Last updated at Mon, 06 Nov 2017 21:12:17 GMT
Now you can get your work done even faster by automating tasks with the Logentries REST API. With the ability to programmatically query data, manage users, create alerts and integrate third party tools, it’s now easier to finish the job and get on with your day.
Table of contents
- Query API- Example Usage
- Team and User Management API- Example Usage
- Tags and Alerts API- Example Usage
- LeExportPy- Read More
- LeCLI- Read More
On-demand Webinar
Interested in learning more about the Logentries REST API? View our previously recorded webinar that explored how the Logentries APIs can help solve common challenges.
Webinar Details
Recorded: Wednesday, September 7, 2016 @ 11:00 AM EDT
Click here to view the webinar!
Query API
The REST Query API provides a powerful way for your users and systems to programmatically query log data without accessing the Logentries user interface.
Any LEQL query you would normally enter into the Logentries query bar can be submitted to the API. Your request will return calculated results or lists of log events as a JSON object.
With the Logentries REST Query API you can:
- Query and analyze your data programmatically
- Quickly retrieve JSON objects that represent the results of LEQL functions or search query results
- Easily integrate Logentries data with internal or third party applications
Example Usage
Below is an example python script that uses the Query API GET request.
I filled in the log key for my Apache server Access Log (combined format), added an API key, specified start and end times, and set leqlQuery to 'where(http.status=200)'.
My returned results were:
{'logs': ['*logkeyremoved*'], 'leql': {'during': {'to': 1471979100000, 'from': 1469466000000}, 'statement': 'where(http.status=200)'}, 'events'
[
{'timestamp': 1469754542499, 'message': '45.79.152.221 - - [29/Jul/2016:01:09:11 +0000] "GET / HTTP/1.0" 200 11892 "-" "-"'},
{'timestamp': 1469789339630, 'message': '94.102.49.26 - - [29/Jul/2016:10:49:08 +0000] "GET / HTTP/1.1" 200 11892 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36"'},
{'timestamp': 1469916895582, 'message': '169.54.244.82 - - [30/Jul/2016:22:15:04 +0000] "GET / HTTP/1.1" 200 11873 "-" "-"'},
{'timestamp': 1469958008458, 'message': '208.73.20.92 - - [31/Jul/2016:09:40:17 +0000] "GET / HTTP/1.1" 200 11873 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)"'},
...
]}
You can easily integrate the Logentries Query API with common 3rd party tools such as Hosted Graphite, Geckoboard, Kafka and other services by using the the open source tool LeExportPy. See the LeExportPy section below for more details.
For other example use cases check out our blog post Using JavaScript to interact with the REST Query API.
Team and User Management API
The Logentries Team and User Management API allows you to easily add, remove and modify account users, create teams, and restrict access.
Example Usage
The python script below uses the Logentries Team and User management API to retrieve a list of all teams in the specified account:
This returns a list of all the teams for the specified account as a JSON object. See below:
{
"teams": [
{
"users": [
{
"id": "********-****-****-****-************",
"links": {
"href": "https://rest.logentries.com/management/accounts/********-****-****-****-************/users/d********-****-****-****-************",
"ref": "Self"
}
}
],
"id": "********-****-****-****-************",
"name": "Read Only Team"
}
]
}
Tags and Alerts API
The tags and alerts API makes it easy to quickly create tags and set alerts to call your attention to important events.
Example Usage
In the python script below a GET request calls the Logentries Tags and Alerts API to get a list of all tags/alerts in the account associated with the specified API key.
Simply drop in (at least) the read only API key from your account. An example of the information returned is below:
{
"tags": [
{
"name": "Change of a user",
"patterns": [
"session closed"
],
"labels": [
{
"color": "f061fb",
"reserved": false,
"id": "********-****-****-****-************",
"name": "User Changed",
"sn": 1050
}
],
"actions": [
{
"min_matches_period": "Day",
"min_report_period": "Day",
"min_matches_count": 1,
"enabled": false,
"min_report_count": 1,
"targets": [
{
"alert_content_set": {},
"params_set": {
"users": "demo@email.com",
"direct": "demo@email.com",
"teams": ""
},
"type": "Mailto",
"id": null
}
],
"type": "Alert",
"id": "********-****-****-****-************"
}
],
"sources": [
{
"retention_period": "default",
"stored_days": [],
"id": "********-****-****-****-************",
"name": "messages"
},
],
"type": "Alert",
"id": "********-****-****-****-************"
},
{
"name": "Authentication Failure",
"patterns": [
"authentication failure"
],
"labels": [
{
"color": "fb0000",
"reserved": false,
"id": "********-****-****-****-************",
"name": "Auth Failure",
"sn": 1046
}
],
"actions": [
{
"min_matches_period": "Day",
"min_report_period": "Day",
"min_matches_count": 5,
"enabled": false,
"min_report_count": 5,
"targets": [
{
"alert_content_set": {},
"params_set": {
"users": "demo@email.com",
"direct": "demo@email.com",
"teams": ""
},
"type": "Mailto",
"id": null
}
],
"type": "Alert",
"id": "********-****-****-****-************"
}
],
"sources": [
{
"retention_period": "default",
"stored_days": [],
"id": "********-****-****-****-************",
"name": "messages"
},
], ,
"type": "Alert",
"id": "********-****-****-****-************"
}
]
}
LeExportPy
The open source tool LeExportPy provides a fully functional framework for capturing log data from the Logentries Query API and exporting that data to other services. Currently, integrations are available for Hosted Graphite, Geckoboard, and Kafka. Adding new integration is easy; the documentation to create a new service can be found on GitHub.
LeCLI
The open source Logentries CLI allows you to seamlessly view recent events, run queries and manage your account from the command line. The CLI leverages the Logentries REST APIs calls mentioned in this post, calls in our documentation, and will leverage future calls as API functionality is added.
Benefits of the Logentries CLI
- Cross platform and supports all major operating systems.
- Quickly retrieve log data and manipulate your Logentries account without using the graphical user interface.
- Easily build scripts to take advantage of the Logentries REST APIs.
- Painlessly integrate your Logentries data with internal or third party applications.
