Execute Log Search Query 1
Execute a log search query
Execute a log search query
Request
URI
POST
https://{api_host}/api/v2/logs/search
COPY
Request Body
QueryRequest
of type(s)
application/json
Required
{
"aggregations": {
"aggregations": {
"aggregations": {
"aggregations": {
"aggregations": {
"aggregations": "Aggregation Object"
},
"avg": {
"field": "string"
},
"bucketAggregation": false,
"cardinality": {
"field": "string"
},
"composite": {
"size": 0,
"sources": [
{
"terms": {
"field": "string",
"missing_bucket": false,
"missing_order": "string",
"order": "string"
}
}
]
},
"date_histogram": {
"field": "string",
"fixed_interval": "string",
"order": {
"_key": {
"order": "string"
}
}
},
"max": {
"field": "string"
},
"min": {
"field": "string"
},
"multi_terms": {
"min_doc_count": 0,
"order": [
{
"order": "string"
}
],
"shard_size": 0,
"size": 0,
"terms": [
{
"field": "string"
}
]
},
"sample": {
"field": "string"
},
"stddev": {
"field": "string"
},
"sum": {
"field": "string"
},
"top_hits": {
"_source": [
"string"
],
"from": 0,
"size": 0,
"sort": [
{
"empty": false
}
]
},
"valueAggregation": false,
"value_count": {
"field": "string"
},
"variance": {
"field": "string"
}
}
},
"avg": {
"field": "string"
},
"bucketAggregation": false,
"cardinality": {
"field": "string"
},
"composite": {
"size": 0,
"sources": [
{
"terms": {
"field": "string",
"missing_bucket": false,
"missing_order": "string",
"order": "string"
}
}
]
},
"date_histogram": {
"field": "string",
"fixed_interval": "string",
"order": {
"_key": {
"order": "string"
}
}
},
"max": {
"field": "string"
},
"min": {
"field": "string"
},
"multi_terms": {
"min_doc_count": 0,
"order": [
{
"order": "string"
}
],
"shard_size": 0,
"size": 0,
"terms": [
{
"field": "string"
}
]
},
"sample": {
"field": "string"
},
"stddev": {
"field": "string"
},
"sum": {
"field": "string"
},
"top_hits": {
"_source": [
"string"
],
"from": 0,
"size": 0,
"sort": [
{
"empty": false
}
]
},
"valueAggregation": false,
"value_count": {
"field": "string"
},
"variance": {
"field": "string"
}
}
},
"from": 0,
"indices": [
"string"
],
"query": {
"bool": {
"filter": [
"Query Object"
],
"must": [
"Query Object"
],
"must_not": [
"Query Object"
],
"should": [
"Query Object"
]
},
"exists": {
"field": "string"
},
"match_all": {},
"match_phrase": {
"empty": false
},
"prefix": {
"empty": false
},
"range": {
"empty": false
},
"regexp": {
"empty": false
},
"term": {
"empty": false
},
"terms": {
"empty": false
}
},
"scroll": "string",
"scrollSize": 0,
"size": 0,
"sort": [
{
"empty": false
}
],
"trackTotalHits": false
}
object
aggregations
Optional
aggregations
integer As int32
As int32
from
Optional
Constraints:
maximum: 20000
from
array of
string
indices
Optional
indices
object
query
Optional
query
string
scroll
Optional
scroll
integer As int32
As int32
scrollSize
Optional
scrollSize
integer As int32
As int32
size
Optional
Constraints:
maximum: 2000
size
array of
object
sort
Optional
sort
boolean
trackTotalHits
Optional
trackTotalHits
Responses
200
Query executed successfully
Returns
QueryResponse
of type(s)
application/json
{
"aggregations": {
"buckets": [
{
"doc_count": 0,
"field": [
{
"displayName": "string",
"internalName": "string"
}
],
"key": [
{}
],
"values": [
{
"name": "string",
"value": {}
}
]
}
],
"total": 0,
"truncated": false
},
"events": {
"hits": [
{
"msgContent": {
"fields": [
{
"displayName": "string",
"fieldCategory": "string",
"fieldType": "string",
"internalName": "string",
"length": 0,
"startPosition": 0,
"valueType": "string"
}
],
"incomingAddress": "string",
"ingestTimestamp": 0,
"logTimestamp": 0,
"originalText": "string"
}
}
],
"total": 0
},
"failureMessage": "string",
"failureReason": "string",
"timeTakenMillis": 0,
"timedOut": false
}
object
aggregations
Optional
aggregations
object
events
Optional
events
string
failureMessage
Optional
failureMessage
string
failureReason
Optional
failureReason
Possible values are :
SYSTEM,
QUERY,
DATA_AVAILABILITY,
OTHER,
integer As int64
As int64
timeTakenMillis
Optional
timeTakenMillis
boolean
timedOut
Optional
timedOut
400
Bad request: Invalid input data
Returns
ErrorBody
of type(s)
application/json
{
"errorCode": "string",
"errorDetails": {},
"errorMessage": "string"
}
string
errorCode
Optional
errorCode
Possible values are :
API_ERROR,
LIMIT_ERROR,
FIELD_ERROR,
TEST_ERROR,
JSON_FORMAT_ERROR,
LICENSE_ERROR,
VSPHERE_INTEGRATION_ERROR,
VROPS_INTEGRATION_ERROR,
UPGRADE_ERROR,
SEARCH_ERROR,
AGENT_ERROR,
RBAC_COMMON_ERROR,
RBAC_USERS_ERROR,
RBAC_GROUPS_ERROR,
RBAC_ADGROUPS_ERROR,
RBAC_DATASETS_ERROR,
RBAC_VIDM_GROUPS_ERROR,
RBAC_VIDB_GROUPS_ERROR,
AUTH_PROVIDER_ERROR,
SECURITY_ERROR,
DEPLOYMENT_ERROR,
SUPPORT_BUNDLE_ERROR,
VIP_ERROR,
LOAD_BALANCER_ERROR,
VIDM_ERROR,
VIDB_ERROR,
AD_ERROR,
WEBHOOK_ERROR,
WEB_PROXY_ERROR,
SMTP_ERROR,
QUERY_ERROR,
CERTIFICATE_PEM_FORMAT_ERROR,
CERTIFICATE_FILE_INVALID,
CERTIFICATE_UPDATE_ERROR,
NSX_INTEGRATION_ERROR,
NSX_MANAGER_CONNECTIVITY_ERROR,
NO_CONFIGURATION_ERROR,
SSL_ERROR,
CERTIFICATE_PURPOSE_ERROR,
VCF_CAPABILITIES_REGISTRY_ERROR,
VALIDATION_ERROR,
INTERNAL_SERVER_ERROR,
UNPROCESSABLE_ENTITY,
RESOURCE_EXHAUSTED,
object
errorDetails
Optional
errorDetails
string
errorMessage
Optional
errorMessage
403
Forbidden: Authentication required
Returns
ErrorBody
of type(s)
application/json
{
"errorCode": "string",
"errorDetails": {},
"errorMessage": "string"
}
string
errorCode
Optional
errorCode
Possible values are :
API_ERROR,
LIMIT_ERROR,
FIELD_ERROR,
TEST_ERROR,
JSON_FORMAT_ERROR,
LICENSE_ERROR,
VSPHERE_INTEGRATION_ERROR,
VROPS_INTEGRATION_ERROR,
UPGRADE_ERROR,
SEARCH_ERROR,
AGENT_ERROR,
RBAC_COMMON_ERROR,
RBAC_USERS_ERROR,
RBAC_GROUPS_ERROR,
RBAC_ADGROUPS_ERROR,
RBAC_DATASETS_ERROR,
RBAC_VIDM_GROUPS_ERROR,
RBAC_VIDB_GROUPS_ERROR,
AUTH_PROVIDER_ERROR,
SECURITY_ERROR,
DEPLOYMENT_ERROR,
SUPPORT_BUNDLE_ERROR,
VIP_ERROR,
LOAD_BALANCER_ERROR,
VIDM_ERROR,
VIDB_ERROR,
AD_ERROR,
WEBHOOK_ERROR,
WEB_PROXY_ERROR,
SMTP_ERROR,
QUERY_ERROR,
CERTIFICATE_PEM_FORMAT_ERROR,
CERTIFICATE_FILE_INVALID,
CERTIFICATE_UPDATE_ERROR,
NSX_INTEGRATION_ERROR,
NSX_MANAGER_CONNECTIVITY_ERROR,
NO_CONFIGURATION_ERROR,
SSL_ERROR,
CERTIFICATE_PURPOSE_ERROR,
VCF_CAPABILITIES_REGISTRY_ERROR,
VALIDATION_ERROR,
INTERNAL_SERVER_ERROR,
UNPROCESSABLE_ENTITY,
RESOURCE_EXHAUSTED,
object
errorDetails
Optional
errorDetails
string
errorMessage
Optional
errorMessage
Code Samples
COPY
curl -X POST -H 'Authorization: <value>' -H 'Content-Type: application/json' -d '{}' https://{api_host}/api/v2/logs/search