Current view: XpoLog V5. Available: XpoLog V6 and XpoLog V7 (Latest)

Skip to end of metadata
Go to start of metadata

General

XpoLog exposes a URL based API to the users. The API includes links that can be used to perform common operations:

  1. Execute a remote query and retrieve the results in XML/CSV format
  2. Retrieve an existing Dashboard from XpoLog in PDF format 
  3. Enter into the XpoLog Search console with a query executed
  4. Enter XpoLog under a specific application, folder or log context

Security

In case security is activated in XpoLog (login is required) then using the URL based API will require passing user's credientials in order to login into the system prior to executing the API command.
It is required to pass the username and password in the URL to XpoLog in order to get the command executed.

Add to each link at the end: 
&autoLogin=true&username=[USER_NAME]&password=[PASSWORD]

[USER_NAME] = the user name which the API will use to login  
[PASSWORD] =  the password of the user name

URL that returns events from XpoLog Search in XML/CSV format

  1. http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/view/api/widgetAPI.jsp?widgetId=searchAPI&searchQuery=[see item 2]&fixedInterval=[see item 3]&startTimeFullStr=[see item 4]&endTimeFullStr=[see item 5]maxNumOfRecords=[see item 6]&resultFormat=[see item 7]
  2. searchQuery=a query as used in XpoSearch console
  3. fixedInteval=optional values are: last15Minutes, last30Minutes, last60Minutes, last3Hours, last12Hours, last24Hours, last7Days, last14Days, last1Months, last6Months, currentDay, previousDay, currentWeek, previousWeek, allData
    Optional; if fixedInteval is used then startTimeFullStr and endTimeFullStr should not be used.
  4. startTimeFullStr=the start time full string, formatted according to the XpoLog system format; default format is MM/dd/yyyy HH:mm:ss
  5. endTimeFullStr=the end time full string, formatted according to the XpoLog system format; default format is MM/dd/yyyy HH:mm:ss
  6. maxNumOfRecords=the maximal number of records to return in the result; if missing, the default value is taken from the widgets.logAPI.maxNumOfRecords XpoLog system property (default is 100 but may be modified)
  7. resultFormat=the format in which the result will be returned. Optional values xml/csv (case sensitive)

The following is the XML structure of the API execution response:

<APIResult>
<Status state="OK">
<Url>
[URL_TO_RESULT_FILE]
</Url>
<Message/>
</Status>
<Data>
</Data>
</APIResult>

 

Tag PathDescription
APIResultGeneral document root tag
StatusThe state of the API execution. Optional values OK/Fail
UrlExists only when the status is OK.
The URL to a file containing the API execution result.
MessageExists only when the status is Fail.
Data

Contains the API execution result.
Note: When the result format is CSV, the content of the <Data> tag will be wrapped with CDATA

 

Examples

(You need to change machine/port/logs names, ids / folder names, ids / application names, ids if used to be relevant to your environment)

  • Returns records matching the search query “error or fail* in logs that their names start with “log4j” in the specified time frame. Result is limited to maximum 1000 log records in csv format:

http://localhost:30303/logeye/view/api/widgetAPI.jsp?widgetId=searchAPI&searchQuery=error or fail* in log.log4j*&startTimeFullStr=01/01/2014 00:00:00&endTimeFullStr=02/02/2014 00:00:00&maxNumOfRecords=1000&resultFormat=csv


- Returns records matching the search query “error or exception in in all logs in the last 7 days’ time frame. Result is limited to maximum 1000 log records in xml format:

http://localhost:30303/logeye/view/api/widgetAPI.jsp?widgetId=searchAPI&searchQuery=error or exception&fixedInterval=last7Days&maxNumOfRecords=1000&resultFormat=xml


-
Returns the complex search query '* in app.Windows Event Logs | count | group by event' result in the last 7 days’ time frame. Result is limited to maximum 1000 entries in csv format. In this example the URL also contains a username and password (admin/admin) that will perform a login to XpoLog in order to be able to execute the search query:

http://localhost:30303/logeye/view/api/widgetAPI.jsp?widgetId=searchAPI&searchQuery=*%20in%20app.Windows%20Event%20Logs%20|%20count%20|%20group%20by%20event&fixedInterval=last7Days&maxNumOfRecords=1000&resultFormat=csv&autoLogin=true&username=admin&password=admin



URL that returns a Dashboards latest result in PDF format

  1. http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/view/api/dashboardAPI.jsp?action=export&viewName=[see item 2]
  2. viewName=a name of an existing Dashboard in XpoLog (case insensitive).


Examples

(You need to change machine/port/logs names, ids / folder names, ids / application names, ids if used to be relevant to your environment)

- Returns the Dashboard “Dashboard-1” in PDF format

http://localhost:30303/logeye/view/api/dashboardAPI.jsp?action=export&viewName=Dashboard-1

 

URL to open Search console on an executed search query

  1. http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/search/view/loadSearchModel.jsp?searchQuery=[see item 2]&fixedInterval=[see item 3]&startTimeFullStr=[see item 4]&endTimeFullStr=[see item 4]
  2. searchQuery=a query as used in XpoSearch console
  3. fixedInteval=optional values are: last15Minutes, last30Minutes, last60Minutes, last3Hours, last12Hours, last24Hours, last7Days, last14Days, last1Months, last6Months, currentDay, previousDay, currentWeek, previousWeek, allData
    Optional; if fixedInteval is used then startTimeFullStr and endTimeFullStr should not be used.
  4. startTimeFullStr=the start time full string, formatted according to the XpoLog system format; default format is MM/dd/yyyy HH:mm:ss 
    endTimeFullStr=the end time full string, formatted according to the XpoLog system format; default format is MM/dd/yyyy HH:mm:ss
    Optional; used only if fixedInteval is missing; if used, both values are mandatory.


Examples

(You need to change machine/port/logs names, ids / folder names, ids / application names, ids if used to be relevant to your environment)

- Presents Search console after execution of the search query “error” in the specified time frame:

http://localhost:30303/logeye/search/view/loadSearchModel.jsp?searchQuery=error&startTimeFullStr=01/01/2014 00:00:00&endTimeFullStr=02/02/2014 00:00:00


- Presents Search console after execution of the search query “error” in the specified time frame (last 7 days):

http://localhost:30303/logeye/search/view/loadSearchModel.jsp?searchQuery=error&fixedInterval=last7Days

 

URL to open a specific log in the Log Viewer

  1. http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/view/api/logViewAPI.jsp?logId=[see in item 2]&searchQuery=[see item 3]&logFilterName=[see item 4]&filterName=[see item 5]&filterId=[see item 6]&startTimeFullStr=[see item 7]&endTimeFullStr=[see item 8]&opdirect=[see item 9]&expandLogViewer=[see item 10]
  2. logId=one or more log ids, separated by comma (mandatory parameter)
  3. searchQuery=a term to filter the log by (similar syntax to XpoSearch)
  4. logFilterName=the name to be given to the filter defined in item c; if missing, the name of the filter will be ‘external filter’
  5. filterName=the name of an existing filter that should be activate on the log; used only if the searchQuery parameter is missing
  6. filterId=the id of an existing filter that should be activate on the log; used only if the searchQuery parameter is missing or if the filterName parameter is missing or does not match an existing filter’s name
  7. startTimeFullStr=the start time full string, formatted according to the XpoLog system format; default format is MM/dd/yyyy HH:mm:ss
  8. endTimeFullStr=the end time full string, formatted according to the XpoLog system format; default format is MM/dd/yyyy HH:mm:ss
  9. opdirect=start will display the first records of the result; last will display the last records. Default is start.
  10. expandLogViewer=true will present the log in the viewer without the folder and logs and the menu presented. Default is false.


* Contact XpoLog Support to find out how to retrieve applications/folders/logs/filters IDs.

Examples

(You need to change machine/port/logs names, ids / folder names, ids / application names, ids if used to be relevant to your environment)

- Enter the viewer on the log Application_1235558747694 filtered on records that contain ‘error or information’ (the name of the temporary filter is set to be testQuery):

http://localhost:30303/logeye/view/api/logViewAPI.jsp?logId=Application_1235558747694&searchQuery=error or information&logFilterName=testQuery 


- Enter the viewer on the log Application_1235558747694 with an existing filter named ‘error’ activated (the last matching events will be presented):

http://localhost:30303/logeye/view/api/logViewAPI.jsp?logId=Application_1235558747694&filterName=error&opdirect=last


- Enter the viewer on a merge of the logs Application_1235558747694 and Security_1235558747851 filtered on records in the specified time frame (the name of the filter is set to be testTimeFilter):

http://localhost:30303/logeye/view/api/logViewAPI.jsp?logId=Application_1235558747694,Security_1235558747851&logFilterName=testTimeFilter&startTimeFullStr=01/01/2014 00:00:00&endTimeFullStr=02/01/2014 00:00:00


- Enter the viewer on the log Application_1235558747694 with the filter ‘error’ activated but also filtered on records in the specified time frame (the name of the temporary filter is set to be testFilterAndTime and the last matching events will be presented). Log viewer will be expanded (the folders and logs tree and the top menus will not be presented):

http://localhost:30303/logeye/view/api/logViewAPI.jsp?logId=Application_1235558747694&logFilterName=testFilterAndTime&filterName=error&opdirect=last&startTimeFullStr=05/01/2012 00:00:00&endTimeFullStr=05/03/2012 00:00:00&expandLogViewer=true


URL to enter XpoLog under specific Folder(s) context

  1. http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/componentAction.jsp?selectedCompId=XpoLog&forward=root.jsp?folderId=[see item 2]&mainPage=view/mainView.jsp
  2. folderId=a comma separated list of folder ids (mandatory parameter)

* Contact XpoLog Support to find out how to retrieve applications/folders/logs/filters IDs.

Examples

(You need to change machine/port/logs names, ids / folder names, ids / application names, ids if used to be relevant to your environment)

- Enter into XpoLog directly to view the folder with ID 1271697039748 under the Folders and Logs tree:

http://localhost:30303/logeye/componentAction.jsp?selectedCompId=XpoLog&forward=root.jsp?folderId=1271697039748&mainPage=view/mainView.jsp


- Enter into XpoLog directly to view the folders with IDs 1271697039748 and 1227520005721 under the Folders and Logs tree:

http://localhost:30303/logeye/componentAction.jsp?selectedCompId=XpoLog&forward=root.jsp?folderId=1271697039748,1227520005721&mainPage=view/mainView.jsp 


URL to enter XpoLog under specific Application(s) context

  1. a)      http://[MACHINE_NAME]:[XPOLOG_PORT]/logeye/componentAction.jsp?selectedCompId=XpoLog&forward=root.jsp?applicationId=[see item 2]&mainPage=view/mainView.jsp

  2. applicationId=a comma separated list of application ids (if an empty application id is provided, it will reset any application context).

* Contact XpoLog Support to find out how to retrieve applications/folders/logs/filters IDs.

Examples

(You need to change machine/port/logs names, ids / folder names, ids / application names, ids if used to be relevant to your environment)

- Enter into XpoLog with under the application app1 context:

http://localhost:30303/logeye/componentAction.jsp?selectedCompId=XpoLog&forward=root.jsp?applicationId=app1&mainPage=view/mainView.jsp 


- Enter into XpoLog with under the applications app1,app2 context:

http://localhost:30303/logeye/componentAction.jsp?selectedCompId=XpoLog&forward=root.jsp?applicationId=app1,app2&mainPage=view/mainView.jsp

  • No labels