closing and optionally compressing. Enter a numeral with units of KB, MB, etc."""
+
+    max_size: Annotated[Optional[str], pydantic.Field(alias="maxSize")] = "5GB"
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+
+    path: Optional[str] = "$CRIBL_HOME/state/queues"
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/inputs/<input-id>"""
+
+    compress: Annotated[
+        Optional[InputAppscopeCompression], PlainValidator(validate_open_enum(False))
+    ] = InputAppscopeCompression.NONE
+    r"""Codec to use to compress the persisted data"""
+
+
+class InputAppscopeMetadatumTypedDict(TypedDict):
+    name: str
+    value: str
+    r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)"""
+
+
+class InputAppscopeMetadatum(BaseModel):
+    name: str
+
+    value: str
+    r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)"""
+
+
+class AllowTypedDict(TypedDict):
+    procname: str
+    r"""Specify the name of a process or family of processes."""
+    config: str
+    r"""Choose a config to apply to processes that match the process name and/or argument."""
+    arg: NotRequired[str]
+    r"""Specify a string to substring-match against process command-line."""
+
+
+class Allow(BaseModel):
+    procname: str
+    r"""Specify the name of a process or family of processes."""
+
+    config: str
+    r"""Choose a config to apply to processes that match the process name and/or argument."""
+
+    arg: Optional[str] = None
+    r"""Specify a string to substring-match against process command-line."""
+
+
+class InputAppscopeFilterTypedDict(TypedDict):
+    allow: NotRequired[List[AllowTypedDict]]
+    r"""Specify processes that AppScope should be loaded into, and the config to use."""
+    transport_url: NotRequired[str]
+    r"""To override the UNIX domain socket or address/port specified in General Settings (while leaving Authentication settings as is), enter a URL."""
+
+
+class InputAppscopeFilter(BaseModel):
+    allow: Optional[List[Allow]] = None
+    r"""Specify processes that AppScope should be loaded into, and the config to use."""
+
+    transport_url: Annotated[Optional[str], pydantic.Field(alias="transportURL")] = None
+    r"""To override the UNIX domain socket or address/port specified in General Settings (while leaving Authentication settings as is), enter a URL."""
+
+
+class InputAppscopeDataCompressionFormat(str, Enum, metaclass=utils.OpenEnumMeta):
+    NONE = "none"
+    GZIP = "gzip"
+
+
+class InputAppscopePersistenceTypedDict(TypedDict):
+    enable: NotRequired[bool]
+    r"""Spool events and metrics on disk for Cribl Edge and Search"""
+    time_window: NotRequired[str]
+    r"""Time span for each file bucket"""
+    max_data_size: NotRequired[str]
+    r"""Maximum disk space allowed to be consumed (examples: 420MB, 4GB). When limit is reached, older data will be deleted."""
+    max_data_time: NotRequired[str]
+    r"""Maximum amount of time to retain data (examples: 2h, 4d). When limit is reached, older data will be deleted."""
+    compress: NotRequired[InputAppscopeDataCompressionFormat]
+    dest_path: NotRequired[str]
+    r"""Path to use to write metrics. Defaults to $CRIBL_HOME/state/appscope"""
+
+
+class InputAppscopePersistence(BaseModel):
+    enable: Optional[bool] = False
+    r"""Spool events and metrics on disk for Cribl Edge and Search"""
+
+    time_window: Annotated[Optional[str], pydantic.Field(alias="timeWindow")] = "10m"
+    r"""Time span for each file bucket"""
+
+    max_data_size: Annotated[Optional[str], pydantic.Field(alias="maxDataSize")] = "1GB"
+    r"""Maximum disk space allowed to be consumed (examples: 420MB, 4GB). When limit is reached, older data will be deleted."""
+
+    max_data_time: Annotated[Optional[str], pydantic.Field(alias="maxDataTime")] = "24h"
+    r"""Maximum amount of time to retain data (examples: 2h, 4d). When limit is reached, older data will be deleted."""
+
+    compress: Annotated[
+        Optional[InputAppscopeDataCompressionFormat],
+        PlainValidator(validate_open_enum(False)),
+    ] = InputAppscopeDataCompressionFormat.GZIP
+
+    dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = (
+        "$CRIBL_HOME/state/appscope"
+    )
+    r"""Path to use to write metrics. Defaults to $CRIBL_HOME/state/appscope"""
+
+
+class InputAppscopeAuthenticationMethod(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate"""
+
+    MANUAL = "manual"
+    SECRET = "secret"
+
+
+class InputAppscopeMinimumTLSVersion(str, Enum, metaclass=utils.OpenEnumMeta):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class InputAppscopeMaximumTLSVersion(str, Enum, metaclass=utils.OpenEnumMeta):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class InputAppscopeTLSSettingsServerSideTypedDict(TypedDict):
+    disabled: NotRequired[bool]
+    certificate_name: NotRequired[str]
+    r"""The name of the predefined certificate"""
+    priv_key_path: NotRequired[str]
+    r"""Path on server containing the private key to use. PEM format. Can reference $ENV_VARS."""
+    passphrase: NotRequired[str]
+    r"""Passphrase to use to decrypt private key"""
+    cert_path: NotRequired[str]
+    r"""Path on server containing certificates to use. PEM format. Can reference $ENV_VARS."""
+    ca_path: NotRequired[str]
+    r"""Path on server containing CA certificates to use. PEM format. Can reference $ENV_VARS."""
+    request_cert: NotRequired[bool]
+    r"""Require clients to present their certificates. Used to perform client authentication using SSL certs."""
+    reject_unauthorized: NotRequired[Any]
+    common_name_regex: NotRequired[Any]
+    min_version: NotRequired[InputAppscopeMinimumTLSVersion]
+    max_version: NotRequired[InputAppscopeMaximumTLSVersion]
+
+
+class InputAppscopeTLSSettingsServerSide(BaseModel):
+    disabled: Optional[bool] = True
+
+    certificate_name: Annotated[
+        Optional[str], pydantic.Field(alias="certificateName")
+    ] = None
+    r"""The name of the predefined certificate"""
+
+    priv_key_path: Annotated[Optional[str], pydantic.Field(alias="privKeyPath")] = None
+    r"""Path on server containing the private key to use. PEM format. Can reference $ENV_VARS."""
+
+    passphrase: Optional[str] = None
+    r"""Passphrase to use to decrypt private key"""
+
+    cert_path: Annotated[Optional[str], pydantic.Field(alias="certPath")] = None
+    r"""Path on server containing certificates to use. PEM format. Can reference $ENV_VARS."""
+
+    ca_path: Annotated[Optional[str], pydantic.Field(alias="caPath")] = None
+    r"""Path on server containing CA certificates to use. PEM format. Can reference $ENV_VARS."""
+
+    request_cert: Annotated[Optional[bool], pydantic.Field(alias="requestCert")] = False
+    r"""Require clients to present their certificates. Used to perform client authentication using SSL certs."""
+
+    reject_unauthorized: Annotated[
+        Optional[Any], pydantic.Field(alias="rejectUnauthorized")
+    ] = None
+
+    common_name_regex: Annotated[
+        Optional[Any], pydantic.Field(alias="commonNameRegex")
+    ] = None
+
+    min_version: Annotated[
+        Annotated[
+            Optional[InputAppscopeMinimumTLSVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="minVersion"),
+    ] = None
+
+    max_version: Annotated[
+        Annotated[
+            Optional[InputAppscopeMaximumTLSVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="maxVersion"),
+    ] = None
+
+
+class InputAppscopeTypedDict(TypedDict):
+    id: str
+    r"""Unique ID for this input"""
+    type: InputAppscopeType
+    disabled: NotRequired[bool]
+    pipeline: NotRequired[str]
+    r"""Pipeline to process data from this Source before sending it through the Routes"""
+    send_to_routes: NotRequired[bool]
+    r"""Select whether to send data to Routes, or directly to Destinations."""
+    environment: NotRequired[str]
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+    pq_enabled: NotRequired[bool]
+    r"""Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers)."""
+    streamtags: NotRequired[List[str]]
+    r"""Tags for filtering and grouping in @{product}"""
+    connections: NotRequired[List[InputAppscopeConnectionTypedDict]]
+    r"""Direct connections to Destinations, and optionally via a Pipeline or a Pack"""
+    pq: NotRequired[InputAppscopePqTypedDict]
+    ip_whitelist_regex: NotRequired[str]
+    r"""Regex matching IP addresses that are allowed to establish a connection"""
+    max_active_cxn: NotRequired[float]
+    r"""Maximum number of active connections allowed per Worker Process. Use 0 for unlimited."""
+    socket_idle_timeout: NotRequired[float]
+    r"""How long @{product} should wait before assuming that an inactive socket has timed out. After this time, the connection will be closed. Leave at 0 for no inactive socket monitoring."""
+    socket_ending_max_wait: NotRequired[float]
+    r"""How long the server will wait after initiating a closure for a client to close its end of the connection. If the client doesn't close the connection within this time, the server will forcefully terminate the socket to prevent resource leaks and ensure efficient connection cleanup and system stability. Leave at 0 for no inactive socket monitoring."""
+    socket_max_lifespan: NotRequired[float]
+    r"""The maximum duration a socket can remain open, even if active. This helps manage resources and mitigate issues caused by TCP pinning. Set to 0 to disable."""
+    enable_proxy_header: NotRequired[bool]
+    r"""Enable if the connection is proxied by a device that supports proxy protocol v1 or v2"""
+    metadata: NotRequired[List[InputAppscopeMetadatumTypedDict]]
+    r"""Fields to add to events from this input"""
+    breaker_rulesets: NotRequired[List[str]]
+    r"""A list of event-breaking rulesets that will be applied, in order, to the input data stream"""
+    stale_channel_flush_ms: NotRequired[float]
+    r"""How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines"""
+    enable_unix_path: NotRequired[bool]
+    r"""Toggle to Yes to specify a file-backed UNIX domain socket connection, instead of a network host and port."""
+    filter_: NotRequired[InputAppscopeFilterTypedDict]
+    persistence: NotRequired[InputAppscopePersistenceTypedDict]
+    auth_type: NotRequired[InputAppscopeAuthenticationMethod]
+    r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate"""
+    description: NotRequired[str]
+    host: NotRequired[str]
+    r"""Address to bind on. Defaults to 0.0.0.0 (all addresses)."""
+    port: NotRequired[float]
+    r"""Port to listen on"""
+    tls: NotRequired[InputAppscopeTLSSettingsServerSideTypedDict]
+    unix_socket_path: NotRequired[str]
+    r"""Path to the UNIX domain socket to listen on."""
+    unix_socket_perms: NotRequired[str]
+    r"""Permissions to set for socket e.g., 777. If empty, falls back to the runtime user's default permissions."""
+    auth_token: NotRequired[str]
+    r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted."""
+    text_secret: NotRequired[str]
+    r"""Select or create a stored text secret"""
+
+
+class InputAppscope(BaseModel):
+    id: str
+    r"""Unique ID for this input"""
+
+    type: Annotated[InputAppscopeType, PlainValidator(validate_open_enum(False))]
+
+    disabled: Optional[bool] = False
+
+    pipeline: Optional[str] = None
+    r"""Pipeline to process data from this Source before sending it through the Routes"""
+
+    send_to_routes: Annotated[Optional[bool], pydantic.Field(alias="sendToRoutes")] = (
+        True
+    )
+    r"""Select whether to send data to Routes, or directly to Destinations."""
+
+    environment: Optional[str] = None
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+
+    pq_enabled: Annotated[Optional[bool], pydantic.Field(alias="pqEnabled")] = False
+    r"""Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers)."""
+
+    streamtags: Optional[List[str]] = None
+    r"""Tags for filtering and grouping in @{product}"""
+
+    connections: Optional[List[InputAppscopeConnection]] = None
+    r"""Direct connections to Destinations, and optionally via a Pipeline or a Pack"""
+
+    pq: Optional[InputAppscopePq] = None
+
+    ip_whitelist_regex: Annotated[
+        Optional[str], pydantic.Field(alias="ipWhitelistRegex")
+    ] = "/.*/"
+    r"""Regex matching IP addresses that are allowed to establish a connection"""
+
+    max_active_cxn: Annotated[Optional[float], pydantic.Field(alias="maxActiveCxn")] = (
+        1000
+    )
+    r"""Maximum number of active connections allowed per Worker Process. Use 0 for unlimited."""
+
+    socket_idle_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="socketIdleTimeout")
+    ] = 0
+    r"""How long @{product} should wait before assuming that an inactive socket has timed out. After this time, the connection will be closed. Leave at 0 for no inactive socket monitoring."""
+
+    socket_ending_max_wait: Annotated[
+        Optional[float], pydantic.Field(alias="socketEndingMaxWait")
+    ] = 30
+    r"""How long the server will wait after initiating a closure for a client to close its end of the connection. If the client doesn't close the connection within this time, the server will forcefully terminate the socket to prevent resource leaks and ensure efficient connection cleanup and system stability. Leave at 0 for no inactive socket monitoring."""
+
+    socket_max_lifespan: Annotated[
+        Optional[float], pydantic.Field(alias="socketMaxLifespan")
+    ] = 0
+    r"""The maximum duration a socket can remain open, even if active. This helps manage resources and mitigate issues caused by TCP pinning. Set to 0 to disable."""
+
+    enable_proxy_header: Annotated[
+        Optional[bool], pydantic.Field(alias="enableProxyHeader")
+    ] = False
+    r"""Enable if the connection is proxied by a device that supports proxy protocol v1 or v2"""
+
+    metadata: Optional[List[InputAppscopeMetadatum]] = None
+    r"""Fields to add to events from this input"""
+
+    breaker_rulesets: Annotated[
+        Optional[List[str]], pydantic.Field(alias="breakerRulesets")
+    ] = None
+    r"""A list of event-breaking rulesets that will be applied, in order, to the input data stream"""
+
+    stale_channel_flush_ms: Annotated[
+        Optional[float], pydantic.Field(alias="staleChannelFlushMs")
+    ] = 10000
+    r"""How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines"""
+
+    enable_unix_path: Annotated[
+        Optional[bool], pydantic.Field(alias="enableUnixPath")
+    ] = False
+    r"""Toggle to Yes to specify a file-backed UNIX domain socket connection, instead of a network host and port."""
+
+    filter_: Annotated[
+        Optional[InputAppscopeFilter], pydantic.Field(alias="filter")
+    ] = None
+
+    persistence: Optional[InputAppscopePersistence] = None
+
+    auth_type: Annotated[
+        Annotated[
+            Optional[InputAppscopeAuthenticationMethod],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="authType"),
+    ] = InputAppscopeAuthenticationMethod.MANUAL
+    r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate"""
+
+    description: Optional[str] = None
+
+    host: Optional[str] = None
+    r"""Address to bind on. Defaults to 0.0.0.0 (all addresses)."""
+
+    port: Optional[float] = None
+    r"""Port to listen on"""
+
+    tls: Optional[InputAppscopeTLSSettingsServerSide] = None
+
+    unix_socket_path: Annotated[
+        Optional[str], pydantic.Field(alias="unixSocketPath")
+    ] = "$CRIBL_HOME/state/appscope.sock"
+    r"""Path to the UNIX domain socket to listen on."""
+
+    unix_socket_perms: Annotated[
+        Optional[str], pydantic.Field(alias="unixSocketPerms")
+    ] = None
+    r"""Permissions to set for socket e.g., 777. If empty, falls back to the runtime user's default permissions."""
+
+    auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = ""
+    r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted."""
+
+    text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None
+    r"""Select or create a stored text secret"""