cribl-control-plane 0.0.13__py3-none-any.whl

cribl_control_plane/models/outputsns.py

@@ -0,0 +1,274 @@
+"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT."""
+
+from __future__ import annotations
+from cribl_control_plane import utils
+from cribl_control_plane.types import BaseModel
+from cribl_control_plane.utils import validate_open_enum
+from enum import Enum
+import pydantic
+from pydantic.functional_validators import PlainValidator
+from typing import List, Optional
+from typing_extensions import Annotated, NotRequired, TypedDict
+
+
+class OutputSnsType(str, Enum, metaclass=utils.OpenEnumMeta):
+    SNS = "sns"
+
+
+class OutputSnsAuthenticationMethod(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""AWS authentication method. Choose Auto to use IAM roles."""
+
+    AUTO = "auto"
+    MANUAL = "manual"
+    SECRET = "secret"
+
+
+class OutputSnsSignatureVersion(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Signature version to use for signing SNS requests"""
+
+    V2 = "v2"
+    V4 = "v4"
+
+
+class OutputSnsBackpressureBehavior(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""How to handle events when all receivers are exerting backpressure"""
+
+    BLOCK = "block"
+    DROP = "drop"
+    QUEUE = "queue"
+
+
+class OutputSnsCompression(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Codec to use to compress the persisted data"""
+
+    NONE = "none"
+    GZIP = "gzip"
+
+
+class OutputSnsQueueFullBehavior(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged."""
+
+    BLOCK = "block"
+    DROP = "drop"
+
+
+class OutputSnsMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem."""
+
+    ERROR = "error"
+    BACKPRESSURE = "backpressure"
+    ALWAYS = "always"
+
+
+class OutputSnsPqControlsTypedDict(TypedDict):
+    pass
+
+
+class OutputSnsPqControls(BaseModel):
+    pass
+
+
+class OutputSnsTypedDict(TypedDict):
+    topic_arn: str
+    r"""The ARN of the SNS topic to send events to. When a non-AWS URL is specified, format must be: '{url}/myQueueName'. E.g., 'https://host:port/myQueueName'. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`"""
+    message_group_id: str
+    r"""Messages in the same group are processed in a FIFO manner. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`."""
+    id: NotRequired[str]
+    r"""Unique ID for this output"""
+    type: NotRequired[OutputSnsType]
+    pipeline: NotRequired[str]
+    r"""Pipeline to process data before sending out to this output"""
+    system_fields: NotRequired[List[str]]
+    r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards."""
+    environment: NotRequired[str]
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+    streamtags: NotRequired[List[str]]
+    r"""Tags for filtering and grouping in @{product}"""
+    max_retries: NotRequired[float]
+    r"""Maximum number of retries before the output returns an error. Note that not all errors are retryable. The retries use an exponential backoff policy."""
+    aws_authentication_method: NotRequired[OutputSnsAuthenticationMethod]
+    r"""AWS authentication method. Choose Auto to use IAM roles."""
+    aws_secret_key: NotRequired[str]
+    region: NotRequired[str]
+    r"""Region where the SNS is located"""
+    endpoint: NotRequired[str]
+    r"""SNS service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to SNS-compatible endpoint."""
+    signature_version: NotRequired[OutputSnsSignatureVersion]
+    r"""Signature version to use for signing SNS requests"""
+    reuse_connections: NotRequired[bool]
+    r"""Reuse connections between requests, which can improve performance"""
+    reject_unauthorized: NotRequired[bool]
+    r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates"""
+    enable_assume_role: NotRequired[bool]
+    r"""Use Assume Role credentials to access SNS"""
+    assume_role_arn: NotRequired[str]
+    r"""Amazon Resource Name (ARN) of the role to assume"""
+    assume_role_external_id: NotRequired[str]
+    r"""External ID to use when assuming role"""
+    duration_seconds: NotRequired[float]
+    r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours)."""
+    on_backpressure: NotRequired[OutputSnsBackpressureBehavior]
+    r"""How to handle events when all receivers are exerting backpressure"""
+    description: NotRequired[str]
+    aws_api_key: NotRequired[str]
+    aws_secret: NotRequired[str]
+    r"""Select or create a stored secret that references your access key and secret key"""
+    pq_max_file_size: NotRequired[str]
+    r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)"""
+    pq_max_size: NotRequired[str]
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+    pq_path: NotRequired[str]
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/<output-id>."""
+    pq_compress: NotRequired[OutputSnsCompression]
+    r"""Codec to use to compress the persisted data"""
+    pq_on_backpressure: NotRequired[OutputSnsQueueFullBehavior]
+    r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged."""
+    pq_mode: NotRequired[OutputSnsMode]
+    r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem."""
+    pq_controls: NotRequired[OutputSnsPqControlsTypedDict]
+
+
+class OutputSns(BaseModel):
+    topic_arn: Annotated[str, pydantic.Field(alias="topicArn")]
+    r"""The ARN of the SNS topic to send events to. When a non-AWS URL is specified, format must be: '{url}/myQueueName'. E.g., 'https://host:port/myQueueName'. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`"""
+
+    message_group_id: Annotated[str, pydantic.Field(alias="messageGroupId")]
+    r"""Messages in the same group are processed in a FIFO manner. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`."""
+
+    id: Optional[str] = None
+    r"""Unique ID for this output"""
+
+    type: Annotated[
+        Optional[OutputSnsType], PlainValidator(validate_open_enum(False))
+    ] = None
+
+    pipeline: Optional[str] = None
+    r"""Pipeline to process data before sending out to this output"""
+
+    system_fields: Annotated[
+        Optional[List[str]], pydantic.Field(alias="systemFields")
+    ] = None
+    r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards."""
+
+    environment: Optional[str] = None
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+
+    streamtags: Optional[List[str]] = None
+    r"""Tags for filtering and grouping in @{product}"""
+
+    max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None
+    r"""Maximum number of retries before the output returns an error. Note that not all errors are retryable. The retries use an exponential backoff policy."""
+
+    aws_authentication_method: Annotated[
+        Annotated[
+            Optional[OutputSnsAuthenticationMethod],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="awsAuthenticationMethod"),
+    ] = OutputSnsAuthenticationMethod.AUTO
+    r"""AWS authentication method. Choose Auto to use IAM roles."""
+
+    aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = (
+        None
+    )
+
+    region: Optional[str] = None
+    r"""Region where the SNS is located"""
+
+    endpoint: Optional[str] = None
+    r"""SNS service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to SNS-compatible endpoint."""
+
+    signature_version: Annotated[
+        Annotated[
+            Optional[OutputSnsSignatureVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="signatureVersion"),
+    ] = OutputSnsSignatureVersion.V4
+    r"""Signature version to use for signing SNS requests"""
+
+    reuse_connections: Annotated[
+        Optional[bool], pydantic.Field(alias="reuseConnections")
+    ] = True
+    r"""Reuse connections between requests, which can improve performance"""
+
+    reject_unauthorized: Annotated[
+        Optional[bool], pydantic.Field(alias="rejectUnauthorized")
+    ] = True
+    r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates"""
+
+    enable_assume_role: Annotated[
+        Optional[bool], pydantic.Field(alias="enableAssumeRole")
+    ] = False
+    r"""Use Assume Role credentials to access SNS"""
+
+    assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = (
+        None
+    )
+    r"""Amazon Resource Name (ARN) of the role to assume"""
+
+    assume_role_external_id: Annotated[
+        Optional[str], pydantic.Field(alias="assumeRoleExternalId")
+    ] = None
+    r"""External ID to use when assuming role"""
+
+    duration_seconds: Annotated[
+        Optional[float], pydantic.Field(alias="durationSeconds")
+    ] = 3600
+    r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours)."""
+
+    on_backpressure: Annotated[
+        Annotated[
+            Optional[OutputSnsBackpressureBehavior],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="onBackpressure"),
+    ] = OutputSnsBackpressureBehavior.BLOCK
+    r"""How to handle events when all receivers are exerting backpressure"""
+
+    description: Optional[str] = None
+
+    aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None
+
+    aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None
+    r"""Select or create a stored secret that references your access key and secret key"""
+
+    pq_max_file_size: Annotated[
+        Optional[str], pydantic.Field(alias="pqMaxFileSize")
+    ] = "1 MB"
+    r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)"""
+
+    pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = "5GB"
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+
+    pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = (
+        "$CRIBL_HOME/state/queues"
+    )
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/<output-id>."""
+
+    pq_compress: Annotated[
+        Annotated[
+            Optional[OutputSnsCompression], PlainValidator(validate_open_enum(False))
+        ],
+        pydantic.Field(alias="pqCompress"),
+    ] = OutputSnsCompression.NONE
+    r"""Codec to use to compress the persisted data"""
+
+    pq_on_backpressure: Annotated[
+        Annotated[
+            Optional[OutputSnsQueueFullBehavior],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="pqOnBackpressure"),
+    ] = OutputSnsQueueFullBehavior.BLOCK
+    r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged."""
+
+    pq_mode: Annotated[
+        Annotated[Optional[OutputSnsMode], PlainValidator(validate_open_enum(False))],
+        pydantic.Field(alias="pqMode"),
+    ] = OutputSnsMode.ERROR
+    r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem."""
+
+    pq_controls: Annotated[
+        Optional[OutputSnsPqControls], pydantic.Field(alias="pqControls")
+    ] = None

cribl_control_plane/models/outputsplunk.py

@@ -0,0 +1,383 @@
+"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT."""
+
+from __future__ import annotations
+from cribl_control_plane import utils
+from cribl_control_plane.types import BaseModel
+from cribl_control_plane.utils import validate_open_enum
+from enum import Enum
+import pydantic
+from pydantic.functional_validators import PlainValidator
+from typing import List, Optional
+from typing_extensions import Annotated, NotRequired, TypedDict
+
+
+class OutputSplunkType(str, Enum, metaclass=utils.OpenEnumMeta):
+    SPLUNK = "splunk"
+
+
+class OutputSplunkNestedFieldSerialization(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""How to serialize nested fields into index-time fields"""
+
+    JSON = "json"
+    NONE = "none"
+
+
+class OutputSplunkMinimumTLSVersion(str, Enum, metaclass=utils.OpenEnumMeta):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class OutputSplunkMaximumTLSVersion(str, Enum, metaclass=utils.OpenEnumMeta):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class OutputSplunkTLSSettingsClientSideTypedDict(TypedDict):
+    disabled: NotRequired[bool]
+    reject_unauthorized: NotRequired[bool]
+    r"""Reject certificates that are not authorized by a CA in the CA certificate path, or by another
+    trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present.
+    """
+    servername: NotRequired[str]
+    r"""Server name for the SNI (Server Name Indication) TLS extension. It must be a host name, and not an IP address."""
+    certificate_name: NotRequired[str]
+    r"""The name of the predefined certificate"""
+    ca_path: NotRequired[str]
+    r"""Path on client in which to find CA certificates to verify the server's cert. PEM format. Can reference $ENV_VARS."""
+    priv_key_path: NotRequired[str]
+    r"""Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS."""
+    cert_path: NotRequired[str]
+    r"""Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS."""
+    passphrase: NotRequired[str]
+    r"""Passphrase to use to decrypt private key"""
+    min_version: NotRequired[OutputSplunkMinimumTLSVersion]
+    max_version: NotRequired[OutputSplunkMaximumTLSVersion]
+
+
+class OutputSplunkTLSSettingsClientSide(BaseModel):
+    disabled: Optional[bool] = True
+
+    reject_unauthorized: Annotated[
+        Optional[bool], pydantic.Field(alias="rejectUnauthorized")
+    ] = True
+    r"""Reject certificates that are not authorized by a CA in the CA certificate path, or by another
+    trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present.
+    """
+
+    servername: Optional[str] = None
+    r"""Server name for the SNI (Server Name Indication) TLS extension. It must be a host name, and not an IP address."""
+
+    certificate_name: Annotated[
+        Optional[str], pydantic.Field(alias="certificateName")
+    ] = None
+    r"""The name of the predefined certificate"""
+
+    ca_path: Annotated[Optional[str], pydantic.Field(alias="caPath")] = None
+    r"""Path on client in which to find CA certificates to verify the server's cert. PEM format. Can reference $ENV_VARS."""
+
+    priv_key_path: Annotated[Optional[str], pydantic.Field(alias="privKeyPath")] = None
+    r"""Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS."""
+
+    cert_path: Annotated[Optional[str], pydantic.Field(alias="certPath")] = None
+    r"""Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS."""
+
+    passphrase: Optional[str] = None
+    r"""Passphrase to use to decrypt private key"""
+
+    min_version: Annotated[
+        Annotated[
+            Optional[OutputSplunkMinimumTLSVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="minVersion"),
+    ] = None
+
+    max_version: Annotated[
+        Annotated[
+            Optional[OutputSplunkMaximumTLSVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="maxVersion"),
+    ] = None
+
+
+class OutputSplunkMaxS2SVersion(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""The highest S2S protocol version to advertise during handshake"""
+
+    V3 = "v3"
+    V4 = "v4"
+
+
+class OutputSplunkBackpressureBehavior(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""How to handle events when all receivers are exerting backpressure"""
+
+    BLOCK = "block"
+    DROP = "drop"
+    QUEUE = "queue"
+
+
+class OutputSplunkAuthenticationMethod(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate"""
+
+    MANUAL = "manual"
+    SECRET = "secret"
+
+
+class OutputSplunkCompressCompression(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data."""
+
+    DISABLED = "disabled"
+    AUTO = "auto"
+    ALWAYS = "always"
+
+
+class OutputSplunkPqCompressCompression(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Codec to use to compress the persisted data"""
+
+    NONE = "none"
+    GZIP = "gzip"
+
+
+class OutputSplunkQueueFullBehavior(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged."""
+
+    BLOCK = "block"
+    DROP = "drop"
+
+
+class OutputSplunkMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem."""
+
+    ERROR = "error"
+    BACKPRESSURE = "backpressure"
+    ALWAYS = "always"
+
+
+class OutputSplunkPqControlsTypedDict(TypedDict):
+    pass
+
+
+class OutputSplunkPqControls(BaseModel):
+    pass
+
+
+class OutputSplunkTypedDict(TypedDict):
+    host: str
+    r"""The hostname of the receiver"""
+    id: NotRequired[str]
+    r"""Unique ID for this output"""
+    type: NotRequired[OutputSplunkType]
+    pipeline: NotRequired[str]
+    r"""Pipeline to process data before sending out to this output"""
+    system_fields: NotRequired[List[str]]
+    r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards."""
+    environment: NotRequired[str]
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+    streamtags: NotRequired[List[str]]
+    r"""Tags for filtering and grouping in @{product}"""
+    port: NotRequired[float]
+    r"""The port to connect to on the provided host"""
+    nested_fields: NotRequired[OutputSplunkNestedFieldSerialization]
+    r"""How to serialize nested fields into index-time fields"""
+    throttle_rate_per_sec: NotRequired[str]
+    r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling."""
+    connection_timeout: NotRequired[float]
+    r"""Amount of time (milliseconds) to wait for the connection to establish before retrying"""
+    write_timeout: NotRequired[float]
+    r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead"""
+    tls: NotRequired[OutputSplunkTLSSettingsClientSideTypedDict]
+    enable_multi_metrics: NotRequired[bool]
+    r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above."""
+    enable_ack: NotRequired[bool]
+    r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown."""
+    log_failed_requests: NotRequired[bool]
+    r"""Use to troubleshoot issues with sending data"""
+    max_s2_sversion: NotRequired[OutputSplunkMaxS2SVersion]
+    r"""The highest S2S protocol version to advertise during handshake"""
+    on_backpressure: NotRequired[OutputSplunkBackpressureBehavior]
+    r"""How to handle events when all receivers are exerting backpressure"""
+    auth_type: NotRequired[OutputSplunkAuthenticationMethod]
+    r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate"""
+    description: NotRequired[str]
+    max_failed_health_checks: NotRequired[float]
+    r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur."""
+    compress: NotRequired[OutputSplunkCompressCompression]
+    r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data."""
+    pq_max_file_size: NotRequired[str]
+    r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)"""
+    pq_max_size: NotRequired[str]
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+    pq_path: NotRequired[str]
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/<output-id>."""
+    pq_compress: NotRequired[OutputSplunkPqCompressCompression]
+    r"""Codec to use to compress the persisted data"""
+    pq_on_backpressure: NotRequired[OutputSplunkQueueFullBehavior]
+    r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged."""
+    pq_mode: NotRequired[OutputSplunkMode]
+    r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem."""
+    pq_controls: NotRequired[OutputSplunkPqControlsTypedDict]
+    auth_token: NotRequired[str]
+    r"""Shared secret token to use when establishing a connection to a Splunk indexer."""
+    text_secret: NotRequired[str]
+    r"""Select or create a stored text secret"""
+
+
+class OutputSplunk(BaseModel):
+    host: str
+    r"""The hostname of the receiver"""
+
+    id: Optional[str] = None
+    r"""Unique ID for this output"""
+
+    type: Annotated[
+        Optional[OutputSplunkType], PlainValidator(validate_open_enum(False))
+    ] = None
+
+    pipeline: Optional[str] = None
+    r"""Pipeline to process data before sending out to this output"""
+
+    system_fields: Annotated[
+        Optional[List[str]], pydantic.Field(alias="systemFields")
+    ] = None
+    r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards."""
+
+    environment: Optional[str] = None
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+
+    streamtags: Optional[List[str]] = None
+    r"""Tags for filtering and grouping in @{product}"""
+
+    port: Optional[float] = 9997
+    r"""The port to connect to on the provided host"""
+
+    nested_fields: Annotated[
+        Annotated[
+            Optional[OutputSplunkNestedFieldSerialization],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="nestedFields"),
+    ] = OutputSplunkNestedFieldSerialization.NONE
+    r"""How to serialize nested fields into index-time fields"""
+
+    throttle_rate_per_sec: Annotated[
+        Optional[str], pydantic.Field(alias="throttleRatePerSec")
+    ] = "0"
+    r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling."""
+
+    connection_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="connectionTimeout")
+    ] = 10000
+    r"""Amount of time (milliseconds) to wait for the connection to establish before retrying"""
+
+    write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = (
+        60000
+    )
+    r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead"""
+
+    tls: Optional[OutputSplunkTLSSettingsClientSide] = None
+
+    enable_multi_metrics: Annotated[
+        Optional[bool], pydantic.Field(alias="enableMultiMetrics")
+    ] = False
+    r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above."""
+
+    enable_ack: Annotated[Optional[bool], pydantic.Field(alias="enableACK")] = True
+    r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown."""
+
+    log_failed_requests: Annotated[
+        Optional[bool], pydantic.Field(alias="logFailedRequests")
+    ] = False
+    r"""Use to troubleshoot issues with sending data"""
+
+    max_s2_sversion: Annotated[
+        Annotated[
+            Optional[OutputSplunkMaxS2SVersion],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="maxS2Sversion"),
+    ] = OutputSplunkMaxS2SVersion.V3
+    r"""The highest S2S protocol version to advertise during handshake"""
+
+    on_backpressure: Annotated[
+        Annotated[
+            Optional[OutputSplunkBackpressureBehavior],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="onBackpressure"),
+    ] = OutputSplunkBackpressureBehavior.BLOCK
+    r"""How to handle events when all receivers are exerting backpressure"""
+
+    auth_type: Annotated[
+        Annotated[
+            Optional[OutputSplunkAuthenticationMethod],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="authType"),
+    ] = OutputSplunkAuthenticationMethod.MANUAL
+    r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate"""
+
+    description: Optional[str] = None
+
+    max_failed_health_checks: Annotated[
+        Optional[float], pydantic.Field(alias="maxFailedHealthChecks")
+    ] = 1
+    r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur."""
+
+    compress: Annotated[
+        Optional[OutputSplunkCompressCompression],
+        PlainValidator(validate_open_enum(False)),
+    ] = OutputSplunkCompressCompression.DISABLED
+    r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data."""
+
+    pq_max_file_size: Annotated[
+        Optional[str], pydantic.Field(alias="pqMaxFileSize")
+    ] = "1 MB"
+    r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)"""
+
+    pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = "5GB"
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+
+    pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = (
+        "$CRIBL_HOME/state/queues"
+    )
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/<output-id>."""
+
+    pq_compress: Annotated[
+        Annotated[
+            Optional[OutputSplunkPqCompressCompression],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="pqCompress"),
+    ] = OutputSplunkPqCompressCompression.NONE
+    r"""Codec to use to compress the persisted data"""
+
+    pq_on_backpressure: Annotated[
+        Annotated[
+            Optional[OutputSplunkQueueFullBehavior],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="pqOnBackpressure"),
+    ] = OutputSplunkQueueFullBehavior.BLOCK
+    r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged."""
+
+    pq_mode: Annotated[
+        Annotated[
+            Optional[OutputSplunkMode], PlainValidator(validate_open_enum(False))
+        ],
+        pydantic.Field(alias="pqMode"),
+    ] = OutputSplunkMode.ERROR
+    r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem."""
+
+    pq_controls: Annotated[
+        Optional[OutputSplunkPqControls], pydantic.Field(alias="pqControls")
+    ] = None
+
+    auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = ""
+    r"""Shared secret token to use when establishing a connection to a Splunk indexer."""
+
+    text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None
+    r"""Select or create a stored text secret"""