Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

XpoLog exposes a URL based API to the users. The API exposes a set of HTTP/S calls that can be used to retrieve information from XpoLog:

URL that returns events from XpoLog Search in XML/CSV format

URL that returns a Dashboards latest result in PDF format

URL to open Search console on an executed search query

URL that returns Collected Data Information

URL that returns the Folders and Logs information

URL that returns a specific log's information

URL that returns multiple log's information

Security

In case security is activated in XpoLog (login is required) then using the URL based API will require passing user's credentials in order to login into the system prior to executing the API command.
It is required to pass the username and password in the URL to XpoLog in order to get the command executed.

Add to each link at the end: 
&autoLogin=true&username=[USER_NAME]&password=[PASSWORD]

[USER_NAME] = the user name which the API will use to login  
[PASSWORD] =  the password of the user name

...

Anchor
Events
Events

...

URL that returns events from XpoLog Search in XML/CSV format

  1. http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/view/api/widgetAPI.jsp?widgetId=searchAPI&searchQuery=[see item 2]&fixedInterval=[see item 3]&startTimeFullStr=[see item 4]&endTimeFullStr=[see item 4]&maxNumOfRecords=[see item 5]&resultFormat=[see item 6]&paginate=[see item 7]&token=[see item 7.a]&maxRecordsPerPage=[see item 8]&timeout=[see item 9]&abortOn=[see item 10]

  2. searchQuery=a query as used in XpoSearch console

  3. fixedInterval=optional values are: last15Minutes, last30Minutes, last60Minutes, last3Hours, last12Hours, last24Hours, last7Days, last14Days, last1Months, last6Months, currentDay, previousDay, currentWeek, previousWeek, allData
    IMPORTANT: when using fixedInterval only values from the above list can be provided as is. Optional; if fixedInterval is used then startTimeFullStr and endTimeFullStr should not be used.

  4. startTimeFullStr=the start time full string, formatted according to the XpoLog system format; default format is MM/dd/yyyy HH:mm:ss
    endTimeFullStr=the end time full string, formatted according to the XpoLog system format; default format is MM/dd/yyyy HH:mm:ss
    Optional; used only if fixedInterval is missing; if used, both values are mandatory.

  5. maxNumOfRecords=the maximal number of records to return in the result; if missing, the default value is taken from the widgets.searchAPI.maxNumOfRecords XpoLog system property (default is 100 but may be modified)

  6. resultFormat=the format in which the result will be returned. Optional values xml/csv (case sensitive)

  7. paginate=activate pagination; optional values true/false. If pagination is set to true, a unique token will be generated per execution (unless the API command will specify an existing token to access next pages of an existing execution as detailed below at 7.a).

    1. token=UNIQUE_TOKEN_FROM_FIRST_EXECUTION - returned and may be used only if pagination is set to true, and only after an API command execution which is not already using an existing unique token. 
      If token is added to the URL, each execution of the URL returns the next page of that execution result (see result example below of pagination = true).
      In order to access the next pages of that execution result, it is required to add to the URL the parameter:
      &token=UNIQUE_TOKEN_FROM_FIRST_EXECUTION - any additional execution using the unique token will return the next page of results (there is no paging backwards, only forward).

  8. maxRecordsPerPage=the maximal number of results per page; If missing, the default value is 100 records per page.

  9. timeout=the maximum time(milliseconds) given for a query to run. In case the time exceeds the given threshold, the search query stops and an error message is returned (see error codes table).

  10. abortOn=the maximum number of allowed results.  In case the number exceeds the given threshold, the search query stops and an error message is returned (see error codes table).

The following is the XML structure of the API execution response (pagination = false):

Code Block
<APIResult>

...


<Status state="OK" token="" numberOfResults="Actual number of results or maxNumOfRecords if exists/reached">

...


<Url>

...


[URL_TO_RESULT_FILE]

...


</Url>

...


<Message/>

...


</Status>

...


<Data>

...


</Data>

...


</APIResult>


The following is the XML structure of the API execution response (pagination = true):

Code Block
<APIResult>

...


<Status state="OK" token="EXECUTION_TOKEN" numberOfResults="maxRecordsPerPage or maximum 100 per page (XpoLog default)">

...


<Url>

...


[URL_TO_RESULT_FILE]

...


</Url>

...


<Message/>

...


</Status>

...


<Data>

...


</Data>

...


</APIResult>


Tag Path

Description

APIResult

General document root tag

Status

The state of the API execution. Optional values OK/Fail

Url

Exists only when the status is OK.
The URL to a file containing the API execution result.

Message

Exists only when the status is Fail.

Data

Contains the API execution result.
Note: When the result format is CSV, the content of the <Data> tag will be wrapped with CDATA.
Note: If the execution result is larger than the system-configured limit, the <Data> tag will not contain the execution result. Instead, the content of the <Url> tag should be used to access the execution result file.


Error Code

Description

1

Internal Error: An error occurred, please try again. If the problem persists, please contact XpoLog support

2

Results Exceed Max Allowed Threshold: Result's events count (XXX) is larger than a given limit (XXX)

3

Request timeout

4

Request Canceled: Search API action was canceled

5

Resources Exceed: Failed to preform search due to limited resource


Examples

(You need to change machine/port/logs names, ids / folder names, ids / application names, ids if used to be relevant to your environment)

  • Returns records matching the search query “error or fail* in logs that their names start with “log4j” in the specified time frame. Result is limited to maximum 1000 log records in csv format:

http://localhost:30303/logeye/view/api/widgetAPI.jsp?widgetId=searchAPI&searchQuery=error or fail* in log.log4j*&startTimeFullStr=01/01/2014 00:00:00&endTimeFullStr=02/02/2014 00:00:00&maxNumOfRecords=1000&resultFormat=csv


- Returns records matching the search query “error or exception in in all logs in the last 7 days’ time frame. Result is limited to maximum 1000 log records in xml format:

http://localhost:30303/logeye/view/api/widgetAPI.jsp?widgetId=searchAPI&searchQuery=error or exception&fixedInterval=last7Days&maxNumOfRecords=1000&resultFormat=xml


- Returns the complex search query '* in app.Windows Event Logs | count | group by event' result in the last 7 days’ time frame. Result is limited to maximum 1000 entries in csv format. In this example the URL also contains a username and password (admin/admin) that will perform a login to XpoLog in order to be able to execute the search query:

http://localhost:30303/logeye/view/api/widgetAPI.jsp?widgetId=searchAPI&searchQuery=*%20in%20app.Windows%20Event%20Logs%20|%20count%20|%20group%20by%20event&fixedInterval=last7Days&maxNumOfRecords=1000&resultFormat=csv&autoLogin=true&username=admin&password=admin

Anchor
Dashboard
Dashboard

URL that returns a Dashboards latest result in PDF format

  1. http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/view/api/dashboardAPI.jsp?action=export&appName=[see item 2]&viewName=[see item 3]

  2. appName=a name of an existing App in XpoLog (case insensitive).

  3. viewName=a name of an existing Dashboard in XpoLog (case insensitive).

Examples

(You need to change machine/port/logs names, ids / folder names, ids / application names, ids if used to be relevant to your environment)

- Returns the Dashboard “Dashboard-1” in PDF format

http://localhost:30303/logeye/view/api/dashboardAPI.jsp?action=export&appName=App-1&viewName=Dashboard-1

Anchor
Search
Search

URL to open Search console on an executed search query

  1. http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/search/view/loadSearchModel.jsp?searchQuery=[see item 2]&fixedInterval=[see item 3]&startTimeFullStr=[see item 4]&endTimeFullStr=[see item 4]

  2. searchQuery=a query as used in XpoSearch console

  3. fixedInterval=optional values are: last15Minutes, last30Minutes, last60Minutes, last3Hours, last12Hours, last24Hours, last7Days, last14Days, last1Months, last6Months, currentDay, previousDay, currentWeek, previousWeek, allData
    IMPORTANT: when using fixedInterval only values from the above list can be provided as is. Optional; if fixedInterval is used then startTimeFullStr and endTimeFullStr should not be used.

  4. startTimeFullStr=the start time full string, formatted according to the XpoLog system format; default format is MM/dd/yyyy HH:mm:ss 
    endTimeFullStr=the end time full string, formatted according to the XpoLog system format; default format is MM/dd/yyyy HH:mm:ss
    Optional; used only if fixedInterval is missing; if used, both values are mandatory.

Examples

(You need to change machine/port/logs names, ids / folder names, ids / application names, ids if used to be relevant to your environment)

- Presents Search console after execution of the search query “error” in the specified time frame:

http://localhost:30303/logeye/search/view/loadSearchModel.jsp?searchQuery=error&startTimeFullStr=01/01/2014 00:00:00&endTimeFullStr=02/02/2014 00:00:00


- Presents Search console after execution of the search query “error” in the specified time frame (last 7 days):

http://localhost:30303/logeye/search/view/loadSearchModel.jsp?searchQuery=error&fixedInterval=last7Days

Anchor

...

...

DataInfo
DataInfo

...

URL that returns Collected Data Information

  1. http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/message/messageJsonApi.jsp?api=collectedDataInfo&type=[see item 2]&timeFrame=[see item 3]&detailsLevel=[see item 4]&maxNumberOfResults=[see item 5]

  2. type = fixed string values: AppTags / Folders (default = Folders)

  3. timeFrame  = fixed string values: last15Minutes, last30Minutes, last60Minutes, last3Hours, last12Hours, last24Hours, last7Days, last14Days, last1Months, last6Months, currentDay, previousDay, currentWeek, previousWeek, allData (default = last24Hours)

  4. detailsLevel  = fixed string values: Basic, Detailed

    1. Basic – returns a JSON specifying: AppTag/Folder based on specified type with AppTag/Folder name, number of defined log and number of collected logs.

      Examples:

      http://localhost:30303/logeye/message/messageJsonApi.jsp?api=collectedDataInfo&type=Folders&timeFrame=last24Hours&detailsLevel=Basic&autoLogin=true&username=admin&password=admin

      Result JSON:
      {"data":{"collectionData":[{"totalLogs":12,"Folders":"XpoLog System Logs","collectedLogs":5},{"totalLogs":1,"Folders":"Example Applications,WebLogic 10.0,xplg","collectedLogs":0},{"totalLogs":7,"Folders":"Example Logs","collectedLogs":0},{"totalLogs":5,"Folders":"Linux OS","collectedLogs":4},{"totalLogs":9,"Folders":"Demo,Tomcat,TX_EXAMPLE","collectedLogs":0},{"totalLogs":5,"Folders":"XpoLog EC2,jet.xpolog.com,Linux OS","collectedLogs":4},{"totalLogs":4,"Folders":"ID,Tomcat","collectedLogs":3},{"totalLogs":9,"Folders":"WebSphere,Profiles,Server","collectedLogs":0},{"totalLogs":1,"Folders":"Example Applications,WebSphere 6.1.0.0","collectedLogs":0},{"totalLogs":1,"Folders":"CloudXpoLog","collectedLogs":0}]}}

      http://localhost:30303/logeye/message/messageJsonApi.jsp?api=collectedDataInfo&type=AppTags&timeFrame=last24Hours&detailsLevel=Basic&autoLogin=true&username=admin&password=admin

      Result JSON:

      Code Block
      {"data":{"collectionData":[{"totalLogs":1,"collectedLogs":0,"AppTags":"Tomcat 5.0.28"},{"totalLogs":22,"collectedLogs":0,"AppTags":"PrudentialA"},{"totalLogs":1,"collectedLogs":0,"AppTags":"XplgWiki"},

...

    1. 
      {"totalLogs":4,"collectedLogs":3,"AppTags":"Tomcat"},{"totalLogs":1,"collectedLogs":0,"AppTags":"LogLoud"},{"totalLogs":11,"collectedLogs":0,"AppTags":"DASTLab"},{"totalLogs":10,"collectedLogs":0,"AppTags":"Example AppTag"},

...

    1. 
      {"totalLogs":9,"collectedLogs":0,"AppTags":"XpoLog"},{"totalLogs":2,"collectedLogs":1,"AppTags":"Website"},{"totalLogs":1,"collectedLogs":0,"AppTags":"LabA_LoadTest"},

...

    1. 
      {"totalLogs":1,"collectedLogs":0,"AppTags":"Audit"},{"totalLogs":24,"collectedLogs":0,"AppTags":"AppFinTech_LoadLabA"},{"totalLogs":19,"collectedLogs":8,"AppTags":"Linux"},{"totalLogs":5,"collectedLogs":4,"AppTags":"Linux OS"},

...

    1. 
      {"totalLogs":7,"collectedLogs":0,"AppTags":"Weblogic 10.0"},{"totalLogs":10,"collectedLogs":0,"AppTags":"VOLoadTesting"},{"totalLogs":2,"collectedLogs":0,"AppTags":"Log4J"},

...

    1. 
      {"totalLogs":1,"collectedLogs":0,"AppTags":"JET-XPLG"},{"totalLogs":9,"collectedLogs":0,"AppTags":"WebSphere 6.1"},{"totalLogs":21,"collectedLogs":11,"AppTags":"ID"}]}}
      
      
    2. Detailed –  returns a JSON specifying: AppTag/Folder based on specified type, number of defined logs, number of collected logs and a list of uncollected logs with their sizes in bytes (comma separated full Folders path in XpoLog Folders and Logs tree).

      Examples:

      http://localhost:30303/logeye/message/messageJsonApi.jsp?api=collectedDataInfo&type=Folders&timeFrame=last24Hours&detailsLevel=Detailed&maxNumberOfResults=10&autoLogin=true&username=admin&password=admin

      Result JSON:
      {"data":{"collectionData":[{"totalLogs":1,"Folders":"JS.Logloud","collectedLogs":0,"unCollectedLogsData":[{"path":"JS.Logloud,JS.Logloud","dataSize":250}]},{"totalLogs":1,"Folders":"AWS ELB","collectedLogs":0,"unCollectedLogsData":[{"path":"AWS ELB,elasticloadbalancing","dataSize":3161841}]},{"totalLogs":9,"Folders":"Demo,Tomcat,TX_EXAMPLE","collectedLogs":0,"unCollectedLogsData":[{"path":"Demo,Tomcat,TX_EXAMPLE,IMPACS_BookingInterface-IMPACS_LoanBooking_ReqRep","dataSize":104619},{"path":"Demo,Tomcat,TX_EXAMPLE,ICV_Customer_Interface--ICV_Customer_Search_Response","dataSize":1482923},{"path":"Demo,Tomcat,TX_EXAMPLE,IMPACS_BookingInterface-IMPACS_LoanBooking_Status","dataSize":70679},{"path":"Demo,Tomcat,TX_EXAMPLE,NAIT_AFS_BookingInterface--AFS_LP_BookingInterface_ResponseMessage","dataSize":450876},{"path":"Demo,Tomcat,TX_EXAMPLE,NAIT_AFS_BookingInterface--LP_AFS_BookingInterface_RequestMessage","dataSize":374061},{"path":"Demo,Tomcat,TX_EXAMPLE,ICV_Customer_Interface--ICV_Get_Customer_Request","dataSize":900789},{"path":"Demo,Tomcat,TX_EXAMPLE,ICV_Customer_Interface--ICV_Get_Customer_Response","dataSize":865204},{"path":"Demo,Tomcat,TX_EXAMPLE,NESS-LPNameRequesttoNESS","dataSize":4298295},{"path":"Demo,Tomcat,TX_EXAMPLE,NESS-NESSNameResponsetoLP","dataSize":6681574}]},{"totalLogs":4,"Folders":"Example Applications,WebSphere 6.1.0.0,AppSrv01,SERVERWINNode01,server1","collectedLogs":0,"unCollectedLogsData":[{"path":"Example Applications,WebSphere 6.1.0.0,AppSrv01,SERVERWINNode01,server1,http_error","dataSize":6201816},{"path":"Example Applications,WebSphere 6.1.0.0,AppSrv01,SERVERWINNode01,server1,http_access","dataSize":1411665},{"path":"Example Applications,WebSphere 6.1.0.0,AppSrv01,SERVERWINNode01,server1,SystemErr","dataSize":178297},{"path":"Example Applications,WebSphere 6.1.0.0,AppSrv01,SERVERWINNode01,server1,SystemOut","dataSize":663867}]},{"totalLogs":2,"Folders":"Demo,MySQL","collectedLogs":0,"unCollectedLogsData":[{"path":"Demo,MySQL,mysqld-instance-1","dataSize":184975},{"path":"Demo,MySQL,mysqld-instance-2","dataSize":8235}]},{"totalLogs":2,"Folders":"Example Applications,WebLogic 10.0,wl_server,examplesServer","collectedLogs":0,"unCollectedLogsData":[{"path":"Example Applications,WebLogic 10.0,wl_server,examplesServer,examplesServer","dataSize":1003895},{"path":"Example Applications,WebLogic 10.0,wl_server,examplesServer,access","dataSize":698}]},{"totalLogs":1,"Folders":"WebApp Logs,LogLooud","collectedLogs":0,"unCollectedLogsData":[{"path":"WebApp Logs,LogLooud,LogLooud","dataSize":1305}]},{"totalLogs":2,"Folders":"Demo,Linux,instance1","collectedLogs":0,"unCollectedLogsData":[{"path":"Demo,Linux,instance1,messages","dataSize":86974743},{"path":"Demo,Linux,instance1,Mail","dataSize":23821324}]}]}}

      http://localhost:30303/logeye/message/messageJsonApi.jsp?api=collectedDataInfo&type=AppTags&timeFrame=last24Hours&detailsLevel=Detailed&maxNumberOfResults=10&autoLogin=true&username=admin&password=admin

      Result JSON:

      {"data":{"collectionData":[{"totalLogs":1,"collectedLogs":0,"unCollectedLogsData":[{"path":"Example Applications,Tomcat 5.0.28,localhost_log","dataSize":103891}],"AppTags":"Tomcat 5.0.28"},
      {"totalLogs":1,"collectedLogs":0,"unCollectedLogsData":[{"path":"JS.Logloud,JS.Logloud","dataSize":250}],"AppTags":"JS.Logloud"},
      {"totalLogs":9,"collectedLogs":0,"unCollectedLogsData":[{"path":"Demo,Tomcat,TX_EXAMPLE,IMPACS_BookingInterface-IMPACS_LoanBooking_ReqRep","dataSize":104619},
      {"path":"Demo,Tomcat,TX_EXAMPLE,ICV_Customer_Interface--ICV_Customer_Search_Response","dataSize":1482923},{"path":"Demo,Tomcat,TX_EXAMPLE,IMPACS_BookingInterface-IMPACS_LoanBooking_Status","dataSize":70679},
      {"path":"Demo,Tomcat,TX_EXAMPLE,NAIT_AFS_BookingInterface--AFS_LP_BookingInterface_ResponseMessage","dataSize":450876},
      {"path":"Demo,Tomcat,TX_EXAMPLE,NAIT_AFS_BookingInterface--LP_AFS_BookingInterface_RequestMessage","dataSize":374061},
      {"path":"Demo,Tomcat,TX_EXAMPLE,ICV_Customer_Interface--ICV_Get_Customer_Request","dataSize":900789},{"path":"Demo,Tomcat,TX_EXAMPLE,ICV_Customer_Interface--ICV_Get_Customer_Response","dataSize":865204},
      {"path":"Demo,Tomcat,TX_EXAMPLE,NESS-LPNameRequesttoNESS","dataSize":4298295},{"path":"Demo,Tomcat,TX_EXAMPLE,NESS-NESSNameResponsetoLP","dataSize":6681574}],"AppTags":"AppFinTech_LoadLabA"},
      {"totalLogs":14,"collectedLogs":5,"unCollectedLogsData":[{"path":"Demo,Linux,instance1,messages","dataSize":86974743},{"path":"Demo,Linux,instance1,Mail","dataSize":23821324},{"path":"ID,OS,log,boot","dataSize":0},
      {"path":"ID,OS,log,dracut","dataSize":0},{"path":"ID,OS,log,yum","dataSize":0},{"path":"ID,OS,log,tomcat,catalina log","dataSize":0},{"path":"ID,OS,log,tomcat,catalina out","dataSize":0},
      {"path":"ID,OS,log,tomcat,localhost","dataSize":0},{"path":"ID,OS,log,tomcat,localhost_access_log","dataSize":0}],"AppTags":"Linux"},
      {"totalLogs":1,"collectedLogs":0,"unCollectedLogsData":[{"path":"CloudXpoLog,log,apt,history.log","dataSize":0}],"AppTags":"DASTLab"},
      {"totalLogs":3,"collectedLogs":0,"unCollectedLogsData":[{"path":"Example Applications,WebLogic 10.0,wl_server,examplesServer,examplesServer","dataSize":1003895},
      {"path":"Example Applications,WebLogic 10.0,wl_server,examplesServer,access","dataSize":698},{"path":"Example Applications,WebLogic 10.0,xplg,xplg","dataSize":8033}],"AppTags":"Weblogic 10.0"},
      {"totalLogs":1,"collectedLogs":0,"unCollectedLogsData":[{"path":"CloudXpoLog,log,apt,history.log","dataSize":0}],"AppTags":"VOLoadTesting"},
      {"totalLogs":9,"collectedLogs":0,"unCollectedLogsData":[{"path":"Example Applications,WebSphere 6.1.0.0,AppSrv01,SERVERWINNode01,server1,http_error","dataSize":6201816},
      {"path":"Example Applications,WebSphere 6.1.0.0,AppSrv01,SERVERWINNode01,server1,http_access","dataSize":1411665},{"path":"Example Applications,WebSphere 6.1.0.0,AppSrv01,SERVERWINNode01,server1,SystemErr","dataSize":178297},
      {"path":"Example Applications,WebSphere 6.1.0.0,AppSrv01,SERVERWINNode01,server1,SystemOut","dataSize":663867},{"path":"Example Applications,WebSphere 6.1.0.0,WebSphere Merge Log Example","dataSize":0},
      {"path":"Example Applications,WebSphere 6.1.0.0,AppSrv02,SERVERWINNode02,server1,http_error","dataSize":3100908},
      {"path":"Example Applications,WebSphere 6.1.0.0,AppSrv02,SERVERWINNode02,server1,http_access","dataSize":1411665},
      {"path":"Example Applications,WebSphere 6.1.0.0,AppSrv02,SERVERWINNode02,server1,SystemErr","dataSize":89095},
      {"path":"Example Applications,WebSphere 6.1.0.0,AppSrv02,SERVERWINNode02,server1,SystemOut","dataSize":67255}],"AppTags":"WebSphere 6.1"},
      {"totalLogs":12,"collectedLogs":5,"unCollectedLogsData":[{"path":"ID,OS,log,boot","dataSize":0},{"path":"ID,OS,log,dracut","dataSize":0},{"path":"ID,OS,log,yum","dataSize":0},
      {"path":"ID,OS,log,tomcat,catalina log","dataSize":0},{"path":"ID,OS,log,tomcat,catalina out","dataSize":0},{"path":"ID,OS,log,tomcat,localhost","dataSize":0},
      {"path":"ID,OS,log,tomcat,localhost_access_log","dataSize":0}],"AppTags":"ID"}]}}

  1. maxNumberOfResults = number, max number of results to return. Relevant only when ‘Detailed’ type is specified (default = 100)

Anchor
FoldersAndLogsInfo
FoldersAndLogsInfo

URL that returns Folders and Logs information

  1. http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/restapi/folders-and-logs-configuration?sourceQuery=[

...

  1. see item 2]

  2. sourceQuery = the source query that represent on which part of XpoLog data structure to run (Folder(s), appTag(s). For example: apptag.APPTAG_NAME, folder.FOLDER_NAME

Result example:

API call: http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/restapi/folders-and-logs-configuration?sourceQuery=apptag.TEST&autoLogin=true&username=admin&password=admin

Code Block
Result: {"success":true,"errorMessage":null,"response":{"selected":false,"id":"Module-rootModule","name":"Folders and Logs","description":"","type":"Module","key":null,"hasChildrens":true,"children":[{"selected":false,"id":"Module-1227520005721","name":"Example Logs","description":"","type":"Module","key":null,"hasChildrens":true,"children":[{"selected":false,"id":"Log-Log4J_Log_1227520538204","name":"Log4J Log","description":"","type":"Log","key":null,"hasChildrens":false,"children":[]},{"selected":false,"id":"Log-IIS_Log_1227520737065","name":"IIS Log","description":"","type":"Log","key":null,"hasChildrens":false,"children":[]},{"selected":false,"id":"Log-Syslog_Log_1227521086597","name":"Syslog Log","description":"","type":"Log","key":null,"hasChildrens":false,"children":[]},{"selected":false,"id":"Module-1509627171374","name":"ssh","description":"","type":"Module","key":null,"hasChildrens":true,"children":[{"selected":false,"id":"Log-ssh_1509627248381","name":"ssh","description":"","type":"Log","key":null,"hasChildrens":false,"children":[]},{"selected":false,"id":"Module-1509611724539","name":"New Example Logs","description":"","type":"Module","key":null,"hasChildrens":true,"children":[{"selected":false,"id":"Log-xpologlog_1509628193290","name":"xpologlog","description":"","type":"Log","key":null,"hasChildrens":false,"children":[]}]}]}]}]},"httpStatusCode":0}

Name = the name of the object in the Folders and Logs tree
id = the id in XpoLog of object in the Folders and Logs tree
description = the description of the object in the Folders and Logs tree
type = the type (log/folder) of the object in the Folders and Logs tree

* For each Folder - if there are subfolders / logs then they will be listed indicated by hasChildrens = true and children JSON object with the details.

Anchor
LogInfo
LogInfo

URL that returns a specific log's information

  1. http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/restapi/log-configuration?logPath=[

...

  1. see item 2]&logName=[see item 3]

  2. logPath = the Folders path in XpoLog to the log separated by '->', without the log name, case sensitive. For example: ROOT->FOLDER_1->FOLDER_2

  3. logName  = the log name, case sensitive.

Result example:

API call: http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/restapi/log-configuration?logPath=ROOT-%3EExample%20Logs&logName=IIS%20Log&autoLogin=true&username=admin&password=admin

Code Block
Result: {"success":true,"errorMessage":null,"response":{"type":"Log","id":"Log-IIS_Log_1227520737065","name":"IIS Log","description":"","path":null,"appTags":null,"collectionPolicy":"defaultLogCollectionPolicy","patterns":"{date:Date,locale=en,dd-MM-yyyy HH:mm:ss.SSS} {text:c-ip} {text:cs-username} {text:s-sitename} {text:s-computername} {ip:s-ip} {text:s-port} {text:cs-method} {text:cs-uristem} {text:cs-uri-query} {number:sc-status} {text:sc-win32-status} {text:sc-bytes} {text:time-taken} {text:cs-version} {text:cs-host} {text:cs(User-Agent)} {text:cs(Cookie)} {text:cs(Referer)}","filePaths":["IIS.log"],"accountName":null,"charSet":null,"timeZone":"Israel Standard Time","dataFilterQuery":null},"httpStatusCode":0}

type = the type of log
id = the id of the log in XpoLog
name = the name of the log in XpoLog
description = the

...

description of the log in XpoLog
path = the Folders and Logs

...

path of the log in XpoLog
appTags = the appTags that the log is tagged to (if applicable)
collectionPolicy = the name of the collection policy that the log is part of
patterns = the data patterns applied on the log
filesPath = the absolute path to the files that the log is defined on, separated by @#@# if there are multiple locations configured (if applicable)
accountName = the name of the account that the log is using (if applicable)
charSet = the char-set applied on the log
timeZone = the time zone applied on the log
dataFilterQuery = the data filter query applied on the log (if applicable)

Anchor
LogsDetailedInfo
LogsDetailedInfo

URL that returns multiple log's information

Returns the complete details of the logs based on the source query as listed below.

  1. http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/restapi/logs-configuration?sourceQuery=[

...

  1. see item 2]

  2. sourceQuery = the source query that represent on which part of XpoLog data structure to run (Folder(s), appTag(s). For example: apptag.APPTAG_NAME, folder.FOLDER_NAME

Result example:

API call: http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/restapi/logs-configuration?sourceQuery=folder.Example%20Logs&autoLogin=true&username=admin&password=admin

Code Block
type | id | name | description | path | appTags | collection policy | patterns | files paths | account name | char set | time zone | data Filter Query
Log | Log-Acute_Dispatch_1525684585842 | Acute Dispatch |  | ROOT->Logs Information->Acute Dispatch | LogsInformation | Default Collection Policy | {text:type} | {text:id} | {text:name} | {text:description} | {text:path} | {text:appTags} | {text:collection policy} | {text:patterns} | {text:files paths} | {text:account name} | {text:char set} | {text:time zone} | {text:data Filter Query} | C:\Users\omry.XPOLOG\Desktop\FMC\LexLogsInformation\Acute Dispatch.txt | null | null | Asia/Jerusalem | null

type = the type of returned object
id = the id of the log in XpoLog
name = the name of the log in XpoLog
description = the

...

description of the log in XpoLog
path = the Folders and Logs

...

path of the log in XpoLog
appTags = the appTags that the log is tagged to (if applicable)
collectionPolicy = the name of the collection policy that the log is part of
patterns = the data patterns applied on the log
filesPath = the absolute path to the files that the log is defined on, separated by @#@# if there are multiple locations configured (if applicable)
accountName = the name of the account that the log is using (if applicable)
charSet = the char-set applied on the log
timeZone = the time zone applied on the log
dataFilterQuery = the data filter query applied on the log (if applicable)

You can parse this data in XpoLog using the following pattern:

Code Block
{text:type} | {text:id} | {text:name} | {text:description} | {text:path} | {text:appTags} | {text:collection policy} | {string:patterns} | {string:files paths} | {text:account name} | {text:char set} | {text:time zone} | {text:data Filter Query}