VMware Aria Operations for Logs Operations Index

Gets the Active Directory configuration settings.

Updates the Active Directory configuration settings.

Tests if the Active Directory domain controller can be accessed using the credentials in the configuration settings.

Queries Operations for Logs for groups of events.

Get all the alerts created by the current user

Create a new alert by given parameters. The 'name' parameter is mandatory. There are some optional parameters as well, but some of them could be required in specific combination with other parameters. For example:

• When the field 'emailEnabled' is set to 'true' then at least one email address should be specified in the 'emails' field.
• When the field 'webhookEnabled' is set to 'true' then at least one URL should be specified in the 'webhookURLs' field.
• When the field 'vcopsEnabled' is set to 'true' then 'vcopsResourceKindKey' field should be specified.

Get all alerts for all users and from content packs

Get alert by UUID

Delete alert by UUID

Get alert webhooks by UUID

Attach webhook to the alert

Get alert history records

Get alert history record by timestamp

Updates alert history record by timestamp

Delete alert history record by timestamp

Creates a new support bundle and returns it in a compressed format. Calling this API without specifying a manifests value retrieves the entire support bundle. Or, you can provide an array of manifest IDs you are interested in. manifests is a list of string manifest IDs. You can get the list of supported manifests with the GET /api/v1/vm-support-bundles/manifests API.

Gets a list of manifests of available support bundle content. The manifest list is returned in XML format.

Returns a list of supported authentication providers. You can use these providers with the sessions API.

Retrieve current Customer Experience Improvement Program participation status.

Enable or disable participation in the Customer Experience Improvement Program.

Retrieve certificate details.

Upload a custom certificate. Provide a PEM certificate in the request body.

Get the list of all trusted certificates

Get the trusted certificate by thumbprint hashed in SHA-1 format

Delete trusted certificate by thumbprint hashed in SHA-1 format

Retrieve the list of virtual IP addresses. Includes the IP and FQDN for each, along with current status.

Create new virtual IP addresses.

Retrieve the details of a virtual IP address. Includes the IP and FQDN for each, along with current status.

Update existing virtual IP address.

Delete specified virtual IP address.

Retrieve dependencies of VIP FQDN or IP address. Includes hostname and dependency type for each

Export LogInsight configuration into a file, which can be used for configuring a fresh Operations for Logs setup.

Exported configuration includes the following information about the LogInsight cluster:

• General configuration (CEIP, System notification recipients, etc.)
• NTP configuration
• Log forwarder configuration
• SMTP configuration
• Archiving settings
• Agents groups configuration

Exported configuration does NOT include the following information:

• Cluster configuration (e.g. the number of nodes, VIP configuration, etc.) Exporting VIP configuration might result in multiple clusters having the same VIP, which would cause issues with ingestion, log forwarding, etc.
• Hosts information
• Patterns and fields extracted during machine learning
• Agents configuration
• Local users. Local users aren't migrated for security reasons so that passwords are exposed in the exported configuration file.
• Active Directory and vIDM configurations aren't migrated for security reasons, as exporting these configurations would expose the passwords.
• Content packs and user content, such as dashboards, alerts, etc.
• SSL configuration
• vSphere integration configuration isn't migrated for security reasons, as exporting this configuration would expose the passwords.
• VMware Aria Operations integration configuration isn't migrated for security reasons, as exporting this configuration would expose the passwords.

Import an exported Operations for Logs configuration.

The following configuration can be imported based on the provided parameters:

• General configuration (CEIP, System notification recipients, etc.)
• NTP configuration
• Log forwarder configuration
• SMTP configuration
• Archiving settings
• Agents groups configuration

Imported configuration does NOT include the following information:

• Cluster configuration (e.g. the number of nodes, VIP configuration, etc.) Exporting VIP configuration might result in multiple clusters having the same VIP, which would cause issues with ingestion, log forwarding, etc.
• Hosts information
• Patterns and fields extracted during machine learning
• Agents configuration
• Local users. Local users aren't migrated for security reasons so that passwords are exposed in the exported configuration file.
• Active Directory and vIDM configurations aren't migrated for security reasons, as exporting these configurations would expose the passwords.
• Content packs and user content, such as dashboards, alerts, etc. Content migration can be addressed with separate APIs designed to export and import content packs and user content.
• SSL configuration
• vSphere integration configuration isn't migrated for security reasons, as exporting this configuration would expose the passwords.
• VMware Aria Operations integration configuration isn't migrated for security reasons, as exporting this configuration would expose the passwords.

Configuration import process consists of two steps:

1. The exported configuration file should be uploaded as binary data with the "Content-Type: applications/octet-stream" header.
2. Once the file is uploaded, the configurations can be applied by setting the "Content-Type: applications/json" header and providing the items to exclude in the JSON body.

Gets a list of all data sets.

Creates a new data set.

Retrieves the settings of a data set.

Deletes a data set.

Updates the settings of a data set.

Approves a request to join a server to an Operations for Logs cluster.

Joins a newly installed Operations for Logs server to an existing cluster. When setting up a cluster with multiple servers, call the POST /api/v1/deployment/new API on the first server. Then call this API on the other servers to get them to join the cluster. The configuration can take several minutes to complete. Use the POST /api/v1/deployment/waitUntilStarted API to track the status of join deployment.

Initiates configuration of a newly installed Operations for Logs server as the first member of a new cluster. When setting up a standalone server or the first node of the cluster, call this API to initialize the server. The configuration can take several minutes to complete. Use the POST /api/v1/deployment/waitUntilStarted API to track the status of new deployment.

Waits until the server starts. This can take several minutes to complete.

Ingest and index new log messages contained in the body.

Can contain a maximum of 4MB of JSON in a single submission with 16KB in a single text field. Batch-submission of multiple adjacent events is more efficient than a seperate POST for each.

Each event can contain a list of key-value fields. Values are expressed as strings or as character ranges in the event text.

The timestamp of an event is optional, and expressed as milliseconds-since-epoch UTC. If the submission is authenticated, the timestamp field is trusted. Unauthenticated event submissions have their time clamped to within 10 minutes of the server's current time. #% config.api-server.max-tolerated-client-time-drift=600000

Queries Operations for Logs for events.

Retrieve the license state, including a list of licenses.

Add a new license to the collection. A UUID will be generated to represent the license, and can be used for deletion. The license summary cannot be set, and is derived from the license key. In addition, a single license key cannot be updated in-place. Instead, the old license keys should be deleted after the new license is added.

Remove a single license key, specified by its UUID.

Gets a list of log forwarding destinations.

Adds a log forwarding destination.

Retrieves the details for the specified forwarding configuration.

Updates the settings of a log forwarding destination.

Deletes an log forwarding destination.

Updates the settings of a log forwarding destination.

Tests if a log forwarding destination can be reached.

Adds a log forwarding destination.

TODO: add a description

TODO: add a description

Gets a list of all the notification channels that are used for alerting. At this time, the list includes SMTP server configuration used for sending alert emails.

Updates the configurations for the notification channels that are used for alerting. At this time, the list includes SMTP server configuration used for sending alert emails.

Retrieve the list of email addresses to which system notifications will be delivered.

Update the list of email addresses to which system notifications will be delivered.

Get the list of webhooks.

Update the list of webhook URLs configured for receiving system notifications.

Add webhook object

get webhook information

Update webhook

delete webhook

Retrieve current retention notification threshold configuration. If the amount of data the system can hold at the current ingestion rate is less than the given amount, send a system notification. E.g., if you are receiving 10 GB/day of data and you have 200 GB of space, then you have 20 days of capacity. If you set your threshold to 1 month, you will receive a notification that you are below this capacity.

Update retention notification threshold configuration.

TODO: add a description

TODO: add a description

Gets a list of all user roles.

Creates a new role.

Gets the details of a role.

Deletes an exsting role.

Updates an existing role.

Gets the list of capabilities granted to the authentication provider directory group.

Sets the capabilities of authentication provider directory groups.

Updates the capabilities of authentication provider directory groups.

Gets the list of data sets that users in the authentication provider directory group can access.

Sets the list of data sets that users in the authentication provider directory group can access.

Updates the list of data sets that users in the authentication provider directory group can access.

Gets the list of users in the group.

Update the list of users to use the role

TODO: add a description

Signs into Operations for Logs with the given credentials, creates and returns a new session.

Retrieve user ID and TTL (time to live) for the current session.

Retrieve the current list of time sources for this cluster.

Set new time sources for this cluster.

Test connectivity to new NTP servers. May take up to 20 seconds per server listed.

Retrieve current browser session timeout, expressed in minutes.

Set a new browser session timeout, expressed in minutes. Specify -1 for no timeout.

Retrieve current language configuration.

Set a new language configuration.

Gets the upgraded version of the Operations for Logs cluster.

Starts the process of upgrading VMware Aria Operations for Logs to a new version. This request uploads a PAK file containing the new version, and sets the upgrade status to "Pending". PAK file URL should be provided in JSON body. It's also possible to upload PAK file directly as a binary data by setting 'Content-Type' header to 'application/octet-stream' and sending PAK file as a body. It returns the new End User License Agreement (EULA) and upgrade version. To continue with the upgrade, send a PUT /upgrades/{version}/eula with eulaAccepted set to true.

Troubleshooting Tips

Refer to "/storage/var/loginsight/upgrade.log" for additional information on upgrade failure.

Gets the upgraded version on the Operations for Logs node that received the API call.

Gets the cluster-wide status of the upgrade.

Accepts or declines the End User License Agreement (EULA) of a product upgrade. Continues the upgrade process if accepted is true, or cancels it otherwise. This request is expected when the upgrade status is "Pending".

Return the list for all the user groups registered in Operations for Logs.

Create user group by importing already existing user group from external authentication server into Operations for Logs. Authentication server should be integrated with Operations for Logs beforehand.

Return the list of all the user groups for specified provider

Retrieves the user group information.

Delete user group from Operations for Logs.

Replace existing roles of user group with the provided roles.

Gets a list of users.

Creates a new user.

Retrieves the settings of a user.

Deletes a user.

Modifies the settings of a user.

Retrieve Operations for Logs version information, in the form Major.Minor.Patch-Build.

Gets the current vIDM configuration.

Configures vIDM integration.

This method is deprecated

Tests a connection with the specified Workspace ONE Access instance with specified credentials.

TODO: add a description

Gets the current state of connection with vIDM.

Get VMware Aria Operations integration configuration.

Replace VMware Aria Operations integration configuration.

Configure VMware Aria Operations integration.

Delete VMware Aria Operations integration configuration.

Update VMware Aria Operations integration configuration.

Test connection to VMware Aria Operations.

Get all vCenter Server integration configurations.

Add new integration configuration to vCenter Server.

Retrieve the integration configuration settings for vCenter Server with the specified hostname.

Update the integration configuration settings for vCenter Server with the specified hostname.

Delete the integration configuration for vCenter Server with the specified hostname.

Get ESXi hosts of the vCenter Server with the specified hostname along with their configuration details.

Update ESXi hosts configuration of vCenter server with the specified hostname.

Get ESXi host with the specified hostname in the specified vSphere Server along with it's configuration details.

Update ESXi host configuration with the specified hostname in the specified vCenter Server.

Test connection to the vCenter Server.