You can search and retrieve logs using this endpoint. username and secret_key are the two mandatory parameters for using this endpoint. You require these parameters for Authorization and Authentication. There are additional parameters that distinguish the API action.
Parameter |
Value Type |
Description |
|---|---|---|
query |
String |
A valid search query in LogPoint. |
time_range |
String |
Default search time range of LogPoint. |
Repo |
Array/List |
Repo name indicates the repository where the logs reside. |
client_name |
String |
Indicates the type of client, ‘UI’ is the default value. |
timeout |
Integer |
Indicates the waiting time (in seconds) for a request before canceling it. |
search_id |
String |
Used to get logs of a search query. You receive it from the server only after the successful completion of a search request. |
Limit |
Integer |
The maximum amount of search results to return in the final response. Only applicable in case of simple search queries and not in case of aggregation queries. |
You need to perform two API actions to get search results using LogPoint Search API. First, you need to perform a search request by sending all the required parameters. A successful request responds with a search_id indicating the end of the first API action. In the second API action, you can use this search_id as a request parameter to receive logs resulted from the search query request.
Perform a query-based search on requested repos for a limited number of logs within a defined time range. This API action responds with a search_id on successful completion.
POST
https://LogPoint-IP/getsearchlogs
Parameter |
Value |
Description |
|---|---|---|
username |
String type |
System username |
secret_key |
String type |
Secret key of LogPoint. Refer to Accessing the Secret Key. |
requestData |
JSON Object |
A list of JSON objects containing the following parameters:
|
params = {
"username" : "John",
"secret_key" : "a1b2c3d4e5f6g7h8i9j0k1",
"requestData": {
"query": "|chart count() by device_ip",
"time_range": "Last 24 hours",
"limit": 100,
"repos": ["127.0.0.1:5504/_logpoint"]
}
}
{
"search_id": "23b4a5fd-d419-4831-bcf5-e6846857fb64", # unique ID generated on each search.
"client_type": "UI",
"query_filter": "",
"latest": false,
"lookup": false,
"query_type": "chart",
"time_range": [
1582023872,
1582110272
],
"searchId": "23b4a5fd-d419-4831-bcf5-e6846857fb64",
"clientType": "UI",
"success": true
}
Retrieve search result logs based on the search_id. The server sends the search result logs in chunks. You need to continue sending the request with the same parameters until you receive a response where final is equal to TRUE. It indicates that you have received all the search result logs.
POST
https://LogPoint-IP/getsearchlogs
Parameter |
Value |
Description |
|---|---|---|
username |
String type |
System username |
secret_key |
String type |
Secret key of LogPoint. Refer to Accessing the Secret Key. |
requestData |
{
|
A JSON object containing a unique search_id. |
params = {
"username" : "John",
"secret_key" : "a1b2c3d4e5f6g7h8i9j0k1",
"requestData": {
"search_id": "23b4a5fd-d419-4831-bcf5-e6846857fb64",
}
}
{
"num_aggregated": 12345,
"columns": [
"count()"
],
"query_type": "chart",
"rows": [
{
"device_ip": "::1",
....
....
},
{
"device_ip": "127.0.0.1",
....
....
}
],
"grouping": [
"device_ip"
],
"version": 2,
"interesting_fields": [],
"time_range": [
1582024214,
1582110614
],
"orig_search_id": "23b4a5fd-d419-4831-bcf5-e6846857fb64",
"success": true,
"final": true,
"totalPages": 1,
"complete": true,
"showAdditionalPanels": true,
"status": {
....
....
}
}