接口地址
安装graylog以后在System/Notes中查看API
集群版本查看Cluster Global API browser即可,单机版查看具体节点列表中的API browser
进入接口文档后,可直接调用调试
对接方式
📢注意:
接口文档也不一定清晰,这时可以直接在web接口查看对应的接口入参等信息。
接口文档
以下是开发过程中整理的接口文档,希望对大家有帮助
接口文档地址:https://console-docs.apipost.cn/preview/3f6d9ac605953486/ef00e23523434c94
/graylog
graylog api
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/Search
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/Search/Prometheus监控接口
暂无描述
接口状态
开发中
接口URL
http://10.9.24.23:9833/api/metrics/prometheus
请求方式
GET
Content-Type
none
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/Search/01 创建查询
暂无描述
接口状态
开发中
接口URL
127.0.0.1:29000/api/views/search
请求方式
POST
Content-Type
json
请求Body参数
{
"queries": [
{
"query": {
"type": "elasticsearch",
"query_string": "env:dev AND level_name:INFO"
},
"timerange": {
"type": "relative",
"from": 300
},
"filter": {
"type": "or",
"filters": [
{
"type": "stream",
"id": "62f6165c3e8f9b4314589b8b"
}
]
},
"search_types": [
{
"timerange": null,
"query": null,
"streams": [],
"name": "chart",
"series": [
{
"type": "count",
"id": "count()",
"field": null
}
],
"sort": [],
"rollup": true,
"type": "pivot",
"row_groups": [
{
"type": "time",
"field": "timestamp",
"interval": {
"type": "auto",
"scaling": 1
}
}
],
"column_groups": [],
"filter": null
},
{
"timerange": null,
"query": null,
"streams": [],
"name": null,
"limit": 150,
"offset": 0,
"sort": [
{
"field": "timestamp",
"order": "DESC"
}
],
"decorators": [],
"type": "messages",
"filter": null
}
]
}
],
"parameters": []
}
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| queries | - | Object | 是 | - |
| queries.query | - | Object | 是 | 检索条件 |
| queries.query.type | elasticsearch | String | 是 | 固定值 |
| queries.query.query_string | env:dev AND level_name:INFO | String | 是 | - |
| queries.timerange | - | Object | 是 | 时间范围,有相对时间和绝对时间。后续封装api直接使用绝对时间即可 |
| queries.timerange.type | relative | String | 是 | relative absolute |
| queries.timerange.from | 300 | Integer | 是 | 选择absolute时,时间有form和to,都是字符串格式。UTC时间格式 |
| queries.filter | - | Object | 是 | 指定stream,全局检索时为null即可 |
| queries.filter.type | or | String | 是 | - |
| queries.filter.filters | - | Object | 是 | 可以为多个filter |
| queries.filter.filters.type | stream | String | 是 | - |
| queries.filter.filters.id | 62f6165c3e8f9b4314589b8b | String | 是 | - |
| queries.search_types | - | Object | 是 | - |
| queries.search_types.timerange | null | Null | 是 | - |
| queries.search_types.query | null | Null | 是 | - |
| queries.search_types.streams | - | Object | 是 | - |
| queries.search_types.name | chart | String | 是 | - |
| queries.search_types.series | - | Object | 是 | - |
| queries.search_types.series.type | count | String | 是 | - |
| queries.search_types.series.id | count() | String | 是 | - |
| queries.search_types.series.field | null | Null | 是 | - |
| queries.search_types.sort | - | Object | 是 | - |
| queries.search_types.rollup | true | Boolean | 是 | - |
| queries.search_types.type | pivot | String | 是 | - |
| queries.search_types.row_groups | - | Object | 是 | - |
| queries.search_types.row_groups.type | time | String | 是 | - |
| queries.search_types.row_groups.field | timestamp | String | 是 | - |
| queries.search_types.row_groups.interval | - | Object | 是 | - |
| queries.search_types.row_groups.interval.type | auto | String | 是 | - |
| queries.search_types.row_groups.interval.scaling | 1 | Integer | 是 | - |
| queries.search_types.column_groups | - | Object | 是 | - |
| queries.search_types.filter | null | Null | 是 | - |
| parameters | - | Object | 是 | - |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"id": "632d473883ac345b777826c3",
"queries": [
{
"id": "390e5b12-5d23-45da-817f-4151fa618cde",
"timerange": {
"type": "relative",
"from": 300
},
"filter": {
"type": "or",
"filters": [
{
"type": "stream",
"id": "62f6165c3e8f9b4314589b8b"
}
]
},
"query": {
"type": "elasticsearch",
"query_string": "env:dev AND level_name:INFO"
},
"search_types": [
{
"timerange": null,
"query": null,
"streams": [],
"id": "6e15503e-b21d-4152-acdc-eac03399f8c5",
"name": null,
"limit": 150,
"offset": 0,
"sort": [
{
"field": "timestamp",
"order": "DESC"
}
],
"decorators": [],
"type": "messages",
"filter": null
},
{
"timerange": null,
"query": null,
"streams": [],
"id": "aff8ddd5-a506-4cbd-903e-ad1b8d3a9b45",
"name": "chart",
"series": [
{
"type": "count",
"id": "count()",
"field": null
}
],
"sort": [],
"rollup": true,
"type": "pivot",
"row_groups": [
{
"type": "time",
"field": "timestamp",
"interval": {
"type": "auto",
"scaling": 1.0
}
}
],
"column_groups": [],
"filter": null
}
]
}
],
"parameters": [],
"requires": {},
"owner": "admin",
"created_at": "2022-09-23T05:42:16.209Z"
}
| 参数名 | 示例值 | 参数类型 | 参数描述 |
|---|---|---|---|
| id | 632d473883ac345b777826c3 | String | 搜索ID,用于检索消息 |
| queries | - | Object | |
| queries.id | 390e5b12-5d23-45da-817f-4151fa618cde | String | |
| queries.timerange | - | Object | 时间范围,有相对时间和绝对时间。后续封装api直接使用绝对时间即可 |
| queries.timerange.type | relative | String | relative absolute |
| queries.timerange.from | 300 | Integer | 选择absolute时,时间有form和to,都是字符串格式。 |
| queries.filter | - | Object | 指定stream,全局检索时为null即可 |
| queries.filter.type | or | String | |
| queries.filter.filters | - | Object | 可以为多个filter |
| queries.filter.filters.type | stream | String | |
| queries.filter.filters.id | 62f6165c3e8f9b4314589b8b | String | |
| queries.query | - | Object | 检索条件 |
| queries.query.type | elasticsearch | String | 固定值 |
| queries.query.query_string | env:dev AND level_name:INFO | String | |
| queries.search_types | - | Object | |
| queries.search_types.timerange | null | Null | |
| queries.search_types.query | null | Null | |
| queries.search_types.streams | - | Object | |
| queries.search_types.id | 6e15503e-b21d-4152-acdc-eac03399f8c5 | String | |
| queries.search_types.name | null | Null | |
| queries.search_types.limit | 150 | Integer | |
| queries.search_types.offset | 0 | Integer | |
| queries.search_types.sort | - | Object | |
| queries.search_types.sort.field | timestamp | String | |
| queries.search_types.sort.order | DESC | String | |
| queries.search_types.decorators | - | Object | |
| queries.search_types.type | messages | String | |
| queries.search_types.filter | null | Null | |
| parameters | - | Object | |
| requires | - | Object | |
| owner | admin | String | |
| created_at | 2022-09-23T05:42:16.209Z | String |
/graylog/Search/02 搜索日志
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/views/search/:queryId/execute
请求方式
GET
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| queryId | 632d473883ac345b777826c3 | 创建查询时返回的ID |
请求Body参数
{
"parameter_bindings": {}
}
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/Search/03 查询构建的查询
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/views/search
请求方式
GET
Content-Type
json
请求Body参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| queries | - | Object | 是 | - |
| queries.query | - | Object | 是 | 检索条件 |
| queries.query.type | elasticsearch | String | 是 | 固定值 |
| queries.query.query_string | env:dev AND level_name:INFO | String | 是 | - |
| queries.timerange | - | Object | 是 | 时间范围,有相对时间和绝对时间。后续封装api直接使用绝对时间即可 |
| queries.timerange.type | relative | String | 是 | relative absolute |
| queries.timerange.from | 300 | Integer | 是 | 选择absolute时,时间有form和to,都是字符串格式。UTC时间格式 |
| queries.filter | - | Object | 是 | 指定stream,全局检索时为null即可 |
| queries.filter.type | or | String | 是 | - |
| queries.filter.filters | - | Object | 是 | 可以为多个filter |
| queries.filter.filters.type | stream | String | 是 | - |
| queries.filter.filters.id | 62f6165c3e8f9b4314589b8b | String | 是 | - |
| queries.search_types | - | Object | 是 | - |
| queries.search_types.timerange | null | Null | 是 | - |
| queries.search_types.query | null | Null | 是 | - |
| queries.search_types.streams | - | Object | 是 | - |
| queries.search_types.name | chart | String | 是 | - |
| queries.search_types.series | - | Object | 是 | - |
| queries.search_types.series.type | count | String | 是 | - |
| queries.search_types.series.id | count() | String | 是 | - |
| queries.search_types.series.field | null | Null | 是 | - |
| queries.search_types.sort | - | Object | 是 | - |
| queries.search_types.rollup | true | Boolean | 是 | - |
| queries.search_types.type | pivot | String | 是 | - |
| queries.search_types.row_groups | - | Object | 是 | - |
| queries.search_types.row_groups.type | time | String | 是 | - |
| queries.search_types.row_groups.field | timestamp | String | 是 | - |
| queries.search_types.row_groups.interval | - | Object | 是 | - |
| queries.search_types.row_groups.interval.type | auto | String | 是 | - |
| queries.search_types.row_groups.interval.scaling | 1 | Integer | 是 | - |
| queries.search_types.column_groups | - | Object | 是 | - |
| queries.search_types.filter | null | Null | 是 | - |
| parameters | - | Object | 是 | - |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"id": "632d473883ac345b777826c3",
"queries": [
{
"id": "390e5b12-5d23-45da-817f-4151fa618cde",
"timerange": {
"type": "relative",
"from": 300
},
"filter": {
"type": "or",
"filters": [
{
"type": "stream",
"id": "62f6165c3e8f9b4314589b8b"
}
]
},
"query": {
"type": "elasticsearch",
"query_string": "env:dev AND level_name:INFO"
},
"search_types": [
{
"timerange": null,
"query": null,
"streams": [],
"id": "6e15503e-b21d-4152-acdc-eac03399f8c5",
"name": null,
"limit": 150,
"offset": 0,
"sort": [
{
"field": "timestamp",
"order": "DESC"
}
],
"decorators": [],
"type": "messages",
"filter": null
},
{
"timerange": null,
"query": null,
"streams": [],
"id": "aff8ddd5-a506-4cbd-903e-ad1b8d3a9b45",
"name": "chart",
"series": [
{
"type": "count",
"id": "count()",
"field": null
}
],
"sort": [],
"rollup": true,
"type": "pivot",
"row_groups": [
{
"type": "time",
"field": "timestamp",
"interval": {
"type": "auto",
"scaling": 1.0
}
}
],
"column_groups": [],
"filter": null
}
]
}
],
"parameters": [],
"requires": {},
"owner": "admin",
"created_at": "2022-09-23T05:42:16.209Z"
}
| 参数名 | 示例值 | 参数类型 | 参数描述 |
|---|---|---|---|
| id | 632d473883ac345b777826c3 | String | 搜索ID,用于检索消息 |
| queries | - | Object | |
| queries.id | 390e5b12-5d23-45da-817f-4151fa618cde | String | |
| queries.timerange | - | Object | 时间范围,有相对时间和绝对时间。后续封装api直接使用绝对时间即可 |
| queries.timerange.type | relative | String | relative absolute |
| queries.timerange.from | 300 | Integer | 选择absolute时,时间有form和to,都是字符串格式。 |
| queries.filter | - | Object | 指定stream,全局检索时为null即可 |
| queries.filter.type | or | String | |
| queries.filter.filters | - | Object | 可以为多个filter |
| queries.filter.filters.type | stream | String | |
| queries.filter.filters.id | 62f6165c3e8f9b4314589b8b | String | |
| queries.query | - | Object | 检索条件 |
| queries.query.type | elasticsearch | String | 固定值 |
| queries.query.query_string | env:dev AND level_name:INFO | String | |
| queries.search_types | - | Object | |
| queries.search_types.timerange | null | Null | |
| queries.search_types.query | null | Null | |
| queries.search_types.streams | - | Object | |
| queries.search_types.id | 6e15503e-b21d-4152-acdc-eac03399f8c5 | String | |
| queries.search_types.name | null | Null | |
| queries.search_types.limit | 150 | Integer | |
| queries.search_types.offset | 0 | Integer | |
| queries.search_types.sort | - | Object | |
| queries.search_types.sort.field | timestamp | String | |
| queries.search_types.sort.order | DESC | String | |
| queries.search_types.decorators | - | Object | |
| queries.search_types.type | messages | String | |
| queries.search_types.filter | null | Null | |
| parameters | - | Object | |
| requires | - | Object | |
| owner | admin | String | |
| created_at | 2022-09-23T05:42:16.209Z | String |
/graylog/Streams
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/Streams/01 获取所有的Streams
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams
请求方式
GET
Content-Type
json
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"total": 6,
"streams": [
{
"id": "62f6165c3e8f9b4314589b8b",
"creator_user_id": "admin",
"outputs": [],
"matching_type": "AND",
"description": "运维开发环境Stream",
"created_at": "2022-08-12T08:59:08.477Z",
"disabled": false,
"rules": [
{
"field": "env",
"stream_id": "62f6165c3e8f9b4314589b8b",
"description": "",
"id": "6311c8533673d47ac03b5ea5",
"type": 1,
"inverted": false,
"value": "dev"
},
{
"field": "app_name",
"stream_id": "62f6165c3e8f9b4314589b8b",
"description": "",
"id": "6311c8643673d47ac03b5ebd",
"type": 1,
"inverted": false,
"value": "gdmp"
}
],
"alert_conditions": [],
"alert_receivers": {
"emails": [],
"users": []
},
"title": "gdmp_dev",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "6305e74923481c2cd7551bfa",
"is_editable": true,
"is_default": false
},
{
"id": "000000000000000000000001",
"creator_user_id": "local:admin",
"outputs": [],
"matching_type": "AND",
"description": "Stream containing all messages",
"created_at": "2022-08-05T06:50:59.889Z",
"disabled": false,
"rules": [],
"alert_conditions": [],
"alert_receivers": {
"emails": [],
"users": []
},
"title": "All messages",
"content_pack": null,
"remove_matches_from_default_stream": false,
"index_set_id": "62ecbdd39ec96a0baedb250e",
"is_editable": true,
"is_default": true
},
{
"id": "63154c2183ac345b775d3b0c",
"creator_user_id": "admin",
"outputs": [],
"matching_type": "AND",
"description": "运维测试环境Stream",
"created_at": "2022-09-05T01:08:49.513Z",
"disabled": false,
"rules": [
{
"field": "env",
"stream_id": "63154c2183ac345b775d3b0c",
"description": "",
"id": "6315aebe83ac345b775df447",
"type": 1,
"inverted": false,
"value": "test"
},
{
"field": "app_name",
"stream_id": "63154c2183ac345b775d3b0c",
"description": "",
"id": "6315af1583ac345b775df4bd",
"type": 1,
"inverted": false,
"value": "gdmp"
}
],
"alert_conditions": [],
"alert_receivers": {
"emails": [],
"users": []
},
"title": "gdmp_test",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "6305e74923481c2cd7551bfa",
"is_editable": true,
"is_default": false
},
{
"id": "000000000000000000000002",
"creator_user_id": "admin",
"outputs": [],
"matching_type": "AND",
"description": "Stream containing all events created by Graylog",
"created_at": "2022-08-05T06:51:03.060Z",
"disabled": false,
"rules": [],
"alert_conditions": [],
"alert_receivers": {
"emails": [],
"users": []
},
"title": "All events",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "62ecbdd79ec96a0baedb2595",
"is_editable": false,
"is_default": false
},
{
"id": "000000000000000000000003",
"creator_user_id": "admin",
"outputs": [],
"matching_type": "AND",
"description": "Stream containing all system events created by Graylog",
"created_at": "2022-08-05T06:51:03.067Z",
"disabled": false,
"rules": [],
"alert_conditions": [],
"alert_receivers": {
"emails": [],
"users": []
},
"title": "All system events",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "62ecbdd79ec96a0baedb2597",
"is_editable": false,
"is_default": false
},
{
"id": "62f615de3e8f9b4314589ad4",
"creator_user_id": "admin",
"outputs": [],
"matching_type": "AND",
"description": "运维本地环境Stream",
"created_at": "2022-08-12T08:57:02.629Z",
"disabled": false,
"rules": [
{
"field": "env",
"stream_id": "62f615de3e8f9b4314589ad4",
"description": "",
"id": "6311c78e3673d47ac03b5da9",
"type": 6,
"inverted": false,
"value": "local"
},
{
"field": "app_name",
"stream_id": "62f615de3e8f9b4314589ad4",
"description": "",
"id": "6311c7e53673d47ac03b5e19",
"type": 6,
"inverted": false,
"value": "gdmp"
}
],
"alert_conditions": [],
"alert_receivers": {
"emails": [],
"users": []
},
"title": "gdmp_local",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "6305e74923481c2cd7551bfa",
"is_editable": true,
"is_default": false
}
]
}
/graylog/Streams/02 获取单个的Stream
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/:id
请求方式
GET
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| id | 62f615de3e8f9b4314589ad4 | streamID |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"id": "62f615de3e8f9b4314589ad4",
"creator_user_id": "admin",
"outputs": [],
"matching_type": "AND",
"description": "运维本地环境Stream",
"created_at": "2022-08-12T08:57:02.629Z",
"disabled": false,
"rules": [
{
"field": "env",
"stream_id": "62f615de3e8f9b4314589ad4",
"description": "",
"id": "6311c78e3673d47ac03b5da9",
"type": 6,
"inverted": false,
"value": "local"
},
{
"field": "app_name",
"stream_id": "62f615de3e8f9b4314589ad4",
"description": "",
"id": "6311c7e53673d47ac03b5e19",
"type": 6,
"inverted": false,
"value": "gdmp"
}
],
"alert_conditions": [],
"alert_receivers": {
"emails": [],
"users": []
},
"title": "gdmp_local",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "6305e74923481c2cd7551bfa",
"is_editable": true,
"is_default": false
}
/graylog/Streams/03 分页获取
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/paginated?page=1&per_page=50&sort=title&order=asc
请求方式
GET
Content-Type
json
请求Query参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| page | 1 | String | 是 | - |
| per_page | 50 | String | 是 | - |
| sort | title | String | 是 | - |
| order | asc | String | 是 | - |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"query": "",
"total": 6,
"sort": "title",
"order": "asc",
"streams": [
{
"id": "000000000000000000000002",
"creator_user_id": "admin",
"outputs": null,
"matching_type": "AND",
"description": "Stream containing all events created by Graylog",
"created_at": "Fri Aug 05 06:51:03 UTC 2022",
"rules": [],
"disabled": false,
"alert_conditions": null,
"alert_receivers": null,
"title": "All events",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "62ecbdd79ec96a0baedb2595",
"is_editable": false,
"is_default": false
},
{
"id": "000000000000000000000001",
"creator_user_id": "local:admin",
"outputs": null,
"matching_type": "AND",
"description": "Stream containing all messages",
"created_at": "Fri Aug 05 06:50:59 UTC 2022",
"rules": [],
"disabled": false,
"alert_conditions": null,
"alert_receivers": null,
"title": "All messages",
"content_pack": null,
"remove_matches_from_default_stream": false,
"index_set_id": "62ecbdd39ec96a0baedb250e",
"is_editable": true,
"is_default": true
},
{
"id": "000000000000000000000003",
"creator_user_id": "admin",
"outputs": null,
"matching_type": "AND",
"description": "Stream containing all system events created by Graylog",
"created_at": "Fri Aug 05 06:51:03 UTC 2022",
"rules": [],
"disabled": false,
"alert_conditions": null,
"alert_receivers": null,
"title": "All system events",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "62ecbdd79ec96a0baedb2597",
"is_editable": false,
"is_default": false
},
{
"id": "62f6165c3e8f9b4314589b8b",
"creator_user_id": "admin",
"outputs": null,
"matching_type": "AND",
"description": "运维开发环境Stream",
"created_at": "Fri Aug 12 08:59:08 UTC 2022",
"rules": [
{
"field": "env",
"stream_id": "62f6165c3e8f9b4314589b8b",
"description": "",
"id": "6311c8533673d47ac03b5ea5",
"type": 1,
"inverted": false,
"value": "dev"
},
{
"field": "app_name",
"stream_id": "62f6165c3e8f9b4314589b8b",
"description": "",
"id": "6311c8643673d47ac03b5ebd",
"type": 1,
"inverted": false,
"value": "gdmp"
}
],
"disabled": false,
"alert_conditions": null,
"alert_receivers": null,
"title": "gdmp_dev",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "6305e74923481c2cd7551bfa",
"is_editable": true,
"is_default": false
},
{
"id": "62f615de3e8f9b4314589ad4",
"creator_user_id": "admin",
"outputs": null,
"matching_type": "AND",
"description": "运维本地环境Stream",
"created_at": "Fri Aug 12 08:57:02 UTC 2022",
"rules": [
{
"field": "env",
"stream_id": "62f615de3e8f9b4314589ad4",
"description": "",
"id": "6311c78e3673d47ac03b5da9",
"type": 6,
"inverted": false,
"value": "local"
},
{
"field": "app_name",
"stream_id": "62f615de3e8f9b4314589ad4",
"description": "",
"id": "6311c7e53673d47ac03b5e19",
"type": 6,
"inverted": false,
"value": "gdmp"
}
],
"disabled": false,
"alert_conditions": null,
"alert_receivers": null,
"title": "gdmp_local",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "6305e74923481c2cd7551bfa",
"is_editable": true,
"is_default": false
},
{
"id": "63154c2183ac345b775d3b0c",
"creator_user_id": "admin",
"outputs": null,
"matching_type": "AND",
"description": "运维测试环境Stream",
"created_at": "Mon Sep 05 01:08:49 UTC 2022",
"rules": [
{
"field": "env",
"stream_id": "63154c2183ac345b775d3b0c",
"description": "",
"id": "6315aebe83ac345b775df447",
"type": 1,
"inverted": false,
"value": "test"
},
{
"field": "app_name",
"stream_id": "63154c2183ac345b775d3b0c",
"description": "",
"id": "6315af1583ac345b775df4bd",
"type": 1,
"inverted": false,
"value": "gdmp"
}
],
"disabled": false,
"alert_conditions": null,
"alert_receivers": null,
"title": "gdmp_test",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "6305e74923481c2cd7551bfa",
"is_editable": true,
"is_default": false
}
],
"pagination": {
"total": 6,
"count": 6,
"page": 1,
"per_page": 50
}
}
/graylog/Streams/04 获取启用的Stream
添加stream后,默认是停用状态
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/enabled
请求方式
GET
Content-Type
json
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"total": 6,
"streams": [
{
"id": "62f6165c3e8f9b4314589b8b",
"creator_user_id": "admin",
"outputs": [],
"matching_type": "AND",
"description": "运维开发环境Stream",
"created_at": "2022-08-12T08:59:08.477Z",
"disabled": false,
"rules": [
{
"field": "env",
"stream_id": "62f6165c3e8f9b4314589b8b",
"description": "",
"id": "6311c8533673d47ac03b5ea5",
"type": 1,
"inverted": false,
"value": "dev"
},
{
"field": "app_name",
"stream_id": "62f6165c3e8f9b4314589b8b",
"description": "",
"id": "6311c8643673d47ac03b5ebd",
"type": 1,
"inverted": false,
"value": "gdmp"
}
],
"alert_conditions": [],
"alert_receivers": {
"emails": [],
"users": []
},
"title": "gdmp_dev",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "6305e74923481c2cd7551bfa",
"is_editable": true,
"is_default": false
},
{
"id": "000000000000000000000001",
"creator_user_id": "local:admin",
"outputs": [],
"matching_type": "AND",
"description": "Stream containing all messages",
"created_at": "2022-08-05T06:50:59.889Z",
"disabled": false,
"rules": [],
"alert_conditions": [],
"alert_receivers": {
"emails": [],
"users": []
},
"title": "All messages",
"content_pack": null,
"remove_matches_from_default_stream": false,
"index_set_id": "62ecbdd39ec96a0baedb250e",
"is_editable": true,
"is_default": true
},
{
"id": "63154c2183ac345b775d3b0c",
"creator_user_id": "admin",
"outputs": [],
"matching_type": "AND",
"description": "运维测试环境Stream",
"created_at": "2022-09-05T01:08:49.513Z",
"disabled": false,
"rules": [
{
"field": "env",
"stream_id": "63154c2183ac345b775d3b0c",
"description": "",
"id": "6315aebe83ac345b775df447",
"type": 1,
"inverted": false,
"value": "test"
},
{
"field": "app_name",
"stream_id": "63154c2183ac345b775d3b0c",
"description": "",
"id": "6315af1583ac345b775df4bd",
"type": 1,
"inverted": false,
"value": "gdmp"
}
],
"alert_conditions": [],
"alert_receivers": {
"emails": [],
"users": []
},
"title": "gdmp_test",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "6305e74923481c2cd7551bfa",
"is_editable": true,
"is_default": false
},
{
"id": "000000000000000000000002",
"creator_user_id": "admin",
"outputs": [],
"matching_type": "AND",
"description": "Stream containing all events created by Graylog",
"created_at": "2022-08-05T06:51:03.060Z",
"disabled": false,
"rules": [],
"alert_conditions": [],
"alert_receivers": {
"emails": [],
"users": []
},
"title": "All events",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "62ecbdd79ec96a0baedb2595",
"is_editable": false,
"is_default": false
},
{
"id": "000000000000000000000003",
"creator_user_id": "admin",
"outputs": [],
"matching_type": "AND",
"description": "Stream containing all system events created by Graylog",
"created_at": "2022-08-05T06:51:03.067Z",
"disabled": false,
"rules": [],
"alert_conditions": [],
"alert_receivers": {
"emails": [],
"users": []
},
"title": "All system events",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "62ecbdd79ec96a0baedb2597",
"is_editable": false,
"is_default": false
},
{
"id": "62f615de3e8f9b4314589ad4",
"creator_user_id": "admin",
"outputs": [],
"matching_type": "AND",
"description": "运维本地环境Stream",
"created_at": "2022-08-12T08:57:02.629Z",
"disabled": false,
"rules": [
{
"field": "env",
"stream_id": "62f615de3e8f9b4314589ad4",
"description": "",
"id": "6311c78e3673d47ac03b5da9",
"type": 6,
"inverted": false,
"value": "local"
},
{
"field": "app_name",
"stream_id": "62f615de3e8f9b4314589ad4",
"description": "",
"id": "6311c7e53673d47ac03b5e19",
"type": 6,
"inverted": false,
"value": "gdmp"
}
],
"alert_conditions": [],
"alert_receivers": {
"emails": [],
"users": []
},
"title": "gdmp_local",
"content_pack": null,
"remove_matches_from_default_stream": true,
"index_set_id": "6305e74923481c2cd7551bfa",
"is_editable": true,
"is_default": false
}
]
}
/graylog/Streams/05 创建Stream
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams
请求方式
POST
Content-Type
json
请求Body参数
{
"index_set_id": "632aa5ea83ac345b77753f73",
"remove_matches_from_default_stream": true,
"matching_type": "AND",
"description": "描述信息",
"rules": [
{
"field": "env",
"description": "字段描述【env为环境】",
"inverted": false,
"type": 6,
"value": "pro"
},
{
"field": "app_name",
"description": "字段描述【app_name为应用服务名称】",
"inverted": false,
"type": 6,
"value": "gdmp"
}
],
"title": "stream测试555",
"content_pack": null
}
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| index_set_id | 632aa5ea83ac345b77753f73 | String | 是 | 索引ID |
| remove_matches_from_default_stream | true | Boolean | 是 | 取消默认匹配 |
| matching_type | AND | String | 是 | AND/OR。用于判断rules规则关系 |
| description | 描述信息 | String | 是 | 描述信息 |
| rules | - | Object | 是 | 规则,用于将inputs的数据分类 |
| rules.field | env | String | 是 | 字段编码 |
| rules.description | 字段描述【env为环境】 | String | 是 | 描述信息 |
| rules.inverted | false | Boolean | 是 | TODO 还不知道啥意思 |
| rules.type | integer | String | 是 | TODO 类型 不知道是啥意思 默认为6 |
| rules.value | string | String | 是 | 字段值 |
| title | stream名称 | String | 是 | 名称 |
| content_pack | string | String | 是 | TODO 不清楚干啥的 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"stream_id": "632ac7ea83ac345b7775653c"
}
/graylog/Streams/06 更新Stream
**注意:新增接口中的规则不能更新。**
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/:streamId
请求方式
PUT
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| streamId | 632ad29383ac345b7775714a | - |
请求Body参数
{
"index_set_id": "632aa5ea83ac345b77753f73",
"remove_matches_from_default_stream": true,
"matching_type": "AND",
"description": "描述信息444",
"title": "stream测试333"
}
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| index_set_id | 632aa5ea83ac345b77753f73 | String | 是 | 索引ID |
| remove_matches_from_default_stream | true | Boolean | 是 | 取消默认匹配,对应系统【Remove matches from ‘All messages’ stream】 |
| matching_type | AND | String | 是 | AND/OR。用于判断rules规则关系 |
| description | 描述信息444 | String | 是 | 描述信息 |
| title | stream测试333 | String | 是 | 名称 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
无返回数据
/graylog/Streams/07 删除Stream
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/:streamId
请求方式
DELETE
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| streamId | 632ad29383ac345b7775714a | streamID |
请求Body参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| index_set_id | 632aa5ea83ac345b77753f73 | String | 是 | 索引ID |
| remove_matches_from_default_stream | true | Boolean | 是 | 取消默认匹配,对应系统【Remove matches from ‘All messages’ stream】 |
| matching_type | AND | String | 是 | AND/OR。用于判断rules规则关系 |
| description | 描述信息444 | String | 是 | 描述信息 |
| title | stream测试333 | String | 是 | 名称 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
无返回数据
错误响应示例
"message"
"Stream <632acfca83ac345b77756e21> not found!"
/graylog/Streams/08 暂停Stream
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/:streamId/pause
请求方式
POST
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| streamId | 632ad35083ac345b77757225 | - |
请求Body参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| index_set_id | 632aa5ea83ac345b77753f73 | String | 是 | 索引ID |
| remove_matches_from_default_stream | true | Boolean | 是 | 取消默认匹配,对应系统【Remove matches from ‘All messages’ stream】 |
| matching_type | AND | String | 是 | AND/OR。用于判断rules规则关系 |
| description | 描述信息444 | String | 是 | 描述信息 |
| title | stream测试333 | String | 是 | 名称 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
无返回数据 返回状态码为204
错误响应示例
"message"
"Stream <632acfca83ac345b77756e21> not found!"
/graylog/Streams/09 启用Stream
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/:streamId/resume
请求方式
POST
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| streamId | 632ad35083ac345b77757225 | - |
请求Body参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| index_set_id | 632aa5ea83ac345b77753f73 | String | 是 | 索引ID |
| remove_matches_from_default_stream | true | Boolean | 是 | 取消默认匹配,对应系统【Remove matches from ‘All messages’ stream】 |
| matching_type | AND | String | 是 | AND/OR。用于判断rules规则关系 |
| description | 描述信息444 | String | 是 | 描述信息 |
| title | stream测试333 | String | 是 | 名称 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
无返回数据 返回状态码为204
错误响应示例
"message"
"Stream <632acfca83ac345b77756e21> not found!"
/graylog/Streams/10 测试规则匹配
该接口需要添加header
accept:application/json
`*/*` 不生效
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/:streamId/testMatch
请求方式
POST
Content-Type
json
请求Header参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| accept | application/json | String | 是 | - |
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| streamId | 62f6165c3e8f9b4314589b8b | - |
请求Body参数
{
"message": {
"gl2_accounted_message_size": 421,
"level": 6,
"gl2_remote_ip": "10.0.204.66",
"gl2_remote_port": 47682,
"streams": [
"62f6165c3e8f9b4314589b8b"
],
"gl2_message_id": "01GDFMR73G8CFQA1HJ2852Z2BP",
"source": "host-10-0-204-66",
"message": "The request path is: /actuator/prometheus",
"env": "dev",
"gl2_source_input": "62f0e00d88b7eb6e6a307295",
"app_name": "gdmp",
"level_name": "INFO",
"full_message": "2022-09-21 17:09:21,259 - [http-nio-18090-exec-5] INFO c.g.g.b.p.servlet.ArgResolverFilter - The request path is: /actuator/prometheus",
"thread_name": "http-nio-18090-exec-5",
"gl2_source_node": "28853558-3f94-401a-b67b-2b4d9c23d109",
"_id": "a0981700-398c-11ed-9b6d-0242ac140004",
"logger_name": "com.glodon.gboat3.base.plugin.servlet.ArgResolverFilter",
"timestamp": "2022-09-21T09:09:21.259Z"
}
}
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| message | - | Object | 是 | 消息内容,下边为具体的字段 |
| message.gl2_accounted_message_size | 421 | Integer | 是 | - |
| message.level | 6 | Integer | 是 | - |
| message.gl2_remote_ip | 10.0.204.66 | String | 是 | - |
| message.gl2_remote_port | 47682 | Integer | 是 | - |
| message.streams | 62f6165c3e8f9b4314589b8b | String | 是 | - |
| message.gl2_message_id | 01GDFMR73G8CFQA1HJ2852Z2BP | String | 是 | - |
| message.source | host-10-0-204-66 | String | 是 | - |
| message.message | The request path is: /actuator/prometheus | String | 是 | - |
| message.env | dev | String | 是 | - |
| message.gl2_source_input | 62f0e00d88b7eb6e6a307295 | String | 是 | - |
| message.app_name | gdmp | String | 是 | - |
| message.level_name | INFO | String | 是 | - |
| message.full_message | 2022-09-21 17:09:21,259 - [http-nio-18090-exec-5] INFO c.g.g.b.p.servlet.ArgResolverFilter - The request path is: /actuator/prometheus | String | 是 | - |
| message.thread_name | http-nio-18090-exec-5 | String | 是 | - |
| message.gl2_source_node | 28853558-3f94-401a-b67b-2b4d9c23d109 | String | 是 | - |
| message._id | a0981700-398c-11ed-9b6d-0242ac140004 | String | 是 | - |
| message.logger_name | com.glodon.gboat3.base.plugin.servlet.ArgResolverFilter | String | 是 | - |
| message.timestamp | 2022-09-21T09:09:21.259Z | String | 是 | - |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
无返回数据 返回状态码为204
错误响应示例
"message"
"Stream <632acfca83ac345b77756e21> not found!"
/graylog/Streams/StreamRule
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/Streams/StreamRule/01 获取规则 列表
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/:streamId/rules
请求方式
GET
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| streamId | 6371a9cd42828a77d760d0e9 | streamid |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"total": 1,
"stream_rules": [
{
"field": "app_name",
"stream_id": "6371a9cd42828a77d760d0e9",
"description": "",
"id": "6371ad2142828a77d760d502",
"type": 1,
"inverted": false,
"value": "example_glef_graylog"
}
]
}
/graylog/Streams/StreamRule/02 创建StreamRule
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/:streamId/rules
请求方式
POST
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| streamId | 6371a9cd42828a77d760d0e9 | streamId |
请求Body参数
{
"field": "environment",
"description": "环境",
"inverted": false,
"type": 6,
"value": "pre"
}
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"streamrule_id": "6375a8b242828a77d765906f"
}
/graylog/Streams/StreamRule/03 获取ruleTypes
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/:streamId/rules/types
请求方式
GET
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| streamId | 6371a9cd42828a77d760d0e9 | streamId |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
[
{
"id": 1,
"name": "EXACT",
"short_desc": "match exactly",
"long_desc": "match exactly"
},
{
"id": 2,
"name": "REGEX",
"short_desc": "match regular expression",
"long_desc": "match regular expression"
},
{
"id": 3,
"name": "GREATER",
"short_desc": "greater than",
"long_desc": "be greater than"
},
{
"id": 4,
"name": "SMALLER",
"short_desc": "smaller than",
"long_desc": "be smaller than"
},
{
"id": 5,
"name": "PRESENCE",
"short_desc": "field presence",
"long_desc": "be present"
},
{
"id": 6,
"name": "CONTAINS",
"short_desc": "contain",
"long_desc": "contain"
},
{
"id": 7,
"name": "ALWAYS_MATCH",
"short_desc": "always match",
"long_desc": "always match"
},
{
"id": 8,
"name": "MATCH_INPUT",
"short_desc": "match input",
"long_desc": "match input"
}
]
/graylog/Streams/StreamRule/04 获取Stream的单个规则
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/:streamId/rules/:streamRuleId
请求方式
GET
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| streamId | 6371a9cd42828a77d760d0e9 | streamid |
| streamRuleId | 63734bd542828a77d762c8de | streamRuleId |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"total": 1,
"stream_rules": [
{
"field": "app_name",
"stream_id": "6371a9cd42828a77d760d0e9",
"description": "",
"id": "6371ad2142828a77d760d502",
"type": 1,
"inverted": false,
"value": "example_glef_graylog"
}
]
}
错误响应示例
{
"type": "ApiError",
"message": "Couldn't find stream rule with ID6371a9cd42828a77d760d0e9"
}
/graylog/Streams/StreamRule/05 更新StreamRule
requestBody参数不能多,必须一致
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/:streamId/rules/:streamRuleId
请求方式
PUT
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| streamId | 6371a9cd42828a77d760d0e9 | streamId |
| streamRuleId | 637358ce42828a77d762d87e | - |
请求Body参数
{
"field": "environment",
"description": "环境fff",
"type": 6,
"inverted": false,
"value": "pre"
}
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| field | environment | String | 是 | - |
| description | 环境fff | String | 是 | - |
| type | 6 | Integer | 是 | - |
| inverted | false | Boolean | 是 | - |
| value | pre | String | 是 | - |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"streamrule_id": "637358ce42828a77d762d87e"
}
错误响应示例
{
"type": "ApiError",
"message": "Unable to map property stream_id.\nKnown properties include: value, type, description, inverted, field"
}
/graylog/Streams/StreamRule/06 删除StreamRule
requestBody参数不能多,必须一致
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/:streamId/rules/:streamRuleId
请求方式
DELETE
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| streamId | 6371a9cd42828a77d760d0e9 | streamId |
| streamRuleId | 637358ce42828a77d762d87e | - |
请求Body参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| field | environment | String | 是 | - |
| description | 环境fff | String | 是 | - |
| type | 6 | Integer | 是 | - |
| inverted | false | Boolean | 是 | - |
| value | pre | String | 是 | - |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
错误响应示例
{
"type": "ApiError",
"message": "Unable to map property stream_id.\nKnown properties include: value, type, description, inverted, field"
}
/graylog/alerts
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/01 获取Stream流的告警条件
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/streams/:streamId/alerts/conditions
请求方式
GET
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| streamId | 62f6165c3e8f9b4314589b8b | streamId |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/events【事件】
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/events【事件】/01 查询时间定义
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/evnets/search
请求方式
GET
Content-Type
json
请求Body参数
{
"query": "",
"page": 1,
"per_page": 25,
"filter": {
"alerts": "only"
},
"timerange": {
"type": "relative",
"range": 3600
}
}
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/新建接口
暂无描述
接口状态
开发中
接口URL
http://10.0.107.158:29000/api/events/search
请求方式
POST
Content-Type
json
请求Body参数
{
"page": 1,
"per_page": 25,
"timerange": {
"type": "relative",
"range": 36000
},
"query": "",
"filter": {
"alerts": "include",
"event_definitions": []
},
"sort_direction": "asc"
}
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/告警规则
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/告警规则/新建告警规则
暂无描述
接口状态
开发中
接口URL
http://10.0.107.158:29000/api/events/definitions?schedule=true
请求方式
POST
Content-Type
json
请求Query参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| schedule | true | String | 是 | - |
请求Body参数
{
"title": "222",
"description": "",
"priority": 2,
"config": {
"query": "",
"query_parameters": [],
"streams": [],
"search_within_ms": 60000,
"execute_every_ms": 60000,
"group_by": [],
"series": [],
"conditions": {},
"type": "aggregation-v1"
},
"field_spec": {
"1": {
"data_type": "string",
"providers": [
{
"template": "${source.message}",
"type": "template-v1"
}
]
}
},
"key_spec": [
"1"
],
"notification_settings": {
"grace_period_ms": 0,
"backlog_size": null
},
"notifications": [
{
"notification_id": "6316ab7a83ac345b775f38e0"
}
],
"alert": true
}
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/告警规则/编辑告警规则
暂无描述
接口状态
开发中
接口URL
http://10.0.107.158:29000/api/events/definitions/6368b01de930a905f362e3ee?schedule=true
请求方式
PUT
Content-Type
json
请求Query参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| schedule | true | String | 是 | - |
请求Body参数
{
"id": "6368b01de930a905f362e3ee",
"title": "111",
"description": "范德萨发11",
"priority": 2,
"alert": true,
"config": {
"type": "aggregation-v1",
"query": "",
"query_parameters": [],
"streams": [],
"group_by": [],
"series": [],
"conditions": {
"expression": null
},
"search_within_ms": 60000,
"execute_every_ms": 60000
},
"field_spec": {
"1": {
"data_type": "string",
"providers": [
{
"type": "template-v1",
"template": "${source.message}",
"require_values": false
}
]
}
},
"key_spec": [
"1"
],
"notification_settings": {
"grace_period_ms": 0,
"backlog_size": 0
},
"notifications": [
{
"notification_id": "6316ab7a83ac345b775f38e0",
"notification_parameters": null
}
],
"storage": [
{
"type": "persist-to-streams-v1",
"streams": [
"000000000000000000000002"
]
}
]
}
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/告警规则/删除告警规则
暂无描述
接口状态
开发中
接口URL
http://10.0.107.158:29000/api/events/definitions/6368b081e930a905f362e646
请求方式
DELETE
Content-Type
json
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/告警规则/停用告警规则
暂无描述
接口状态
开发中
接口URL
http://10.0.107.158:29000/api/events/definitions/6368b01de930a905f362e3ee/unschedule
请求方式
PUT
Content-Type
json
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/告警规则/启用告警规则
暂无描述
接口状态
开发中
接口URL
http://10.0.107.158:29000/api/events/definitions/6368b01de930a905f362e3ee/schedule
请求方式
PUT
Content-Type
json
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/webhook
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/webhook/创建webhook
暂无描述
接口状态
开发中
接口URL
http://10.0.107.158:29000/api/events/notifications
请求方式
POST
Content-Type
json
请求Body参数
{
"title": "cc",
"description": "",
"config": {
"color": "#FF0000",
"webhook_url": "http://www.baidu.com",
"channel": "#channel",
"custom_message": "--- [Event Definition] ---------------------------\nTitle: ${event_definition_title}\nType: ${event_definition_type}\n--- [Event] --------------------------------------\nTimestamp: ${event.timestamp}\nMessage: ${event.message}\nSource: ${event.source}\nKey: ${event.key}\nPriority: ${event.priority}\nAlert: ${event.alert}\nTimestamp Processing: ${event.timestamp}\nTimerange Start: ${event.timerange_start}\nTimerange End: ${event.timerange_end}\nEvent Fields:\n${foreach event.fields field}\n${field.key}: ${field.value}\n${end}\n${if backlog}\n--- [Backlog] ------------------------------------\nLast messages accounting for this alert:\n${foreach backlog message}\n${message.timestamp} :: ${message.source} :: ${message.message}\n${message.message}\n${end}${end}\n",
"user_name": "Graylog",
"notify_channel": false,
"link_names": false,
"icon_url": "",
"icon_emoji": "",
"backlog_size": 0,
"type": "slack-notification-v1"
}
}
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/webhook/修改webhook
暂无描述
接口状态
开发中
接口URL
http://10.0.107.158:29000/api/events/notifications/6368dbcbe930a905f3639898
请求方式
PUT
Content-Type
json
请求Body参数
{
"id": "6368dbcbe930a905f3639898",
"title": "cc",
"description": "",
"config": {
"type": "slack-notification-v1",
"backlog_size": 0,
"color": "#FF0000",
"webhook_url": "http://www.baidu.com",
"channel": "#channel",
"custom_message": "--- [Event Definition] ---------------------------\nTitle: ${event_definition_title}\nType: ${event_definition_type}\n--- [Event] --------------------------------------\nTimestamp: ${event.timestamp}\nMessage: ${event.message}\nSource: ${event.source}\nKey: ${event.key}\nPriority: ${event.priority}\nAlert: ${event.alert}\nTimestamp Processing: ${event.timestamp}\nTimerange Start: ${event.timerange_start}\nTimerange End: ${event.timerange_end}\nEvent Fields:\n${foreach event.fields field}\n${field.key}: ${field.value}\n${end}\n${if backlog}\n--- [Backlog] ------------------------------------\nLast messages accounting for this alert:\n${foreach backlog message}\n${message.timestamp} :: ${message.source} :: ${message.message}\n${message.message}\n${end}${end}\n",
"user_name": "Graylog",
"notify_channel": false,
"link_names": false,
"icon_url": "",
"icon_emoji": ""
}
}
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/webhook/删除webhook
暂无描述
接口状态
开发中
接口URL
http://10.0.107.158:29000/api/events/notifications/6368dbcbe930a905f3639898
请求方式
DELETE
Content-Type
json
请求Body参数
{
"title": "cc",
"description": "",
"config": {
"color": "#FF0000",
"webhook_url": "http://www.baidu.com",
"channel": "#channel",
"custom_message": "--- [Event Definition] ---------------------------\nTitle: ${event_definition_title}\nType: ${event_definition_type}\n--- [Event] --------------------------------------\nTimestamp: ${event.timestamp}\nMessage: ${event.message}\nSource: ${event.source}\nKey: ${event.key}\nPriority: ${event.priority}\nAlert: ${event.alert}\nTimestamp Processing: ${event.timestamp}\nTimerange Start: ${event.timerange_start}\nTimerange End: ${event.timerange_end}\nEvent Fields:\n${foreach event.fields field}\n${field.key}: ${field.value}\n${end}\n${if backlog}\n--- [Backlog] ------------------------------------\nLast messages accounting for this alert:\n${foreach backlog message}\n${message.timestamp} :: ${message.source} :: ${message.message}\n${message.message}\n${end}${end}\n",
"user_name": "Graylog",
"notify_channel": false,
"link_names": false,
"icon_url": "",
"icon_emoji": "",
"backlog_size": 0,
"type": "slack-notification-v1"
}
}
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/alerts/webhook/测试webhook地址
暂无描述
接口状态
开发中
接口URL
http://10.0.107.158:29000/api/events/notifications/6368dc40e930a905f363992e/test
请求方式
POST
Content-Type
json
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/System
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/System/sidecars
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/System/sidecars/01 根据条件分页查询sidecars
http://10.0.107.158:29000/api/api-browser/global/index.html#!/Sidecar/sidecars_get_0
接口状态
开发中
接口URL
{{graylog}}/api/sidecars?page=1&per_page=50&query=75&sort=node_name&order=asc&only_active=false
请求方式
GET
Content-Type
json
请求Query参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| page | 1 | Text | 是 | 当前页 |
| per_page | 50 | Text | 是 | 每页大小 |
| query | 75 | Text | 是 | 查询条件 |
| sort | node_name | Text | 是 | 排序字段 |
| order | asc | Text | 是 | 排序方式 |
| only_active | false | Text | 是 | 只查询在线的 |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"query": "",
"total": 3,
"only_active": false,
"sort": "node_name",
"order": "asc",
"sidecars": [
{
"active": true,
"node_id": "067ba9da-5c56-4f8d-8d8d-7ab737b61706",
"node_name": "10.0.204.66",
"node_details": {
"operating_system": "Linux",
"ip": "10.0.204.66",
"metrics": {
"disks_75": [],
"cpu_idle": 93.12,
"load_1": 0.37
},
"log_file_list": null,
"status": {
"status": 0,
"message": "1 running / 0 stopped / 0 failing",
"collectors": [
{
"collector_id": "62ecbdd49ec96a0baedb2521",
"status": 0,
"message": "Running",
"verbose_message": ""
}
]
}
},
"assignments": [
{
"collector_id": "62ecbdd49ec96a0baedb2521",
"configuration_id": "630ca6bb23481c2cd761e684"
}
],
"last_seen": "2022-09-06T03:11:15.027Z",
"sidecar_version": "1.2.0",
"collectors": null
},
{
"active": true,
"node_id": "0b7c14a8-811f-413a-ab4e-001f35c6b4af",
"node_name": "192.168.124.107",
"node_details": {
"operating_system": "Windows",
"ip": "2.0.1.4",
"metrics": {
"disks_75": [],
"cpu_idle": 76.23,
"load_1": 0
},
"log_file_list": null,
"status": {
"status": 0,
"message": "1 running / 0 stopped / 0 failing",
"collectors": [
{
"collector_id": "62ecbdd59ec96a0baedb2527",
"status": 0,
"message": "Running",
"verbose_message": ""
}
]
}
},
"assignments": [
{
"collector_id": "62ecbdd59ec96a0baedb2527",
"configuration_id": "63083e2823481c2cd7594feb"
}
],
"last_seen": "2022-09-06T03:11:18.100Z",
"sidecar_version": "1.2.0",
"collectors": null
},
{
"active": true,
"node_id": "6a23892b-e8d9-42e8-8f74-0ef7cfe606e9",
"node_name": "192.168.124.75",
"node_details": {
"operating_system": "Windows",
"ip": "192.168.124.75",
"metrics": {
"disks_75": [
"C:\\ (78%)",
"D:\\ (83%)"
],
"cpu_idle": 91.29,
"load_1": 0
},
"log_file_list": null,
"status": {
"status": 0,
"message": "1 running / 0 stopped / 0 failing",
"collectors": [
{
"collector_id": "62ecbdd59ec96a0baedb2527",
"status": 0,
"message": "Running",
"verbose_message": ""
}
]
}
},
"assignments": [
{
"collector_id": "62ecbdd59ec96a0baedb2527",
"configuration_id": "63083e2823481c2cd7594feb"
}
],
"last_seen": "2022-09-06T03:10:42.977Z",
"sidecar_version": "1.2.0",
"collectors": null
}
],
"filters": null,
"pagination": {
"total": 3,
"count": 3,
"page": 1,
"per_page": 50
}
}
| 参数名 | 示例值 | 参数类型 | 参数描述 |
|---|---|---|---|
| query | - | Object | |
| total | 3 | Number | |
| only_active | - | - | |
| sort | node_name | String | |
| order | asc | String | |
| sidecars | - | Object | |
| sidecars.active | true | - | 状态,true为正常,false为异常 |
| sidecars.node_id | 067ba9da-5c56-4f8d-8d8d-7ab737b61706 | String | |
| sidecars.node_name | 10.0.204.66 | String | 节点名称 |
| sidecars.node_details | - | Object | |
| sidecars.node_details.operating_system | Linux | String | 系统类型 |
| sidecars.node_details.ip | 10.0.204.66 | String | ip地址 |
| sidecars.node_details.metrics | - | Object | |
| sidecars.node_details.metrics.disks_75 | {} | Object | |
| sidecars.node_details.metrics.cpu_idle | 93.12 | Number | |
| sidecars.node_details.metrics.load_1 | 0.37 | Number | |
| sidecars.node_details.log_file_list | - | Object | |
| sidecars.node_details.status | - | Object | |
| sidecars.node_details.status.status | - | Number | |
| sidecars.node_details.status.message | 1 running / 0 stopped / 0 failing | String | |
| sidecars.node_details.status.collectors | - | Object | |
| sidecars.node_details.status.collectors.collector_id | 62ecbdd49ec96a0baedb2521 | String | |
| sidecars.node_details.status.collectors.status | - | Number | |
| sidecars.node_details.status.collectors.message | Running | String | |
| sidecars.node_details.status.collectors.verbose_message | - | Object | |
| sidecars.assignments | - | Object | |
| sidecars.assignments.collector_id | 62ecbdd49ec96a0baedb2521 | String | |
| sidecars.assignments.configuration_id | 630ca6bb23481c2cd761e684 | String | |
| sidecars.last_seen | 2022-09-06T03:11:15.027Z | String | 最后检测时间 |
| sidecars.sidecar_version | 1.2.0 | String | sidecars版本 |
| sidecars.collectors | - | Object | |
| filters | - | Object | |
| pagination | - | Object | |
| pagination.total | 3 | Number | |
| pagination.count | 3 | Number | |
| pagination.page | 1 | Number | 分页页码,数字类型 |
| pagination.per_page | 50 | Number |
/graylog/System/sidecars/02 查询所有的sidecars
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/sidecars/all
请求方式
GET
Content-Type
json
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/System/sidecars/03 获取sidecar详情
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/sidecars/:node_id
请求方式
GET
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| node_id | 6a23892b-e8d9-42e8-8f74-0ef7cfe606e9 | 节点id |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/System/indices
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/System/indices/01 创建索引
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/system/indices/index_sets
请求方式
POST
Content-Type
json
请求Body参数
{
"title": "标题",
"description": "描述信息",
"index_prefix": "shensr",
"writable": true,
"can_be_default": true,
"shards": 4,
"replicas": 0,
"retention_strategy_class": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy",
"retention_strategy": {
"max_number_of_indices": 20,
"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig"
},
"rotation_strategy_class": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy",
"rotation_strategy": {
"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig",
},
"index_analyzer": "standard",
"index_optimization_max_num_segments": 1,
"index_optimization_disabled": false,
"field_type_refresh_interval": 5000,
"creation_date": "2022-09-21T05:52:43.063Z"
}
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| title | 标题 | String | 是 | 名称 |
| description | 描述信息 | String | 是 | 描述信息 |
| index_prefix | shensr | String | 是 | - |
| writable | true | Boolean | 是 | - |
| can_be_default | true | Boolean | 是 | - |
| shards | 4 | Integer | 是 | 分片 |
| replicas | 0 | Integer | 是 | 副本数 |
| retention_strategy_class | org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy | String | 是 | - |
| retention_strategy | - | Object | 是 | - |
| retention_strategy.max_number_of_indices | 20 | Integer | 是 | - |
| retention_strategy.type | org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig | String | 是 | - |
| rotation_strategy_class | org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy | String | 是 | - |
| rotation_strategy | - | Object | 是 | - |
| rotation_strategy.type | org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig | String | 是 | - |
| index_analyzer | standard | String | 是 | - |
| index_optimization_max_num_segments | 1 | Integer | 是 | - |
| index_optimization_disabled | false | Boolean | 是 | - |
| field_type_refresh_interval | 5000 | Integer | 是 | - |
| creation_date | 2022-09-21T05:52:43.063Z | String | 是 | - |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"id": "632aa9f083ac345b777543f4",
"title": "标题",
"description": "描述信息",
"can_be_default": true,
"index_prefix": "shensr",
"shards": 4,
"replicas": 0,
"rotation_strategy_class": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy",
"rotation_strategy": {
"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig",
"max_docs_per_index": 0
},
"retention_strategy_class": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy",
"retention_strategy": {
"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig",
"max_number_of_indices": 20
},
"creation_date": "2022-09-21T05:52:43.063Z",
"index_analyzer": "standard",
"index_optimization_max_num_segments": 1,
"index_optimization_disabled": false,
"field_type_refresh_interval": 5000,
"index_template_type": null,
"writable": true,
"default": false
}
| 参数名 | 示例值 | 参数类型 | 参数描述 |
|---|---|---|---|
| id | 632aa9f083ac345b777543f4 | String | 索引ID |
| title | 标题 | String | 名称 |
| description | 描述信息 | String | 描述信息 |
| can_be_default | true | Boolean | |
| index_prefix | shensr | String | |
| shards | 4 | Integer | 分片数 |
| replicas | 0 | Integer | 副本数 |
| rotation_strategy_class | org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy | String | |
| rotation_strategy | - | Object | |
| rotation_strategy.type | org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig | String | |
| rotation_strategy.max_docs_per_index | 0 | Integer | |
| retention_strategy_class | org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy | String | |
| retention_strategy | - | Object | |
| retention_strategy.type | org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig | String | |
| retention_strategy.max_number_of_indices | 20 | Integer | |
| creation_date | 2022-09-21T05:52:43.063Z | String | |
| index_analyzer | standard | String | |
| index_optimization_max_num_segments | 1 | Integer | |
| index_optimization_disabled | false | Boolean | |
| field_type_refresh_interval | 5000 | Integer | |
| index_template_type | null | Null | |
| writable | true | Boolean | |
| default | false | Boolean |
/graylog/System/indices/02 查询全部索引
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/system/indices/index_sets?skip=0&limit=0&stats=true
请求方式
GET
Content-Type
json
请求Query参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| skip | 0 | String | 是 | 当前页 为0 不分页 |
| limit | 0 | String | 是 | 每页条数为 0不分页 |
| stats | true | String | 是 | 是否包含索引统计数据 |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"total": 5,
"index_sets": [
{
"id": "6305e74923481c2cd7551bfa",
"title": "gdmp",
"description": "运维系统index,各个环境都存储在这个index中",
"can_be_default": true,
"index_prefix": "gdmp_pro",
"shards": 4,
"replicas": 0,
"rotation_strategy_class": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy",
"rotation_strategy": {
"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig",
"max_docs_per_index": 20000000
},
"retention_strategy_class": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy",
"retention_strategy": {
"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig",
"max_number_of_indices": 20
},
"creation_date": "2022-08-24T08:54:33.459Z",
"index_analyzer": "standard",
"index_optimization_max_num_segments": 1,
"index_optimization_disabled": false,
"field_type_refresh_interval": 5000,
"index_template_type": null,
"writable": true,
"default": false
}
],
"stats": {}
}
| 参数名 | 示例值 | 参数类型 | 参数描述 |
|---|---|---|---|
| total | 5 | Integer | |
| index_sets | - | Object | |
| index_sets.id | 6305e74923481c2cd7551bfa | String | |
| index_sets.title | gdmp | String | 名称 |
| index_sets.description | 运维系统index,各个环境都存储在这个index中 | String | 描述 |
| index_sets.can_be_default | true | Boolean | |
| index_sets.index_prefix | gdmp_pro | String | |
| index_sets.shards | 4 | Integer | |
| index_sets.replicas | 0 | Integer | |
| index_sets.rotation_strategy_class | org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy | String | |
| index_sets.rotation_strategy | - | Object | |
| index_sets.rotation_strategy.type | org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig | String | |
| index_sets.rotation_strategy.max_docs_per_index | 20000000 | Integer | |
| index_sets.retention_strategy_class | org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy | String | |
| index_sets.retention_strategy | - | Object | |
| index_sets.retention_strategy.type | org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig | String | |
| index_sets.retention_strategy.max_number_of_indices | 20 | Integer | |
| index_sets.creation_date | 2022-08-24T08:54:33.459Z | String | 创建时间 |
| index_sets.index_analyzer | standard | String | |
| index_sets.index_optimization_max_num_segments | 1 | Integer | |
| index_sets.index_optimization_disabled | false | Boolean | |
| index_sets.field_type_refresh_interval | 5000 | Integer | |
| index_sets.index_template_type | null | Null | |
| index_sets.writable | true | Boolean | |
| index_sets.default | false | Boolean | |
| stats | - | Object |
/graylog/System/indices/02 查询单个索引
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/system/indices/index_sets/:id
请求方式
GET
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| id | 6330077083ac345b777b43e0 | - |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"total": 5,
"index_sets": [
{
"id": "6305e74923481c2cd7551bfa",
"title": "gdmp",
"description": "运维系统index,各个环境都存储在这个index中",
"can_be_default": true,
"index_prefix": "gdmp_pro",
"shards": 4,
"replicas": 0,
"rotation_strategy_class": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy",
"rotation_strategy": {
"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig",
"max_docs_per_index": 20000000
},
"retention_strategy_class": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy",
"retention_strategy": {
"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig",
"max_number_of_indices": 20
},
"creation_date": "2022-08-24T08:54:33.459Z",
"index_analyzer": "standard",
"index_optimization_max_num_segments": 1,
"index_optimization_disabled": false,
"field_type_refresh_interval": 5000,
"index_template_type": null,
"writable": true,
"default": false
}
],
"stats": {}
}
| 参数名 | 示例值 | 参数类型 | 参数描述 |
|---|---|---|---|
| total | 5 | Integer | |
| index_sets | - | Object | |
| index_sets.id | 6305e74923481c2cd7551bfa | String | |
| index_sets.title | gdmp | String | 名称 |
| index_sets.description | 运维系统index,各个环境都存储在这个index中 | String | 描述 |
| index_sets.can_be_default | true | Boolean | |
| index_sets.index_prefix | gdmp_pro | String | |
| index_sets.shards | 4 | Integer | |
| index_sets.replicas | 0 | Integer | |
| index_sets.rotation_strategy_class | org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy | String | |
| index_sets.rotation_strategy | - | Object | |
| index_sets.rotation_strategy.type | org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig | String | |
| index_sets.rotation_strategy.max_docs_per_index | 20000000 | Integer | |
| index_sets.retention_strategy_class | org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy | String | |
| index_sets.retention_strategy | - | Object | |
| index_sets.retention_strategy.type | org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig | String | |
| index_sets.retention_strategy.max_number_of_indices | 20 | Integer | |
| index_sets.creation_date | 2022-08-24T08:54:33.459Z | String | 创建时间 |
| index_sets.index_analyzer | standard | String | |
| index_sets.index_optimization_max_num_segments | 1 | Integer | |
| index_sets.index_optimization_disabled | false | Boolean | |
| index_sets.field_type_refresh_interval | 5000 | Integer | |
| index_sets.index_template_type | null | Null | |
| index_sets.writable | true | Boolean | |
| index_sets.default | false | Boolean | |
| stats | - | Object |
/graylog/System/indices/03 获取索引状态【全部】
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/system/indices/index_sets/stats
请求方式
GET
Content-Type
json
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"indices": 7,
"documents": 15176148,
"size": 4962156468
}
| 参数名 | 示例值 | 参数类型 | 参数描述 |
|---|---|---|---|
| indices | 7 | Integer | 索引数量 |
| documents | 15176148 | Integer | 文档数量 |
| size | 4962156468 | Integer | 大小,单位为字节,转为为kb(千字节)需要除以1024 转为为GB (÷(102410241024))【http://www.qikula.com/images/9639139849.html】 |
/graylog/System/indices/04 删除索引
# delete请求。
restful形式的。
接口状态
开发中
接口URL
10.0.107.158:9000/api/system/indices/index_sets/:id?delete_indices=true
请求方式
DELETE
Content-Type
json
请求Query参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| delete_indices | true | String | 是 | 是否删除索引,删除es中的索引 |
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| id | 632aa9f083ac345b777543f4 | 索引ID |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/System/indices/05 获取索引状态【单个】
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/system/indices/index_sets/:id/stats
请求方式
GET
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| id | 6305e74923481c2cd7551bfa | 索引ID |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"indices": 1,
"documents": 2431560,
"size": 1258577622
}
| 参数名 | 示例值 | 参数类型 | 参数描述 |
|---|---|---|---|
| indices | 1 | Integer | 索引数量 |
| documents | 2431560 | Integer | 文档 |
| size | 1258577622 | Integer | 大小,单位为字节,转为为kb(千字节)需要除以1024 转为为GB (÷(102410241024))【http://www.qikula.com/images/9639139849.html】 |
/graylog/System/indices/06 更新索引
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/system/indices/index_sets/:id
请求方式
PUT
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| id | 632aa5ea83ac345b77753f73 | 索引ID |
请求Body参数
{
"id": "632aa5ea83ac345b77753f73",
"title": "test",
"description": "test",
"can_be_default": true,
"index_prefix": "test",
"shards": 4,
"replicas": 0,
"rotation_strategy_class": "org.graylog2.indexer.rotation.strategies.TimeBasedRotationStrategy",
"rotation_strategy": {
"type": "org.graylog2.indexer.rotation.strategies.TimeBasedRotationStrategyConfig",
"rotation_period": "P1D",
"max_rotation_period": null
},
"retention_strategy_class": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy",
"retention_strategy": {
"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig",
"max_number_of_indices": 20
},
"creation_date": "2022-09-21T05:52:43.063Z",
"index_analyzer": "standard",
"index_optimization_max_num_segments": 1,
"index_optimization_disabled": false,
"field_type_refresh_interval": 5000,
"index_template_type": null,
"writable": true,
"default": false
}
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/System/indices/retention【保留策略】
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/System/indices/retention【保留策略】/01 获取所有保留策略
/api/system/indices/retention/strategies/{strategy}
strategy:为type后数据,本质是一个全类名
接口状态
开发中
接口URL
10.0.107.158:9000/api/system/indices/retention/strategies
请求方式
GET
Content-Type
json
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"total": 3,
"strategies": [
{
"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy",
"default_config": {
"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig",
"max_number_of_indices": 20
},
"json_schema": {
"type": "object",
"id": "urn:jsonschema:org:graylog2:indexer:retention:strategies:DeletionRetentionStrategyConfig",
"properties": {
"max_number_of_indices": {
"type": "integer"
},
"type": {
"type": "string"
}
}
}
},
{
"type": "org.graylog2.indexer.retention.strategies.ClosingRetentionStrategy",
"default_config": {
"type": "org.graylog2.indexer.retention.strategies.ClosingRetentionStrategyConfig",
"max_number_of_indices": 20
},
"json_schema": {
"type": "object",
"id": "urn:jsonschema:org:graylog2:indexer:retention:strategies:ClosingRetentionStrategyConfig",
"properties": {
"max_number_of_indices": {
"type": "integer"
},
"type": {
"type": "string"
}
}
}
},
{
"type": "org.graylog2.indexer.retention.strategies.NoopRetentionStrategy",
"default_config": {
"type": "org.graylog2.indexer.retention.strategies.NoopRetentionStrategyConfig",
"max_number_of_indices": 2147483647
},
"json_schema": {
"type": "object",
"id": "urn:jsonschema:org:graylog2:indexer:retention:strategies:NoopRetentionStrategyConfig",
"properties": {
"max_number_of_indices": {
"type": "integer"
},
"type": {
"type": "string"
}
}
}
}
]
}
/graylog/System/indices/retention【保留策略】/02 获取具体的保留策略
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/system/indices/retention/strategies/:strategy
请求方式
GET
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| strategy | org.graylog2.indexer.retention.strategies.NoopRetentionStrategy | 策略名称,为type后的数据 |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"type": "org.graylog2.indexer.retention.strategies.NoopRetentionStrategy",
"default_config": {
"type": "org.graylog2.indexer.retention.strategies.NoopRetentionStrategyConfig",
"max_number_of_indices": 2147483647
},
"json_schema": {
"type": "object",
"id": "urn:jsonschema:org:graylog2:indexer:retention:strategies:NoopRetentionStrategyConfig",
"properties": {
"max_number_of_indices": {
"type": "integer"
},
"type": {
"type": "string"
}
}
}
}
/graylog/System/indices/rotation【轮换策略】
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/System/indices/rotation【轮换策略】/01 获取所有轮换策略
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/system/indices/rotation/strategies
请求方式
GET
Content-Type
json
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"total": 3,
"strategies": [
{
"type": "org.graylog2.indexer.rotation.strategies.SizeBasedRotationStrategy",
"default_config": {
"type": "org.graylog2.indexer.rotation.strategies.SizeBasedRotationStrategyConfig",
"max_size": 1073741824
},
"json_schema": {
"type": "object",
"id": "urn:jsonschema:org:graylog2:indexer:rotation:strategies:SizeBasedRotationStrategyConfig",
"properties": {
"max_size": {
"type": "integer"
},
"type": {
"type": "string"
}
}
}
},
{
"type": "org.graylog2.indexer.rotation.strategies.TimeBasedRotationStrategy",
"default_config": {
"type": "org.graylog2.indexer.rotation.strategies.TimeBasedRotationStrategyConfig",
"rotation_period": "P1D",
"max_rotation_period": null
},
"json_schema": {
"type": "object",
"id": "urn:jsonschema:org:graylog2:indexer:rotation:strategies:TimeBasedRotationStrategyConfig",
"properties": {
"type": {
"type": "string"
},
"rotation_period": {
"type": "string"
},
"max_rotation_period": {
"type": "string"
}
}
}
},
{
"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy",
"default_config": {
"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig",
"max_docs_per_index": 20000000
},
"json_schema": {
"type": "object",
"id": "urn:jsonschema:org:graylog2:indexer:rotation:strategies:MessageCountRotationStrategyConfig",
"properties": {
"max_docs_per_index": {
"type": "integer"
},
"type": {
"type": "string"
}
}
}
}
]
}
/graylog/System/indices/rotation【轮换策略】/02 查询具体的策略
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/system/indices/rotation/strategies/:strategy
请求方式
GET
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| strategy | org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy | 策略名 |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy",
"default_config": {
"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig",
"max_docs_per_index": 20000000
},
"json_schema": {
"type": "object",
"id": "urn:jsonschema:org:graylog2:indexer:rotation:strategies:MessageCountRotationStrategyConfig",
"properties": {
"max_docs_per_index": {
"type": "integer"
},
"type": {
"type": "string"
}
}
}
}
/graylog/System/inputs
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/System/inputs/01 获取所有inputs
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/system/inputs
请求方式
GET
Content-Type
json
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"inputs": [
{
"title": "Beat input",
"global": true,
"name": "Beats",
"content_pack": null,
"created_at": "2022-08-10T07:17:08.680Z",
"type": "org.graylog.plugins.beats.Beats2Input",
"creator_user_id": "admin",
"attributes": {
"recv_buffer_size": 1048576,
"tcp_keepalive": false,
"number_worker_threads": 8,
"tls_client_auth_cert_file": "",
"bind_address": "0.0.0.0",
"tls_cert_file": "",
"port": 5044,
"tls_key_file": "",
"tls_enable": false,
"tls_key_password": "",
"tls_client_auth": "disabled",
"override_source": null,
"no_beats_prefix": false
},
"static_fields": {},
"node": null,
"id": "62f35b7488b7eb6e6a33251b"
},
{
"title": "gdmp",
"global": true,
"name": "GELF UDP",
"content_pack": null,
"created_at": "2022-08-11T05:53:52.526Z",
"type": "org.graylog2.inputs.gelf.udp.GELFUDPInput",
"creator_user_id": "admin",
"attributes": {
"recv_buffer_size": 262144,
"port": 12201,
"number_worker_threads": 8,
"override_source": null,
"bind_address": "0.0.0.0",
"decompress_size_limit": 8388608
},
"static_fields": {},
"node": "d50de915-8cda-43ac-9b9b-46713990e00b",
"id": "62f0e00d88b7eb6e6a307295"
}
],
"total": 2
}
/graylog/input
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/input/新建接口
暂无描述
接口状态
开发中
接口URL
127.0.0.1:8080/api/graylog/input/index
请求方式
POST
Content-Type
json
请求Body参数
{
"title": "cwdchweduchwedihcwedncjwncweph",
"type": "Beat",
"configuration": {
"port": 5049,
"address": "0.0.0.111"
}
}
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/sidecar
暂无描述
Header参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Query参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
Body参数
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| 暂无参数 |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/sidecar/获取collector默认配置列表
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/sidecar/collectors
请求方式
GET
Content-Type
json
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"total": 6,
"collectors": [
{
"id": "636b175a1e21d174a6cf84df",
"name": "filebeat",
"service_type": "exec",
"node_operating_system": "linux",
"executable_path": "/usr/share/filebeat/bin/filebeat",
"execute_parameters": "-c %s",
"validation_parameters": "test config -c %s",
"default_template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\nmax_procs: 1 # 限制一个CPU核心,避免过多抢占业务资源\n\nfilebeat.inputs:\n- input_type: log\n paths:\n - /var/log/*.log # 日志路径,可以配置多个\n type: log\n # multiline为多行日志合并,Java类型日志需要配置,其他日志不能使用以下规则,含义:不是以时间开头的都追加到上一条日志后边\n multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}'\n multiline.negate: true\n multiline.match: after\n multiline.max_lines: 200 #单一多行匹配聚合的最大行数,超过定义行数后的行会被丢弃,默认500\n multiline.timeout: 2s # 超时时间后,即使还未匹配到下一个行日志(下一个多行事件),也将此次匹配的事件刷出 (默认5s)\n ignore_older: 1h # 忽略这个时间之前的文件(根据文件改变时间)\n fields: # 用于对日志进行分类处理,需要与运维系统中配置保持一致\n app_name: xxxx # 应用名称\n environment: pre #环境 pro pre\n log_type: Java # 日志类型 Java Nginx\noutput.logstash:\n hosts: [\"10.0.107.158:5044\"] # graylog服务端IP和端口,默认端口为5044\npath:\n data: /var/lib/graylog-sidecar/collectors/filebeat/data\n logs: /var/lib/graylog-sidecar/collectors/filebeat/log"
},
{
"id": "636b175a1e21d174a6cf84e0",
"name": "winlogbeat",
"service_type": "svc",
"node_operating_system": "windows",
"executable_path": "C:\\Program Files\\Graylog\\sidecar\\winlogbeat.exe",
"execute_parameters": "-c \"%s\"",
"validation_parameters": "test config -c \"%s\"",
"default_template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\n\noutput.logstash:\n hosts: [\"192.168.1.1:5044\"]\npath:\n data: C:\\Program Files\\Graylog\\sidecar\\cache\\winlogbeat\\data\n logs: C:\\Program Files\\Graylog\\sidecar\\logs\ntags:\n - windows\nwinlogbeat:\n event_logs:\n - name: Application\n - name: System\n - name: Security"
},
{
"id": "636b175a1e21d174a6cf84e1",
"name": "nxlog",
"service_type": "exec",
"node_operating_system": "linux",
"executable_path": "/usr/bin/nxlog",
"execute_parameters": "-f -c %s",
"validation_parameters": "-v -c %s",
"default_template": "define ROOT /usr/bin\n\n<Extension gelfExt>\n Module xm_gelf\n # Avoid truncation of the short_message field to 64 characters.\n ShortMessageLength 65536\n</Extension>\n\n<Extension syslogExt>\n Module xm_syslog\n</Extension>\n\nUser nxlog\nGroup nxlog\n\nModuledir /usr/lib/nxlog/modules\nCacheDir /var/spool/nxlog/data\nPidFile /var/run/nxlog/nxlog.pid\nLogFile /var/log/nxlog/nxlog.log\nLogLevel INFO\n\n\n<Input file>\n\tModule im_file\n\tFile '/var/log/*.log'\n\tPollInterval 1\n\tSavePos\tTrue\n\tReadFromLast True\n\tRecursive False\n\tRenameCheck False\n\tExec $FileName = file_name(); # Send file name with each message\n</Input>\n\n#<Input syslog-udp>\n#\tModule im_udp\n#\tHost 127.0.0.1\n#\tPort 514\n#\tExec parse_syslog_bsd();\n#</Input>\n\n<Output gelf>\n\tModule om_tcp\n\tHost 192.168.1.1\n\tPort 12201\n\tOutputType GELF_TCP\n\t<Exec>\n\t # These fields are needed for Graylog\n\t $gl2_source_collector = '${sidecar.nodeId}';\n\t $collector_node_id = '${sidecar.nodeName}';\n\t</Exec>\n</Output>\n\n\n<Route route-1>\n Path file => gelf\n</Route>\n#<Route route-2>\n# Path syslog-udp => gelf\n#</Route>\n\n\n"
},
{
"id": "636b175a1e21d174a6cf84e2",
"name": "nxlog",
"service_type": "svc",
"node_operating_system": "windows",
"executable_path": "C:\\Program Files (x86)\\nxlog\\nxlog.exe",
"execute_parameters": "-c \"%s\"",
"validation_parameters": "-v -f -c \"%s\"",
"default_template": "define ROOT C:\\Program Files (x86)\\nxlog\n\nModuledir %ROOT%\\modules\nCacheDir %ROOT%\\data\nPidfile %ROOT%\\data\\nxlog.pid\nSpoolDir %ROOT%\\data\nLogFile %ROOT%\\data\\nxlog.log\nLogLevel INFO\n\n<Extension logrotate>\n Module xm_fileop\n <Schedule>\n When @daily\n Exec file_cycle('%ROOT%\\data\\nxlog.log', 7);\n </Schedule>\n</Extension>\n\n\n<Extension gelfExt>\n Module xm_gelf\n # Avoid truncation of the short_message field to 64 characters.\n ShortMessageLength 65536\n</Extension>\n\n<Input eventlog>\n Module im_msvistalog\n PollInterval 1\n SavePos True\n ReadFromLast True\n \n #Channel System\n #<QueryXML>\n # <QueryList>\n # <Query Id='1'>\n # <Select Path='Security'>*[System/Level=4]</Select>\n # </Query>\n # </QueryList>\n #</QueryXML>\n</Input>\n\n\n<Input file>\n\tModule im_file\n\tFile 'C:\\Windows\\MyLogDir\\\\*.log'\n\tPollInterval 1\n\tSavePos\tTrue\n\tReadFromLast True\n\tRecursive False\n\tRenameCheck False\n\tExec $FileName = file_name(); # Send file name with each message\n</Input>\n\n\n<Output gelf>\n\tModule om_tcp\n\tHost 192.168.1.1\n\tPort 12201\n\tOutputType GELF_TCP\n\t<Exec>\n\t # These fields are needed for Graylog\n\t $gl2_source_collector = '${sidecar.nodeId}';\n\t $collector_node_id = '${sidecar.nodeName}';\n\t</Exec>\n</Output>\n\n\n<Route route-1>\n Path eventlog => gelf\n</Route>\n<Route route-2>\n Path file => gelf\n</Route>\n\n"
},
{
"id": "636b175a1e21d174a6cf84e3",
"name": "filebeat",
"service_type": "svc",
"node_operating_system": "windows",
"executable_path": "C:\\Program Files\\Graylog\\sidecar\\filebeat.exe",
"execute_parameters": "-c \"%s\"",
"validation_parameters": "test config -c \"%s\"",
"default_template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\nmax_procs: 1 # 限制一个CPU核心,避免过多抢占业务资源\n\ntags:\n - windows\nfilebeat.inputs:\n- type: log\n enabled: true\n # multiline为多行日志合并,Java类型日志需要配置,其他日志不能使用以下规则,含义:不是以时间开头的都追加到上一条日志后边\n multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}'\n multiline.negate: true # 不符合上述规则\n multiline.match: after # 追加在上条日志后边\n ignore_older: 24h # 忽略这个时间之前的文件(根据文件改变时间)\n fields: # 用于对日志进行分类处理,需要与运维系统中配置保持一致\n app_name: example_glef_graylog # 应用服务编码,保持唯一\n environment: pro # 环境 只支持生产和预生产 pro pre\n log_type: Java # 日志类型 Java Nginx\n paths:\n - C:\\logs\\*.log # 日志路径,可以配置多个\n\noutput.logstash:\n hosts: [\"10.0.107.158:5044\"] # graylog服务端IP和端口,默认端口为5044\npath:\n data: C:\\Program Files\\Graylog\\sidecar\\cache\\filebeat\\data\n logs: C:\\Program Files\\Graylog\\sidecar\\logs\n \n"
},
{
"id": "6391a39142828a77d791ab39",
"name": "filebeat222",
"service_type": "exec",
"node_operating_system": "linux",
"executable_path": "/usr/share/filebeat/bin/filebeat",
"execute_parameters": "-c %s",
"validation_parameters": "test config -c %s",
"default_template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\nmax_procs: 1 # 限制一个CPU核心,避免过多抢占业务资源\n\nfilebeat.inputs:\n- input_type: log\n paths:\n - /var/log/*.log # 日志路径,可以配置多个\n type: log\n # multiline为多行日志合并,Java类型日志需要配置,其他日志不能使用以下规则,含义:不是以时间开头的都追加到上一条日志后边\n multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}'\n multiline.negate: true\n multiline.match: after\n multiline.max_lines: 200 #单一多行匹配聚合的最大行数,超过定义行数后的行会被丢弃,默认500\n multiline.timeout: 2s # 超时时间后,即使还未匹配到下一个行日志(下一个多行事件),也将此次匹配的事件刷出 (默认5s)\n ignore_older: 1h # 忽略这个时间之前的文件(根据文件改变时间)\n fields: # 用于对日志进行分类处理,需要与运维系统中配置保持一致\n app_name: xxxx # 应用名称\n environment: pre #环境 pro pre\n log_type: Java # 日志类型 Java Nginx\noutput.logstash:\n hosts: [\"10.0.107.158:5044\"] # graylog服务端IP和端口,默认端口为5044\npath:\n data: /var/lib/graylog-sidecar/collectors/filebeat/data\n logs: /var/lib/graylog-sidecar/collectors/filebeat/log"
}
]
}
/graylog/sidecar/获取sidecar列表
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/sidecars?page=1&per_page=1&sort=node_name&order=asc&only_active=true
请求方式
GET
Content-Type
json
请求Query参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| page | 1 | String | 是 | - |
| per_page | 1 | String | 是 | - |
| sort | node_name | String | 是 | - |
| order | asc | String | 是 | - |
| only_active | true | String | 是 | - |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"query": "",
"total": 8,
"only_active": true,
"sort": "node_name",
"order": "asc",
"sidecars": [
{
"active": true,
"node_id": "decb8c0e-5411-4d47-8034-6f58ec4930af",
"node_name": "10.0.107.55",
"node_details": {
"operating_system": "Linux",
"ip": "10.0.107.55",
"metrics": {
"disks_75": [],
"cpu_idle": 98.63,
"load_1": 0.03
},
"log_file_list": null,
"status": {
"status": 0,
"message": "1 running / 0 stopped / 0 failing",
"collectors": [
{
"collector_id": "636b175a1e21d174a6cf84df",
"status": 0,
"message": "Running",
"verbose_message": ""
}
]
}
},
"assignments": [
{
"collector_id": "636b175a1e21d174a6cf84df",
"configuration_id": "636b346242828a77d7544808"
}
],
"last_seen": "2022-12-08T03:26:47.594Z",
"sidecar_version": "1.2.0",
"collectors": null
}
],
"filters": null,
"pagination": {
"total": 4,
"count": 1,
"page": 1,
"per_page": 1
}
}
/graylog/sidecar/获取配置列表列表
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/sidecar/configurations?query=&page=1&per_page=10
请求方式
GET
Content-Type
json
请求Query参数
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| query | - | String | 是 | - |
| page | 1 | String | 是 | - |
| per_page | 10 | String | 是 | 为0 不分页 |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"query": "",
"total": 8,
"only_active": true,
"sort": "node_name",
"order": "asc",
"sidecars": [
{
"active": true,
"node_id": "decb8c0e-5411-4d47-8034-6f58ec4930af",
"node_name": "10.0.107.55",
"node_details": {
"operating_system": "Linux",
"ip": "10.0.107.55",
"metrics": {
"disks_75": [],
"cpu_idle": 98.63,
"load_1": 0.03
},
"log_file_list": null,
"status": {
"status": 0,
"message": "1 running / 0 stopped / 0 failing",
"collectors": [
{
"collector_id": "636b175a1e21d174a6cf84df",
"status": 0,
"message": "Running",
"verbose_message": ""
}
]
}
},
"assignments": [
{
"collector_id": "636b175a1e21d174a6cf84df",
"configuration_id": "636b346242828a77d7544808"
}
],
"last_seen": "2022-12-08T03:26:47.594Z",
"sidecar_version": "1.2.0",
"collectors": null
}
],
"filters": null,
"pagination": {
"total": 4,
"count": 1,
"page": 1,
"per_page": 1
}
}
/graylog/sidecar/获取配置详情
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/sidecar/configurations/:configurationId
请求方式
GET
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| configurationId | 63788fab42828a77d769ffac | - |
请求Body参数
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
成功响应示例
{
"id": "63788fab42828a77d769ffac",
"collector_id": "636b175a1e21d174a6cf84df",
"name": "10.0.107.214",
"color": "#FFFFFF",
"template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\n\nfilebeat.inputs:\n- input_type: log\n paths:\n - /data/app/test-gdmp/gdmp-server/logs/*.log\n type: log\n multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}'\n multiline.negate: true\n multiline.match: after\n fields:\n app_name: gdmp_test\n environment: pre\n log_type: Java\noutput.logstash:\n hosts: [\"10.0.107.158:5044\"]\npath:\n data: /var/lib/graylog-sidecar/collectors/filebeat/data\n logs: /var/lib/graylog-sidecar/collectors/filebeat/log"
}
错误响应示例
{
"type": "ApiError",
"message": "invalid hexadecimal representation of an ObjectId: [63788fab42828fa77d769ffac]"
}
/graylog/sidecar/新增sidecar-configuration配置
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/sidecar/configurations
请求方式
POST
Content-Type
json
请求Body参数
{
"name": "rete",
"color": "#FFFFFF",
"collector_id": "636b175a1e21d174a6cf84df",
"template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\nmax_procs: 1 # 限制一个CPU核心,避免过多抢占业务资源\n\nfilebeat.inputs:\n- input_type: log\n paths:\n - /var/log/*.log # 日志路径,可以配置多个\n type: log\n # multiline为多行日志合并,Java类型日志需要配置,其他日志不能使用以下规则,含义:不是以时间开头的都追加到上一条日志后边\n multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}'\n multiline.negate: true\n multiline.match: after\n multiline.max_lines: 200 #单一多行匹配聚合的最大行数,超过定义行数后的行会被丢弃,默认500\n multiline.timeout: 2s # 超时时间后,即使还未匹配到下一个行日志(下一个多行事件),也将此次匹配的事件刷出 (默认5s)\n ignore_older: 1h # 忽略这个时间之前的文件(根据文件改变时间)\n fields: # 用于对日志进行分类处理,需要与运维系统中配置保持一致\n app_name: xxxx # 应用名称\n environment: pre #环境 pro pre\n log_type: Java # 日志类型 Java Nginx\noutput.logstash:\n hosts: [\"10.0.107.158:5044\"] # graylog服务端IP和端口,默认端口为5044\npath:\n data: /var/lib/graylog-sidecar/collectors/filebeat/data\n logs: /var/lib/graylog-sidecar/collectors/filebeat/log"
}
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| name | rete | String | 是 | 名称 |
| color | #FFFFFF | String | 是 | 颜色 |
| collector_id | 636b175a1e21d174a6cf84df | String | 是 | 收集器Id, |
| template | # Needed for Graylogfields_under_root: truefields.collector_node_id: ${sidecar.nodeName}fields.gl2_source_collector: ${sidecar.nodeId}max_procs: 1 # 限制一个CPU核心,避免过多抢占业务资源filebeat.inputs:- input_type: log paths: - /var/log/*.log # 日志路径,可以配置多个 type: log # multiline为多行日志合并,Java类型日志需要配置,其他日志不能使用以下规则,含义:不是以时间开头的都追加到上一条日志后边 multiline.pattern: ‘1{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}’ multiline.negate: true multiline.match: after multiline.max_lines: 200 #单一多行匹配聚合的最大行数,超过定义行数后的行会被丢弃,默认500 multiline.timeout: 2s # 超时时间后,即使还未匹配到下一个行日志(下一个多行事件),也将此次匹配的事件刷出 (默认5s) ignore_older: 1h # 忽略这个时间之前的文件(根据文件改变时间) fields: # 用于对日志进行分类处理,需要与运维系统中配置保持一致 app_name: xxxx # 应用名称 environment: pre #环境 pro pre log_type: Java # 日志类型 Java Nginxoutput.logstash: hosts: [“10.0.107.158:5044”] # graylog服务端IP和端口,默认端口为5044path: data: /var/lib/graylog-sidecar/collectors/filebeat/data logs: /var/lib/graylog-sidecar/collectors/filebeat/log | String | 是 | - |
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/sidecar/更新sidecar-cofiguration配置
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/sidecar/configurations/:sidecarId
请求方式
PUT
Content-Type
json
路径变量
| 参数名 | 示例值 | 参数描述 |
|---|---|---|
| sidecarId | 6391875642828a77d7918c9d | - |
请求Body参数
{
"id": "6391875642828a77d7918c9d",
"name": "testest",
"color": "#FFFFFF",
"collector_id": "636b175a1e21d174a6cf84df",
"template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\nmax_procs: 1 # 限制一个CPU核心,避免过多抢占业务资源\n\nfilebeat.inputs:\n- input_type: log\n paths:\n - /var/log/*.log # 日志路径,可以配置多个\n type: log\n # multiline为多行日志合并,Java类型日志需要配置,其他日志不能使用以下规则,含义:不是以时间开头的都追加到上一条日志后边\n multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}'\n multiline.negate: true\n multiline.match: after\n multiline.max_lines: 200 #单一多行匹配聚合的最大行数,超过定义行数后的行会被丢弃,默认500\n multiline.timeout: 2s # 超时时间后,即使还未匹配到下一个行日志(下一个多行事件),也将此次匹配的事件刷出 (默认5s)\n ignore_older: 1h # 忽略这个时间之前的文件(根据文件改变时间)\n fields: # 用于对日志进行分类处理,需要与运维系统中配置保持一致\n app_name: xxxx # 应用名称\n environment: pre #环境 pro pre\n log_type: Java # 日志类型 Java Nginx\noutput.logstash:\n hosts: [\"10.0.107.158:5044\"] # graylog服务端IP和端口,默认端口为5044\npath:\n data: /var/lib/graylog-sidecar/collectors/filebeat/data\n logs: /var/lib/graylog-sidecar/collectors/filebeat/log"
}
认证方式
noauth
预执行脚本
暂无预执行脚本
后执行脚本
暂无后执行脚本
/graylog/sidecar/下发配置、解除配置
暂无描述
接口状态
开发中
接口URL
10.0.107.158:9000/api/sidecars/configurations
请求方式
PUT
Content-Type
json
请求Body参数
{
"nodes": [
{
"node_id": "4b9d051d-edbd-4e08-aa5b-2e74da0c5076",
"assignments": [
{
"collector_id": "636b175a1e21d174a6cf84df",
"configuration_id": "6391875642828a77d7918c9d"
}
]
}
]
}
| 参数名 | 示例值 | 参数类型 | 是否必填 | 参数描述 |
|---|---|---|---|---|
| nodes | - | Array | 是 | - |
| nodes.node_id | 4b9d051d-edbd-4e08-aa5b-2e74da0c5076 | String | 是 | node_id |
| nodes.assignments | - | Object | 是 | - |
| nodes.assignments.collector_id | 636b175a1e21d174a6cf84df | String | 是 | 收集器Id,模板 |
| nodes.assignments.configuration_id | 6391875642828a77d7918c9d | String | 是 | 配置id |
0-9 ↩︎