Graylog Rest API整理

2023-09-27 22:05:16

接口地址

安装graylog以后在System/Notes中查看API
集群版本查看Cluster Global API browser即可，单机版查看具体节点列表中的API browser

进入接口文档后，可直接调用调试

对接方式

📢注意：
接口文档也不一定清晰，这时可以直接在web接口查看对应的接口入参等信息。

接口文档

以下是开发过程中整理的接口文档，希望对大家有帮助

接口文档地址：https://console-docs.apipost.cn/preview/3f6d9ac605953486/ef00e23523434c94

/graylog

graylog api

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/Search

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/Search/Prometheus监控接口

暂无描述

接口状态

开发中

接口URL

http://10.9.24.23:9833/api/metrics/prometheus

请求方式

GET

Content-Type

none

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/Search/01 创建查询

暂无描述

接口状态

开发中

接口URL

127.0.0.1:29000/api/views/search

请求方式

POST

Content-Type

json

请求Body参数

{"queries": [{"query": {"type": "elasticsearch","query_string": "env:dev AND level_name:INFO"},"timerange": {"type": "relative","from": 300},"filter": {"type": "or","filters": [{"type": "stream","id": "62f6165c3e8f9b4314589b8b"}]},"search_types": [{"timerange": null,"query": null,"streams": [],"name": "chart","series": [{"type": "count","id": "count()","field": null}],"sort": [],"rollup": true,"type": "pivot","row_groups": [{"type": "time","field": "timestamp","interval": {"type": "auto","scaling": 1}}],"column_groups": [],"filter": null},{"timerange": null,"query": null,"streams": [],"name": null,"limit": 150,"offset": 0,"sort": [{"field": "timestamp","order": "DESC"}],"decorators": [],"type": "messages","filter": null}]}],"parameters": []
}

参数名	示例值	参数类型	是否必填	参数描述
queries	-	Object	是	-
queries.query	-	Object	是	检索条件
queries.query.type	elasticsearch	String	是	固定值
queries.query.query_string	env:dev AND level_name:INFO	String	是	-
queries.timerange	-	Object	是	时间范围，有相对时间和绝对时间。后续封装api直接使用绝对时间即可
queries.timerange.type	relative	String	是	relative absolute
queries.timerange.from	300	Integer	是	选择absolute时，时间有form和to，都是字符串格式。UTC时间格式
queries.filter	-	Object	是	指定stream，全局检索时为null即可
queries.filter.type	or	String	是	-
queries.filter.filters	-	Object	是	可以为多个filter
queries.filter.filters.type	stream	String	是	-
queries.filter.filters.id	62f6165c3e8f9b4314589b8b	String	是	-
queries.search_types	-	Object	是	-
queries.search_types.timerange	null	Null	是	-
queries.search_types.query	null	Null	是	-
queries.search_types.streams	-	Object	是	-
queries.search_types.name	chart	String	是	-
queries.search_types.series	-	Object	是	-
queries.search_types.series.type	count	String	是	-
queries.search_types.series.id	count()	String	是	-
queries.search_types.series.field	null	Null	是	-
queries.search_types.sort	-	Object	是	-
queries.search_types.rollup	true	Boolean	是	-
queries.search_types.type	pivot	String	是	-
queries.search_types.row_groups	-	Object	是	-
queries.search_types.row_groups.type	time	String	是	-
queries.search_types.row_groups.field	timestamp	String	是	-
queries.search_types.row_groups.interval	-	Object	是	-
queries.search_types.row_groups.interval.type	auto	String	是	-
queries.search_types.row_groups.interval.scaling	1	Integer	是	-
queries.search_types.column_groups	-	Object	是	-
queries.search_types.filter	null	Null	是	-
parameters	-	Object	是	-

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"id": "632d473883ac345b777826c3","queries": [{"id": "390e5b12-5d23-45da-817f-4151fa618cde","timerange": {"type": "relative","from": 300},"filter": {"type": "or","filters": [{"type": "stream","id": "62f6165c3e8f9b4314589b8b"}]},"query": {"type": "elasticsearch","query_string": "env:dev AND level_name:INFO"},"search_types": [{"timerange": null,"query": null,"streams": [],"id": "6e15503e-b21d-4152-acdc-eac03399f8c5","name": null,"limit": 150,"offset": 0,"sort": [{"field": "timestamp","order": "DESC"}],"decorators": [],"type": "messages","filter": null},{"timerange": null,"query": null,"streams": [],"id": "aff8ddd5-a506-4cbd-903e-ad1b8d3a9b45","name": "chart","series": [{"type": "count","id": "count()","field": null}],"sort": [],"rollup": true,"type": "pivot","row_groups": [{"type": "time","field": "timestamp","interval": {"type": "auto","scaling": 1.0}}],"column_groups": [],"filter": null}]}],"parameters": [],"requires": {},"owner": "admin","created_at": "2022-09-23T05:42:16.209Z"
}

参数名	示例值	参数类型	参数描述
id	632d473883ac345b777826c3	String	搜索ID，用于检索消息
queries	-	Object
queries.id	390e5b12-5d23-45da-817f-4151fa618cde	String
queries.timerange	-	Object	时间范围，有相对时间和绝对时间。后续封装api直接使用绝对时间即可
queries.timerange.type	relative	String	relative absolute
queries.timerange.from	300	Integer	选择absolute时，时间有form和to，都是字符串格式。
queries.filter	-	Object	指定stream，全局检索时为null即可
queries.filter.type	or	String
queries.filter.filters	-	Object	可以为多个filter
queries.filter.filters.type	stream	String
queries.filter.filters.id	62f6165c3e8f9b4314589b8b	String
queries.query	-	Object	检索条件
queries.query.type	elasticsearch	String	固定值
queries.query.query_string	env:dev AND level_name:INFO	String
queries.search_types	-	Object
queries.search_types.timerange	null	Null
queries.search_types.query	null	Null
queries.search_types.streams	-	Object
queries.search_types.id	6e15503e-b21d-4152-acdc-eac03399f8c5	String
queries.search_types.name	null	Null
queries.search_types.limit	150	Integer
queries.search_types.offset	0	Integer
queries.search_types.sort	-	Object
queries.search_types.sort.field	timestamp	String
queries.search_types.sort.order	DESC	String
queries.search_types.decorators	-	Object
queries.search_types.type	messages	String
queries.search_types.filter	null	Null
parameters	-	Object
requires	-	Object
owner	admin	String
created_at	2022-09-23T05:42:16.209Z	String

/graylog/Search/02 搜索日志

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/views/search/:queryId/execute

请求方式

GET

Content-Type

json

路径变量

参数名	示例值	参数描述
queryId	632d473883ac345b777826c3	创建查询时返回的ID

请求Body参数

{"parameter_bindings": {}
}

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/Search/03 查询构建的查询

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/views/search

请求方式

GET

Content-Type

json

请求Body参数

参数名	示例值	参数类型	是否必填	参数描述
queries	-	Object	是	-
queries.query	-	Object	是	检索条件
queries.query.type	elasticsearch	String	是	固定值
queries.query.query_string	env:dev AND level_name:INFO	String	是	-
queries.timerange	-	Object	是	时间范围，有相对时间和绝对时间。后续封装api直接使用绝对时间即可
queries.timerange.type	relative	String	是	relative absolute
queries.timerange.from	300	Integer	是	选择absolute时，时间有form和to，都是字符串格式。UTC时间格式
queries.filter	-	Object	是	指定stream，全局检索时为null即可
queries.filter.type	or	String	是	-
queries.filter.filters	-	Object	是	可以为多个filter
queries.filter.filters.type	stream	String	是	-
queries.filter.filters.id	62f6165c3e8f9b4314589b8b	String	是	-
queries.search_types	-	Object	是	-
queries.search_types.timerange	null	Null	是	-
queries.search_types.query	null	Null	是	-
queries.search_types.streams	-	Object	是	-
queries.search_types.name	chart	String	是	-
queries.search_types.series	-	Object	是	-
queries.search_types.series.type	count	String	是	-
queries.search_types.series.id	count()	String	是	-
queries.search_types.series.field	null	Null	是	-
queries.search_types.sort	-	Object	是	-
queries.search_types.rollup	true	Boolean	是	-
queries.search_types.type	pivot	String	是	-
queries.search_types.row_groups	-	Object	是	-
queries.search_types.row_groups.type	time	String	是	-
queries.search_types.row_groups.field	timestamp	String	是	-
queries.search_types.row_groups.interval	-	Object	是	-
queries.search_types.row_groups.interval.type	auto	String	是	-
queries.search_types.row_groups.interval.scaling	1	Integer	是	-
queries.search_types.column_groups	-	Object	是	-
queries.search_types.filter	null	Null	是	-
parameters	-	Object	是	-

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"id": "632d473883ac345b777826c3","queries": [{"id": "390e5b12-5d23-45da-817f-4151fa618cde","timerange": {"type": "relative","from": 300},"filter": {"type": "or","filters": [{"type": "stream","id": "62f6165c3e8f9b4314589b8b"}]},"query": {"type": "elasticsearch","query_string": "env:dev AND level_name:INFO"},"search_types": [{"timerange": null,"query": null,"streams": [],"id": "6e15503e-b21d-4152-acdc-eac03399f8c5","name": null,"limit": 150,"offset": 0,"sort": [{"field": "timestamp","order": "DESC"}],"decorators": [],"type": "messages","filter": null},{"timerange": null,"query": null,"streams": [],"id": "aff8ddd5-a506-4cbd-903e-ad1b8d3a9b45","name": "chart","series": [{"type": "count","id": "count()","field": null}],"sort": [],"rollup": true,"type": "pivot","row_groups": [{"type": "time","field": "timestamp","interval": {"type": "auto","scaling": 1.0}}],"column_groups": [],"filter": null}]}],"parameters": [],"requires": {},"owner": "admin","created_at": "2022-09-23T05:42:16.209Z"
}

参数名	示例值	参数类型	参数描述
id	632d473883ac345b777826c3	String	搜索ID，用于检索消息
queries	-	Object
queries.id	390e5b12-5d23-45da-817f-4151fa618cde	String
queries.timerange	-	Object	时间范围，有相对时间和绝对时间。后续封装api直接使用绝对时间即可
queries.timerange.type	relative	String	relative absolute
queries.timerange.from	300	Integer	选择absolute时，时间有form和to，都是字符串格式。
queries.filter	-	Object	指定stream，全局检索时为null即可
queries.filter.type	or	String
queries.filter.filters	-	Object	可以为多个filter
queries.filter.filters.type	stream	String
queries.filter.filters.id	62f6165c3e8f9b4314589b8b	String
queries.query	-	Object	检索条件
queries.query.type	elasticsearch	String	固定值
queries.query.query_string	env:dev AND level_name:INFO	String
queries.search_types	-	Object
queries.search_types.timerange	null	Null
queries.search_types.query	null	Null
queries.search_types.streams	-	Object
queries.search_types.id	6e15503e-b21d-4152-acdc-eac03399f8c5	String
queries.search_types.name	null	Null
queries.search_types.limit	150	Integer
queries.search_types.offset	0	Integer
queries.search_types.sort	-	Object
queries.search_types.sort.field	timestamp	String
queries.search_types.sort.order	DESC	String
queries.search_types.decorators	-	Object
queries.search_types.type	messages	String
queries.search_types.filter	null	Null
parameters	-	Object
requires	-	Object
owner	admin	String
created_at	2022-09-23T05:42:16.209Z	String

/graylog/Streams

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/Streams/01 获取所有的Streams

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams

请求方式

GET

Content-Type

json

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"total": 6,"streams": [{"id": "62f6165c3e8f9b4314589b8b","creator_user_id": "admin","outputs": [],"matching_type": "AND","description": "运维开发环境Stream","created_at": "2022-08-12T08:59:08.477Z","disabled": false,"rules": [{"field": "env","stream_id": "62f6165c3e8f9b4314589b8b","description": "","id": "6311c8533673d47ac03b5ea5","type": 1,"inverted": false,"value": "dev"},{"field": "app_name","stream_id": "62f6165c3e8f9b4314589b8b","description": "","id": "6311c8643673d47ac03b5ebd","type": 1,"inverted": false,"value": "gdmp"}],"alert_conditions": [],"alert_receivers": {"emails": [],"users": []},"title": "gdmp_dev","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "6305e74923481c2cd7551bfa","is_editable": true,"is_default": false},{"id": "000000000000000000000001","creator_user_id": "local:admin","outputs": [],"matching_type": "AND","description": "Stream containing all messages","created_at": "2022-08-05T06:50:59.889Z","disabled": false,"rules": [],"alert_conditions": [],"alert_receivers": {"emails": [],"users": []},"title": "All messages","content_pack": null,"remove_matches_from_default_stream": false,"index_set_id": "62ecbdd39ec96a0baedb250e","is_editable": true,"is_default": true},{"id": "63154c2183ac345b775d3b0c","creator_user_id": "admin","outputs": [],"matching_type": "AND","description": "运维测试环境Stream","created_at": "2022-09-05T01:08:49.513Z","disabled": false,"rules": [{"field": "env","stream_id": "63154c2183ac345b775d3b0c","description": "","id": "6315aebe83ac345b775df447","type": 1,"inverted": false,"value": "test"},{"field": "app_name","stream_id": "63154c2183ac345b775d3b0c","description": "","id": "6315af1583ac345b775df4bd","type": 1,"inverted": false,"value": "gdmp"}],"alert_conditions": [],"alert_receivers": {"emails": [],"users": []},"title": "gdmp_test","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "6305e74923481c2cd7551bfa","is_editable": true,"is_default": false},{"id": "000000000000000000000002","creator_user_id": "admin","outputs": [],"matching_type": "AND","description": "Stream containing all events created by Graylog","created_at": "2022-08-05T06:51:03.060Z","disabled": false,"rules": [],"alert_conditions": [],"alert_receivers": {"emails": [],"users": []},"title": "All events","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "62ecbdd79ec96a0baedb2595","is_editable": false,"is_default": false},{"id": "000000000000000000000003","creator_user_id": "admin","outputs": [],"matching_type": "AND","description": "Stream containing all system events created by Graylog","created_at": "2022-08-05T06:51:03.067Z","disabled": false,"rules": [],"alert_conditions": [],"alert_receivers": {"emails": [],"users": []},"title": "All system events","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "62ecbdd79ec96a0baedb2597","is_editable": false,"is_default": false},{"id": "62f615de3e8f9b4314589ad4","creator_user_id": "admin","outputs": [],"matching_type": "AND","description": "运维本地环境Stream","created_at": "2022-08-12T08:57:02.629Z","disabled": false,"rules": [{"field": "env","stream_id": "62f615de3e8f9b4314589ad4","description": "","id": "6311c78e3673d47ac03b5da9","type": 6,"inverted": false,"value": "local"},{"field": "app_name","stream_id": "62f615de3e8f9b4314589ad4","description": "","id": "6311c7e53673d47ac03b5e19","type": 6,"inverted": false,"value": "gdmp"}],"alert_conditions": [],"alert_receivers": {"emails": [],"users": []},"title": "gdmp_local","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "6305e74923481c2cd7551bfa","is_editable": true,"is_default": false}]
}

/graylog/Streams/02 获取单个的Stream

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/:id

请求方式

GET

Content-Type

json

路径变量

参数名	示例值	参数描述
id	62f615de3e8f9b4314589ad4	streamID

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"id": "62f615de3e8f9b4314589ad4","creator_user_id": "admin","outputs": [],"matching_type": "AND","description": "运维本地环境Stream","created_at": "2022-08-12T08:57:02.629Z","disabled": false,"rules": [{"field": "env","stream_id": "62f615de3e8f9b4314589ad4","description": "","id": "6311c78e3673d47ac03b5da9","type": 6,"inverted": false,"value": "local"},{"field": "app_name","stream_id": "62f615de3e8f9b4314589ad4","description": "","id": "6311c7e53673d47ac03b5e19","type": 6,"inverted": false,"value": "gdmp"}],"alert_conditions": [],"alert_receivers": {"emails": [],"users": []},"title": "gdmp_local","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "6305e74923481c2cd7551bfa","is_editable": true,"is_default": false
}

/graylog/Streams/03 分页获取

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/paginated?page=1&per_page=50&sort=title&order=asc

请求方式

GET

Content-Type

json

请求Query参数

参数名	示例值	参数类型	是否必填	参数描述
page	1	String	是	-
per_page	50	String	是	-
sort	title	String	是	-
order	asc	String	是	-

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"query": "","total": 6,"sort": "title","order": "asc","streams": [{"id": "000000000000000000000002","creator_user_id": "admin","outputs": null,"matching_type": "AND","description": "Stream containing all events created by Graylog","created_at": "Fri Aug 05 06:51:03 UTC 2022","rules": [],"disabled": false,"alert_conditions": null,"alert_receivers": null,"title": "All events","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "62ecbdd79ec96a0baedb2595","is_editable": false,"is_default": false},{"id": "000000000000000000000001","creator_user_id": "local:admin","outputs": null,"matching_type": "AND","description": "Stream containing all messages","created_at": "Fri Aug 05 06:50:59 UTC 2022","rules": [],"disabled": false,"alert_conditions": null,"alert_receivers": null,"title": "All messages","content_pack": null,"remove_matches_from_default_stream": false,"index_set_id": "62ecbdd39ec96a0baedb250e","is_editable": true,"is_default": true},{"id": "000000000000000000000003","creator_user_id": "admin","outputs": null,"matching_type": "AND","description": "Stream containing all system events created by Graylog","created_at": "Fri Aug 05 06:51:03 UTC 2022","rules": [],"disabled": false,"alert_conditions": null,"alert_receivers": null,"title": "All system events","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "62ecbdd79ec96a0baedb2597","is_editable": false,"is_default": false},{"id": "62f6165c3e8f9b4314589b8b","creator_user_id": "admin","outputs": null,"matching_type": "AND","description": "运维开发环境Stream","created_at": "Fri Aug 12 08:59:08 UTC 2022","rules": [{"field": "env","stream_id": "62f6165c3e8f9b4314589b8b","description": "","id": "6311c8533673d47ac03b5ea5","type": 1,"inverted": false,"value": "dev"},{"field": "app_name","stream_id": "62f6165c3e8f9b4314589b8b","description": "","id": "6311c8643673d47ac03b5ebd","type": 1,"inverted": false,"value": "gdmp"}],"disabled": false,"alert_conditions": null,"alert_receivers": null,"title": "gdmp_dev","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "6305e74923481c2cd7551bfa","is_editable": true,"is_default": false},{"id": "62f615de3e8f9b4314589ad4","creator_user_id": "admin","outputs": null,"matching_type": "AND","description": "运维本地环境Stream","created_at": "Fri Aug 12 08:57:02 UTC 2022","rules": [{"field": "env","stream_id": "62f615de3e8f9b4314589ad4","description": "","id": "6311c78e3673d47ac03b5da9","type": 6,"inverted": false,"value": "local"},{"field": "app_name","stream_id": "62f615de3e8f9b4314589ad4","description": "","id": "6311c7e53673d47ac03b5e19","type": 6,"inverted": false,"value": "gdmp"}],"disabled": false,"alert_conditions": null,"alert_receivers": null,"title": "gdmp_local","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "6305e74923481c2cd7551bfa","is_editable": true,"is_default": false},{"id": "63154c2183ac345b775d3b0c","creator_user_id": "admin","outputs": null,"matching_type": "AND","description": "运维测试环境Stream","created_at": "Mon Sep 05 01:08:49 UTC 2022","rules": [{"field": "env","stream_id": "63154c2183ac345b775d3b0c","description": "","id": "6315aebe83ac345b775df447","type": 1,"inverted": false,"value": "test"},{"field": "app_name","stream_id": "63154c2183ac345b775d3b0c","description": "","id": "6315af1583ac345b775df4bd","type": 1,"inverted": false,"value": "gdmp"}],"disabled": false,"alert_conditions": null,"alert_receivers": null,"title": "gdmp_test","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "6305e74923481c2cd7551bfa","is_editable": true,"is_default": false}],"pagination": {"total": 6,"count": 6,"page": 1,"per_page": 50}
}

/graylog/Streams/04 获取启用的Stream

添加stream后，默认是停用状态

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/enabled

请求方式

GET

Content-Type

json

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"total": 6,"streams": [{"id": "62f6165c3e8f9b4314589b8b","creator_user_id": "admin","outputs": [],"matching_type": "AND","description": "运维开发环境Stream","created_at": "2022-08-12T08:59:08.477Z","disabled": false,"rules": [{"field": "env","stream_id": "62f6165c3e8f9b4314589b8b","description": "","id": "6311c8533673d47ac03b5ea5","type": 1,"inverted": false,"value": "dev"},{"field": "app_name","stream_id": "62f6165c3e8f9b4314589b8b","description": "","id": "6311c8643673d47ac03b5ebd","type": 1,"inverted": false,"value": "gdmp"}],"alert_conditions": [],"alert_receivers": {"emails": [],"users": []},"title": "gdmp_dev","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "6305e74923481c2cd7551bfa","is_editable": true,"is_default": false},{"id": "000000000000000000000001","creator_user_id": "local:admin","outputs": [],"matching_type": "AND","description": "Stream containing all messages","created_at": "2022-08-05T06:50:59.889Z","disabled": false,"rules": [],"alert_conditions": [],"alert_receivers": {"emails": [],"users": []},"title": "All messages","content_pack": null,"remove_matches_from_default_stream": false,"index_set_id": "62ecbdd39ec96a0baedb250e","is_editable": true,"is_default": true},{"id": "63154c2183ac345b775d3b0c","creator_user_id": "admin","outputs": [],"matching_type": "AND","description": "运维测试环境Stream","created_at": "2022-09-05T01:08:49.513Z","disabled": false,"rules": [{"field": "env","stream_id": "63154c2183ac345b775d3b0c","description": "","id": "6315aebe83ac345b775df447","type": 1,"inverted": false,"value": "test"},{"field": "app_name","stream_id": "63154c2183ac345b775d3b0c","description": "","id": "6315af1583ac345b775df4bd","type": 1,"inverted": false,"value": "gdmp"}],"alert_conditions": [],"alert_receivers": {"emails": [],"users": []},"title": "gdmp_test","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "6305e74923481c2cd7551bfa","is_editable": true,"is_default": false},{"id": "000000000000000000000002","creator_user_id": "admin","outputs": [],"matching_type": "AND","description": "Stream containing all events created by Graylog","created_at": "2022-08-05T06:51:03.060Z","disabled": false,"rules": [],"alert_conditions": [],"alert_receivers": {"emails": [],"users": []},"title": "All events","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "62ecbdd79ec96a0baedb2595","is_editable": false,"is_default": false},{"id": "000000000000000000000003","creator_user_id": "admin","outputs": [],"matching_type": "AND","description": "Stream containing all system events created by Graylog","created_at": "2022-08-05T06:51:03.067Z","disabled": false,"rules": [],"alert_conditions": [],"alert_receivers": {"emails": [],"users": []},"title": "All system events","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "62ecbdd79ec96a0baedb2597","is_editable": false,"is_default": false},{"id": "62f615de3e8f9b4314589ad4","creator_user_id": "admin","outputs": [],"matching_type": "AND","description": "运维本地环境Stream","created_at": "2022-08-12T08:57:02.629Z","disabled": false,"rules": [{"field": "env","stream_id": "62f615de3e8f9b4314589ad4","description": "","id": "6311c78e3673d47ac03b5da9","type": 6,"inverted": false,"value": "local"},{"field": "app_name","stream_id": "62f615de3e8f9b4314589ad4","description": "","id": "6311c7e53673d47ac03b5e19","type": 6,"inverted": false,"value": "gdmp"}],"alert_conditions": [],"alert_receivers": {"emails": [],"users": []},"title": "gdmp_local","content_pack": null,"remove_matches_from_default_stream": true,"index_set_id": "6305e74923481c2cd7551bfa","is_editable": true,"is_default": false}]
}

/graylog/Streams/05 创建Stream

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams

请求方式

POST

Content-Type

json

请求Body参数

{"index_set_id": "632aa5ea83ac345b77753f73","remove_matches_from_default_stream": true,"matching_type": "AND","description": "描述信息","rules": [{"field": "env","description": "字段描述【env为环境】","inverted": false,"type": 6,"value": "pro"},{"field": "app_name","description": "字段描述【app_name为应用服务名称】","inverted": false,"type": 6,"value": "gdmp"}],"title": "stream测试555","content_pack": null
}

参数名	示例值	参数类型	是否必填	参数描述
index_set_id	632aa5ea83ac345b77753f73	String	是	索引ID
remove_matches_from_default_stream	true	Boolean	是	取消默认匹配
matching_type	AND	String	是	AND/OR。用于判断rules规则关系
description	描述信息	String	是	描述信息
rules	-	Object	是	规则，用于将inputs的数据分类
rules.field	env	String	是	字段编码
rules.description	字段描述【env为环境】	String	是	描述信息
rules.inverted	false	Boolean	是	TODO 还不知道啥意思
rules.type	integer	String	是	TODO 类型不知道是啥意思默认为6
rules.value	string	String	是	字段值
title	stream名称	String	是	名称
content_pack	string	String	是	TODO 不清楚干啥的

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"stream_id": "632ac7ea83ac345b7775653c"
}

/graylog/Streams/06 更新Stream

**注意：新增接口中的规则不能更新。**

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/:streamId

请求方式

PUT

Content-Type

json

路径变量

参数名	示例值	参数描述
streamId	632ad29383ac345b7775714a	-

请求Body参数

{"index_set_id": "632aa5ea83ac345b77753f73","remove_matches_from_default_stream": true,"matching_type": "AND","description": "描述信息444","title": "stream测试333"
}

参数名	示例值	参数类型	是否必填	参数描述
index_set_id	632aa5ea83ac345b77753f73	String	是	索引ID
remove_matches_from_default_stream	true	Boolean	是	取消默认匹配，对应系统【Remove matches from ‘All messages’ stream】
matching_type	AND	String	是	AND/OR。用于判断rules规则关系
description	描述信息444	String	是	描述信息
title	stream测试333	String	是	名称

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

无返回数据

/graylog/Streams/07 删除Stream

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/:streamId

请求方式

DELETE

Content-Type

json

路径变量

参数名	示例值	参数描述
streamId	632ad29383ac345b7775714a	streamID

请求Body参数

参数名	示例值	参数类型	是否必填	参数描述
index_set_id	632aa5ea83ac345b77753f73	String	是	索引ID
remove_matches_from_default_stream	true	Boolean	是	取消默认匹配，对应系统【Remove matches from ‘All messages’ stream】
matching_type	AND	String	是	AND/OR。用于判断rules规则关系
description	描述信息444	String	是	描述信息
title	stream测试333	String	是	名称

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

无返回数据

错误响应示例

"message"
"Stream <632acfca83ac345b77756e21> not found!"

/graylog/Streams/08 暂停Stream

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/:streamId/pause

请求方式

POST

Content-Type

json

路径变量

参数名	示例值	参数描述
streamId	632ad35083ac345b77757225	-

请求Body参数

参数名	示例值	参数类型	是否必填	参数描述
index_set_id	632aa5ea83ac345b77753f73	String	是	索引ID
remove_matches_from_default_stream	true	Boolean	是	取消默认匹配，对应系统【Remove matches from ‘All messages’ stream】
matching_type	AND	String	是	AND/OR。用于判断rules规则关系
description	描述信息444	String	是	描述信息
title	stream测试333	String	是	名称

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

无返回数据 返回状态码为204

错误响应示例

"message"
"Stream <632acfca83ac345b77756e21> not found!"

/graylog/Streams/09 启用Stream

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/:streamId/resume

请求方式

POST

Content-Type

json

路径变量

参数名	示例值	参数描述
streamId	632ad35083ac345b77757225	-

请求Body参数

参数名	示例值	参数类型	是否必填	参数描述
index_set_id	632aa5ea83ac345b77753f73	String	是	索引ID
remove_matches_from_default_stream	true	Boolean	是	取消默认匹配，对应系统【Remove matches from ‘All messages’ stream】
matching_type	AND	String	是	AND/OR。用于判断rules规则关系
description	描述信息444	String	是	描述信息
title	stream测试333	String	是	名称

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

无返回数据 返回状态码为204

错误响应示例

"message"
"Stream <632acfca83ac345b77756e21> not found!"

/graylog/Streams/10 测试规则匹配

该接口需要添加header 
accept:application/json`*/*` 不生效

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/:streamId/testMatch

请求方式

POST

Content-Type

json

请求Header参数

参数名	示例值	参数类型	是否必填	参数描述
accept	application/json	String	是	-

路径变量

参数名	示例值	参数描述
streamId	62f6165c3e8f9b4314589b8b	-

请求Body参数

{"message": {"gl2_accounted_message_size": 421,"level": 6,"gl2_remote_ip": "10.0.204.66","gl2_remote_port": 47682,"streams": ["62f6165c3e8f9b4314589b8b"],"gl2_message_id": "01GDFMR73G8CFQA1HJ2852Z2BP","source": "host-10-0-204-66","message": "The request path is： /actuator/prometheus","env": "dev","gl2_source_input": "62f0e00d88b7eb6e6a307295","app_name": "gdmp","level_name": "INFO","full_message": "2022-09-21 17:09:21,259 - [http-nio-18090-exec-5] INFO  c.g.g.b.p.servlet.ArgResolverFilter - The request path is： /actuator/prometheus","thread_name": "http-nio-18090-exec-5","gl2_source_node": "28853558-3f94-401a-b67b-2b4d9c23d109","_id": "a0981700-398c-11ed-9b6d-0242ac140004","logger_name": "com.glodon.gboat3.base.plugin.servlet.ArgResolverFilter","timestamp": "2022-09-21T09:09:21.259Z"}
}

参数名	示例值	参数类型	是否必填	参数描述
message	-	Object	是	消息内容，下边为具体的字段
message.gl2_accounted_message_size	421	Integer	是	-
message.level	6	Integer	是	-
message.gl2_remote_ip	10.0.204.66	String	是	-
message.gl2_remote_port	47682	Integer	是	-
message.streams	62f6165c3e8f9b4314589b8b	String	是	-
message.gl2_message_id	01GDFMR73G8CFQA1HJ2852Z2BP	String	是	-
message.source	host-10-0-204-66	String	是	-
message.message	The request path is： /actuator/prometheus	String	是	-
message.env	dev	String	是	-
message.gl2_source_input	62f0e00d88b7eb6e6a307295	String	是	-
message.app_name	gdmp	String	是	-
message.level_name	INFO	String	是	-
message.full_message	2022-09-21 17:09:21,259 - [http-nio-18090-exec-5] INFO c.g.g.b.p.servlet.ArgResolverFilter - The request path is： /actuator/prometheus	String	是	-
message.thread_name	http-nio-18090-exec-5	String	是	-
message.gl2_source_node	28853558-3f94-401a-b67b-2b4d9c23d109	String	是	-
message._id	a0981700-398c-11ed-9b6d-0242ac140004	String	是	-
message.logger_name	com.glodon.gboat3.base.plugin.servlet.ArgResolverFilter	String	是	-
message.timestamp	2022-09-21T09:09:21.259Z	String	是	-

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

无返回数据 返回状态码为204

错误响应示例

"message"
"Stream <632acfca83ac345b77756e21> not found!"

/graylog/Streams/StreamRule

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/Streams/StreamRule/01 获取规则列表

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/:streamId/rules

请求方式

GET

Content-Type

json

路径变量

参数名	示例值	参数描述
streamId	6371a9cd42828a77d760d0e9	streamid

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"total": 1,"stream_rules": [{"field": "app_name","stream_id": "6371a9cd42828a77d760d0e9","description": "","id": "6371ad2142828a77d760d502","type": 1,"inverted": false,"value": "example_glef_graylog"}]
}

/graylog/Streams/StreamRule/02 创建StreamRule

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/:streamId/rules

请求方式

POST

Content-Type

json

路径变量

参数名	示例值	参数描述
streamId	6371a9cd42828a77d760d0e9	streamId

请求Body参数

{"field": "environment","description": "环境","inverted": false,"type": 6,"value": "pre"
}

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"streamrule_id": "6375a8b242828a77d765906f"
}

/graylog/Streams/StreamRule/03 获取ruleTypes

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/:streamId/rules/types

请求方式

GET

Content-Type

json

路径变量

参数名	示例值	参数描述
streamId	6371a9cd42828a77d760d0e9	streamId

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

[{"id": 1,"name": "EXACT","short_desc": "match exactly","long_desc": "match exactly"},{"id": 2,"name": "REGEX","short_desc": "match regular expression","long_desc": "match regular expression"},{"id": 3,"name": "GREATER","short_desc": "greater than","long_desc": "be greater than"},{"id": 4,"name": "SMALLER","short_desc": "smaller than","long_desc": "be smaller than"},{"id": 5,"name": "PRESENCE","short_desc": "field presence","long_desc": "be present"},{"id": 6,"name": "CONTAINS","short_desc": "contain","long_desc": "contain"},{"id": 7,"name": "ALWAYS_MATCH","short_desc": "always match","long_desc": "always match"},{"id": 8,"name": "MATCH_INPUT","short_desc": "match input","long_desc": "match input"}
]

/graylog/Streams/StreamRule/04 获取Stream的单个规则

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/:streamId/rules/:streamRuleId

请求方式

GET

Content-Type

json

路径变量

参数名	示例值	参数描述
streamId	6371a9cd42828a77d760d0e9	streamid
streamRuleId	63734bd542828a77d762c8de	streamRuleId

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"total": 1,"stream_rules": [{"field": "app_name","stream_id": "6371a9cd42828a77d760d0e9","description": "","id": "6371ad2142828a77d760d502","type": 1,"inverted": false,"value": "example_glef_graylog"}]
}

错误响应示例

{"type": "ApiError","message": "Couldn't find stream rule with ID6371a9cd42828a77d760d0e9"
}

/graylog/Streams/StreamRule/05 更新StreamRule

requestBody参数不能多，必须一致

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/:streamId/rules/:streamRuleId

请求方式

PUT

Content-Type

json

路径变量

参数名	示例值	参数描述
streamId	6371a9cd42828a77d760d0e9	streamId
streamRuleId	637358ce42828a77d762d87e	-

请求Body参数

{"field": "environment","description": "环境fff","type": 6,"inverted": false,"value": "pre"
}

参数名	示例值	参数类型	是否必填	参数描述
field	environment	String	是	-
description	环境fff	String	是	-
type	6	Integer	是	-
inverted	false	Boolean	是	-
value	pre	String	是	-

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"streamrule_id": "637358ce42828a77d762d87e"
}

错误响应示例

{"type": "ApiError","message": "Unable to map property stream_id.\nKnown properties include: value, type, description, inverted, field"
}

/graylog/Streams/StreamRule/06 删除StreamRule

requestBody参数不能多，必须一致

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/:streamId/rules/:streamRuleId

请求方式

DELETE

Content-Type

json

路径变量

参数名	示例值	参数描述
streamId	6371a9cd42828a77d760d0e9	streamId
streamRuleId	637358ce42828a77d762d87e	-

请求Body参数

参数名	示例值	参数类型	是否必填	参数描述
field	environment	String	是	-
description	环境fff	String	是	-
type	6	Integer	是	-
inverted	false	Boolean	是	-
value	pre	String	是	-

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

错误响应示例

{"type": "ApiError","message": "Unable to map property stream_id.\nKnown properties include: value, type, description, inverted, field"
}

/graylog/alerts

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/01 获取Stream流的告警条件

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/streams/:streamId/alerts/conditions

请求方式

GET

Content-Type

json

路径变量

参数名	示例值	参数描述
streamId	62f6165c3e8f9b4314589b8b	streamId

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/events【事件】

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/events【事件】/01 查询时间定义

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/evnets/search

请求方式

GET

Content-Type

json

请求Body参数

{"query": "","page": 1,"per_page": 25,"filter": {"alerts": "only"},"timerange": {"type": "relative","range": 3600}
}

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/新建接口

暂无描述

接口状态

开发中

接口URL

http://10.0.107.158:29000/api/events/search

请求方式

POST

Content-Type

json

请求Body参数

{"page": 1,"per_page": 25,"timerange": {"type": "relative","range": 36000},"query": "","filter": {"alerts": "include","event_definitions": []},"sort_direction": "asc"
}

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/告警规则

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/告警规则/新建告警规则

暂无描述

接口状态

开发中

接口URL

http://10.0.107.158:29000/api/events/definitions?schedule=true

请求方式

POST

Content-Type

json

请求Query参数

参数名	示例值	参数类型	是否必填	参数描述
schedule	true	String	是	-

请求Body参数

{"title": "222","description": "","priority": 2,"config": {"query": "","query_parameters": [],"streams": [],"search_within_ms": 60000,"execute_every_ms": 60000,"group_by": [],"series": [],"conditions": {},"type": "aggregation-v1"},"field_spec": {"1": {"data_type": "string","providers": [{"template": "${source.message}","type": "template-v1"}]}},"key_spec": ["1"],"notification_settings": {"grace_period_ms": 0,"backlog_size": null},"notifications": [{"notification_id": "6316ab7a83ac345b775f38e0"}],"alert": true
}

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/告警规则/编辑告警规则

暂无描述

接口状态

开发中

接口URL

http://10.0.107.158:29000/api/events/definitions/6368b01de930a905f362e3ee?schedule=true

请求方式

PUT

Content-Type

json

请求Query参数

参数名	示例值	参数类型	是否必填	参数描述
schedule	true	String	是	-

请求Body参数

{"id": "6368b01de930a905f362e3ee","title": "111","description": "范德萨发11","priority": 2,"alert": true,"config": {"type": "aggregation-v1","query": "","query_parameters": [],"streams": [],"group_by": [],"series": [],"conditions": {"expression": null},"search_within_ms": 60000,"execute_every_ms": 60000},"field_spec": {"1": {"data_type": "string","providers": [{"type": "template-v1","template": "${source.message}","require_values": false}]}},"key_spec": ["1"],"notification_settings": {"grace_period_ms": 0,"backlog_size": 0},"notifications": [{"notification_id": "6316ab7a83ac345b775f38e0","notification_parameters": null}],"storage": [{"type": "persist-to-streams-v1","streams": ["000000000000000000000002"]}]
}

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/告警规则/删除告警规则

暂无描述

接口状态

开发中

接口URL

http://10.0.107.158:29000/api/events/definitions/6368b081e930a905f362e646

请求方式

DELETE

Content-Type

json

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/告警规则/停用告警规则

暂无描述

接口状态

开发中

接口URL

http://10.0.107.158:29000/api/events/definitions/6368b01de930a905f362e3ee/unschedule

请求方式

PUT

Content-Type

json

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/告警规则/启用告警规则

暂无描述

接口状态

开发中

接口URL

http://10.0.107.158:29000/api/events/definitions/6368b01de930a905f362e3ee/schedule

请求方式

PUT

Content-Type

json

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/webhook

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/webhook/创建webhook

暂无描述

接口状态

开发中

接口URL

http://10.0.107.158:29000/api/events/notifications

请求方式

POST

Content-Type

json

请求Body参数

{"title": "cc","description": "","config": {"color": "#FF0000","webhook_url": "http://www.baidu.com","channel": "#channel","custom_message": "--- [Event Definition] ---------------------------\nTitle:       ${event_definition_title}\nType:        ${event_definition_type}\n--- [Event] --------------------------------------\nTimestamp:            ${event.timestamp}\nMessage:              ${event.message}\nSource:               ${event.source}\nKey:                  ${event.key}\nPriority:             ${event.priority}\nAlert:                ${event.alert}\nTimestamp Processing: ${event.timestamp}\nTimerange Start:      ${event.timerange_start}\nTimerange End:        ${event.timerange_end}\nEvent Fields:\n${foreach event.fields field}\n${field.key}: ${field.value}\n${end}\n${if backlog}\n--- [Backlog] ------------------------------------\nLast messages accounting for this alert:\n${foreach backlog message}\n${message.timestamp}  ::  ${message.source}  ::  ${message.message}\n${message.message}\n${end}${end}\n","user_name": "Graylog","notify_channel": false,"link_names": false,"icon_url": "","icon_emoji": "","backlog_size": 0,"type": "slack-notification-v1"}
}

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/webhook/修改webhook

暂无描述

接口状态

开发中

接口URL

http://10.0.107.158:29000/api/events/notifications/6368dbcbe930a905f3639898

请求方式

PUT

Content-Type

json

请求Body参数

{"id": "6368dbcbe930a905f3639898","title": "cc","description": "","config": {"type": "slack-notification-v1","backlog_size": 0,"color": "#FF0000","webhook_url": "http://www.baidu.com","channel": "#channel","custom_message": "--- [Event Definition] ---------------------------\nTitle:       ${event_definition_title}\nType:        ${event_definition_type}\n--- [Event] --------------------------------------\nTimestamp:            ${event.timestamp}\nMessage:              ${event.message}\nSource:               ${event.source}\nKey:                  ${event.key}\nPriority:             ${event.priority}\nAlert:                ${event.alert}\nTimestamp Processing: ${event.timestamp}\nTimerange Start:      ${event.timerange_start}\nTimerange End:        ${event.timerange_end}\nEvent Fields:\n${foreach event.fields field}\n${field.key}: ${field.value}\n${end}\n${if backlog}\n--- [Backlog] ------------------------------------\nLast messages accounting for this alert:\n${foreach backlog message}\n${message.timestamp}  ::  ${message.source}  ::  ${message.message}\n${message.message}\n${end}${end}\n","user_name": "Graylog","notify_channel": false,"link_names": false,"icon_url": "","icon_emoji": ""}
}

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/webhook/删除webhook

暂无描述

接口状态

开发中

接口URL

http://10.0.107.158:29000/api/events/notifications/6368dbcbe930a905f3639898

请求方式

DELETE

Content-Type

json

请求Body参数

{"title": "cc","description": "","config": {"color": "#FF0000","webhook_url": "http://www.baidu.com","channel": "#channel","custom_message": "--- [Event Definition] ---------------------------\nTitle:       ${event_definition_title}\nType:        ${event_definition_type}\n--- [Event] --------------------------------------\nTimestamp:            ${event.timestamp}\nMessage:              ${event.message}\nSource:               ${event.source}\nKey:                  ${event.key}\nPriority:             ${event.priority}\nAlert:                ${event.alert}\nTimestamp Processing: ${event.timestamp}\nTimerange Start:      ${event.timerange_start}\nTimerange End:        ${event.timerange_end}\nEvent Fields:\n${foreach event.fields field}\n${field.key}: ${field.value}\n${end}\n${if backlog}\n--- [Backlog] ------------------------------------\nLast messages accounting for this alert:\n${foreach backlog message}\n${message.timestamp}  ::  ${message.source}  ::  ${message.message}\n${message.message}\n${end}${end}\n","user_name": "Graylog","notify_channel": false,"link_names": false,"icon_url": "","icon_emoji": "","backlog_size": 0,"type": "slack-notification-v1"}
}

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/alerts/webhook/测试webhook地址

暂无描述

接口状态

开发中

接口URL

http://10.0.107.158:29000/api/events/notifications/6368dc40e930a905f363992e/test

请求方式

POST

Content-Type

json

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/System

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/System/sidecars

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/System/sidecars/01 根据条件分页查询sidecars

http://10.0.107.158:29000/api/api-browser/global/index.html#!/Sidecar/sidecars_get_0

接口状态

开发中

接口URL

{{graylog}}/api/sidecars?page=1&per_page=50&query=75&sort=node_name&order=asc&only_active=false

请求方式

GET

Content-Type

json

请求Query参数

参数名	示例值	参数类型	是否必填	参数描述
page	1	Text	是	当前页
per_page	50	Text	是	每页大小
query	75	Text	是	查询条件
sort	node_name	Text	是	排序字段
order	asc	Text	是	排序方式
only_active	false	Text	是	只查询在线的

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"query": "","total": 3,"only_active": false,"sort": "node_name","order": "asc","sidecars": [{"active": true,"node_id": "067ba9da-5c56-4f8d-8d8d-7ab737b61706","node_name": "10.0.204.66","node_details": {"operating_system": "Linux","ip": "10.0.204.66","metrics": {"disks_75": [],"cpu_idle": 93.12,"load_1": 0.37},"log_file_list": null,"status": {"status": 0,"message": "1 running / 0 stopped / 0 failing","collectors": [{"collector_id": "62ecbdd49ec96a0baedb2521","status": 0,"message": "Running","verbose_message": ""}]}},"assignments": [{"collector_id": "62ecbdd49ec96a0baedb2521","configuration_id": "630ca6bb23481c2cd761e684"}],"last_seen": "2022-09-06T03:11:15.027Z","sidecar_version": "1.2.0","collectors": null},{"active": true,"node_id": "0b7c14a8-811f-413a-ab4e-001f35c6b4af","node_name": "192.168.124.107","node_details": {"operating_system": "Windows","ip": "2.0.1.4","metrics": {"disks_75": [],"cpu_idle": 76.23,"load_1": 0},"log_file_list": null,"status": {"status": 0,"message": "1 running / 0 stopped / 0 failing","collectors": [{"collector_id": "62ecbdd59ec96a0baedb2527","status": 0,"message": "Running","verbose_message": ""}]}},"assignments": [{"collector_id": "62ecbdd59ec96a0baedb2527","configuration_id": "63083e2823481c2cd7594feb"}],"last_seen": "2022-09-06T03:11:18.100Z","sidecar_version": "1.2.0","collectors": null},{"active": true,"node_id": "6a23892b-e8d9-42e8-8f74-0ef7cfe606e9","node_name": "192.168.124.75","node_details": {"operating_system": "Windows","ip": "192.168.124.75","metrics": {"disks_75": ["C:\\ (78%)","D:\\ (83%)"],"cpu_idle": 91.29,"load_1": 0},"log_file_list": null,"status": {"status": 0,"message": "1 running / 0 stopped / 0 failing","collectors": [{"collector_id": "62ecbdd59ec96a0baedb2527","status": 0,"message": "Running","verbose_message": ""}]}},"assignments": [{"collector_id": "62ecbdd59ec96a0baedb2527","configuration_id": "63083e2823481c2cd7594feb"}],"last_seen": "2022-09-06T03:10:42.977Z","sidecar_version": "1.2.0","collectors": null}],"filters": null,"pagination": {"total": 3,"count": 3,"page": 1,"per_page": 50}
}

参数名	示例值	参数类型	参数描述
query	-	Object
total	3	Number
only_active	-	-
sort	node_name	String
order	asc	String
sidecars	-	Object
sidecars.active	true	-	状态，true为正常，false为异常
sidecars.node_id	067ba9da-5c56-4f8d-8d8d-7ab737b61706	String
sidecars.node_name	10.0.204.66	String	节点名称
sidecars.node_details	-	Object
sidecars.node_details.operating_system	Linux	String	系统类型
sidecars.node_details.ip	10.0.204.66	String	ip地址
sidecars.node_details.metrics	-	Object
sidecars.node_details.metrics.disks_75	{}	Object
sidecars.node_details.metrics.cpu_idle	93.12	Number
sidecars.node_details.metrics.load_1	0.37	Number
sidecars.node_details.log_file_list	-	Object
sidecars.node_details.status	-	Object
sidecars.node_details.status.status	-	Number
sidecars.node_details.status.message	1 running / 0 stopped / 0 failing	String
sidecars.node_details.status.collectors	-	Object
sidecars.node_details.status.collectors.collector_id	62ecbdd49ec96a0baedb2521	String
sidecars.node_details.status.collectors.status	-	Number
sidecars.node_details.status.collectors.message	Running	String
sidecars.node_details.status.collectors.verbose_message	-	Object
sidecars.assignments	-	Object
sidecars.assignments.collector_id	62ecbdd49ec96a0baedb2521	String
sidecars.assignments.configuration_id	630ca6bb23481c2cd761e684	String
sidecars.last_seen	2022-09-06T03:11:15.027Z	String	最后检测时间
sidecars.sidecar_version	1.2.0	String	sidecars版本
sidecars.collectors	-	Object
filters	-	Object
pagination	-	Object
pagination.total	3	Number
pagination.count	3	Number
pagination.page	1	Number	分页页码，数字类型
pagination.per_page	50	Number

/graylog/System/sidecars/02 查询所有的sidecars

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/sidecars/all

请求方式

GET

Content-Type

json

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/System/sidecars/03 获取sidecar详情

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/sidecars/:node_id

请求方式

GET

Content-Type

json

路径变量

参数名	示例值	参数描述
node_id	6a23892b-e8d9-42e8-8f74-0ef7cfe606e9	节点id

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/System/indices

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/System/indices/01 创建索引

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/system/indices/index_sets

请求方式

POST

Content-Type

json

请求Body参数

{"title": "标题","description": "描述信息","index_prefix": "shensr","writable": true,"can_be_default": true,"shards": 4,"replicas": 0,"retention_strategy_class": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy","retention_strategy": {"max_number_of_indices": 20,"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig"},"rotation_strategy_class": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy","rotation_strategy": {"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig",},"index_analyzer": "standard","index_optimization_max_num_segments": 1,"index_optimization_disabled": false,"field_type_refresh_interval": 5000,"creation_date": "2022-09-21T05:52:43.063Z"}

参数名	示例值	参数类型	是否必填	参数描述
title	标题	String	是	名称
description	描述信息	String	是	描述信息
index_prefix	shensr	String	是	-
writable	true	Boolean	是	-
can_be_default	true	Boolean	是	-
shards	4	Integer	是	分片
replicas	0	Integer	是	副本数
retention_strategy_class	org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy	String	是	-
retention_strategy	-	Object	是	-
retention_strategy.max_number_of_indices	20	Integer	是	-
retention_strategy.type	org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig	String	是	-
rotation_strategy_class	org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy	String	是	-
rotation_strategy	-	Object	是	-
rotation_strategy.type	org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig	String	是	-
index_analyzer	standard	String	是	-
index_optimization_max_num_segments	1	Integer	是	-
index_optimization_disabled	false	Boolean	是	-
field_type_refresh_interval	5000	Integer	是	-
creation_date	2022-09-21T05:52:43.063Z	String	是	-

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"id": "632aa9f083ac345b777543f4","title": "标题","description": "描述信息","can_be_default": true,"index_prefix": "shensr","shards": 4,"replicas": 0,"rotation_strategy_class": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy","rotation_strategy": {"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig","max_docs_per_index": 0},"retention_strategy_class": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy","retention_strategy": {"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig","max_number_of_indices": 20},"creation_date": "2022-09-21T05:52:43.063Z","index_analyzer": "standard","index_optimization_max_num_segments": 1,"index_optimization_disabled": false,"field_type_refresh_interval": 5000,"index_template_type": null,"writable": true,"default": false
}

参数名	示例值	参数类型	参数描述
id	632aa9f083ac345b777543f4	String	索引ID
title	标题	String	名称
description	描述信息	String	描述信息
can_be_default	true	Boolean
index_prefix	shensr	String
shards	4	Integer	分片数
replicas	0	Integer	副本数
rotation_strategy_class	org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy	String
rotation_strategy	-	Object
rotation_strategy.type	org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig	String
rotation_strategy.max_docs_per_index	0	Integer
retention_strategy_class	org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy	String
retention_strategy	-	Object
retention_strategy.type	org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig	String
retention_strategy.max_number_of_indices	20	Integer
creation_date	2022-09-21T05:52:43.063Z	String
index_analyzer	standard	String
index_optimization_max_num_segments	1	Integer
index_optimization_disabled	false	Boolean
field_type_refresh_interval	5000	Integer
index_template_type	null	Null
writable	true	Boolean
default	false	Boolean

/graylog/System/indices/02 查询全部索引

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/system/indices/index_sets?skip=0&limit=0&stats=true

请求方式

GET

Content-Type

json

请求Query参数

参数名	示例值	参数类型	是否必填	参数描述
skip	0	String	是	当前页为0 不分页
limit	0	String	是	每页条数为 0不分页
stats	true	String	是	是否包含索引统计数据

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"total": 5,"index_sets": [{"id": "6305e74923481c2cd7551bfa","title": "gdmp","description": "运维系统index，各个环境都存储在这个index中","can_be_default": true,"index_prefix": "gdmp_pro","shards": 4,"replicas": 0,"rotation_strategy_class": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy","rotation_strategy": {"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig","max_docs_per_index": 20000000},"retention_strategy_class": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy","retention_strategy": {"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig","max_number_of_indices": 20},"creation_date": "2022-08-24T08:54:33.459Z","index_analyzer": "standard","index_optimization_max_num_segments": 1,"index_optimization_disabled": false,"field_type_refresh_interval": 5000,"index_template_type": null,"writable": true,"default": false}],"stats": {}
}

参数名	示例值	参数类型	参数描述
total	5	Integer
index_sets	-	Object
index_sets.id	6305e74923481c2cd7551bfa	String
index_sets.title	gdmp	String	名称
index_sets.description	运维系统index，各个环境都存储在这个index中	String	描述
index_sets.can_be_default	true	Boolean
index_sets.index_prefix	gdmp_pro	String
index_sets.shards	4	Integer
index_sets.replicas	0	Integer
index_sets.rotation_strategy_class	org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy	String
index_sets.rotation_strategy	-	Object
index_sets.rotation_strategy.type	org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig	String
index_sets.rotation_strategy.max_docs_per_index	20000000	Integer
index_sets.retention_strategy_class	org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy	String
index_sets.retention_strategy	-	Object
index_sets.retention_strategy.type	org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig	String
index_sets.retention_strategy.max_number_of_indices	20	Integer
index_sets.creation_date	2022-08-24T08:54:33.459Z	String	创建时间
index_sets.index_analyzer	standard	String
index_sets.index_optimization_max_num_segments	1	Integer
index_sets.index_optimization_disabled	false	Boolean
index_sets.field_type_refresh_interval	5000	Integer
index_sets.index_template_type	null	Null
index_sets.writable	true	Boolean
index_sets.default	false	Boolean
stats	-	Object

/graylog/System/indices/02 查询单个索引

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/system/indices/index_sets/:id

请求方式

GET

Content-Type

json

路径变量

参数名	示例值	参数描述
id	6330077083ac345b777b43e0	-

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"total": 5,"index_sets": [{"id": "6305e74923481c2cd7551bfa","title": "gdmp","description": "运维系统index，各个环境都存储在这个index中","can_be_default": true,"index_prefix": "gdmp_pro","shards": 4,"replicas": 0,"rotation_strategy_class": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy","rotation_strategy": {"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig","max_docs_per_index": 20000000},"retention_strategy_class": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy","retention_strategy": {"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig","max_number_of_indices": 20},"creation_date": "2022-08-24T08:54:33.459Z","index_analyzer": "standard","index_optimization_max_num_segments": 1,"index_optimization_disabled": false,"field_type_refresh_interval": 5000,"index_template_type": null,"writable": true,"default": false}],"stats": {}
}

参数名	示例值	参数类型	参数描述
total	5	Integer
index_sets	-	Object
index_sets.id	6305e74923481c2cd7551bfa	String
index_sets.title	gdmp	String	名称
index_sets.description	运维系统index，各个环境都存储在这个index中	String	描述
index_sets.can_be_default	true	Boolean
index_sets.index_prefix	gdmp_pro	String
index_sets.shards	4	Integer
index_sets.replicas	0	Integer
index_sets.rotation_strategy_class	org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy	String
index_sets.rotation_strategy	-	Object
index_sets.rotation_strategy.type	org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig	String
index_sets.rotation_strategy.max_docs_per_index	20000000	Integer
index_sets.retention_strategy_class	org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy	String
index_sets.retention_strategy	-	Object
index_sets.retention_strategy.type	org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig	String
index_sets.retention_strategy.max_number_of_indices	20	Integer
index_sets.creation_date	2022-08-24T08:54:33.459Z	String	创建时间
index_sets.index_analyzer	standard	String
index_sets.index_optimization_max_num_segments	1	Integer
index_sets.index_optimization_disabled	false	Boolean
index_sets.field_type_refresh_interval	5000	Integer
index_sets.index_template_type	null	Null
index_sets.writable	true	Boolean
index_sets.default	false	Boolean
stats	-	Object

/graylog/System/indices/03 获取索引状态【全部】

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/system/indices/index_sets/stats

请求方式

GET

Content-Type

json

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"indices": 7,"documents": 15176148,"size": 4962156468
}

参数名	示例值	参数类型	参数描述
indices	7	Integer	索引数量
documents	15176148	Integer	文档数量
size	4962156468	Integer	大小，单位为字节，转为为kb（千字节）需要除以1024 转为为GB （÷（102410241024））【http://www.qikula.com/images/9639139849.html】

/graylog/System/indices/04 删除索引

# delete请求。
restful形式的。

接口状态

开发中

接口URL

10.0.107.158:9000/api/system/indices/index_sets/:id?delete_indices=true

请求方式

DELETE

Content-Type

json

请求Query参数

参数名	示例值	参数类型	是否必填	参数描述
delete_indices	true	String	是	是否删除索引，删除es中的索引

路径变量

参数名	示例值	参数描述
id	632aa9f083ac345b777543f4	索引ID

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/System/indices/05 获取索引状态【单个】

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/system/indices/index_sets/:id/stats

请求方式

GET

Content-Type

json

路径变量

参数名	示例值	参数描述
id	6305e74923481c2cd7551bfa	索引ID

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"indices": 1,"documents": 2431560,"size": 1258577622
}

参数名	示例值	参数类型	参数描述
indices	1	Integer	索引数量
documents	2431560	Integer	文档
size	1258577622	Integer	大小，单位为字节，转为为kb（千字节）需要除以1024 转为为GB （÷（102410241024））【http://www.qikula.com/images/9639139849.html】

/graylog/System/indices/06 更新索引

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/system/indices/index_sets/:id

请求方式

PUT

Content-Type

json

路径变量

参数名	示例值	参数描述
id	632aa5ea83ac345b77753f73	索引ID

请求Body参数

{"id": "632aa5ea83ac345b77753f73","title": "test","description": "test","can_be_default": true,"index_prefix": "test","shards": 4,"replicas": 0,"rotation_strategy_class": "org.graylog2.indexer.rotation.strategies.TimeBasedRotationStrategy","rotation_strategy": {"type": "org.graylog2.indexer.rotation.strategies.TimeBasedRotationStrategyConfig","rotation_period": "P1D","max_rotation_period": null},"retention_strategy_class": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy","retention_strategy": {"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig","max_number_of_indices": 20},"creation_date": "2022-09-21T05:52:43.063Z","index_analyzer": "standard","index_optimization_max_num_segments": 1,"index_optimization_disabled": false,"field_type_refresh_interval": 5000,"index_template_type": null,"writable": true,"default": false
}

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/System/indices/retention【保留策略】

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/System/indices/retention【保留策略】/01 获取所有保留策略

/api/system/indices/retention/strategies/{strategy}strategy：为type后数据，本质是一个全类名

接口状态

开发中

接口URL

10.0.107.158:9000/api/system/indices/retention/strategies

请求方式

GET

Content-Type

json

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"total": 3,"strategies": [{"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategy","default_config": {"type": "org.graylog2.indexer.retention.strategies.DeletionRetentionStrategyConfig","max_number_of_indices": 20},"json_schema": {"type": "object","id": "urn:jsonschema:org:graylog2:indexer:retention:strategies:DeletionRetentionStrategyConfig","properties": {"max_number_of_indices": {"type": "integer"},"type": {"type": "string"}}}},{"type": "org.graylog2.indexer.retention.strategies.ClosingRetentionStrategy","default_config": {"type": "org.graylog2.indexer.retention.strategies.ClosingRetentionStrategyConfig","max_number_of_indices": 20},"json_schema": {"type": "object","id": "urn:jsonschema:org:graylog2:indexer:retention:strategies:ClosingRetentionStrategyConfig","properties": {"max_number_of_indices": {"type": "integer"},"type": {"type": "string"}}}},{"type": "org.graylog2.indexer.retention.strategies.NoopRetentionStrategy","default_config": {"type": "org.graylog2.indexer.retention.strategies.NoopRetentionStrategyConfig","max_number_of_indices": 2147483647},"json_schema": {"type": "object","id": "urn:jsonschema:org:graylog2:indexer:retention:strategies:NoopRetentionStrategyConfig","properties": {"max_number_of_indices": {"type": "integer"},"type": {"type": "string"}}}}]
}

/graylog/System/indices/retention【保留策略】/02 获取具体的保留策略

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/system/indices/retention/strategies/:strategy

请求方式

GET

Content-Type

json

路径变量

参数名	示例值	参数描述
strategy	org.graylog2.indexer.retention.strategies.NoopRetentionStrategy	策略名称，为type后的数据

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"type": "org.graylog2.indexer.retention.strategies.NoopRetentionStrategy","default_config": {"type": "org.graylog2.indexer.retention.strategies.NoopRetentionStrategyConfig","max_number_of_indices": 2147483647},"json_schema": {"type": "object","id": "urn:jsonschema:org:graylog2:indexer:retention:strategies:NoopRetentionStrategyConfig","properties": {"max_number_of_indices": {"type": "integer"},"type": {"type": "string"}}}
}

/graylog/System/indices/rotation【轮换策略】

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/System/indices/rotation【轮换策略】/01 获取所有轮换策略

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/system/indices/rotation/strategies

请求方式

GET

Content-Type

json

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"total": 3,"strategies": [{"type": "org.graylog2.indexer.rotation.strategies.SizeBasedRotationStrategy","default_config": {"type": "org.graylog2.indexer.rotation.strategies.SizeBasedRotationStrategyConfig","max_size": 1073741824},"json_schema": {"type": "object","id": "urn:jsonschema:org:graylog2:indexer:rotation:strategies:SizeBasedRotationStrategyConfig","properties": {"max_size": {"type": "integer"},"type": {"type": "string"}}}},{"type": "org.graylog2.indexer.rotation.strategies.TimeBasedRotationStrategy","default_config": {"type": "org.graylog2.indexer.rotation.strategies.TimeBasedRotationStrategyConfig","rotation_period": "P1D","max_rotation_period": null},"json_schema": {"type": "object","id": "urn:jsonschema:org:graylog2:indexer:rotation:strategies:TimeBasedRotationStrategyConfig","properties": {"type": {"type": "string"},"rotation_period": {"type": "string"},"max_rotation_period": {"type": "string"}}}},{"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy","default_config": {"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig","max_docs_per_index": 20000000},"json_schema": {"type": "object","id": "urn:jsonschema:org:graylog2:indexer:rotation:strategies:MessageCountRotationStrategyConfig","properties": {"max_docs_per_index": {"type": "integer"},"type": {"type": "string"}}}}]
}

/graylog/System/indices/rotation【轮换策略】/02 查询具体的策略

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/system/indices/rotation/strategies/:strategy

请求方式

GET

Content-Type

json

路径变量

参数名	示例值	参数描述
strategy	org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy	策略名

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategy","default_config": {"type": "org.graylog2.indexer.rotation.strategies.MessageCountRotationStrategyConfig","max_docs_per_index": 20000000},"json_schema": {"type": "object","id": "urn:jsonschema:org:graylog2:indexer:rotation:strategies:MessageCountRotationStrategyConfig","properties": {"max_docs_per_index": {"type": "integer"},"type": {"type": "string"}}}
}

/graylog/System/inputs

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/System/inputs/01 获取所有inputs

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/system/inputs

请求方式

GET

Content-Type

json

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"inputs": [{"title": "Beat input","global": true,"name": "Beats","content_pack": null,"created_at": "2022-08-10T07:17:08.680Z","type": "org.graylog.plugins.beats.Beats2Input","creator_user_id": "admin","attributes": {"recv_buffer_size": 1048576,"tcp_keepalive": false,"number_worker_threads": 8,"tls_client_auth_cert_file": "","bind_address": "0.0.0.0","tls_cert_file": "","port": 5044,"tls_key_file": "","tls_enable": false,"tls_key_password": "","tls_client_auth": "disabled","override_source": null,"no_beats_prefix": false},"static_fields": {},"node": null,"id": "62f35b7488b7eb6e6a33251b"},{"title": "gdmp","global": true,"name": "GELF UDP","content_pack": null,"created_at": "2022-08-11T05:53:52.526Z","type": "org.graylog2.inputs.gelf.udp.GELFUDPInput","creator_user_id": "admin","attributes": {"recv_buffer_size": 262144,"port": 12201,"number_worker_threads": 8,"override_source": null,"bind_address": "0.0.0.0","decompress_size_limit": 8388608},"static_fields": {},"node": "d50de915-8cda-43ac-9b9b-46713990e00b","id": "62f0e00d88b7eb6e6a307295"}],"total": 2
}

/graylog/input

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/input/新建接口

暂无描述

接口状态

开发中

接口URL

127.0.0.1:8080/api/graylog/input/index

请求方式

POST

Content-Type

json

请求Body参数

{"title": "cwdchweduchwedihcwedncjwncweph","type": "Beat","configuration": {"port": 5049,"address": "0.0.0.111"}
}

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/sidecar

暂无描述

Header参数

参数名	示例值	参数描述
暂无参数

Query参数

参数名	示例值	参数描述
暂无参数

Body参数

参数名	示例值	参数描述
暂无参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/sidecar/获取collector默认配置列表

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/sidecar/collectors

请求方式

GET

Content-Type

json

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"total": 6,"collectors": [{"id": "636b175a1e21d174a6cf84df","name": "filebeat","service_type": "exec","node_operating_system": "linux","executable_path": "/usr/share/filebeat/bin/filebeat","execute_parameters": "-c  %s","validation_parameters": "test config -c %s","default_template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\nmax_procs: 1 # 限制一个CPU核心,避免过多抢占业务资源\n\nfilebeat.inputs:\n- input_type: log\n  paths:\n    - /var/log/*.log # 日志路径，可以配置多个\n  type: log\n # multiline为多行日志合并，Java类型日志需要配置，其他日志不能使用以下规则，含义：不是以时间开头的都追加到上一条日志后边\n  multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}'\n  multiline.negate: true\n  multiline.match: after\n  multiline.max_lines: 200  #单一多行匹配聚合的最大行数，超过定义行数后的行会被丢弃，默认500\n  multiline.timeout: 2s     # 超时时间后,即使还未匹配到下一个行日志(下一个多行事件)，也将此次匹配的事件刷出 (默认5s)\n  ignore_older: 1h      # 忽略这个时间之前的文件(根据文件改变时间)\n  fields: # 用于对日志进行分类处理，需要与运维系统中配置保持一致\n   app_name: xxxx # 应用名称\n   environment: pre #环境  pro  pre\n   log_type: Java # 日志类型 Java  Nginx\noutput.logstash:\n   hosts: [\"10.0.107.158:5044\"] # graylog服务端IP和端口，默认端口为5044\npath:\n  data: /var/lib/graylog-sidecar/collectors/filebeat/data\n  logs: /var/lib/graylog-sidecar/collectors/filebeat/log"},{"id": "636b175a1e21d174a6cf84e0","name": "winlogbeat","service_type": "svc","node_operating_system": "windows","executable_path": "C:\\Program Files\\Graylog\\sidecar\\winlogbeat.exe","execute_parameters": "-c \"%s\"","validation_parameters": "test config -c \"%s\"","default_template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\n\noutput.logstash:\n   hosts: [\"192.168.1.1:5044\"]\npath:\n  data: C:\\Program Files\\Graylog\\sidecar\\cache\\winlogbeat\\data\n  logs: C:\\Program Files\\Graylog\\sidecar\\logs\ntags:\n - windows\nwinlogbeat:\n  event_logs:\n   - name: Application\n   - name: System\n   - name: Security"},{"id": "636b175a1e21d174a6cf84e1","name": "nxlog","service_type": "exec","node_operating_system": "linux","executable_path": "/usr/bin/nxlog","execute_parameters": "-f -c %s","validation_parameters": "-v -c %s","default_template": "define ROOT /usr/bin\n\n\n  Module xm_gelf\n  # Avoid truncation of the short_message field to 64 characters.\n  ShortMessageLength 65536\n\n\n\n  Module xm_syslog\n\n\nUser nxlog\nGroup nxlog\n\nModuledir /usr/lib/nxlog/modules\nCacheDir /var/spool/nxlog/data\nPidFile /var/run/nxlog/nxlog.pid\nLogFile /var/log/nxlog/nxlog.log\nLogLevel INFO\n\n\n\n\tModule im_file\n\tFile '/var/log/*.log'\n\tPollInterval 1\n\tSavePos\tTrue\n\tReadFromLast True\n\tRecursive False\n\tRenameCheck False\n\tExec $FileName = file_name(); # Send file name with each message\n\n\n#\n#\tModule im_udp\n#\tHost 127.0.0.1\n#\tPort 514\n#\tExec parse_syslog_bsd();\n#\n\n\n\tModule om_tcp\n\tHost 192.168.1.1\n\tPort 12201\n\tOutputType  GELF_TCP\n\t\n\t  # These fields are needed for Graylog\n\t  $gl2_source_collector = '${sidecar.nodeId}';\n\t  $collector_node_id = '${sidecar.nodeName}';\n\t\n\n\n\n\n  Path file => gelf\n\n#\n#  Path syslog-udp => gelf\n#\n\n\n"},{"id": "636b175a1e21d174a6cf84e2","name": "nxlog","service_type": "svc","node_operating_system": "windows","executable_path": "C:\\Program Files (x86)\\nxlog\\nxlog.exe","execute_parameters": "-c \"%s\"","validation_parameters": "-v -f -c \"%s\"","default_template": "define ROOT C:\\Program Files (x86)\\nxlog\n\nModuledir %ROOT%\\modules\nCacheDir %ROOT%\\data\nPidfile %ROOT%\\data\\nxlog.pid\nSpoolDir %ROOT%\\data\nLogFile %ROOT%\\data\\nxlog.log\nLogLevel INFO\n\n\n    Module  xm_fileop\n    \n        When    @daily\n        Exec    file_cycle('%ROOT%\\data\\nxlog.log', 7);\n     \n\n\n\n\n  Module xm_gelf\n  # Avoid truncation of the short_message field to 64 characters.\n  ShortMessageLength 65536\n\n\n\n        Module im_msvistalog\n        PollInterval 1\n        SavePos True\n        ReadFromLast True\n        \n        #Channel System\n        #\n        #  \n        #   \n        #    \n        #    \n        #  \n        #\n\n\n\n\n\tModule im_file\n\tFile 'C:\\Windows\\MyLogDir\\\\*.log'\n\tPollInterval 1\n\tSavePos\tTrue\n\tReadFromLast True\n\tRecursive False\n\tRenameCheck False\n\tExec $FileName = file_name(); # Send file name with each message\n\n\n\n\n\tModule om_tcp\n\tHost 192.168.1.1\n\tPort 12201\n\tOutputType  GELF_TCP\n\t\n\t  # These fields are needed for Graylog\n\t  $gl2_source_collector = '${sidecar.nodeId}';\n\t  $collector_node_id = '${sidecar.nodeName}';\n\t\n\n\n\n\n  Path eventlog => gelf\n\n\n  Path file => gelf\n\n\n"},{"id": "636b175a1e21d174a6cf84e3","name": "filebeat","service_type": "svc","node_operating_system": "windows","executable_path": "C:\\Program Files\\Graylog\\sidecar\\filebeat.exe","execute_parameters": "-c \"%s\"","validation_parameters": "test config -c \"%s\"","default_template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\nmax_procs: 1 # 限制一个CPU核心,避免过多抢占业务资源\n\ntags:\n - windows\nfilebeat.inputs:\n- type: log\n  enabled: true\n # multiline为多行日志合并，Java类型日志需要配置，其他日志不能使用以下规则，含义：不是以时间开头的都追加到上一条日志后边\n  multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}'\n  multiline.negate: true # 不符合上述规则\n  multiline.match: after # 追加在上条日志后边\n  ignore_older: 24h      # 忽略这个时间之前的文件(根据文件改变时间)\n  fields: # 用于对日志进行分类处理，需要与运维系统中配置保持一致\n   app_name: example_glef_graylog # 应用服务编码，保持唯一\n   environment: pro # 环境  只支持生产和预生产 pro pre\n   log_type: Java # 日志类型 Java  Nginx\n  paths:\n    - C:\\logs\\*.log # 日志路径，可以配置多个\n\noutput.logstash:\n   hosts: [\"10.0.107.158:5044\"] # graylog服务端IP和端口，默认端口为5044\npath:\n  data: C:\\Program Files\\Graylog\\sidecar\\cache\\filebeat\\data\n  logs: C:\\Program Files\\Graylog\\sidecar\\logs\n    \n"},{"id": "6391a39142828a77d791ab39","name": "filebeat222","service_type": "exec","node_operating_system": "linux","executable_path": "/usr/share/filebeat/bin/filebeat","execute_parameters": "-c  %s","validation_parameters": "test config -c %s","default_template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\nmax_procs: 1 # 限制一个CPU核心,避免过多抢占业务资源\n\nfilebeat.inputs:\n- input_type: log\n  paths:\n    - /var/log/*.log # 日志路径，可以配置多个\n  type: log\n # multiline为多行日志合并，Java类型日志需要配置，其他日志不能使用以下规则，含义：不是以时间开头的都追加到上一条日志后边\n  multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}'\n  multiline.negate: true\n  multiline.match: after\n  multiline.max_lines: 200  #单一多行匹配聚合的最大行数，超过定义行数后的行会被丢弃，默认500\n  multiline.timeout: 2s     # 超时时间后,即使还未匹配到下一个行日志(下一个多行事件)，也将此次匹配的事件刷出 (默认5s)\n  ignore_older: 1h      # 忽略这个时间之前的文件(根据文件改变时间)\n  fields: # 用于对日志进行分类处理，需要与运维系统中配置保持一致\n   app_name: xxxx # 应用名称\n   environment: pre #环境  pro  pre\n   log_type: Java # 日志类型 Java  Nginx\noutput.logstash:\n   hosts: [\"10.0.107.158:5044\"] # graylog服务端IP和端口，默认端口为5044\npath:\n  data: /var/lib/graylog-sidecar/collectors/filebeat/data\n  logs: /var/lib/graylog-sidecar/collectors/filebeat/log"}]
}

/graylog/sidecar/获取sidecar列表

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/sidecars?page=1&per_page=1&sort=node_name&order=asc&only_active=true

请求方式

GET

Content-Type

json

请求Query参数

参数名	示例值	参数类型	是否必填	参数描述
page	1	String	是	-
per_page	1	String	是	-
sort	node_name	String	是	-
order	asc	String	是	-
only_active	true	String	是	-

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"query": "","total": 8,"only_active": true,"sort": "node_name","order": "asc","sidecars": [{"active": true,"node_id": "decb8c0e-5411-4d47-8034-6f58ec4930af","node_name": "10.0.107.55","node_details": {"operating_system": "Linux","ip": "10.0.107.55","metrics": {"disks_75": [],"cpu_idle": 98.63,"load_1": 0.03},"log_file_list": null,"status": {"status": 0,"message": "1 running / 0 stopped / 0 failing","collectors": [{"collector_id": "636b175a1e21d174a6cf84df","status": 0,"message": "Running","verbose_message": ""}]}},"assignments": [{"collector_id": "636b175a1e21d174a6cf84df","configuration_id": "636b346242828a77d7544808"}],"last_seen": "2022-12-08T03:26:47.594Z","sidecar_version": "1.2.0","collectors": null}],"filters": null,"pagination": {"total": 4,"count": 1,"page": 1,"per_page": 1}
}

/graylog/sidecar/获取配置列表列表

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/sidecar/configurations?query=&page=1&per_page=10

请求方式

GET

Content-Type

json

请求Query参数

参数名	示例值	参数类型	是否必填	参数描述
query	-	String	是	-
page	1	String	是	-
per_page	10	String	是	为0 不分页

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"query": "","total": 8,"only_active": true,"sort": "node_name","order": "asc","sidecars": [{"active": true,"node_id": "decb8c0e-5411-4d47-8034-6f58ec4930af","node_name": "10.0.107.55","node_details": {"operating_system": "Linux","ip": "10.0.107.55","metrics": {"disks_75": [],"cpu_idle": 98.63,"load_1": 0.03},"log_file_list": null,"status": {"status": 0,"message": "1 running / 0 stopped / 0 failing","collectors": [{"collector_id": "636b175a1e21d174a6cf84df","status": 0,"message": "Running","verbose_message": ""}]}},"assignments": [{"collector_id": "636b175a1e21d174a6cf84df","configuration_id": "636b346242828a77d7544808"}],"last_seen": "2022-12-08T03:26:47.594Z","sidecar_version": "1.2.0","collectors": null}],"filters": null,"pagination": {"total": 4,"count": 1,"page": 1,"per_page": 1}
}

/graylog/sidecar/获取配置详情

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/sidecar/configurations/:configurationId

请求方式

GET

Content-Type

json

路径变量

参数名	示例值	参数描述
configurationId	63788fab42828a77d769ffac	-

请求Body参数

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

成功响应示例

{"id": "63788fab42828a77d769ffac","collector_id": "636b175a1e21d174a6cf84df","name": "10.0.107.214","color": "#FFFFFF","template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\n\nfilebeat.inputs:\n- input_type: log\n  paths:\n    - /data/app/test-gdmp/gdmp-server/logs/*.log\n  type: log\n  multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}'\n  multiline.negate: true\n  multiline.match: after\n  fields:\n   app_name: gdmp_test\n   environment: pre\n   log_type: Java\noutput.logstash:\n   hosts: [\"10.0.107.158:5044\"]\npath:\n  data: /var/lib/graylog-sidecar/collectors/filebeat/data\n  logs: /var/lib/graylog-sidecar/collectors/filebeat/log"
}

错误响应示例

{"type": "ApiError","message": "invalid hexadecimal representation of an ObjectId: [63788fab42828fa77d769ffac]"
}

/graylog/sidecar/新增sidecar-configuration配置

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/sidecar/configurations

请求方式

POST

Content-Type

json

请求Body参数

{"name": "rete","color": "#FFFFFF","collector_id": "636b175a1e21d174a6cf84df","template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\nmax_procs: 1 # 限制一个CPU核心,避免过多抢占业务资源\n\nfilebeat.inputs:\n- input_type: log\n  paths:\n    - /var/log/*.log # 日志路径，可以配置多个\n  type: log\n # multiline为多行日志合并，Java类型日志需要配置，其他日志不能使用以下规则，含义：不是以时间开头的都追加到上一条日志后边\n  multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}'\n  multiline.negate: true\n  multiline.match: after\n  multiline.max_lines: 200  #单一多行匹配聚合的最大行数，超过定义行数后的行会被丢弃，默认500\n  multiline.timeout: 2s     # 超时时间后,即使还未匹配到下一个行日志(下一个多行事件)，也将此次匹配的事件刷出 (默认5s)\n  ignore_older: 1h      # 忽略这个时间之前的文件(根据文件改变时间)\n  fields: # 用于对日志进行分类处理，需要与运维系统中配置保持一致\n   app_name: xxxx # 应用名称\n   environment: pre #环境  pro  pre\n   log_type: Java # 日志类型 Java  Nginx\noutput.logstash:\n   hosts: [\"10.0.107.158:5044\"] # graylog服务端IP和端口，默认端口为5044\npath:\n  data: /var/lib/graylog-sidecar/collectors/filebeat/data\n  logs: /var/lib/graylog-sidecar/collectors/filebeat/log"
}

参数名	示例值	参数类型	是否必填	参数描述
name	rete	String	是	名称
color	#FFFFFF	String	是	颜色
collector_id	636b175a1e21d174a6cf84df	String	是	收集器Id，
template	# Needed for Graylogfields_under_root: truefields.collector_node_id: ${sidecar.nodeName}fields.gl2_source_collector: ${sidecar.nodeId}max_procs: 1 # 限制一个CPU核心,避免过多抢占业务资源filebeat.inputs:- input_type: log paths: - /var/log/*.log # 日志路径，可以配置多个 type: log # multiline为多行日志合并，Java类型日志需要配置，其他日志不能使用以下规则，含义：不是以时间开头的都追加到上一条日志后边 multiline.pattern: ‘¹{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}’ multiline.negate: true multiline.match: after multiline.max_lines: 200 #单一多行匹配聚合的最大行数，超过定义行数后的行会被丢弃，默认500 multiline.timeout: 2s # 超时时间后,即使还未匹配到下一个行日志(下一个多行事件)，也将此次匹配的事件刷出 (默认5s) ignore_older: 1h # 忽略这个时间之前的文件(根据文件改变时间) fields: # 用于对日志进行分类处理，需要与运维系统中配置保持一致 app_name: xxxx # 应用名称 environment: pre #环境 pro pre log_type: Java # 日志类型 Java Nginxoutput.logstash: hosts: [“10.0.107.158:5044”] # graylog服务端IP和端口，默认端口为5044path: data: /var/lib/graylog-sidecar/collectors/filebeat/data logs: /var/lib/graylog-sidecar/collectors/filebeat/log	String	是	-

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/sidecar/更新sidecar-cofiguration配置

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/sidecar/configurations/:sidecarId

请求方式

PUT

Content-Type

json

路径变量

参数名	示例值	参数描述
sidecarId	6391875642828a77d7918c9d	-

请求Body参数

{"id": "6391875642828a77d7918c9d","name": "testest","color": "#FFFFFF","collector_id": "636b175a1e21d174a6cf84df","template": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\nmax_procs: 1 # 限制一个CPU核心,避免过多抢占业务资源\n\nfilebeat.inputs:\n- input_type: log\n  paths:\n    - /var/log/*.log # 日志路径，可以配置多个\n  type: log\n # multiline为多行日志合并，Java类型日志需要配置，其他日志不能使用以下规则，含义：不是以时间开头的都追加到上一条日志后边\n  multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}'\n  multiline.negate: true\n  multiline.match: after\n  multiline.max_lines: 200  #单一多行匹配聚合的最大行数，超过定义行数后的行会被丢弃，默认500\n  multiline.timeout: 2s     # 超时时间后,即使还未匹配到下一个行日志(下一个多行事件)，也将此次匹配的事件刷出 (默认5s)\n  ignore_older: 1h      # 忽略这个时间之前的文件(根据文件改变时间)\n  fields: # 用于对日志进行分类处理，需要与运维系统中配置保持一致\n   app_name: xxxx # 应用名称\n   environment: pre #环境  pro  pre\n   log_type: Java # 日志类型 Java  Nginx\noutput.logstash:\n   hosts: [\"10.0.107.158:5044\"] # graylog服务端IP和端口，默认端口为5044\npath:\n  data: /var/lib/graylog-sidecar/collectors/filebeat/data\n  logs: /var/lib/graylog-sidecar/collectors/filebeat/log"
}

认证方式

noauth

预执行脚本

暂无预执行脚本

后执行脚本

暂无后执行脚本

/graylog/sidecar/下发配置、解除配置

暂无描述

接口状态

开发中

接口URL

10.0.107.158:9000/api/sidecars/configurations

请求方式

PUT

Content-Type

json

请求Body参数

{"nodes": [{"node_id": "4b9d051d-edbd-4e08-aa5b-2e74da0c5076","assignments": [{"collector_id": "636b175a1e21d174a6cf84df","configuration_id": "6391875642828a77d7918c9d"}]}]
}

参数名	示例值	参数类型	是否必填	参数描述
nodes	-	Array	是	-
nodes.node_id	4b9d051d-edbd-4e08-aa5b-2e74da0c5076	String	是	node_id
nodes.assignments	-	Object	是	-
nodes.assignments.collector_id	636b175a1e21d174a6cf84df	String	是	收集器Id，模板
nodes.assignments.configuration_id	6391875642828a77d7918c9d	String	是	配置id

0-9 ↩︎

本文来自互联网用户投稿，文章观点仅代表作者本人，不代表本站立场，不承担相关法律责任。如若转载，请注明出处。 如若内容造成侵权/违法违规/事实不符，请点击【内容举报】进行投诉反馈！

标签：技术

上一篇 > php5.6 fileinfo,LNMP安装fileinfo模块
下一篇 > CentOS 7部署Graylog

Duilib中list控件支持ctrl和shif多行选中的实现

[ICML2015]Batch Normalization:Accelerating Deep Network Training by Reducing Internal Covariate Shif

win10系统微软输入法于eclipse ctrl+shif+f冲突间接处理办法

Codeforces Round #259 (Div. 2) B. Little Pony and Sort by Shif

读LDD3，内存映射与DMA--PAGE_SHIF…

VMware虚拟机安装XP【要先分区，再设置BOOT 启动CD，shif+上移】

更换iBus五笔的左与右Shif

sublime ctrl+shif+f 没用解决办法

idea 对 ctrl + z 的撤销是 ctrl + shif + z

计算机最早的设计师应用于,计算机应用基础选择题doc.doc

win10自带截图神器：Win+Shift+S

Python基础之文件目录操作

python简述目录_Python基础之文件目录操作(示例代码)

tp5 如何做数据采集

任务2-7(服务器字体+阿里巴巴矢量库)

html标签（1)：h1~h6,p,br,pre,hr

TI 电量计介绍与芯片选型指南

几款TI电源芯片简介

TI DSP芯片C2000系列读取FLASH数据

德州仪器(Ti)平台嵌入式开发基础

TI三相电机智能栅极驱动芯片特点分类

省选模拟（12.08） T3 圈圈圈圈圈圈圈圈

Hadoop生态圈技术栈（上）

大数据开发基础入门与项目实战（三）Hadoop核心及生态圈技术栈之6.Impala交互式查询

小猿圈之Linux下Mysql 操作命令

大数据Hadoop生态圈常用面试题

大数据开发基础入门与项目实战（三）Hadoop核心及生态圈技术栈之4.Hive DDL、DQL和数据操作

备战Noip2018模拟赛11（B组）T3 Monogatari 物语

【智能优化算法-圆圈搜索算法】基于圆圈搜索算法Circle Search Algorithm求解单目标优化问题附matlab代码

NYOJ 78 圈水池

递归问题跑道汽车绕圈问题 Python实现

Hadoop生态圈（三）：MapReduce