Log Usage API
Navigation Notice: When the APM Integrated Experience is enabled, Loggly shares a common navigation and enhanced feature set with other integrated experience products. How you navigate Loggly and access its features may vary from these instructions.
The scripts are not supported under any SolarWinds support program or service. The scripts are provided AS IS without warranty of any kind. SolarWinds further disclaims all warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The risk arising out of the use or performance of the scripts and documentation stays with you. In no event shall SolarWinds or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the scripts or documentation.
The Log Usage API provides programmatic access to the log volume data visible in the Log Usage Dashboard. The Volume Metrics endpoint provides customers with information about how many events they have sent and how many bytes these events contained. It is possible to group and filter results by host and application. Host is a hostname or IP address of a customer machine that has sent the events to Loggly. Application corresponds to a syslog APPNAME. Customers must be authenticated by the API token or session to be able to retrieve the volume data.
The endpoint to get volume metrics is:
https://<SUBDOMAIN>.loggly.com/apiv2/volume-metrics
Substitute your subdomain name for <SUBDOMAIN>
.
Usage
Call the endpoint with one or more parameters to get the volume metrics.
Volume Metrics Endpoint Query Parameters | |||
from | required | string | Start time (in UTC) for the search. (See Time Ranges in Search.) |
until | required | string | End time (in UTC) for the search. (SeeTime Ranges in Search.) |
group_by | optional | list of strings | Dimensions to group by, defaults to empty list. Accepted values: "host", "app", "log_type", "tag" |
host | optional | list of strings | Results will only contain data from these hosts. |
app | optional | list of strings | Results will only contain data from these applications. |
measurement_types | optional | list of strings | Desired measurement types, defaults to all accepted values. Accepted values: "volume_bytes", "count" |
Possible HTTP Status Responses
- 200 - Data is retrieved successfully.
- 400 - Request is malformed.
- 404 - No data was found.
- 500 - Internal error (Volume Metrics server is down)
Example Volume Metrics requests
Retrieve event counts from the last hour for all hosts and apps:
apiv2/volume-metrics?measurement_types=count&from=-1h&until=now
Retrieve event bytes from the given time window for host 'customer_host':
apiv2/volume-metrics?measurement_types=count&from=2018-12-20T21%3A24%3A18.007Zh&until=2018-12-21T21%3A24%3A18.007Z&host=customer_host
Retrieve event counts from the given time window for all hosts and apps and group results by host and app:
apiv2/volume-metrics?measurement_types=count&from=-1h&until=now&group_by=host&group_by=app
Example response
The response is in JSON format and the timestamps are seconds from the UNIX epoch = 00:00:00 1st January 1970 UTC.
[
{
"count": 900000,
"startTimestamp": "1545298182",
"endTimestamp": "1545298183",
"host": "host1",
"app": "app1"
},
{
"count": 900000,
"startTimestamp": "1545298182",
"endTimestamp": "1545298183",
"host": "host1",
"app":"app3"
},
{
"count": 800000,
"startTimestamp": "1545298182",
"endTimestamp": "1545298183",
"host": "host2",
"app": "app2"
},
{
"count": 1200000,
"startTimestamp": "1545298183",
"endTimestamp": "1545298184",
"host": "host1",
"app": "app1"
},
{
"count": 1200000,
"startTimestamp": "1545298183",
"endTimestamp": "1545298184",
"host": "host1",
"app": "app3"
},
{
"count": 1400000,
"startTimestamp": "1545298183",
"endTimestamp": "1545298184",
"host": "host2",
"app": "app2"
}
]