Difference between revisions of "API for logs manpage"
| Line 1: | Line 1: | ||
| − | mgmt_cli show-logs new-query.filter product:<product name> new-query.time-frame <time-frame> new-query.max-logs-per-request <limit> | + | |
| + | ==For a new logs query== | ||
| + | '''mgmt_cli show-logs new-query.filter product:<product name> new-query.time-frame <time-frame> new-query.max-logs-per-request <limit>''' | ||
| Line 17: | Line 19: | ||
log-servers - List of IPs of log servers to query. Default: all | log-servers - List of IPs of log servers to query. Default: all | ||
| + | |||
| + | ==To get results for top statistics== | ||
| + | '''mgmt_cli show-logs new-query.filter product:<product name> new-query.top.field blades new-query.top.count <number> --format json -r true''' | ||
| + | |||
| + | count - Valid values: 1-50 | ||
| + | |||
| + | field - Valid values: sources destinations services actions blades origins users applications | ||
| + | |||
| + | ==To get more results for an existing query== | ||
| + | '''mgmt_cli show-logs query-id <query-id> --session-id <session-id>''' | ||
| + | |||
| + | query-id - Get the next page of the last run query with a specified limit. | ||
| + | |||
| + | ignore-warnings - Ignore warnings if they exist. Type: Boolean | ||
| + | |||
| + | ==Limitations== | ||
| + | The parameter "time-frame" in the API command does not accept this format as input: | ||
| + | |||
| + | yyyymmddThhmmssZ | ||
| + | |||
| + | The command does not support non-index mode log queries. | ||
| + | |||
| + | [[category:api]] | ||
Latest revision as of 22:52, 26 March 2025
Contents |
For a new logs query
mgmt_cli show-logs new-query.filter product:<product name> new-query.time-frame
filter - The filter as entered in SmartConsole/SmartView. Type: String
time-frame - Specify the time frame to query logs. Type: String
Valid values: last-7-days last-hour today last-24-hours yesterday this-week this-month last-30-days all-time custom Default: last-7-days
custom-start - Must be in ISO861 format. Type: String
custom-end - Must be in ISO861 format. Type: String
max-logs-per-request - Valid values: 1-100 Default: 10 Type: String
type - Type of logs to return. Valid values: logs, audit. Default: logs
log-servers - List of IPs of log servers to query. Default: all
To get results for top statistics
mgmt_cli show-logs new-query.filter product:<product name> new-query.top.field blades new-query.top.count <number> --format json -r true
count - Valid values: 1-50
field - Valid values: sources destinations services actions blades origins users applications
To get more results for an existing query
mgmt_cli show-logs query-id <query-id> --session-id <session-id>
query-id - Get the next page of the last run query with a specified limit.
ignore-warnings - Ignore warnings if they exist. Type: Boolean
Limitations
The parameter "time-frame" in the API command does not accept this format as input:
yyyymmddThhmmssZ
The command does not support non-index mode log queries.
