cribl-control-plane 0.1.0b1__py3-none-any.whl → 0.2.0a1__py3-none-any.whl

cribl_control_plane/models/inputconfluentcloud.py

@@ -187,6 +187,13 @@ class InputConfluentCloudTLSSettingsClientSide(BaseModel):
     ] = None
 
 
+class InputConfluentCloudSchemaType(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""The schema format used to encode and decode event data"""
+
+    AVRO = "avro"
+    JSON = "json"
+
+
 class InputConfluentCloudAuthTypedDict(TypedDict):
     r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication"""
 
@@ -297,6 +304,8 @@ class InputConfluentCloudKafkaSchemaRegistryAuthenticationTypedDict(TypedDict):
     disabled: NotRequired[bool]
     schema_registry_url: NotRequired[str]
     r"""URL for accessing the Confluent Schema Registry. Example: http://localhost:8081. To connect over TLS, use https instead of http."""
+    schema_type: NotRequired[InputConfluentCloudSchemaType]
+    r"""The schema format used to encode and decode event data"""
     connection_timeout: NotRequired[float]
     r"""Maximum time to wait for a Schema Registry connection to complete successfully"""
     request_timeout: NotRequired[float]
@@ -318,6 +327,15 @@ class InputConfluentCloudKafkaSchemaRegistryAuthentication(BaseModel):
     ] = "http://localhost:8081"
     r"""URL for accessing the Confluent Schema Registry. Example: http://localhost:8081. To connect over TLS, use https instead of http."""
 
+    schema_type: Annotated[
+        Annotated[
+            Optional[InputConfluentCloudSchemaType],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="schemaType"),
+    ] = InputConfluentCloudSchemaType.AVRO
+    r"""The schema format used to encode and decode event data"""
+
     connection_timeout: Annotated[
         Optional[float], pydantic.Field(alias="connectionTimeout")
     ] = 30000

cribl_control_plane/models/inputkafka.py

@@ -103,6 +103,13 @@ class InputKafkaPq(BaseModel):
     ] = None
 
 
+class InputKafkaSchemaType(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""The schema format used to encode and decode event data"""
+
+    AVRO = "avro"
+    JSON = "json"
+
+
 class InputKafkaAuthTypedDict(TypedDict):
     r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication"""
 
@@ -213,6 +220,8 @@ class InputKafkaKafkaSchemaRegistryAuthenticationTypedDict(TypedDict):
     disabled: NotRequired[bool]
     schema_registry_url: NotRequired[str]
     r"""URL for accessing the Confluent Schema Registry. Example: http://localhost:8081. To connect over TLS, use https instead of http."""
+    schema_type: NotRequired[InputKafkaSchemaType]
+    r"""The schema format used to encode and decode event data"""
     connection_timeout: NotRequired[float]
     r"""Maximum time to wait for a Schema Registry connection to complete successfully"""
     request_timeout: NotRequired[float]
@@ -232,6 +241,14 @@ class InputKafkaKafkaSchemaRegistryAuthentication(BaseModel):
     ] = "http://localhost:8081"
     r"""URL for accessing the Confluent Schema Registry. Example: http://localhost:8081. To connect over TLS, use https instead of http."""
 
+    schema_type: Annotated[
+        Annotated[
+            Optional[InputKafkaSchemaType], PlainValidator(validate_open_enum(False))
+        ],
+        pydantic.Field(alias="schemaType"),
+    ] = InputKafkaSchemaType.AVRO
+    r"""The schema format used to encode and decode event data"""
+
     connection_timeout: Annotated[
         Optional[float], pydantic.Field(alias="connectionTimeout")
     ] = 30000

cribl_control_plane/models/inputmsk.py

@@ -116,6 +116,13 @@ class InputMskMetadatum(BaseModel):
     r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)"""
 
 
+class InputMskSchemaType(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""The schema format used to encode and decode event data"""
+
+    AVRO = "avro"
+    JSON = "json"
+
+
 class InputMskAuthTypedDict(TypedDict):
     r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication"""
 
@@ -226,6 +233,8 @@ class InputMskKafkaSchemaRegistryAuthenticationTypedDict(TypedDict):
     disabled: NotRequired[bool]
     schema_registry_url: NotRequired[str]
     r"""URL for accessing the Confluent Schema Registry. Example: http://localhost:8081. To connect over TLS, use https instead of http."""
+    schema_type: NotRequired[InputMskSchemaType]
+    r"""The schema format used to encode and decode event data"""
     connection_timeout: NotRequired[float]
     r"""Maximum time to wait for a Schema Registry connection to complete successfully"""
     request_timeout: NotRequired[float]
@@ -245,6 +254,14 @@ class InputMskKafkaSchemaRegistryAuthentication(BaseModel):
     ] = "http://localhost:8081"
     r"""URL for accessing the Confluent Schema Registry. Example: http://localhost:8081. To connect over TLS, use https instead of http."""
 
+    schema_type: Annotated[
+        Annotated[
+            Optional[InputMskSchemaType], PlainValidator(validate_open_enum(False))
+        ],
+        pydantic.Field(alias="schemaType"),
+    ] = InputMskSchemaType.AVRO
+    r"""The schema format used to encode and decode event data"""
+
     connection_timeout: Annotated[
         Optional[float], pydantic.Field(alias="connectionTimeout")
     ] = 30000

cribl_control_plane/models/inputsqs.py

@@ -142,6 +142,8 @@ class InputSqsTypedDict(TypedDict):
     type: InputSqsType
     queue_name: str
     r"""The name, URL, or ARN of the SQS queue to read events from. When a non-AWS URL is specified, format must be: '{url}/myQueueName'. Example: 'https://host:port/myQueueName'. Value must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can only be evaluated at init time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`."""
+    queue_type: InputSqsQueueType
+    r"""The queue type used (or created)"""
     id: NotRequired[str]
     r"""Unique ID for this input"""
     disabled: NotRequired[bool]
@@ -158,8 +160,6 @@ class InputSqsTypedDict(TypedDict):
     connections: NotRequired[List[InputSqsConnectionTypedDict]]
     r"""Direct connections to Destinations, and optionally via a Pipeline or a Pack"""
     pq: NotRequired[InputSqsPqTypedDict]
-    queue_type: NotRequired[InputSqsQueueType]
-    r"""The queue type used (or created)"""
     aws_account_id: NotRequired[str]
     r"""SQS queue owner's AWS account ID. Leave empty if SQS queue is in same AWS account."""
     create_queue: NotRequired[bool]
@@ -207,6 +207,12 @@ class InputSqs(BaseModel):
     queue_name: Annotated[str, pydantic.Field(alias="queueName")]
     r"""The name, URL, or ARN of the SQS queue to read events from. When a non-AWS URL is specified, format must be: '{url}/myQueueName'. Example: 'https://host:port/myQueueName'. Value must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can only be evaluated at init time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`."""
 
+    queue_type: Annotated[
+        Annotated[InputSqsQueueType, PlainValidator(validate_open_enum(False))],
+        pydantic.Field(alias="queueType"),
+    ]
+    r"""The queue type used (or created)"""
+
     id: Optional[str] = None
     r"""Unique ID for this input"""
 
@@ -234,14 +240,6 @@ class InputSqs(BaseModel):
 
     pq: Optional[InputSqsPq] = None
 
-    queue_type: Annotated[
-        Annotated[
-            Optional[InputSqsQueueType], PlainValidator(validate_open_enum(False))
-        ],
-        pydantic.Field(alias="queueType"),
-    ] = InputSqsQueueType.STANDARD
-    r"""The queue type used (or created)"""
-
     aws_account_id: Annotated[Optional[str], pydantic.Field(alias="awsAccountId")] = (
         None
     )

cribl_control_plane/models/nodeprovidedinfo.py

@@ -19,7 +19,6 @@ class NodeProvidedInfoTags(BaseModel):
 
 class NodeProvidedInfoAwsTypedDict(TypedDict):
     enabled: bool
-    instance_id: str
     region: str
     type: str
     zone: str
@@ -29,8 +28,6 @@ class NodeProvidedInfoAwsTypedDict(TypedDict):
 class NodeProvidedInfoAws(BaseModel):
     enabled: bool
 
-    instance_id: Annotated[str, pydantic.Field(alias="instanceId")]
-
     region: str
 
     type: str

cribl_control_plane/models/output.py

@@ -8,6 +8,7 @@ from .outputazuredataexplorer import (
 )
 from .outputazureeventhub import OutputAzureEventhub, OutputAzureEventhubTypedDict
 from .outputazurelogs import OutputAzureLogs, OutputAzureLogsTypedDict
+from .outputchronicle import OutputChronicle, OutputChronicleTypedDict
 from .outputclickhouse import OutputClickHouse, OutputClickHouseTypedDict
 from .outputcloudwatch import OutputCloudwatch, OutputCloudwatchTypedDict
 from .outputconfluentcloud import OutputConfluentCloud, OutputConfluentCloudTypedDict
@@ -18,7 +19,6 @@ from .outputcrowdstrikenextgensiem import (
     OutputCrowdstrikeNextGenSiem,
     OutputCrowdstrikeNextGenSiemTypedDict,
 )
-from .outputdatabricks import OutputDatabricks, OutputDatabricksTypedDict
 from .outputdatadog import OutputDatadog, OutputDatadogTypedDict
 from .outputdataset import OutputDataset, OutputDatasetTypedDict
 from .outputdefault import OutputDefault, OutputDefaultTypedDict
@@ -130,6 +130,7 @@ OutputTypedDict = TypeAliasType(
         OutputSplunkHecTypedDict,
         OutputDynatraceHTTPTypedDict,
         OutputServiceNowTypedDict,
+        OutputChronicleTypedDict,
         OutputDynatraceOtlpTypedDict,
         OutputElasticTypedDict,
         OutputGoogleChronicleTypedDict,
@@ -138,7 +139,6 @@ OutputTypedDict = TypeAliasType(
         OutputPrometheusTypedDict,
         OutputMskTypedDict,
         OutputSentinelOneAiSiemTypedDict,
-        OutputDatabricksTypedDict,
         OutputSentinelTypedDict,
         OutputInfluxdbTypedDict,
         OutputGoogleCloudStorageTypedDict,
@@ -202,6 +202,7 @@ Output = TypeAliasType(
         OutputSplunkHec,
         OutputDynatraceHTTP,
         OutputServiceNow,
+        OutputChronicle,
         OutputDynatraceOtlp,
         OutputElastic,
         OutputGoogleChronicle,
@@ -210,7 +211,6 @@ Output = TypeAliasType(
         OutputPrometheus,
         OutputMsk,
         OutputSentinelOneAiSiem,
-        OutputDatabricks,
         OutputSentinel,
         OutputInfluxdb,
         OutputGoogleCloudStorage,

cribl_control_plane/models/outputchronicle.py

@@ -0,0 +1,431 @@
+"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT."""
+
+from __future__ import annotations
+from cribl_control_plane import utils
+from cribl_control_plane.types import BaseModel
+from cribl_control_plane.utils import validate_open_enum
+from enum import Enum
+import pydantic
+from pydantic.functional_validators import PlainValidator
+from typing import List, Optional
+from typing_extensions import Annotated, NotRequired, TypedDict
+
+
+class OutputChronicleType(str, Enum):
+    CHRONICLE = "chronicle"
+
+
+class OutputChronicleAuthenticationMethod(str, Enum, metaclass=utils.OpenEnumMeta):
+    SERVICE_ACCOUNT = "serviceAccount"
+    SERVICE_ACCOUNT_SECRET = "serviceAccountSecret"
+
+
+class OutputChronicleResponseRetrySettingTypedDict(TypedDict):
+    http_status: float
+    r"""The HTTP response status code that will trigger retries"""
+    initial_backoff: NotRequired[float]
+    r"""How long, in milliseconds, Cribl Stream should wait before initiating backoff. Maximum interval is 600,000 ms (10 minutes)."""
+    backoff_rate: NotRequired[float]
+    r"""Base for exponential backoff. A value of 2 (default) means Cribl Stream will retry after 2 seconds, then 4 seconds, then 8 seconds, etc."""
+    max_backoff: NotRequired[float]
+    r"""The maximum backoff interval, in milliseconds, Cribl Stream should apply. Default (and minimum) is 10,000 ms (10 seconds); maximum is 180,000 ms (180 seconds)."""
+
+
+class OutputChronicleResponseRetrySetting(BaseModel):
+    http_status: Annotated[float, pydantic.Field(alias="httpStatus")]
+    r"""The HTTP response status code that will trigger retries"""
+
+    initial_backoff: Annotated[
+        Optional[float], pydantic.Field(alias="initialBackoff")
+    ] = 1000
+    r"""How long, in milliseconds, Cribl Stream should wait before initiating backoff. Maximum interval is 600,000 ms (10 minutes)."""
+
+    backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = 2
+    r"""Base for exponential backoff. A value of 2 (default) means Cribl Stream will retry after 2 seconds, then 4 seconds, then 8 seconds, etc."""
+
+    max_backoff: Annotated[Optional[float], pydantic.Field(alias="maxBackoff")] = 10000
+    r"""The maximum backoff interval, in milliseconds, Cribl Stream should apply. Default (and minimum) is 10,000 ms (10 seconds); maximum is 180,000 ms (180 seconds)."""
+
+
+class OutputChronicleTimeoutRetrySettingsTypedDict(TypedDict):
+    timeout_retry: NotRequired[bool]
+    initial_backoff: NotRequired[float]
+    r"""How long, in milliseconds, Cribl Stream should wait before initiating backoff. Maximum interval is 600,000 ms (10 minutes)."""
+    backoff_rate: NotRequired[float]
+    r"""Base for exponential backoff. A value of 2 (default) means Cribl Stream will retry after 2 seconds, then 4 seconds, then 8 seconds, etc."""
+    max_backoff: NotRequired[float]
+    r"""The maximum backoff interval, in milliseconds, Cribl Stream should apply. Default (and minimum) is 10,000 ms (10 seconds); maximum is 180,000 ms (180 seconds)."""
+
+
+class OutputChronicleTimeoutRetrySettings(BaseModel):
+    timeout_retry: Annotated[Optional[bool], pydantic.Field(alias="timeoutRetry")] = (
+        False
+    )
+
+    initial_backoff: Annotated[
+        Optional[float], pydantic.Field(alias="initialBackoff")
+    ] = 1000
+    r"""How long, in milliseconds, Cribl Stream should wait before initiating backoff. Maximum interval is 600,000 ms (10 minutes)."""
+
+    backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = 2
+    r"""Base for exponential backoff. A value of 2 (default) means Cribl Stream will retry after 2 seconds, then 4 seconds, then 8 seconds, etc."""
+
+    max_backoff: Annotated[Optional[float], pydantic.Field(alias="maxBackoff")] = 10000
+    r"""The maximum backoff interval, in milliseconds, Cribl Stream should apply. Default (and minimum) is 10,000 ms (10 seconds); maximum is 180,000 ms (180 seconds)."""
+
+
+class OutputChronicleExtraHTTPHeaderTypedDict(TypedDict):
+    value: str
+    name: NotRequired[str]
+
+
+class OutputChronicleExtraHTTPHeader(BaseModel):
+    value: str
+
+    name: Optional[str] = None
+
+
+class OutputChronicleFailedRequestLoggingMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below."""
+
+    PAYLOAD = "payload"
+    PAYLOAD_AND_HEADERS = "payloadAndHeaders"
+    NONE = "none"
+
+
+class OutputChronicleBackpressureBehavior(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""How to handle events when all receivers are exerting backpressure"""
+
+    BLOCK = "block"
+    DROP = "drop"
+    QUEUE = "queue"
+
+
+class OutputChronicleCustomLabelTypedDict(TypedDict):
+    key: str
+    value: str
+
+
+class OutputChronicleCustomLabel(BaseModel):
+    key: str
+
+    value: str
+
+
+class OutputChronicleCompression(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""Codec to use to compress the persisted data"""
+
+    NONE = "none"
+    GZIP = "gzip"
+
+
+class OutputChronicleQueueFullBehavior(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged."""
+
+    BLOCK = "block"
+    DROP = "drop"
+
+
+class OutputChronicleMode(str, Enum, metaclass=utils.OpenEnumMeta):
+    r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem."""
+
+    ERROR = "error"
+    BACKPRESSURE = "backpressure"
+    ALWAYS = "always"
+
+
+class OutputChroniclePqControlsTypedDict(TypedDict):
+    pass
+
+
+class OutputChroniclePqControls(BaseModel):
+    pass
+
+
+class OutputChronicleTypedDict(TypedDict):
+    type: OutputChronicleType
+    region: str
+    r"""Regional endpoint to send events to"""
+    log_type: str
+    r"""Default log type value to send to SecOps. Can be overwritten by event field __logType."""
+    gcp_project_id: str
+    r"""The Google Cloud Platform (GCP) project ID to send events to"""
+    gcp_instance: str
+    r"""The Google Cloud Platform (GCP) instance to send events to. This is the Chronicle customer uuid."""
+    id: NotRequired[str]
+    r"""Unique ID for this output"""
+    pipeline: NotRequired[str]
+    r"""Pipeline to process data before sending out to this output"""
+    system_fields: NotRequired[List[str]]
+    r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards."""
+    environment: NotRequired[str]
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+    streamtags: NotRequired[List[str]]
+    r"""Tags for filtering and grouping in @{product}"""
+    api_version: NotRequired[str]
+    authentication_method: NotRequired[OutputChronicleAuthenticationMethod]
+    response_retry_settings: NotRequired[
+        List[OutputChronicleResponseRetrySettingTypedDict]
+    ]
+    r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)"""
+    timeout_retry_settings: NotRequired[OutputChronicleTimeoutRetrySettingsTypedDict]
+    response_honor_retry_after_header: NotRequired[bool]
+    r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored."""
+    concurrency: NotRequired[float]
+    r"""Maximum number of ongoing requests before blocking"""
+    max_payload_size_kb: NotRequired[float]
+    r"""Maximum size, in KB, of the request body"""
+    max_payload_events: NotRequired[float]
+    r"""Maximum number of events to include in the request body. Default is 0 (unlimited)."""
+    compress: NotRequired[bool]
+    r"""Compress the payload body before sending"""
+    reject_unauthorized: NotRequired[bool]
+    r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's).
+    Enabled by default. When this setting is also present in TLS Settings (Client Side),
+    that value will take precedence.
+    """
+    timeout_sec: NotRequired[float]
+    r"""Amount of time, in seconds, to wait for a request to complete before canceling it"""
+    flush_period_sec: NotRequired[float]
+    r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit."""
+    extra_http_headers: NotRequired[List[OutputChronicleExtraHTTPHeaderTypedDict]]
+    r"""Headers to add to all events"""
+    failed_request_logging_mode: NotRequired[OutputChronicleFailedRequestLoggingMode]
+    r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below."""
+    safe_headers: NotRequired[List[str]]
+    r"""List of headers that are safe to log in plain text"""
+    use_round_robin_dns: NotRequired[bool]
+    r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned."""
+    on_backpressure: NotRequired[OutputChronicleBackpressureBehavior]
+    r"""How to handle events when all receivers are exerting backpressure"""
+    total_memory_limit_kb: NotRequired[float]
+    r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced."""
+    ingestion_method: NotRequired[str]
+    namespace: NotRequired[str]
+    r"""User-configured environment namespace to identify the data domain the logs originated from. This namespace is used as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace."""
+    log_text_field: NotRequired[str]
+    r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event."""
+    custom_labels: NotRequired[List[OutputChronicleCustomLabelTypedDict]]
+    r"""Custom labels to be added to every event"""
+    description: NotRequired[str]
+    service_account_credentials: NotRequired[str]
+    r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right."""
+    service_account_credentials_secret: NotRequired[str]
+    r"""Select or create a stored text secret"""
+    pq_max_file_size: NotRequired[str]
+    r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)"""
+    pq_max_size: NotRequired[str]
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+    pq_path: NotRequired[str]
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/<output-id>."""
+    pq_compress: NotRequired[OutputChronicleCompression]
+    r"""Codec to use to compress the persisted data"""
+    pq_on_backpressure: NotRequired[OutputChronicleQueueFullBehavior]
+    r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged."""
+    pq_mode: NotRequired[OutputChronicleMode]
+    r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem."""
+    pq_controls: NotRequired[OutputChroniclePqControlsTypedDict]
+
+
+class OutputChronicle(BaseModel):
+    type: OutputChronicleType
+
+    region: str
+    r"""Regional endpoint to send events to"""
+
+    log_type: Annotated[str, pydantic.Field(alias="logType")]
+    r"""Default log type value to send to SecOps. Can be overwritten by event field __logType."""
+
+    gcp_project_id: Annotated[str, pydantic.Field(alias="gcpProjectId")]
+    r"""The Google Cloud Platform (GCP) project ID to send events to"""
+
+    gcp_instance: Annotated[str, pydantic.Field(alias="gcpInstance")]
+    r"""The Google Cloud Platform (GCP) instance to send events to. This is the Chronicle customer uuid."""
+
+    id: Optional[str] = None
+    r"""Unique ID for this output"""
+
+    pipeline: Optional[str] = None
+    r"""Pipeline to process data before sending out to this output"""
+
+    system_fields: Annotated[
+        Optional[List[str]], pydantic.Field(alias="systemFields")
+    ] = None
+    r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards."""
+
+    environment: Optional[str] = None
+    r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere."""
+
+    streamtags: Optional[List[str]] = None
+    r"""Tags for filtering and grouping in @{product}"""
+
+    api_version: Annotated[Optional[str], pydantic.Field(alias="apiVersion")] = (
+        "v1alpha"
+    )
+
+    authentication_method: Annotated[
+        Annotated[
+            Optional[OutputChronicleAuthenticationMethod],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="authenticationMethod"),
+    ] = OutputChronicleAuthenticationMethod.SERVICE_ACCOUNT
+
+    response_retry_settings: Annotated[
+        Optional[List[OutputChronicleResponseRetrySetting]],
+        pydantic.Field(alias="responseRetrySettings"),
+    ] = None
+    r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)"""
+
+    timeout_retry_settings: Annotated[
+        Optional[OutputChronicleTimeoutRetrySettings],
+        pydantic.Field(alias="timeoutRetrySettings"),
+    ] = None
+
+    response_honor_retry_after_header: Annotated[
+        Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader")
+    ] = True
+    r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored."""
+
+    concurrency: Optional[float] = 5
+    r"""Maximum number of ongoing requests before blocking"""
+
+    max_payload_size_kb: Annotated[
+        Optional[float], pydantic.Field(alias="maxPayloadSizeKB")
+    ] = 1024
+    r"""Maximum size, in KB, of the request body"""
+
+    max_payload_events: Annotated[
+        Optional[float], pydantic.Field(alias="maxPayloadEvents")
+    ] = 0
+    r"""Maximum number of events to include in the request body. Default is 0 (unlimited)."""
+
+    compress: Optional[bool] = True
+    r"""Compress the payload body before sending"""
+
+    reject_unauthorized: Annotated[
+        Optional[bool], pydantic.Field(alias="rejectUnauthorized")
+    ] = True
+    r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's).
+    Enabled by default. When this setting is also present in TLS Settings (Client Side),
+    that value will take precedence.
+    """
+
+    timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = 90
+    r"""Amount of time, in seconds, to wait for a request to complete before canceling it"""
+
+    flush_period_sec: Annotated[
+        Optional[float], pydantic.Field(alias="flushPeriodSec")
+    ] = 1
+    r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit."""
+
+    extra_http_headers: Annotated[
+        Optional[List[OutputChronicleExtraHTTPHeader]],
+        pydantic.Field(alias="extraHttpHeaders"),
+    ] = None
+    r"""Headers to add to all events"""
+
+    failed_request_logging_mode: Annotated[
+        Annotated[
+            Optional[OutputChronicleFailedRequestLoggingMode],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="failedRequestLoggingMode"),
+    ] = OutputChronicleFailedRequestLoggingMode.NONE
+    r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below."""
+
+    safe_headers: Annotated[
+        Optional[List[str]], pydantic.Field(alias="safeHeaders")
+    ] = None
+    r"""List of headers that are safe to log in plain text"""
+
+    use_round_robin_dns: Annotated[
+        Optional[bool], pydantic.Field(alias="useRoundRobinDns")
+    ] = False
+    r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned."""
+
+    on_backpressure: Annotated[
+        Annotated[
+            Optional[OutputChronicleBackpressureBehavior],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="onBackpressure"),
+    ] = OutputChronicleBackpressureBehavior.BLOCK
+    r"""How to handle events when all receivers are exerting backpressure"""
+
+    total_memory_limit_kb: Annotated[
+        Optional[float], pydantic.Field(alias="totalMemoryLimitKB")
+    ] = None
+    r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced."""
+
+    ingestion_method: Annotated[
+        Optional[str], pydantic.Field(alias="ingestionMethod")
+    ] = "ImportLogs"
+
+    namespace: Optional[str] = None
+    r"""User-configured environment namespace to identify the data domain the logs originated from. This namespace is used as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace."""
+
+    log_text_field: Annotated[Optional[str], pydantic.Field(alias="logTextField")] = (
+        None
+    )
+    r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event."""
+
+    custom_labels: Annotated[
+        Optional[List[OutputChronicleCustomLabel]], pydantic.Field(alias="customLabels")
+    ] = None
+    r"""Custom labels to be added to every event"""
+
+    description: Optional[str] = None
+
+    service_account_credentials: Annotated[
+        Optional[str], pydantic.Field(alias="serviceAccountCredentials")
+    ] = None
+    r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right."""
+
+    service_account_credentials_secret: Annotated[
+        Optional[str], pydantic.Field(alias="serviceAccountCredentialsSecret")
+    ] = None
+    r"""Select or create a stored text secret"""
+
+    pq_max_file_size: Annotated[
+        Optional[str], pydantic.Field(alias="pqMaxFileSize")
+    ] = "1 MB"
+    r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)"""
+
+    pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = "5GB"
+    r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc."""
+
+    pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = (
+        "$CRIBL_HOME/state/queues"
+    )
+    r"""The location for the persistent queue files. To this field's value, the system will append: /<worker-id>/<output-id>."""
+
+    pq_compress: Annotated[
+        Annotated[
+            Optional[OutputChronicleCompression],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="pqCompress"),
+    ] = OutputChronicleCompression.NONE
+    r"""Codec to use to compress the persisted data"""
+
+    pq_on_backpressure: Annotated[
+        Annotated[
+            Optional[OutputChronicleQueueFullBehavior],
+            PlainValidator(validate_open_enum(False)),
+        ],
+        pydantic.Field(alias="pqOnBackpressure"),
+    ] = OutputChronicleQueueFullBehavior.BLOCK
+    r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged."""
+
+    pq_mode: Annotated[
+        Annotated[
+            Optional[OutputChronicleMode], PlainValidator(validate_open_enum(False))
+        ],
+        pydantic.Field(alias="pqMode"),
+    ] = OutputChronicleMode.ERROR
+    r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem."""
+
+    pq_controls: Annotated[
+        Optional[OutputChroniclePqControls], pydantic.Field(alias="pqControls")
+    ] = None