schema { query: Query mutation: Mutation } type Query { # List OpenSearch Domain names in a region listDomainNames(region: String): DomainNames # Get OpenSearch domain vpc info getDomainVpc(domainName: String!, region: String): ESVPCInfo # List imported domain details. listImportedDomains(metrics: Boolean): [ImportedDomain] # Get Domain Detail by ID getDomainDetails(id: ID!, metrics: Boolean): DomainDetails # List service logging pipeline info listServicePipelines(page: Int, count: Int): ListServicePipelineResponse # Get service logging pipeline info by ID getServicePipeline(id: ID!): ServicePipeline # List Common AWS Resources listResources( type: ResourceType! parentId: String accountId: String region: String ): [Resource] # Get logging bucket for a type of resource by resource name or id getResourceLoggingBucket( type: ResourceType! resourceName: String! accountId: String region: String ): LoggingBucket # Get a list of logging configurations for AWS Resource getResourceLogConfigs( type: ResourceType! resourceName: String! accountId: String region: String ): [ResourceLogConf] # *The following belongs to applog* # # List instance group info listInstanceGroups(page: Int, count: Int): ListInstanceGroupResponse # Get instance group info by ID getInstanceGroup(id: ID!): InstanceGroup # List logging conf info listLogConfs(page: Int, count: Int): ListLogConfResponse # Get logging conf info by ID getLogConf(id: ID!): LogConf # List app pipeline info listAppPipelines(page: Int, count: Int): ListAppPipelineResponse # Get app pipeline info by ID getAppPipeline(id: ID!): AppPipeline # List app logging ingestion info listAppLogIngestions( page: Int count: Int appPipelineId: String sourceId: String sourceType: LogSourceType ): ListAppLogIngestionResponse # Get app logging ingestion info by ID getAppLogIngestion(id: ID!): AppLogIngestion # List AWS Instance listInstances( maxResults: Int nextToken: String instanceSet: [String] tags: [TagFilterInput] region: String accountId: String ): ListInstanceResponse # List Auto-Scaling Groups listAutoScalingGroups( maxResults: Int nextToken: String region: String accountId: String ): listAutoScalingGroupResponse # Get logging Agent Status by instanceId getLogAgentStatus( instanceId: String! region: String accountId: String ): LogAgentStatus # Verify if CIDR Conflict validateVpcCidr(domainName: String!, region: String): String # Get logging source info by ID getLogSource(sourceType: LogSourceType!, id: ID!): LogSource # Get imported EKS Cluster details by eksClusterId getEKSClusterDetails(eksClusterId: String!): EKSClusterLogSource # Get eks daemon set config by eks source id getEKSDaemonSetConf(eksClusterId: String!): String # Get eks deployment configuration by eksClusterId and ingestion id getEKSDeploymentConf( eksClusterId: String! ingestionId: String! openExtraMetadataFlag: Boolean ): String getAutoScalingGroupConf(groupId: String!): String # List EKS Cluster info listEKSClusterNames( accountId: String region: String nextToken: String! isListAll: Boolean ): ListEKSClustersResponse # List imported EKS Cluster info listImportedEKSClusters( page: Int count: Int ): ListImportedEKSClustersResponse # Check Time format checkTimeFormat(timeStr: String!, formatStr: String!): CheckTimeFormatRes # *The following belongs to cross account* # # List sub account info listSubAccountLinks(page: Int, count: Int): ListSubAccountLinkResponse # Get sub account info by ID getSubAccountLink(id: ID!): SubAccountLink # Get sub account info by Account Id and region getSubAccountLinkByAccountIdRegion( accountId: String! region: String ): SubAccountLink checkCustomPort( sourceType: LogSourceType syslogProtocol: ProtocolType! syslogPort: Int! ): checkCustomPortResponse } type Mutation { # Import an OpenSearch Domain importDomain( domainName: String! region: String vpc: VPCInput tags: [TagInput] ): String # Remove an OpenSearch Domain by ID removeDomain(id: ID!): String # Create a new service pipeline createServicePipeline( type: ServiceType! source: String target: String parameters: [ParameterInput] tags: [TagInput] logSourceAccountId: String logSourceRegion: String destinationType: DestinationType! ): String # Remove a service pipeline deleteServicePipeline(id: ID!): String # Create an nginx proxy stack for OpenSearch createProxyForOpenSearch(id: ID!, input: ProxyInput!): String # Create an alarm stack for OpenSearch createAlarmForOpenSearch(id: ID!, input: AlarmStackInput!): String # Delete an nginx proxy stack for OpenSearch deleteProxyForOpenSearch(id: ID!): String # Delete an alarm stack for OpenSearch domain deleteAlarmForOpenSearch(id: ID!): String # Put logging bucket for a type of resource by resource name or id putResourceLoggingBucket( type: ResourceType! resourceName: String! accountId: String region: String ): LoggingBucket # Add logging configuration to resources. # Log Format is only requried if the format can be customized. putResourceLogConfig( type: ResourceType! resourceName: String! accountId: String region: String destinationType: DestinationType! destinationName: String! LogFormat: String ): ResourceLogConf # *The following belongs to applog* # # Create a new instance group createInstanceGroup( accountId: String region: String groupName: String! groupType: String instanceSet: [String!]! ): String # Create a new instance group base on auto-scaling group createInstanceGroupBaseOnASG( accountId: String region: String groupName: String! groupType: String autoScalingGroupName: String! ): String # Remove a instance group deleteInstanceGroup(id: ID!): String # Update a instance group addInstancesToInstanceGroup( sourceId: String! instanceIdSet: [String!]! ): String deleteInstancesFromInstanceGroup( sourceId: String! instanceIdSet: [String!]! ): String # Create a logging conf createLogConf( confName: String! logType: LogType! timeKey: String timeOffset: String multilineLogParser: MultiLineLogParser syslogParser: SyslogParser userSampleLog: String userLogFormat: String regularExpression: String timeRegularExpression: String regularSpecs: [RegularSpecInput] processorFilterRegex: ProcessorFilterRegexInput ): String # Remove a logging conf deleteLogConf(id: ID!): String # Update a logging conf updateLogConf( id: ID! confName: String! logType: LogType! timeKey: String timeOffset: String multilineLogParser: MultiLineLogParser syslogParser: SyslogParser userSampleLog: String userLogFormat: String regularExpression: String timeRegularExpression: String regularSpecs: [RegularSpecInput] processorFilterRegex: ProcessorFilterRegexInput ): String # Create a new app pipeline createAppPipeline( bufferType: BufferType! bufferParams: [BufferInput] aosParams: AOSParameterInput! force: Boolean tags: [TagInput] ): String # Remove a app pipeline deleteAppPipeline(id: ID!): String # Create a new app logging ingestion createAppLogIngestion( confId: String! sourceIds: [String!] sourceType: LogSourceType! appPipelineId: String! createDashboard: String tags: [TagInput] logPath: String ): String # Remove a app logging ingestion deleteAppLogIngestion(ids: [ID!]!): String # request to install logging agent requestInstallLogAgent( instanceIdSet: [String!]! accountId: String region: String ): String createLogSource( sourceType: LogSourceType! accountId: String region: String sourceInfo: [SourceInfoInput] tags: [TagInput] ): String #Import an EKS Cluster importEKSCluster( aosDomainId: ID! eksClusterName: String! cri: CRI accountId: String region: String deploymentKind: EKSDeployKind! tags: [TagInput] ): String # Remove an EKS Cluster by ID removeEKSCluster(id: ID!): String #generate error code generateErrorCode(code: ErrorCode): String # *The following belongs to cross account* # # Create a new cross account link createSubAccountLink( subAccountId: String! region: String subAccountName: String! subAccountRoleArn: String! agentInstallDoc: String! agentConfDoc: String! subAccountBucketName: String! subAccountStackId: String! subAccountKMSKeyArn: String! tags: [TagInput] ): String # Update a cross account link updateSubAccountLink( id: ID! subAccountName: String! agentInstallDoc: String! agentConfDoc: String! subAccountBucketName: String! subAccountStackId: String! subAccountKMSKeyArn: String! subAccountVpcId: String subAccountPublicSubnetIds: String ): String # Remove a cross account link deleteSubAccountLink(id: ID!): String } type DomainNames { domainNames: [String!] } enum DomainHealth { GREEN RED YELLOW UNKNOWN } enum EngineType { Elasticsearch OpenSearch } type DomainMetrics { searchableDocs: Float freeStorageSpace: Float health: DomainHealth } input ISMInput { index: String hotAge: Int warmAge: Int retention: Int } type ISM { index: String hotAge: Int warmAge: Int retention: Int } input VPCInput { vpcId: String! publicSubnetIds: String privateSubnetIds: String securityGroupId: String! } type VPCInfo { vpcId: String! privateSubnetIds: String publicSubnetIds: String securityGroupId: String } type ESVPCInfo { vpcId: String! subnetIds: [String!] availabilityZones: [String] securityGroupIds: [String] } type ImportedDomain { id: ID! domainName: String! engine: EngineType version: String! endpoint: String! metrics: DomainMetrics } # Node Info type Node { instanceType: String! instanceCount: Int dedicatedMasterEnabled: Boolean zoneAwarenessEnabled: Boolean dedicatedMasterType: String dedicatedMasterCount: Int warmEnabled: Boolean warmType: String warmCount: Int coldEnabled: Boolean } enum StorageType { EBS Instance } # Volume Info type Volume { type: String! size: Int! } # Cognito info type Cognito { enabled: Boolean userPoolId: String domain: String identityPoolId: String roleArn: String } type DomainDetails { id: ID! domainArn: String! domainName: String! engine: EngineType version: String! endpoint: String! region: String accountId: String vpc: VPCInfo esVpc: ESVPCInfo nodes: Node storageType: StorageType! volume: Volume cognito: Cognito tags: [Tag] proxyStatus: StackStatus proxyALB: String proxyError: String proxyInput: ProxyInfo alarmStatus: StackStatus alarmError: String alarmInput: AlarmStackInfo metrics: DomainMetrics status: String } enum StackStatus { CREATING DELETING ERROR ENABLED DISABLED } enum PipelineStatus { ACTIVE INACTIVE CREATING DELETING ERROR } enum ServiceType { S3 CloudTrail CloudFront RDS VPC Lambda ELB WAF WAFSampled Config } enum ProtocolType { TCP UDP } type Tag { key: String value: String } type ServicePipeline { id: ID! type: ServiceType! destinationType: DestinationType source: String target: String parameters: [Parameter] createdDt: String status: PipelineStatus tags: [Tag] error: String } type ListServicePipelineResponse { pipelines: [ServicePipeline] total: Int } input TagInput { key: String value: String } input TagFilterInput { Key: String Values: [String] } type Parameter { parameterKey: String parameterValue: String } input ParameterInput { parameterKey: String parameterValue: String } type SourceInfo { key: String value: String } input SourceInfoInput { key: String value: String } type Resource { id: String! name: String! parentId: String description: String } enum ResourceType { S3Bucket VPC Subnet SecurityGroup Certificate Trail KeyPair Distribution RDS Lambda ELB WAF Config } # Log Format is only requried if the format can be customized. # the processor need to know the customized fields type ResourceLogConf { destinationType: DestinationType! destinationName: String! name: String logFormat: String region: String } enum DestinationType { S3 CloudWatch KDS KDF } input ProxyInput { vpc: VPCInput! certificateArn: String! keyName: String! customEndpoint: String! cognitoEndpoint: String proxyInstanceType: String proxyInstanceNumber: String } type ProxyInfo { vpc: VPCInfo certificateArn: String keyName: String customEndpoint: String cognitoEndpoint: String } enum AlarmType { CLUSTER_RED CLUSTER_YELLOW FREE_STORAGE_SPACE WRITE_BLOCKED NODE_UNREACHABLE SNAPSHOT_FAILED CPU_UTILIZATION JVM_MEMORY_PRESSURE KMS_KEY_DISABLED KMS_KEY_INACCESSIBLE MASTER_CPU_UTILIZATION MASTER_JVM_MEMORY_PRESSURE } input AlarmInput { type: AlarmType value: String } input AlarmStackInput { alarms: [AlarmInput] email: String phone: String } type AlarmInfo { type: AlarmType value: String } type AlarmStackInfo { alarms: [AlarmInfo] email: String phone: String } type LoggingBucket { enabled: Boolean bucket: String prefix: String source: LoggingBucketSource } # *The following belongs to applog* # type InstanceGroup { id: ID! accountId: String region: String groupName: String groupType: String instanceSet: [String] createdDt: String status: String } type ListInstanceGroupResponse { instanceGroups: [InstanceGroup] total: Int } enum LogType { JSON Regex Nginx Apache Syslog SingleLineText MultiLineText } enum MultiLineLogParser { JAVA_SPRING_BOOT CUSTOM } enum SyslogParser { RFC5424 RFC3164 CUSTOM } enum ArchiveFormat { gzip json text } enum LogSourceType { EC2 S3 EKSCluster Syslog ASG } enum LoggingBucketSource { WAF KinesisDataFirehoseForWAF } enum ErrorCode { DuplicatedIndexPrefix DuplicatedWithInactiveIndexPrefix OverlapIndexPrefix OverlapWithInactiveIndexPrefix AccountNotFound } type LogConf { id: ID! confName: String logType: LogType logPath: String timeKey: String timeOffset: String multilineLogParser: MultiLineLogParser syslogParser: SyslogParser createdDt: String userLogFormat: String userSampleLog: String regularExpression: String timeRegularExpression: String regularSpecs: [RegularSpec] processorFilterRegex: ProcessorFilterRegex status: String } input ProcessorFilterRegexInput { enable: Boolean! filters: [LogConfFilterInput] } type ProcessorFilterRegex { enable: Boolean! filters: [LogConfFilter] } input LogConfFilterInput { key: String! condition: LogConfFilterCondition! value: String! } type LogConfFilter { key: String! condition: LogConfFilterCondition! value: String! } enum LogConfFilterCondition { Include Exclude } type ListLogConfResponse { logConfs: [LogConf] total: Int } type S3Source { s3Name: String s3Prefix: String archiveFormat: String defaultVpcId: String defaultSubnetIds: String } type LogSource { sourceId: ID! accountId: String region: String sourceName: String logPath: String sourceType: LogSourceType sourceInfo: [SourceInfo] s3Source: S3Source eksSource: EKSClusterLogSource createdDt: String } type ListLogSourceResponse { LogSources: [LogSource] total: Int } input AOSParameterInput { vpc: VPCInput! opensearchArn: String! opensearchEndpoint: String! domainName: String! indexPrefix: String! warmLogTransition: String coldLogTransition: String logRetention: String rolloverSize: String codec: Codec indexSuffix: IndexSuffix refreshInterval: String shardNumbers: Int! replicaNumbers: Int! engine: EngineType! failedLogBucket: String! } enum IndexSuffix { yyyy_MM_dd yyyy_MM_dd_HH yyyy_MM yyyy } enum Codec { best_compression default } type AOSParameter { opensearchArn: String domainName: String indexPrefix: String warmLogTransition: String coldLogTransition: String logRetention: String rolloverSize: String codec: Codec indexSuffix: IndexSuffix refreshInterval: String shardNumbers: Int replicaNumbers: Int engine: EngineType } type AppPipeline { id: ID! bufferType: BufferType bufferParams: [BufferParameter] aosParams: AOSParameter createdDt: String status: PipelineStatus bufferAccessRoleArn: String bufferAccessRoleName: String bufferResourceName: String bufferResourceArn: String tags: [Tag] } type ListAppPipelineResponse { appPipelines: [AppPipeline] total: Int } type AppLogIngestion { id: ID! confId: String confName: String sourceInfo: LogSource stackId: String stackName: String appPipelineId: String logPath: String sourceId: String sourceType: String accountId: String region: String createdDt: String status: String tags: [Tag] } type ListAppLogIngestionResponse { appLogIngestions: [AppLogIngestion] total: Int } enum LogAgentStatus { Online Offline Installing Installed Not_Installed Unknown } input LogAgentParameterInput { agentName: String version: String } type LogAgentParameter { agentName: String version: String } # InstanceMeta type InstanceMeta { id: ID! logAgent: [LogAgentParameter] status: LogAgentStatus } # Instance info type Instance { id: ID! platformName: String ipAddress: String computerName: String name: String } # Auto-Scaling Group info type AutoScalingGroup { autoScalingGroupName: String minSize: Int maxSize: Int desiredCapacity: Int instances: [String!] } type ListInstanceResponse { instances: [Instance] nextToken: String } type listAutoScalingGroupResponse { autoScalingGroups: [AutoScalingGroup] nextToken: String } input RegularSpecInput { key: String! type: String! format: String } type RegularSpec { key: String! type: String! format: String } type ListEKSClustersResponse { clusters: [String] nextToken: String } type ListImportedEKSClustersResponse { eksClusterLogSourceList: [EKSClusterLogSource] total: Int } enum EKSDeployKind { DaemonSet Sidecar } enum CRI { containerd docker } type EKSClusterLogSource { id: ID aosDomain: ImportedDomain eksClusterName: String eksClusterArn: String cri: CRI vpcId: String eksClusterSGId: String subnetIds: [String] oidcIssuer: String endpoint: String createdDt: String accountId: String region: String logAgentRoleArn: String deploymentKind: EKSDeployKind tags: [Tag] } type CheckTimeFormatRes { isMatch: Boolean } type SubAccountLink { id: ID! subAccountId: String region: String subAccountName: String subAccountRoleArn: String agentInstallDoc: String agentConfDoc: String subAccountBucketName: String subAccountStackId: String subAccountKMSKeyArn: String subAccountVpcId: String subAccountPublicSubnetIds: String createdDt: String status: String tags: [Tag] } type ListSubAccountLinkResponse { subAccountLinks: [SubAccountLink] total: Int } type checkCustomPortResponse { isAllowedPort: Boolean msg: String recommendedPort: Int } enum BufferType { None KDS S3 MSK } type BufferParameter { paramKey: String paramValue: String } input BufferInput { paramKey: String paramValue: String }