pub trait ParsePlugin: Plugin + ParsePluginExported {
type Event<'a>: AnyEventPayload + TryFrom<&'a RawEvent<'a>>
where Self: 'a;
// Required method
fn parse_event(
&mut self,
event: &EventInput<'_, Self::Event<'_>>,
parse_input: &ParseInput<'_>,
) -> Result<()>;
}
Expand description
Support for event parse plugins
Required Associated Types§
Sourcetype Event<'a>: AnyEventPayload + TryFrom<&'a RawEvent<'a>>
where
Self: 'a
type Event<'a>: AnyEventPayload + TryFrom<&'a RawEvent<'a>> where Self: 'a
§Parsed event type
Events will be parsed into this type before being passed to the plugin, so you can work directly on the deserialized form and don’t need to worry about validating the events.
If an event fails this conversion, an error will be returned from EventInput::event
,
which you can propagate directly to the caller.
If you don’t want any specific validation/conversion to be performed, specify the type as
type Event<'a> = falco_event::events::RawEvent<'a>;
Required Methods§
Sourcefn parse_event(
&mut self,
event: &EventInput<'_, Self::Event<'_>>,
parse_input: &ParseInput<'_>,
) -> Result<()>
fn parse_event( &mut self, event: &EventInput<'_, Self::Event<'_>>, parse_input: &ParseInput<'_>, ) -> Result<()>
§Parse an event
Receives an event from the current capture and parses its content. The plugin is guaranteed to receive an event at most once, after any operation related to the event sourcing capability, and before any operation related to the field extraction capability.
Dyn Compatibility§
This trait is not dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.