Host Log Monitoring API - POST analysis job
Starts the log analysis job.
Optionally, you can indicate a start and end time stamp or query to filter log content.
The request produces an application/json
payload.
POST |
|
Parameters
Note All special characters in the log path must be escaped.
Parameter | Type | Description | In | Required |
---|---|---|---|---|
hostId | string |
The entity ID of the required host. |
path | required |
logPath | string |
The full pathname of the log. |
path | required |
query | string |
Narrows down the scope of the analysis to the entries, matching the specified criteria. The criteria must use the DESK search query language syntax. |
query | optional |
startTimestamp | integer |
The start timestamp of the analysis range, in UTC milliseconds. If not set, then 2 hours behind from now is used. |
query | optional |
endTimestamp | integer |
The end timestamp of the analysis range, in UTC milliseconds. If not set, then the current timestamp is used. |
query | optional |
body | ParsingDefinition |
Parsing definition to specify other parsing criteria. |
body | optional |
The ParsingDefinition object
Element | Type | Description | Required |
---|---|---|---|
parsingMode | string |
Parsing mode for log analysis entries presentation. Available parsing modes: [json, disabled, all] |
optional |
customParsingFields | CustomParsingField[] |
Custom parsing fields. |
optional |
The CustomParsingField object
Element | Type | Description | Required |
---|---|---|---|
name | string |
Custom field name. |
optional |
valueType | string |
Custom field type. Available field types: [string, integer, long, float, boolean] |
optional |
contentPrefix | string |
Content prefix. |
optional |
contentSuffix | string |
Content suffix. |
optional |
This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request. See the Example expandable section for working sample request.
{
"parsingMode": "json",
"customParsingFields": [
{
"name": "testCustomField",
"valueType": "string",
"contentPrefix": "Logon",
"contentSuffix": ""
}
]
}
Response format
Element | Type | Description |
---|---|---|
jobId | string | The ID of the started job. |
{
"jobId": "32502e45-ed3d-47b9-b150-23e787ee285e"
}
Response codes
Code | Description |
---|---|
202 | Success. The response body contains the ID of the job. |
400 | Failed. See the response body for details. |
404 | Not found. See the response body for details. |
Example
In this example the request starts a log analysis job for the Windows Application Log from the HOST-EA474F61FFBD5C97 host. The timeframe of analysis lies between time stamps 1537840000000 and 1537880000000.
The API token is passed in the Authorization header.
The response contains the ID of the started analysis job.
Curl
curl -X POST \
https://mySampleEnv.live.dexp.ae/api/v1/entity/infrastructure/hosts/HOST-FE05D86A03025CAA/logs/Windows%20Application%20Log?startTimestamp=1537840000000&endTimestamp=1537880000000 \
-H 'Authorization: Api-Token abcdefjhij1234567890' \
Request URL
https://mySampleEnv.live.dexp.ae/api/v1/entity/infrastructure/hosts/HOST-FE05D86A03025CAA/logs/Windows%20Application%20Log?startTimestamp=1537840000000&endTimestamp=1537880000000
Response content
{
"jobId": "32502e45-ed3d-47b9-b150-23e787ee285e"
}
Response code
202