Secure Access Log Search

Secure Access Log Search

API to perform search on Secure Access logs

Request
URI
GET
https://{api_host}/api/search/v1/enterprises/{enterpriseLogicalId}/secureAccess
COPY
Path Parameters
string
enterpriseLogicalId
Required

Unique identifier of the customer for which logs are being requested

Query Parameters
number
from
Optional

Number of logs to skip in paginated results, defaults to 0

number
size
Optional

Maximum number of logs to return

string
startTime
Required

Start time of logs to search on

string
endTime
Required

End time of logs to search on

string
NAMESPACE
Optional

Namespace of the tunnel server pod

string
HOSTNAME
Optional

Hostname of the connected device

string
DEVICE_APP
Optional

Name of the App associated with the connection

string
CONNECTION_TYPE
Optional

Connection Type. (SOCKS TCP/UDP appears as TCP/UDP. NAT TCP/UDP appears as NAT_TCP/NAT_UDP)

string
DEVICE_NAME
Optional

Device Name from which logs were generated

string
FLOW_ID
Optional

FLOW ID for the current session

string
SESSION_ID
Optional

Unique session or flow ID

string
CONNECTION_TIME
Optional

Connection Time

string
DEVICE_IP
Optional

Device IP Address (WIFI or 4G)

string
REMOTE_HOSTNAME
Optional

Domain Name of the remote host

string
DEVICE_UID
Optional

Device unique identifier

string
CONNECTION_STATUS
Optional

Connection Status of the device

string
DEVICE_USERNAME
Optional

Username of user using the device

string
CONNECTION
Optional

Connection Family. Can be Session/Stream/Datagram

string
REMOTE_CONNECTION_STATUS
Optional

Status of the connection between Tunnel Server and the remote host

string
REMOTE_HOST_IP
Optional

IP Address of the remote host

string
REMOTE_HOST_PORT
Optional

Port of the remote host

string
SERVER_IP
Optional

Tunnel server`s IP address

string
CONNECTED
Optional

Session connection status

string
AVAILABLE
Optional

Session availability status

string
NUM_OF_ACTIVE_CONNECTIONS
Optional

Number of active connections to tunnel server

string
REMOTE_BYTES_TRANSFERRED
Optional

Number of Bytes Transferred Upstream / Number of Bytes Transferred Downstream

string
TIMESTAMP
Optional

Ingestion timestamp for the log

string
POP_NAME
Optional

PoP from where the logs originated

Responses
200

Successfully retrieved Secure Access logs

Returns secureAccessFieldResponseSchema of type(s) application/json 
{
    "metaData": {
        "limit": "number",
        "more": false,
        "nextPageLink": "string",
        "prevPageLink": "string"
    },
    "data": [
        {
            "_source": {
                "message": {
                    "deviceApp": "string",
                    "connectionType": "string",
                    "deviceName": "string",
                    "flowId": "number",
                    "sessionId": "number",
                    "connectionTime": "string",
                    "deviceIP": "string",
                    "remoteHostName": "string",
                    "deviceUid": "string",
                    "connectionStatus": "string",
                    "deviceUserName": "string",
                    "connection": "string",
                    "remoteConnectionStatus": "string",
                    "remoteHostIp": "string",
                    "remoteHostPort": "number",
                    "serverIP": "string",
                    "connected": "string",
                    "available": "string",
                    "numOfActiveConnections": "number",
                    "remoteBytesTransfered": "string"
                },
                "logType": "string",
                "@timestamp": "string",
                "pop": "string"
            }
        }
    ],
    "count": "number"
}
fieldSearchMetaDataResponseSchema
metaData
Optional

metaData

array of secureAccessSearchDocumentSchema
data
Required

Data which contains logs for the log search response

number As float As float
count
Optional

Total log count for the log search query


400

Invalid Input

Returns httpResponseError of type(s) application/json 
{
    "errors": [
        {
            "message": "pop(s) for vni: 1 do not exist",
            "path": "object.path",
            "key": "INVALID_PARAMS"
        }
    ],
    "code": "INVALID_PARAMS"
}
array of httpResponseErrorObject
errors
Required

Array for different types of error objects

string
code
Optional

Error code for the message

Possible values are : INTERNAL_ERROR, INVALID_PARAMS, INVALID_QUERY_PARAMS, ALREADY_EXISTS, INVALID_SEARCH_ENDPOINT, INVALID_SEARCH_INPUTS,

401

Unauthorized Access

Returns httpResponseError of type(s) application/json 
{
    "errors": [
        {
            "message": "pop(s) for vni: 1 do not exist",
            "path": "object.path",
            "key": "INVALID_PARAMS"
        }
    ],
    "code": "INVALID_PARAMS"
}
array of httpResponseErrorObject
errors
Required

Array for different types of error objects

string
code
Optional

Error code for the message

Possible values are : INTERNAL_ERROR, INVALID_PARAMS, INVALID_QUERY_PARAMS, ALREADY_EXISTS, INVALID_SEARCH_ENDPOINT, INVALID_SEARCH_INPUTS,

500

Internal Server Error

Returns httpResponseError of type(s) application/json 
{
    "errors": [
        {
            "message": "pop(s) for vni: 1 do not exist",
            "path": "object.path",
            "key": "INVALID_PARAMS"
        }
    ],
    "code": "INVALID_PARAMS"
}
array of httpResponseErrorObject
errors
Required

Array for different types of error objects

string
code
Optional

Error code for the message

Possible values are : INTERNAL_ERROR, INVALID_PARAMS, INVALID_QUERY_PARAMS, ALREADY_EXISTS, INVALID_SEARCH_ENDPOINT, INVALID_SEARCH_INPUTS,

On This Page
Search Operations
GET
Edge Firewall Log Search
GET
Healthcheck
GET
Secure Access Log Search