GET Aggregated Events +path

GET Aggregated Events +path

Queries Operations for Logs for groups of events.

Request
URI
GET
https://{api_host}/api/v2/aggregated-events/{+path}
COPY
Path Parameters
string
+path
Required

Specifies constraints on the events to retrieve. See the specifying constraints section of /events for details.

Query Parameters
integer
limit
Optional
Constraints: minimum: 1 maximum: 2147483647 default: 100

The maximum number of events to retrieve.

integer
timeout
Optional
Constraints: minimum: 0 maximum: 2147483647 default: 30000

The time to wait for a response. If the complete result is not available within that time, a partially result is returned and the complete flag is set to false.

string
view
Optional
Constraints: default: DEFAULT

The format of query results in the reponse.

Possible values are : DEFAULT, SIMPLE,
string
content-pack-fields
Optional

The namespace of a content pack to take fields from. If provided, fields defined in the given content-pack are returned in the response, in addition to static fields. Specify this parameter more than once to extract fields from several content packs. If this parameter is not specified, then only static fields are returned in the response payload

integer
bin-width
Optional
Constraints: minimum: 1 maximum: 2147483647 default: 5000

The time-span of time range bins, in milliseconds.

string
aggregation-function
Optional
Constraints: default: COUNT

The aggregation function to use. One of the following values:

  • COUNT: The count of the events in each bin is returned
  • SAMPLE: An arbitrary event from each bin is returned
  • UCOUNT: The count of unique values in the bin
  • MIN: The minimum value in the bin
  • MAX: The maximum value in the bin
  • SUM: The sum of the values in the bin
  • STDDEV: The standard deviation of the values in the bin
  • VARIANCE: The variance of the values in the bin
Possible values are : COUNT, SAMPLE, UCOUNT, MIN, MAX, SUM, STDDEV, VARIANCE,
string
aggregation-field
Optional

The field to aggregate. This parameter is required for all aggregation functions, except COUNT and SAMPLE. It is not supported for COUNT and SAMPLE.

string
group-by-field
Required

Specify additional GROUP BY fields. Use subsequent key=value pairs to specify custom bins for numeric fields: use bin-width=12345 to specify fixed-width bins; use bins=10,100,500 to specify a specific set of bin boundaries; if neither is specified then each individual value of the field is assigned to its own bucket.

string
order-by-function
Optional

The aggregation function to use for ordering the bins. Those are the same functions as in the aggregation-function query parameter, with the exception of SAMPLE which is not supported.

Possible values are : COUNT, UCOUNT, MIN, MAX, SUM, STDDEV, VARIANCE,
string
order-by-field
Optional

The field to sort by.

string
order-by-direction
Optional
Constraints: default: DESC

The sort direction.

Possible values are : ASC, DESC,
Authentication
This operation uses the following authentication methods.
Responses
200
Returns aggregated-events.get.response of type(s) application/json 
{
    "complete": true,
    "duration": 90,
    "results": [
        {
            "minTimestamp": 0,
            "maxTimestamp": 9223372036828800000,
            "event_type": "v4_4a6fdf4b",
            "COUNT(event)": 50,
            "SAMPLE(event)": {
                "text": "[2017-06-13 15:27:22.606] ...",
                "timestamp": 1497353242606,
                "timestampString": "2017-06-13 15:27:22.606 GMT+04:00",
                "appname": "Vpxa",
                "event_type": "v4_df1bc800",
                "hostname": "li-qe-esx5.vmware.com",
                "source": "127.0.0.1"
            }
        },
        {
            "minTimestamp": 0,
            "maxTimestamp": 9223372036828800000,
            "event_type": "v4_dc0c9904",
            "COUNT(event)": 100,
            "SAMPLE(event)": {
                "text": "[2017-06-13 15:27:52.491-0700] ...",
                "timestamp": 1497353272491,
                "timestampString": "2017-06-13 15:27:52.491 GMT+04:00",
                "event_type": "v4_dc0c9904",
                "source": "127.0.0.1"
            }
        }
    ]
}

401
Operation doesn't return any data structure

440
Operation doesn't return any data structure

Code Samples
COPY
                    curl -H 'Authorization: <value>' https://{api_host}/api/v2/aggregated-events/{+path}?group-by-field=v
On This Page
Aggregated Events Operations
GET
GET Aggregated Events +path