Skip to content

to_google_cloud_pubsub

Publishes events to a Google Cloud Pub/Sub topic.

to_google_cloud_pubsub project_id=string, topic_id=string, message=string

Description

Section titled “Description”

The operator publishes one Pub/Sub message per input event. The message content comes from the message expression, which must evaluate to a string.

project_id = string

Section titled “project_id = string”

The project to connect to. This must be the project ID, not the display name.

topic_id = string

Section titled “topic_id = string”

The Pub/Sub topic to publish to.

message = string

Section titled “message = string”

A string to publish as the message.

Examples

Section titled “Examples”

Send alert text to a topic

Section titled “Send alert text to a topic”

Publish the alert_text field of every event to alerts-topic:

export
where @name == "suricata.alert"
to_google_cloud_pubsub project_id="amazing-project-123456", topic_id="alerts-topic", message=alert_text

See Also

Section titled “See Also”

from_google_cloud_pubsub,

Last updated: