cribl-control-plane 0.0.37a1__py3-none-any.whl → 0.0.38__py3-none-any.whl

cribl_control_plane/models/inputs3.py

@@ -196,7 +196,7 @@ class InputS3TypedDict(TypedDict):
     skip_on_error: NotRequired[bool]
     r"""Skip files that trigger a processing error. Disabled by default, which allows retries after processing errors."""
     include_sqs_metadata: NotRequired[bool]
-    r"""Include metadata from SQS notifications on outgoing events"""
+    r"""Attach SQS notification metadata to a __sqsMetadata field on each event"""
     enable_assume_role: NotRequired[bool]
     r"""Use Assume Role credentials to access Amazon S3"""
     assume_role_arn: NotRequired[str]
@@ -337,7 +337,7 @@ class InputS3(BaseModel):
     include_sqs_metadata: Annotated[
         Optional[bool], pydantic.Field(alias="includeSqsMetadata")
     ] = False
-    r"""Include metadata from SQS notifications on outgoing events"""
+    r"""Attach SQS notification metadata to a __sqsMetadata field on each event"""
 
     enable_assume_role: Annotated[
         Optional[bool], pydantic.Field(alias="enableAssumeRole")

cribl_control_plane/models/inputs3inventory.py

@@ -201,7 +201,7 @@ class InputS3InventoryTypedDict(TypedDict):
     skip_on_error: NotRequired[bool]
     r"""Skip files that trigger a processing error. Disabled by default, which allows retries after processing errors."""
     include_sqs_metadata: NotRequired[bool]
-    r"""Include metadata from SQS notifications on outgoing events"""
+    r"""Attach SQS notification metadata to a __sqsMetadata field on each event"""
     enable_assume_role: NotRequired[bool]
     r"""Use Assume Role credentials to access Amazon S3"""
     assume_role_arn: NotRequired[str]
@@ -346,7 +346,7 @@ class InputS3Inventory(BaseModel):
     include_sqs_metadata: Annotated[
         Optional[bool], pydantic.Field(alias="includeSqsMetadata")
     ] = False
-    r"""Include metadata from SQS notifications on outgoing events"""
+    r"""Attach SQS notification metadata to a __sqsMetadata field on each event"""
 
     enable_assume_role: Annotated[
         Optional[bool], pydantic.Field(alias="enableAssumeRole")

cribl_control_plane/models/inputsecuritylake.py

@@ -201,7 +201,7 @@ class InputSecurityLakeTypedDict(TypedDict):
     skip_on_error: NotRequired[bool]
     r"""Skip files that trigger a processing error. Disabled by default, which allows retries after processing errors."""
     include_sqs_metadata: NotRequired[bool]
-    r"""Include metadata from SQS notifications on outgoing events"""
+    r"""Attach SQS notification metadata to a __sqsMetadata field on each event"""
     enable_assume_role: NotRequired[bool]
     r"""Use Assume Role credentials to access Amazon S3"""
     assume_role_arn: NotRequired[str]
@@ -342,7 +342,7 @@ class InputSecurityLake(BaseModel):
     include_sqs_metadata: Annotated[
         Optional[bool], pydantic.Field(alias="includeSqsMetadata")
     ] = False
-    r"""Include metadata from SQS notifications on outgoing events"""
+    r"""Attach SQS notification metadata to a __sqsMetadata field on each event"""
 
     enable_assume_role: Annotated[
         Optional[bool], pydantic.Field(alias="enableAssumeRole")

cribl_control_plane/models/inputsyslog.py

@@ -4,41 +4,41 @@ from __future__ import annotations
 from cribl_control_plane.types import BaseModel
 from enum import Enum
 import pydantic
-from typing import Any, List, Optional
-from typing_extensions import Annotated, NotRequired, TypedDict
+from typing import Any, List, Optional, Union
+from typing_extensions import Annotated, NotRequired, TypeAliasType, TypedDict
 
 
-class InputSyslogType(str, Enum):
+class InputSyslogType2(str, Enum):
     SYSLOG = "syslog"
 
 
-class InputSyslogConnectionTypedDict(TypedDict):
+class InputSyslogConnection2TypedDict(TypedDict):
     output: str
     pipeline: NotRequired[str]
 
 
-class InputSyslogConnection(BaseModel):
+class InputSyslogConnection2(BaseModel):
     output: str
 
     pipeline: Optional[str] = None
 
 
-class InputSyslogMode(str, Enum):
+class InputSyslogMode2(str, Enum):
     r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
 
     SMART = "smart"
     ALWAYS = "always"
 
 
-class InputSyslogCompression(str, Enum):
+class InputSyslogCompression2(str, Enum):
     r"""Codec to use to compress the persisted data"""
 
     NONE = "none"
     GZIP = "gzip"
 
 
-class InputSyslogPqTypedDict(TypedDict):
-    mode: NotRequired[InputSyslogMode]
+class InputSyslogPq2TypedDict(TypedDict):
+    mode: NotRequired[InputSyslogMode2]
     r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
     max_buffer_size: NotRequired[float]
     r"""The maximum number of events to hold in memory before writing the events to disk"""
@@ -50,12 +50,12 @@ class InputSyslogPqTypedDict(TypedDict):
     r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
     path: NotRequired[str]
     r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/inputs/<input-id>"""
-    compress: NotRequired[InputSyslogCompression]
+    compress: NotRequired[InputSyslogCompression2]
     r"""Codec to use to compress the persisted data"""
 
 
-class InputSyslogPq(BaseModel):
-    mode: Optional[InputSyslogMode] = InputSyslogMode.ALWAYS
+class InputSyslogPq2(BaseModel):
+    mode: Optional[InputSyslogMode2] = InputSyslogMode2.ALWAYS
     r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
 
     max_buffer_size: Annotated[
@@ -79,25 +79,25 @@ class InputSyslogPq(BaseModel):
     path: Optional[str] = "$CRIBL_HOME/state/queues"
     r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/inputs/<input-id>"""
 
-    compress: Optional[InputSyslogCompression] = InputSyslogCompression.NONE
+    compress: Optional[InputSyslogCompression2] = InputSyslogCompression2.NONE
     r"""Codec to use to compress the persisted data"""
 
 
-class InputSyslogMinimumTLSVersion(str, Enum):
+class InputSyslogMinimumTLSVersion2(str, Enum):
     TL_SV1 = "TLSv1"
     TL_SV1_1 = "TLSv1.1"
     TL_SV1_2 = "TLSv1.2"
     TL_SV1_3 = "TLSv1.3"
 
 
-class InputSyslogMaximumTLSVersion(str, Enum):
+class InputSyslogMaximumTLSVersion2(str, Enum):
     TL_SV1 = "TLSv1"
     TL_SV1_1 = "TLSv1.1"
     TL_SV1_2 = "TLSv1.2"
     TL_SV1_3 = "TLSv1.3"
 
 
-class InputSyslogTLSSettingsServerSideTypedDict(TypedDict):
+class InputSyslogTLSSettingsServerSide2TypedDict(TypedDict):
     disabled: NotRequired[bool]
     certificate_name: NotRequired[str]
     r"""The name of the predefined certificate"""
@@ -113,11 +113,11 @@ class InputSyslogTLSSettingsServerSideTypedDict(TypedDict):
     r"""Require clients to present their certificates. Used to perform client authentication using SSL certs."""
     reject_unauthorized: NotRequired[Any]
     common_name_regex: NotRequired[Any]
-    min_version: NotRequired[InputSyslogMinimumTLSVersion]
-    max_version: NotRequired[InputSyslogMaximumTLSVersion]
+    min_version: NotRequired[InputSyslogMinimumTLSVersion2]
+    max_version: NotRequired[InputSyslogMaximumTLSVersion2]
 
 
-class InputSyslogTLSSettingsServerSide(BaseModel):
+class InputSyslogTLSSettingsServerSide2(BaseModel):
     disabled: Optional[bool] = True
 
     certificate_name: Annotated[
@@ -149,29 +149,31 @@ class InputSyslogTLSSettingsServerSide(BaseModel):
     ] = None
 
     min_version: Annotated[
-        Optional[InputSyslogMinimumTLSVersion], pydantic.Field(alias="minVersion")
+        Optional[InputSyslogMinimumTLSVersion2], pydantic.Field(alias="minVersion")
     ] = None
 
     max_version: Annotated[
-        Optional[InputSyslogMaximumTLSVersion], pydantic.Field(alias="maxVersion")
+        Optional[InputSyslogMaximumTLSVersion2], pydantic.Field(alias="maxVersion")
     ] = None
 
 
-class InputSyslogMetadatumTypedDict(TypedDict):
+class InputSyslogMetadatum2TypedDict(TypedDict):
     name: str
     value: str
     r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)"""
 
 
-class InputSyslogMetadatum(BaseModel):
+class InputSyslogMetadatum2(BaseModel):
     name: str
 
     value: str
     r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)"""
 
 
-class InputSyslogTypedDict(TypedDict):
-    type: InputSyslogType
+class InputSyslogSyslog2TypedDict(TypedDict):
+    type: InputSyslogType2
+    tcp_port: float
+    r"""Enter TCP port number to listen on. Not required if listening on UDP."""
     id: NotRequired[str]
     r"""Unique ID for this input"""
     disabled: NotRequired[bool]
@@ -185,15 +187,13 @@ class InputSyslogTypedDict(TypedDict):
     r"""Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers)."""
     streamtags: NotRequired[List[str]]
     r"""Tags for filtering and grouping in @{product}"""
-    connections: NotRequired[List[InputSyslogConnectionTypedDict]]
+    connections: NotRequired[List[InputSyslogConnection2TypedDict]]
     r"""Direct connections to Destinations, and optionally via a Pipeline or a Pack"""
-    pq: NotRequired[InputSyslogPqTypedDict]
+    pq: NotRequired[InputSyslogPq2TypedDict]
     host: NotRequired[str]
     r"""Address to bind on. For IPv4 (all addresses), use the default '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP address."""
     udp_port: NotRequired[float]
     r"""Enter UDP port number to listen on. Not required if listening on TCP."""
-    tcp_port: NotRequired[float]
-    r"""Enter TCP port number to listen on. Not required if listening on UDP."""
     max_buffer_size: NotRequired[float]
     r"""Maximum number of events to buffer when downstream is blocking. Only applies to UDP."""
     ip_whitelist_regex: NotRequired[str]
@@ -222,8 +222,8 @@ class InputSyslogTypedDict(TypedDict):
     r"""How long the server will wait after initiating a closure for a client to close its end of the connection. If the client doesn't close the connection within this time, the server will forcefully terminate the socket to prevent resource leaks and ensure efficient connection cleanup and system stability. Leave at 0 for no inactive socket monitoring."""
     socket_max_lifespan: NotRequired[float]
     r"""The maximum duration a socket can remain open, even if active. This helps manage resources and mitigate issues caused by TCP pinning. Set to 0 to disable."""
-    tls: NotRequired[InputSyslogTLSSettingsServerSideTypedDict]
-    metadata: NotRequired[List[InputSyslogMetadatumTypedDict]]
+    tls: NotRequired[InputSyslogTLSSettingsServerSide2TypedDict]
+    metadata: NotRequired[List[InputSyslogMetadatum2TypedDict]]
     r"""Fields to add to events from this input"""
     udp_socket_rx_buf_size: NotRequired[float]
     r"""Optionally, set the SO_RCVBUF socket option for the UDP socket. This value tells the operating system how many bytes can be buffered in the kernel before events are dropped. Leave blank to use the OS default. Caution: Increasing this value will affect OS memory utilization."""
@@ -234,8 +234,11 @@ class InputSyslogTypedDict(TypedDict):
     r"""When enabled, parses PROXY protocol headers during the TLS handshake. Disable if compatibility issues arise."""
 
 
-class InputSyslog(BaseModel):
-    type: InputSyslogType
+class InputSyslogSyslog2(BaseModel):
+    type: InputSyslogType2
+
+    tcp_port: Annotated[float, pydantic.Field(alias="tcpPort")]
+    r"""Enter TCP port number to listen on. Not required if listening on UDP."""
 
     id: Optional[str] = None
     r"""Unique ID for this input"""
@@ -259,10 +262,10 @@ class InputSyslog(BaseModel):
     streamtags: Optional[List[str]] = None
     r"""Tags for filtering and grouping in @{product}"""
 
-    connections: Optional[List[InputSyslogConnection]] = None
+    connections: Optional[List[InputSyslogConnection2]] = None
     r"""Direct connections to Destinations, and optionally via a Pipeline or a Pack"""
 
-    pq: Optional[InputSyslogPq] = None
+    pq: Optional[InputSyslogPq2] = None
 
     host: Optional[str] = "0.0.0.0"
     r"""Address to bind on. For IPv4 (all addresses), use the default '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP address."""
@@ -270,6 +273,361 @@ class InputSyslog(BaseModel):
     udp_port: Annotated[Optional[float], pydantic.Field(alias="udpPort")] = None
     r"""Enter UDP port number to listen on. Not required if listening on TCP."""
 
+    max_buffer_size: Annotated[
+        Optional[float], pydantic.Field(alias="maxBufferSize")
+    ] = 1000
+    r"""Maximum number of events to buffer when downstream is blocking. Only applies to UDP."""
+
+    ip_whitelist_regex: Annotated[
+        Optional[str], pydantic.Field(alias="ipWhitelistRegex")
+    ] = "/.*/"
+    r"""Regex matching IP addresses that are allowed to send data"""
+
+    timestamp_timezone: Annotated[
+        Optional[str], pydantic.Field(alias="timestampTimezone")
+    ] = "local"
+    r"""Timezone to assign to timestamps without timezone info"""
+
+    single_msg_udp_packets: Annotated[
+        Optional[bool], pydantic.Field(alias="singleMsgUdpPackets")
+    ] = False
+    r"""Treat UDP packet data received as full syslog message"""
+
+    enable_proxy_header: Annotated[
+        Optional[bool], pydantic.Field(alias="enableProxyHeader")
+    ] = False
+    r"""Enable if the connection is proxied by a device that supports Proxy Protocol V1 or V2"""
+
+    keep_fields_list: Annotated[
+        Optional[List[str]], pydantic.Field(alias="keepFieldsList")
+    ] = None
+    r"""Wildcard list of fields to keep from source data; * = ALL (default)"""
+
+    octet_counting: Annotated[Optional[bool], pydantic.Field(alias="octetCounting")] = (
+        False
+    )
+    r"""Enable if incoming messages use octet counting per RFC 6587."""
+
+    infer_framing: Annotated[Optional[bool], pydantic.Field(alias="inferFraming")] = (
+        True
+    )
+    r"""Enable if we should infer the syslog framing of the incoming messages."""
+
+    strictly_infer_octet_counting: Annotated[
+        Optional[bool], pydantic.Field(alias="strictlyInferOctetCounting")
+    ] = True
+    r"""Enable if we should infer octet counting only if the messages comply with RFC 5424."""
+
+    allow_non_standard_app_name: Annotated[
+        Optional[bool], pydantic.Field(alias="allowNonStandardAppName")
+    ] = False
+    r"""Enable if RFC 3164-formatted messages have hyphens in the app name portion of the TAG section. If disabled, only alphanumeric characters and underscores are allowed. Ignored for RFC 5424-formatted messages."""
+
+    max_active_cxn: Annotated[Optional[float], pydantic.Field(alias="maxActiveCxn")] = (
+        1000
+    )
+    r"""Maximum number of active connections allowed per Worker Process for TCP connections. Use 0 for unlimited."""
+
+    socket_idle_timeout: Annotated[
+        Optional[float], pydantic.Field(alias="socketIdleTimeout")
+    ] = 0
+    r"""How long @{product} should wait before assuming that an inactive socket has timed out. After this time, the connection will be closed. Leave at 0 for no inactive socket monitoring."""
+
+    socket_ending_max_wait: Annotated[
+        Optional[float], pydantic.Field(alias="socketEndingMaxWait")
+    ] = 30
+    r"""How long the server will wait after initiating a closure for a client to close its end of the connection. If the client doesn't close the connection within this time, the server will forcefully terminate the socket to prevent resource leaks and ensure efficient connection cleanup and system stability. Leave at 0 for no inactive socket monitoring."""
+
+    socket_max_lifespan: Annotated[
+        Optional[float], pydantic.Field(alias="socketMaxLifespan")
+    ] = 0
+    r"""The maximum duration a socket can remain open, even if active. This helps manage resources and mitigate issues caused by TCP pinning. Set to 0 to disable."""
+
+    tls: Optional[InputSyslogTLSSettingsServerSide2] = None
+
+    metadata: Optional[List[InputSyslogMetadatum2]] = None
+    r"""Fields to add to events from this input"""
+
+    udp_socket_rx_buf_size: Annotated[
+        Optional[float], pydantic.Field(alias="udpSocketRxBufSize")
+    ] = None
+    r"""Optionally, set the SO_RCVBUF socket option for the UDP socket. This value tells the operating system how many bytes can be buffered in the kernel before events are dropped. Leave blank to use the OS default. Caution: Increasing this value will affect OS memory utilization."""
+
+    enable_load_balancing: Annotated[
+        Optional[bool], pydantic.Field(alias="enableLoadBalancing")
+    ] = False
+    r"""Load balance traffic across all Worker Processes"""
+
+    description: Optional[str] = None
+
+    enable_enhanced_proxy_header_parsing: Annotated[
+        Optional[bool], pydantic.Field(alias="enableEnhancedProxyHeaderParsing")
+    ] = None
+    r"""When enabled, parses PROXY protocol headers during the TLS handshake. Disable if compatibility issues arise."""
+
+
+class InputSyslogType1(str, Enum):
+    SYSLOG = "syslog"
+
+
+class InputSyslogConnection1TypedDict(TypedDict):
+    output: str
+    pipeline: NotRequired[str]
+
+
+class InputSyslogConnection1(BaseModel):
+    output: str
+
+    pipeline: Optional[str] = None
+
+
+class InputSyslogMode1(str, Enum):
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+
+    SMART = "smart"
+    ALWAYS = "always"
+
+
+class InputSyslogCompression1(str, Enum):
+    r"""Codec to use to compress the persisted data"""
+
+    NONE = "none"
+    GZIP = "gzip"
+
+
+class InputSyslogPq1TypedDict(TypedDict):
+    mode: NotRequired[InputSyslogMode1]
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+    max_buffer_size: NotRequired[float]
+    r"""The maximum number of events to hold in memory before writing the events to disk"""
+    commit_frequency: NotRequired[float]
+    r"""The number of events to send downstream before committing that Stream has read them"""
+    max_file_size: NotRequired[str]
+    r"""The maximum size to store in each queue file before closing and optionally compressing. Enter a numeral with units of KB, MB, etc."""
+    max_size: NotRequired[str]
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+    path: NotRequired[str]
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/inputs/<input-id>"""
+    compress: NotRequired[InputSyslogCompression1]
+    r"""Codec to use to compress the persisted data"""
+
+
+class InputSyslogPq1(BaseModel):
+    mode: Optional[InputSyslogMode1] = InputSyslogMode1.ALWAYS
+    r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine."""
+
+    max_buffer_size: Annotated[
+        Optional[float], pydantic.Field(alias="maxBufferSize")
+    ] = 1000
+    r"""The maximum number of events to hold in memory before writing the events to disk"""
+
+    commit_frequency: Annotated[
+        Optional[float], pydantic.Field(alias="commitFrequency")
+    ] = 42
+    r"""The number of events to send downstream before committing that Stream has read them"""
+
+    max_file_size: Annotated[Optional[str], pydantic.Field(alias="maxFileSize")] = (
+        "1 MB"
+    )
+    r"""The maximum size to store in each queue file before closing and optionally compressing. Enter a numeral with units of KB, MB, etc."""
+
+    max_size: Annotated[Optional[str], pydantic.Field(alias="maxSize")] = "5GB"
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+
+    path: Optional[str] = "$CRIBL_HOME/state/queues"
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/inputs/<input-id>"""
+
+    compress: Optional[InputSyslogCompression1] = InputSyslogCompression1.NONE
+    r"""Codec to use to compress the persisted data"""
+
+
+class InputSyslogMinimumTLSVersion1(str, Enum):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class InputSyslogMaximumTLSVersion1(str, Enum):
+    TL_SV1 = "TLSv1"
+    TL_SV1_1 = "TLSv1.1"
+    TL_SV1_2 = "TLSv1.2"
+    TL_SV1_3 = "TLSv1.3"
+
+
+class InputSyslogTLSSettingsServerSide1TypedDict(TypedDict):
+    disabled: NotRequired[bool]
+    certificate_name: NotRequired[str]
+    r"""The name of the predefined certificate"""
+    priv_key_path: NotRequired[str]
+    r"""Path on server containing the private key to use. PEM format. Can reference $ENV_VARS."""
+    passphrase: NotRequired[str]
+    r"""Passphrase to use to decrypt private key"""
+    cert_path: NotRequired[str]
+    r"""Path on server containing certificates to use. PEM format. Can reference $ENV_VARS."""
+    ca_path: NotRequired[str]
+    r"""Path on server containing CA certificates to use. PEM format. Can reference $ENV_VARS."""
+    request_cert: NotRequired[bool]
+    r"""Require clients to present their certificates. Used to perform client authentication using SSL certs."""
+    reject_unauthorized: NotRequired[Any]
+    common_name_regex: NotRequired[Any]
+    min_version: NotRequired[InputSyslogMinimumTLSVersion1]
+    max_version: NotRequired[InputSyslogMaximumTLSVersion1]
+
+
+class InputSyslogTLSSettingsServerSide1(BaseModel):
+    disabled: Optional[bool] = True
+
+    certificate_name: Annotated[
+        Optional[str], pydantic.Field(alias="certificateName")
+    ] = None
+    r"""The name of the predefined certificate"""
+
+    priv_key_path: Annotated[Optional[str], pydantic.Field(alias="privKeyPath")] = None
+    r"""Path on server containing the private key to use. PEM format. Can reference $ENV_VARS."""
+
+    passphrase: Optional[str] = None
+    r"""Passphrase to use to decrypt private key"""
+
+    cert_path: Annotated[Optional[str], pydantic.Field(alias="certPath")] = None
+    r"""Path on server containing certificates to use. PEM format. Can reference $ENV_VARS."""
+
+    ca_path: Annotated[Optional[str], pydantic.Field(alias="caPath")] = None
+    r"""Path on server containing CA certificates to use. PEM format. Can reference $ENV_VARS."""
+
+    request_cert: Annotated[Optional[bool], pydantic.Field(alias="requestCert")] = False
+    r"""Require clients to present their certificates. Used to perform client authentication using SSL certs."""
+
+    reject_unauthorized: Annotated[
+        Optional[Any], pydantic.Field(alias="rejectUnauthorized")
+    ] = None
+
+    common_name_regex: Annotated[
+        Optional[Any], pydantic.Field(alias="commonNameRegex")
+    ] = None
+
+    min_version: Annotated[
+        Optional[InputSyslogMinimumTLSVersion1], pydantic.Field(alias="minVersion")
+    ] = None
+
+    max_version: Annotated[
+        Optional[InputSyslogMaximumTLSVersion1], pydantic.Field(alias="maxVersion")
+    ] = None
+
+
+class InputSyslogMetadatum1TypedDict(TypedDict):
+    name: str
+    value: str
+    r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)"""
+
+
+class InputSyslogMetadatum1(BaseModel):
+    name: str
+
+    value: str
+    r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)"""
+
+
+class InputSyslogSyslog1TypedDict(TypedDict):
+    type: InputSyslogType1
+    udp_port: float
+    r"""Enter UDP port number to listen on. Not required if listening on TCP."""
+    id: NotRequired[str]
+    r"""Unique ID for this input"""
+    disabled: NotRequired[bool]
+    pipeline: NotRequired[str]
+    r"""Pipeline to process data from this Source before sending it through the Routes"""
+    send_to_routes: NotRequired[bool]
+    r"""Select whether to send data to Routes, or directly to Destinations."""
+    environment: NotRequired[str]
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+    pq_enabled: NotRequired[bool]
+    r"""Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers)."""
+    streamtags: NotRequired[List[str]]
+    r"""Tags for filtering and grouping in @{product}"""
+    connections: NotRequired[List[InputSyslogConnection1TypedDict]]
+    r"""Direct connections to Destinations, and optionally via a Pipeline or a Pack"""
+    pq: NotRequired[InputSyslogPq1TypedDict]
+    host: NotRequired[str]
+    r"""Address to bind on. For IPv4 (all addresses), use the default '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP address."""
+    tcp_port: NotRequired[float]
+    r"""Enter TCP port number to listen on. Not required if listening on UDP."""
+    max_buffer_size: NotRequired[float]
+    r"""Maximum number of events to buffer when downstream is blocking. Only applies to UDP."""
+    ip_whitelist_regex: NotRequired[str]
+    r"""Regex matching IP addresses that are allowed to send data"""
+    timestamp_timezone: NotRequired[str]
+    r"""Timezone to assign to timestamps without timezone info"""
+    single_msg_udp_packets: NotRequired[bool]
+    r"""Treat UDP packet data received as full syslog message"""
+    enable_proxy_header: NotRequired[bool]
+    r"""Enable if the connection is proxied by a device that supports Proxy Protocol V1 or V2"""
+    keep_fields_list: NotRequired[List[str]]
+    r"""Wildcard list of fields to keep from source data; * = ALL (default)"""
+    octet_counting: NotRequired[bool]
+    r"""Enable if incoming messages use octet counting per RFC 6587."""
+    infer_framing: NotRequired[bool]
+    r"""Enable if we should infer the syslog framing of the incoming messages."""
+    strictly_infer_octet_counting: NotRequired[bool]
+    r"""Enable if we should infer octet counting only if the messages comply with RFC 5424."""
+    allow_non_standard_app_name: NotRequired[bool]
+    r"""Enable if RFC 3164-formatted messages have hyphens in the app name portion of the TAG section. If disabled, only alphanumeric characters and underscores are allowed. Ignored for RFC 5424-formatted messages."""
+    max_active_cxn: NotRequired[float]
+    r"""Maximum number of active connections allowed per Worker Process for TCP connections. Use 0 for unlimited."""
+    socket_idle_timeout: NotRequired[float]
+    r"""How long @{product} should wait before assuming that an inactive socket has timed out. After this time, the connection will be closed. Leave at 0 for no inactive socket monitoring."""
+    socket_ending_max_wait: NotRequired[float]
+    r"""How long the server will wait after initiating a closure for a client to close its end of the connection. If the client doesn't close the connection within this time, the server will forcefully terminate the socket to prevent resource leaks and ensure efficient connection cleanup and system stability. Leave at 0 for no inactive socket monitoring."""
+    socket_max_lifespan: NotRequired[float]
+    r"""The maximum duration a socket can remain open, even if active. This helps manage resources and mitigate issues caused by TCP pinning. Set to 0 to disable."""
+    tls: NotRequired[InputSyslogTLSSettingsServerSide1TypedDict]
+    metadata: NotRequired[List[InputSyslogMetadatum1TypedDict]]
+    r"""Fields to add to events from this input"""
+    udp_socket_rx_buf_size: NotRequired[float]
+    r"""Optionally, set the SO_RCVBUF socket option for the UDP socket. This value tells the operating system how many bytes can be buffered in the kernel before events are dropped. Leave blank to use the OS default. Caution: Increasing this value will affect OS memory utilization."""
+    enable_load_balancing: NotRequired[bool]
+    r"""Load balance traffic across all Worker Processes"""
+    description: NotRequired[str]
+    enable_enhanced_proxy_header_parsing: NotRequired[bool]
+    r"""When enabled, parses PROXY protocol headers during the TLS handshake. Disable if compatibility issues arise."""
+
+
+class InputSyslogSyslog1(BaseModel):
+    type: InputSyslogType1
+
+    udp_port: Annotated[float, pydantic.Field(alias="udpPort")]
+    r"""Enter UDP port number to listen on. Not required if listening on TCP."""
+
+    id: Optional[str] = None
+    r"""Unique ID for this input"""
+
+    disabled: Optional[bool] = False
+
+    pipeline: Optional[str] = None
+    r"""Pipeline to process data from this Source before sending it through the Routes"""
+
+    send_to_routes: Annotated[Optional[bool], pydantic.Field(alias="sendToRoutes")] = (
+        True
+    )
+    r"""Select whether to send data to Routes, or directly to Destinations."""
+
+    environment: Optional[str] = None
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+
+    pq_enabled: Annotated[Optional[bool], pydantic.Field(alias="pqEnabled")] = False
+    r"""Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers)."""
+
+    streamtags: Optional[List[str]] = None
+    r"""Tags for filtering and grouping in @{product}"""
+
+    connections: Optional[List[InputSyslogConnection1]] = None
+    r"""Direct connections to Destinations, and optionally via a Pipeline or a Pack"""
+
+    pq: Optional[InputSyslogPq1] = None
+
+    host: Optional[str] = "0.0.0.0"
+    r"""Address to bind on. For IPv4 (all addresses), use the default '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP address."""
+
     tcp_port: Annotated[Optional[float], pydantic.Field(alias="tcpPort")] = None
     r"""Enter TCP port number to listen on. Not required if listening on UDP."""
 
@@ -343,9 +701,9 @@ class InputSyslog(BaseModel):
     ] = 0
     r"""The maximum duration a socket can remain open, even if active. This helps manage resources and mitigate issues caused by TCP pinning. Set to 0 to disable."""
 
-    tls: Optional[InputSyslogTLSSettingsServerSide] = None
+    tls: Optional[InputSyslogTLSSettingsServerSide1] = None
 
-    metadata: Optional[List[InputSyslogMetadatum]] = None
+    metadata: Optional[List[InputSyslogMetadatum1]] = None
     r"""Fields to add to events from this input"""
 
     udp_socket_rx_buf_size: Annotated[
@@ -364,3 +722,14 @@ class InputSyslog(BaseModel):
         Optional[bool], pydantic.Field(alias="enableEnhancedProxyHeaderParsing")
     ] = None
     r"""When enabled, parses PROXY protocol headers during the TLS handshake. Disable if compatibility issues arise."""
+
+
+InputSyslogTypedDict = TypeAliasType(
+    "InputSyslogTypedDict",
+    Union[InputSyslogSyslog1TypedDict, InputSyslogSyslog2TypedDict],
+)
+
+
+InputSyslog = TypeAliasType(
+    "InputSyslog", Union[InputSyslogSyslog1, InputSyslogSyslog2]
+)