Sumo Logic API (1.0.0)
Download OpenAPI specification:Download
Welcome to the Sumo Logic API reference. You can use these APIs to interact with the Sumo Logic platform. For information on the collector and search APIs see our API home page.
Sumo Logic has several deployments in different geographic locations. You'll need to use the Sumo Logic API endpoint corresponding to your geographic location. See the table below for the different API endpoints by deployment. For details determining your account's deployment see API endpoints.
| Deployment | Endpoint |
| AU | https://api.au.sumologic.com/api/ |
| CA | https://api.ca.sumologic.com/api/ |
| DE | https://api.de.sumologic.com/api/ |
| EU | https://api.eu.sumologic.com/api/ |
| FED | https://api.fed.sumologic.com/api/ |
| IN | https://api.in.sumologic.com/api/ |
| JP | https://api.jp.sumologic.com/api/ |
| US1 | https://api.sumologic.com/api/ |
| US2 | https://api.us2.sumologic.com/api/ |
Sumo Logic supports the following options for API authentication:
- Access ID and Access Key
- Base64 encoded Access ID and Access Key
See Access Keys to generate an Access Key. Make sure to copy the key you create, because it is displayed only once. When you have an Access ID and Access Key you can execute requests such as the following:
curl -u "<accessId>:<accessKey>" -X GET https://api.<deployment>.sumologic.com/api/v1/users
Where deployment is either au, ca, de, eu, fed, in, jp, us1, or us2. See API endpoints for details.
If you prefer to use basic access authentication, you can do a Base64 encoding of your <accessId>:<accessKey> to authenticate your HTTPS request. The following is an example request, replace the placeholder <encoded> with your encoded Access ID and Access Key string:
curl -H "Authorization: Basic <encoded>" -X GET https://api.<deployment>.sumologic.com/api/v1/users
Refer to API Authentication for a Base64 example.
Generic status codes that apply to all our APIs. See the HTTP status code registry for reference.
| HTTP Status Code | Error Code | Description |
| 301 | moved | The requested resource SHOULD be accessed through returned URI in Location Header. See troubleshooting for details. |
| 401 | unauthorized | Credential could not be verified. |
| 403 | forbidden | This operation is not allowed for your account type or the user doesn't have the role capability to perform this action. See troubleshooting for details. |
| 404 | notfound | Requested resource could not be found. |
| 405 | method.unsupported | Unsupported method for URL. |
| 415 | contenttype.invalid | Invalid content type. |
| 429 | rate.limit.exceeded | The API request rate is higher than 4 request per second or inflight API requests are higher than 10 request per second. |
| 500 | internal.error | Internal server error. |
| 503 | service.unavailable | Service is currently unavailable. |
Some API endpoints support filtering results on a specified set of fields. Each endpoint that supports filtering will list the fields that can be filtered. Multiple fields can be combined by using an ampersand & character.
For example, to get 20 users whose firstName is John and lastName is Doe:
api.sumologic.com/v1/users?limit=20&firstName=John&lastName=Doe
Some API endpoints support sorting fields by using the sortBy query parameter. The default sort order is ascending. Prefix the field with a minus sign - to sort in descending order.
For example, to get 20 users sorted by their email in descending order:
api.sumologic.com/v1/users?limit=20&sort=-email
Asynchronous requests do not wait for results, instead they immediately respond back with a job identifier while the job runs in the background. You can use the job identifier to track the status of the asynchronous job request. Here is a typical flow for an asynchronous request.
Start an asynchronous job. On success, a job identifier is returned. The job identifier uniquely identifies your asynchronous job.
Once started, use the job identifier from step 1 to track the status of your asynchronous job. An asynchronous request will typically provide an endpoint to poll for the status of asynchronous job. A successful response from the status endpoint will have the following structure:
{ "status": "Status of asynchronous request", "statusMessage": "Optional message with additional information in case request succeeds", "error": "Error object in case request fails" }The
statusfield can have one of the following values:Success: The job succeeded. ThestatusMessagefield might have additional information.InProgress: The job is still running.Failed: The job failed. Theerrorfield in the response will have more information about the failure.
Some asynchronous APIs may provide a third endpoint (like export result) to fetch the result of an asynchronous job.
Example
Let's say we want to export a folder with the identifier 0000000006A2E86F. We will use the async export API to export all the content under the folder with id=0000000006A2E86F.
Start an export job for the folder
curl -X POST -u "<accessId>:<accessKey>" https://api.<deployment>.sumologic.com/api/v2/content/0000000006A2E86F/exportSee authentication section for more details about
accessId,accessKey, anddeployment. On success, you will get back a job identifier. In the response below,C03E086C137F38B4is the job identifier.{ "id": "C03E086C137F38B4" }Now poll for the status of the asynchronous job with the status endpoint.
curl -X GET -u "<accessId>:<accessKey>" https://api.<deployment>.sumologic.com/api/v2/content/0000000006A2E86F/export/C03E086C137F38B4/statusYou may get a response like
{ "status": "InProgress", "statusMessage": null, "error": null }It implies the job is still in progress. Keep polling till the status is either
SuccessorFailed.When the asynchronous job completes (
status != "InProgress"), you can fetch the results with the export result endpoint.curl -X GET -u "<accessId>:<accessKey>" https://api.<deployment>.sumologic.com/api/v2/content/0000000006A2E86F/export/C03E086C137F38B4/result
The asynchronous job may fail (status == "Failed"). You can look at the error field for more details.
{
"status": "Failed",
"errors": {
"code": "content1:too_many_items",
"message": "Too many objects: object count(1100) was greater than limit 1000"
}
}
- A rate limit of four API requests per second (240 requests per minute) applies to all API calls from a user.
- A rate limit of 10 concurrent requests to any API endpoint applies to an access key.
If a rate is exceeded, a rate limit exceeded 429 status code is returned.
You can use OpenAPI Generator to generate clients from the YAML file to access the API.
Using NPM
Install NPM package wrapper globally, exposing the CLI on the command line:
npm install @openapitools/openapi-generator-cli -gYou can see detailed instructions here.
Download the YAML file and save it locally. Let's say the file is saved as
sumologic-api.yaml.Use the following command to generate
pythonclient inside thesumo/client/pythondirectory:openapi-generator generate -i sumologic-api.yaml -g python -o sumo/client/python
Using Homebrew
Install OpenAPI Generator
brew install openapi-generatorDownload the YAML file and save it locally. Let's say the file is saved as
sumologic-api.yaml.Use the following command to generate
pythonclient side code inside thesumo/client/pythondirectory:openapi-generator generate -i sumologic-api.yaml -g python -o sumo/client/python
Archive Ingestion Management API.
Archive Ingestion allows you to ingest data from Archive destinations. You can use this API to ingest data from your Archive with an existing AWS S3 Archive Source. You need the Manage or View Collectors role capability to manage or view ingestion jobs. For more information see Archive.
Get ingestion jobs for an Archive Source.
Get a list of all the ingestion jobs created on an Archive Source. The response is paginated with a default limit of 10 jobs per page.
Authorizations:
path Parameters
| sourceId required | string Example: 000000000606C009 The identifier of an Archive Source. |
query Parameters
| limit | integer <int32> [ 1 .. 100 ] Default: 10 Limit the number of jobs returned in the response. The number of jobs returned may be less than the |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "name": "string",
- "startTime": "2018-10-16T09:10:00Z",
- "endTime": "2018-10-16T10:10:00Z",
- "id": "4e214571-cf27-4114-93e6-69a98c017f3",
- "totalObjectsScanned": 25,
- "totalObjectsIngested": 10,
- "totalBytesIngested": 100,
- "status": "Scanning",
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD"
}
], - "next": "string"
}Create an ingestion job.
Create an ingestion job to pull data from your S3 bucket.
Authorizations:
path Parameters
| sourceId required | string Example: 000000000606C009 The identifier of the Archive Source for which the job is to be added. |
Request Body schema: application/json
The definition of the ingestion job to create.
| name required | string [ 1 .. 128 ] characters The name of the ingestion job. |
| startTime required | string <date-time> The starting timestamp of the ingestion job. |
| endTime required | string <date-time> The ending timestamp of the ingestion job. |
Responses
Request samples
- Payload
{- "name": "string",
- "startTime": "2018-10-16T09:10:00Z",
- "endTime": "2018-10-16T10:10:00Z"
}Response samples
- 200
- default
{- "name": "string",
- "startTime": "2018-10-16T09:10:00Z",
- "endTime": "2018-10-16T10:10:00Z",
- "id": "4e214571-cf27-4114-93e6-69a98c017f3",
- "totalObjectsScanned": 25,
- "totalObjectsIngested": 10,
- "totalBytesIngested": 100,
- "status": "Scanning",
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD"
}Delete an ingestion job.
Delete an ingestion job with the given identifier from the organization. The delete operation is only possible for jobs with a Succeeded or Failed status.
Authorizations:
path Parameters
| sourceId required | string The identifier of the Archive Source. |
| id required | string The identifier of the ingestion job to delete. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}List ingestion jobs for all Archive Sources.
Get a list of all Archive Sources with the count and status of ingestion jobs.
Authorizations:
Responses
Response samples
- 200
- default
{- "data": [
- {
- "sourceId": "000000000606C009",
- "pending": 4,
- "scanning": 1,
- "ingesting": 2,
- "failed": 5,
- "succeeded": 20
}
]
}Health Events management API.
Health Events allow you to keep track of the health of your Collectors and Sources. You can use them to find and investigate common errors and warnings that are known to cause collection issues. For more information see Health Events.
Get a list of health events.
Get a list of all the unresolved health events in your account.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Limit the number of health events returned in the response. The number of health events returned may be less than the |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "eventId": "e801dc7d-f483-46e9-bcc9-410f08f96497",
- "eventName": "InstalledCollectorOffline",
- "details": {
- "trackerId": "string",
- "error": "Access denied to Amazon S3 bucket",
- "description": "S3 collection is not working as expected because of access issues."
}, - "resourceIdentity": {
- "id": "C03E086C137F38B4",
- "name": "S3 Source, Scheduled View name.",
- "type": "Collector"
}, - "eventTime": "2018-10-16T09:10:00Z",
- "subsystem": "string",
- "severityLevel": "string"
}
], - "next": "string"
}Health events for specific resources.
Get a list of all the unresolved events in your account that belong to the supplied resource identifiers.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Limit the number of health events returned in the response. The number of health events returned may be less than the |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Request Body schema: application/json
Resource identifiers to request health events from.
required | Array of objects (ResourceIdentity) [ items ] A list of the resources. | ||||||
Array
| |||||||
Responses
Request samples
- Payload
{- "data": [
- {
- "id": "C03E086C137F38B4",
- "name": "S3 Source, Scheduled View name.",
- "type": "Collector"
}
]
}Response samples
- 200
- default
{- "data": [
- {
- "eventId": "e801dc7d-f483-46e9-bcc9-410f08f96497",
- "eventName": "InstalledCollectorOffline",
- "details": {
- "trackerId": "string",
- "error": "Access denied to Amazon S3 bucket",
- "description": "S3 collection is not working as expected because of access issues."
}, - "resourceIdentity": {
- "id": "C03E086C137F38B4",
- "name": "S3 Source, Scheduled View name.",
- "type": "Collector"
}, - "eventTime": "2018-10-16T09:10:00Z",
- "subsystem": "string",
- "severityLevel": "string"
}
], - "next": "string"
}Log Search Estimated Usage API.
Gets the estimated volume of data that would be scanned for a given log search in the Infrequent data tier, over a particular time range. In the Infrequent Data Tier, you pay per query, based on the amount data scanned. You can use this endpoint to get an estimate of the total data that would be scanned before running a query, and refine your query to scan less data, as necessary. For more information see Infrequent data tier.
Gets estimated usage details.
Gets the estimated volume of data that would be scanned for a given log search in the Infrequent data tier.
Authorizations:
Request Body schema: application/json
The definition of the log search estimated usage.
| queryString required | string Query to perform. |
required | object (ResolvableTimeRange) |
| runByReceiptTime | boolean Default: false This has the value |
Array of objects (LogSearchQueryParameterSyncDefinition) [ items ] Definition of the query parameters. | |
| parsingMode | string Default: "Manual" Define the parsing mode to scan the JSON format log messages. Possible values are:
|
| timezone required | string Time zone to get the estimated usage details. Follow the format in the IANA Time Zone Database. |
Responses
Request samples
- Payload
{- "queryString": "error | count by _sourceCategory",
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "runByReceiptTime": false,
- "queryParameters": [
- {
- "name": "string",
- "label": "string",
- "description": "string",
- "dataType": "string",
- "value": "string",
- "autoComplete": {
- "autoCompleteType": "string",
- "autoCompleteKey": "Ephemeral-3644138589235809747-1583470806220-parameter",
- "autoCompleteValues": [
- {
- "label": "string",
- "value": "string"
}
], - "lookupFileName": "string",
- "lookupLabelColumn": "string",
- "lookupValueColumn": "string"
}
}
], - "parsingMode": "AutoParse",
- "timezone": "America/Los_Angeles"
}Response samples
- 200
- default
{- "queryString": "error | count by _sourceCategory",
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "runByReceiptTime": false,
- "queryParameters": [
- {
- "name": "string",
- "label": "string",
- "description": "string",
- "dataType": "string",
- "value": "string",
- "autoComplete": {
- "autoCompleteType": "string",
- "autoCompleteKey": "Ephemeral-3644138589235809747-1583470806220-parameter",
- "autoCompleteValues": [
- {
- "label": "string",
- "value": "string"
}
], - "lookupFileName": "string",
- "lookupLabelColumn": "string",
- "lookupValueColumn": "string"
}
}
], - "parsingMode": "AutoParse",
- "timezone": "America/Los_Angeles",
- "estimatedUsageDetails": {
- "dataScannedInBytes": 114086541
}
}Gets Tier Wise estimated usage details.
Gets the estimated volume of data that would be scanned for a given log search per data tier.
Authorizations:
Request Body schema: application/json
The definition of the log search estimated usage.
| queryString required | string Query to perform. |
required | object (ResolvableTimeRange) |
| runByReceiptTime | boolean Default: false This has the value |
Array of objects (LogSearchQueryParameterSyncDefinition) [ items ] Definition of the query parameters. | |
| timezone required | string Time zone to get the estimated usage details. Follow the format in the IANA Time Zone Database. |
Responses
Request samples
- Payload
{- "queryString": "error | count by _sourceCategory",
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "runByReceiptTime": false,
- "queryParameters": [
- {
- "name": "string",
- "label": "string",
- "description": "string",
- "dataType": "string",
- "value": "string",
- "autoComplete": {
- "autoCompleteType": "string",
- "autoCompleteKey": "Ephemeral-3644138589235809747-1583470806220-parameter",
- "autoCompleteValues": [
- {
- "label": "string",
- "value": "string"
}
], - "lookupFileName": "string",
- "lookupLabelColumn": "string",
- "lookupValueColumn": "string"
}
}
], - "timezone": "America/Los_Angeles"
}Response samples
- 200
- default
{- "queryString": "error | count by _sourceCategory",
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "runByReceiptTime": false,
- "queryParameters": [
- {
- "name": "string",
- "label": "string",
- "description": "string",
- "dataType": "string",
- "value": "string",
- "autoComplete": {
- "autoCompleteType": "string",
- "autoCompleteKey": "Ephemeral-3644138589235809747-1583470806220-parameter",
- "autoCompleteValues": [
- {
- "label": "string",
- "value": "string"
}
], - "lookupFileName": "string",
- "lookupLabelColumn": "string",
- "lookupValueColumn": "string"
}
}
], - "timezone": "America/Los_Angeles",
- "estimatedUsageDetails": [
- {
- "tier": "Continuous",
- "dataScannedInBytes": 114086541
}
]
}Ingest Budget management API.
Ingest Budgets allow you to control the capacity of daily ingestion volume sent to Sumo Logic from Collectors. For more information see Ingest Budgets.
Get a list of ingest budgets.
Get a list of all ingest budgets. The response is paginated with a default limit of 100 budgets per page.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Limit the number of budgets returned in the response. The number of budgets returned may be less than the |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "name": "Developer Budget",
- "fieldValue": "dev_30_gb",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdByUser": {
- "id": "0000000006743FDD",
- "email": "johndoe@acme.com",
- "firstName": "John",
- "lastName": "Doe"
}, - "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedByUser": {
- "id": "0000000006743FDD",
- "email": "johndoe@acme.com",
- "firstName": "John",
- "lastName": "Doe"
}, - "id": "string",
- "usageBytes": 900,
- "usageStatus": "Approaching",
- "numberOfCollectors": 10
}
], - "next": "string"
}Create a new ingest budget.
Create a new ingest budget.
Authorizations:
Request Body schema: application/json
Information about the new ingest budget.
| name required | string [ 1 .. 128 ] characters Display name of the ingest budget. |
| fieldValue required | string [ 1 .. 1024 ] characters Custom field value that is used to assign Collectors to the ingest budget. |
| capacityBytes required | integer <int64> >= 0 Capacity of the ingest budget, in bytes. It takes a few minutes for Collectors to stop collecting when capacity is reached. We recommend setting a soft limit that is lower than your needed hard limit. |
| timezone required | string Time zone of the reset time for the ingest budget. Follow the format in the IANA Time Zone Database. |
| resetTime required | string 5 characters Reset time of the ingest budget in HH:MM format. |
| description | string [ 0 .. 1024 ] characters Description of the ingest budget. |
| action required | string^(keepCollecting|stopCollecting)$ Action to take when ingest budget's capacity is reached. All actions are audited. Supported values are:
|
| auditThreshold | integer <int32> [ 1 .. 99 ] The threshold as a percentage of when an ingest budget's capacity usage is logged in the Audit Index. |
Responses
Request samples
- Payload
{- "name": "Developer Budget",
- "fieldValue": "dev_30_gb",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85
}Response samples
- 200
- default
{- "name": "Developer Budget",
- "fieldValue": "dev_30_gb",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdByUser": {
- "id": "0000000006743FDD",
- "email": "johndoe@acme.com",
- "firstName": "John",
- "lastName": "Doe"
}, - "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedByUser": {
- "id": "0000000006743FDD",
- "email": "johndoe@acme.com",
- "firstName": "John",
- "lastName": "Doe"
}, - "id": "string",
- "usageBytes": 900,
- "usageStatus": "Approaching",
- "numberOfCollectors": 10
}Get an ingest budget.
Get an ingest budget by the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of ingest budget to return. |
Responses
Response samples
- 200
- default
{- "name": "Developer Budget",
- "fieldValue": "dev_30_gb",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdByUser": {
- "id": "0000000006743FDD",
- "email": "johndoe@acme.com",
- "firstName": "John",
- "lastName": "Doe"
}, - "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedByUser": {
- "id": "0000000006743FDD",
- "email": "johndoe@acme.com",
- "firstName": "John",
- "lastName": "Doe"
}, - "id": "string",
- "usageBytes": 900,
- "usageStatus": "Approaching",
- "numberOfCollectors": 10
}Update an ingest budget.
Update an existing ingest budget. All properties specified in the request are required.
Authorizations:
path Parameters
| id required | string Identifier of the ingest budget to update. |
Request Body schema: application/json
Information to update about the ingest budget.
| name required | string [ 1 .. 128 ] characters Display name of the ingest budget. |
| fieldValue required | string [ 1 .. 1024 ] characters Custom field value that is used to assign Collectors to the ingest budget. |
| capacityBytes required | integer <int64> >= 0 Capacity of the ingest budget, in bytes. It takes a few minutes for Collectors to stop collecting when capacity is reached. We recommend setting a soft limit that is lower than your needed hard limit. |
| timezone required | string Time zone of the reset time for the ingest budget. Follow the format in the IANA Time Zone Database. |
| resetTime required | string 5 characters Reset time of the ingest budget in HH:MM format. |
| description | string [ 0 .. 1024 ] characters Description of the ingest budget. |
| action required | string^(keepCollecting|stopCollecting)$ Action to take when ingest budget's capacity is reached. All actions are audited. Supported values are:
|
| auditThreshold | integer <int32> [ 1 .. 99 ] The threshold as a percentage of when an ingest budget's capacity usage is logged in the Audit Index. |
Responses
Request samples
- Payload
{- "name": "Developer Budget",
- "fieldValue": "dev_30_gb",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85
}Response samples
- 200
- default
{- "name": "Developer Budget",
- "fieldValue": "dev_30_gb",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdByUser": {
- "id": "0000000006743FDD",
- "email": "johndoe@acme.com",
- "firstName": "John",
- "lastName": "Doe"
}, - "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedByUser": {
- "id": "0000000006743FDD",
- "email": "johndoe@acme.com",
- "firstName": "John",
- "lastName": "Doe"
}, - "id": "string",
- "usageBytes": 900,
- "usageStatus": "Approaching",
- "numberOfCollectors": 10
}Delete an ingest budget.
Delete an ingest budget with the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of the ingest budget to delete. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Reset usage.
Reset ingest budget's current usage to 0 before the scheduled reset time.
Authorizations:
path Parameters
| id required | string Identifier of the ingest budget to reset usage. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Get a list of Collectors.
Get a list of Collectors assigned to an ingest budget. The response is paginated with a default limit of 100 Collectors per page.
Authorizations:
path Parameters
| id required | string Identifier of ingest budget to which Collectors are assigned. |
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Limit the number of Collectors returned in the response. The number of Collectors returned may be less than the |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "id": "string",
- "name": "string"
}
], - "next": "string"
}Assign a Collector to a budget.
Assign a Collector to a budget.
Authorizations:
path Parameters
| id required | string Identifier of the ingest budget to assign to the Collector. |
| collectorId required | string Identifier of the Collector to assign. |
Responses
Response samples
- 200
- default
{- "name": "Developer Budget",
- "fieldValue": "dev_30_gb",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdByUser": {
- "id": "0000000006743FDD",
- "email": "johndoe@acme.com",
- "firstName": "John",
- "lastName": "Doe"
}, - "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedByUser": {
- "id": "0000000006743FDD",
- "email": "johndoe@acme.com",
- "firstName": "John",
- "lastName": "Doe"
}, - "id": "string",
- "usageBytes": 900,
- "usageStatus": "Approaching",
- "numberOfCollectors": 10
}Remove Collector from a budget.
Remove Collector from a budget.
Authorizations:
path Parameters
| id required | string Identifier of the ingest budget to unassign from the Collector. |
| collectorId required | string Identifier of the Collector to unassign. |
Responses
Response samples
- 200
- default
{- "name": "Developer Budget",
- "fieldValue": "dev_30_gb",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdByUser": {
- "id": "0000000006743FDD",
- "email": "johndoe@acme.com",
- "firstName": "John",
- "lastName": "Doe"
}, - "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedByUser": {
- "id": "0000000006743FDD",
- "email": "johndoe@acme.com",
- "firstName": "John",
- "lastName": "Doe"
}, - "id": "string",
- "usageBytes": 900,
- "usageStatus": "Approaching",
- "numberOfCollectors": 10
}Ingest Budget management API V2.
Ingest Budgets V2 provide you the ability to create and assign budgets to your log data by Fields instead of using a Field Value. For more information see Metadata Ingest Budgets.
Get a list of ingest budgets.
Get a list of all ingest budgets. The response is paginated with a default limit of 100 budgets per page.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Limit the number of budgets returned in the response. The number of budgets returned may be less than the |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "name": "Developer Budget",
- "scope": "_sourceCategory=*prod*nginx*",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85,
- "id": "0000000003343FDD",
- "usageBytes": 900,
- "usageStatus": "Approaching",
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000001243FDD",
- "budgetVersion": 2
}
], - "next": "string"
}Create a new ingest budget.
Create a new ingest budget.
Authorizations:
Request Body schema: application/json
Information about the new ingest budget.
| name required | string [ 1 .. 128 ] characters Display name of the ingest budget. |
| scope required | string [ 1 .. 1024 ] characters A scope is a constraint that will be used to identify the messages on which budget needs to be applied. A scope is consists of key and value separated by =. The field must be enabled in the fields table. Value supports wildcard. e.g. _sourceCategory=prodpayment*, cluster=kafka. If the scope is defined _sourceCategory=nginx in this budget will be applied on messages having fields _sourceCategory=prod/nginx, _sourceCategory=dev/nginx, or _sourceCategory=dev/nginx/error |
| capacityBytes required | integer <int64> >= 1 Capacity of the ingest budget, in bytes. It takes a few minutes for Collectors to stop collecting when capacity is reached. We recommend setting a soft limit that is lower than your needed hard limit. |
| timezone required | string Time zone of the reset time for the ingest budget. Follow the format in the IANA Time Zone Database. |
| resetTime required | string 5 characters Reset time of the ingest budget in HH:MM format. |
| description | string [ 0 .. 1024 ] characters Description of the ingest budget. |
| action required | string^(keepCollecting|stopCollecting)$ Action to take when ingest budget's capacity is reached. All actions are audited. Supported values are:
|
| auditThreshold | integer <int32> [ 1 .. 99 ] The threshold as a percentage of when an ingest budget's capacity usage is logged in the Audit Index. |
Responses
Request samples
- Payload
{- "name": "Developer Budget",
- "scope": "_sourceCategory=*prod*nginx*",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85
}Response samples
- 200
- default
{- "name": "Developer Budget",
- "scope": "_sourceCategory=*prod*nginx*",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85,
- "id": "0000000003343FDD",
- "usageBytes": 900,
- "usageStatus": "Approaching",
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000001243FDD",
- "budgetVersion": 2
}Get an ingest budget.
Get an ingest budget by the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of ingest budget to return. |
Responses
Response samples
- 200
- default
{- "name": "Developer Budget",
- "scope": "_sourceCategory=*prod*nginx*",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85,
- "id": "0000000003343FDD",
- "usageBytes": 900,
- "usageStatus": "Approaching",
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000001243FDD",
- "budgetVersion": 2
}Update an ingest budget.
Update an existing ingest budget. All properties specified in the request are required.
Authorizations:
path Parameters
| id required | string Identifier of the ingest budget to update. |
Request Body schema: application/json
Information to update about the ingest budget.
| name required | string [ 1 .. 128 ] characters Display name of the ingest budget. |
| scope required | string [ 1 .. 1024 ] characters A scope is a constraint that will be used to identify the messages on which budget needs to be applied. A scope is consists of key and value separated by =. The field must be enabled in the fields table. Value supports wildcard. e.g. _sourceCategory=prodpayment*, cluster=kafka. If the scope is defined _sourceCategory=nginx in this budget will be applied on messages having fields _sourceCategory=prod/nginx, _sourceCategory=dev/nginx, or _sourceCategory=dev/nginx/error |
| capacityBytes required | integer <int64> >= 1 Capacity of the ingest budget, in bytes. It takes a few minutes for Collectors to stop collecting when capacity is reached. We recommend setting a soft limit that is lower than your needed hard limit. |
| timezone required | string Time zone of the reset time for the ingest budget. Follow the format in the IANA Time Zone Database. |
| resetTime required | string 5 characters Reset time of the ingest budget in HH:MM format. |
| description | string [ 0 .. 1024 ] characters Description of the ingest budget. |
| action required | string^(keepCollecting|stopCollecting)$ Action to take when ingest budget's capacity is reached. All actions are audited. Supported values are:
|
| auditThreshold | integer <int32> [ 1 .. 99 ] The threshold as a percentage of when an ingest budget's capacity usage is logged in the Audit Index. |
Responses
Request samples
- Payload
{- "name": "Developer Budget",
- "scope": "_sourceCategory=*prod*nginx*",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85
}Response samples
- 200
- default
{- "name": "Developer Budget",
- "scope": "_sourceCategory=*prod*nginx*",
- "capacityBytes": 1000,
- "timezone": "America/Los_Angeles",
- "resetTime": "23:30",
- "description": "string",
- "action": "stopCollecting",
- "auditThreshold": 85,
- "id": "0000000003343FDD",
- "usageBytes": 900,
- "usageStatus": "Approaching",
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000001243FDD",
- "budgetVersion": 2
}Delete an ingest budget.
Delete an ingest budget with the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of the ingest budget to delete. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Reset usage.
Reset ingest budget's current usage to 0 before the scheduled reset time.
Authorizations:
path Parameters
| id required | string Identifier of the ingest budget to reset usage. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}App installation API.
View and install Sumo Logic Applications that deliver out-of-the-box dashboards, saved searches, and field extraction for popular data sources. For more information see Sumo Logic Apps.
Response samples
- 200
- default
{- "apps": [
- {
- "appDefinition": {
- "contentId": "00000000000011AE",
- "uuid": "1c57fbc3-3141-4b12-aab3-5f40152bc3d9",
- "name": "Sumo Config",
- "appVersion": "1.0",
- "preview": true,
- "manifestVersion": "0.1"
}, - "appManifest": {
- "family": "IIS",
- "description": "A description for Sumo Logic Config App.",
- "categories": [
- "Sumo Logic",
- "Configuration"
], - "hoverText": "Sumo Config App",
- "helpDocIdMap": {
- "property1": "string",
- "property2": "string"
}, - "requirements": [ ],
- "accountTypes": [
- "free"
], - "requiresInstallationInstructions": false,
- "installationInstructions": "",
- "parameters": [
- {
- "parameterType": "DATA_SOURCE",
- "parameterId": "paramId1",
- "dataSourceType": "LOG",
- "label": "Log label",
- "description": "Log data source",
- "example": "",
- "hidden": false
}
], - "author": "Sumo Logic",
}
}
]
}
Get an app by UUID.
Gets the app with the given universally unique identifier (UUID).
Authorizations:
path Parameters
| uuid required | string <uuid> The identifier of the app to retrieve. |
Responses
Response samples
- 200
- default
{- "appDefinition": {
- "contentId": "00000000000011AE",
- "uuid": "1c57fbc3-3141-4b12-aab3-5f40152bc3d9",
- "name": "Sumo Config",
- "appVersion": "1.0",
- "preview": true,
- "manifestVersion": "0.1"
}, - "appManifest": {
- "family": "IIS",
- "description": "A description for Sumo Logic Config App.",
- "categories": [
- "Sumo Logic",
- "Configuration"
], - "hoverText": "Sumo Config App",
- "helpDocIdMap": {
- "property1": "string",
- "property2": "string"
}, - "requirements": [ ],
- "accountTypes": [
- "free"
], - "requiresInstallationInstructions": false,
- "installationInstructions": "",
- "parameters": [
- {
- "parameterType": "DATA_SOURCE",
- "parameterId": "paramId1",
- "dataSourceType": "LOG",
- "label": "Log label",
- "description": "Log data source",
- "example": "",
- "hidden": false
}
], - "author": "Sumo Logic",
}
}Install an app by UUID.
Installs the app with given UUID in the folder specified using destinationFolderId.
Authorizations:
path Parameters
| uuid required | string <uuid> UUID of the app to install. |
Request Body schema: application/json
| name required | string [ 1 .. 128 ] characters Preferred name of the app to be installed. This will be the name of the app in the selected installation folder. |
| description required | string [ 1 .. 255 ] characters Preferred description of the app to be installed. This will be displayed as the app description in the selected installation folder. |
| destinationFolderId required | string Identifier of the folder in which the app will be installed in hexadecimal format. |
object Dictionary of properties specifying log-source name and value. |
Responses
Request samples
- Payload
{- "name": "Sumo Logic Configuration App",
- "description": "Sumo Logic Configuration App to configure collectors and data sources",
- "destinationFolderId": "00000000000001C8",
- "dataSourceValues": {
- "logsrc": "_sourceCategory = api"
}
}Response samples
- 200
- default
{- "id": "C03E086C137F38B4"
}App install job status.
Get the status of an asynchronous app install request for the given job identifier.
Authorizations:
path Parameters
| jobId required | string The identifier of the asynchronous install job. |
Responses
Response samples
- 200
- default
{- "status": "Success",
- "statusMessage": ""
}Content management API.
You can export, import, delete and copy content in your organization’s Library. For more information see Library. You can perform the request as a Content Administrator by using the isAdminMode parameter. For more information see Admin Mode.
Example
The following example uses API endpoints in the US1 deployment. Sumo Logic has several deployments that are assigned depending on the geographic location and the date an account is created. For details determining your account's deployment see API endpoints. The Content Import API can be used to create or update a Search, Scheduled Search, or Dashboard. Here is an example creating a Scheduled Search:
- Get the identifier of your
Personalfolder.curl -X GET -u "<accessId>:<accessKey>" https://api.sumologic.com/api/v2/content/folders/personal
Find the identifier of your Personal folder in the response.
{
...
"id": "0000000006A2E86F", <----
"name": "Personal",
"itemType": "Folder",
...
}
You can use getFolder, getAdminRecommededFolder, or getGlobalFolder endpoints to traverse the content tree and find the identifier of any folder you want to manage.
- Use the Content Import API to create a new Scheduled Search inside your
Personalfolder.curl -X POST -u "<accessId>:<accessKey>" -H "Content-Type: application/json" -d @search.json https://api.sumologic.com/api/v2/content/folders/0000000006A2E86F/import
The data file search.json in the above command has the following SavedSearchWithScheduleSyncDefinition object.
// file: search.json
{
"type": "SavedSearchWithScheduleSyncDefinition",
"name": "demo-scheduled-search",
"description": "Runs every hour with timerange of 15m and sends email notifications",
"search": {
"queryText": "\"error\" and \"warn\"",
"defaultTimeRange": "-15m",
"byReceiptTime": false,
"viewName": "",
"viewStartTime": null,
"queryParameters": []
},
"searchSchedule": {
"cronExpression": "0 0/15 * * * ? *",
"displayableTimeRange": "-15m",
"parseableTimeRange": {
"from": {
"relativeTime": "-15m",
"type": "RelativeTimeRangeBoundary"
},
"to": null,
"type": "BeginBoundedTimeRange"
},
"timeZone": "America/Los_Angeles",
"threshold": null,
"notification": {
"taskType": "EmailSearchNotificationSyncDefinition",
"toList": [
"ops@acme.org"
],
"subjectTemplate": "Search Results: {{SearchName}}",
"includeQuery": true,
"includeResultSet": true,
"includeHistogram": true,
"includeCsvAttachment": false
},
"muteErrorEmails": false,
"scheduleType": "1Hour",
"parameters": []
}
}
The response of above request will have the job identifier that you can use to track the status of the import job.
{
"id": "74DC17FA765C7443"
}
- Use the job identifier from the import request to get the status of the
import job.
curl -X GET -u "<accessId>:<accessKey>" https://api.sumologic.com/api/v2/content/folders/0000000006A2E86F/import/74DC17FA765C7443/status
If you are importing a large item, you might have to wait for the import job to finish. The following is an example response from a completed job.
{
"status": "Success",
"statusMessage": null,
"error": null
}
Get content item by path.
Get a content item corresponding to the given path.
Path is specified in the required query parameter path. The path should be URL encoded. For example, to get "Acme Corp" folder of a user "user@sumo.com" you can use the following curl command:
curl https://api.sumologic.com/api/v2/content/path?path=/Library/Users/user%40sumo.com/Acme%20Corp
The absolute path to a content item should be specified to get the item. The content library has "Library" folder at the root level. For items in "Personal" folder, the base path is "/Library/Users/user@sumo.com" where "user@sumo.com" is the email address of the user. For example if a user with email address wile@acme.com has Rockets folder inside Personal folder, the path of Rockets folder will be /Library/Users/wile@acme.com/Rockets.
For items in "Admin Recommended" folder, the base path is "/Library/Admin Recommended". For example, given a folder Acme in Admin Recommended folder, the path will be /Library/Admin Recommended/Acme.
Authorizations:
query Parameters
| path required | string Example: path=/Library/Users/user@sumo.com/SampleFolder Path of the content item to retrieve. |
Responses
Response samples
- 200
- default
{- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000C1C17C6",
- "name": "Personal",
- "itemType": "Folder",
- "parentId": "0000000001C41EF2",
- "permissions": [
- "View",
- "GrantView",
- "Edit"
]
}Get path of an item.
Get full path of a content item with the given identifier.
Authorizations:
path Parameters
| contentId required | string Identifier of the content item to get the path. |
Responses
Response samples
- 200
- default
{- "path": "/Library/Users/user@test.com/SampleFolder"
}Start a content export job.
Schedule an asynchronous export of content with the given identifier. You will get back an asynchronous job identifier on success. Use the getAsyncExportStatus endpoint and the job identifier you got back in the response to track the status of an asynchronous export job. If the content item is a folder, everything under the folder is exported recursively. Keep in mind when exporting large folders that there is a limit of 1000 content objects that can be exported at once. If you want to import more than 1000 content objects, then be sure to split the import into batches of 1000 objects or less. The results from the export are compatible with the Library import feature in the Sumo Logic user interface as well as the API content import job.
Authorizations:
path Parameters
| id required | string The identifier of the content item to export. Identifiers from the Library in the Sumo user interface are provided in decimal format which is incompatible with this API. The identifier needs to be in hexadecimal format. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Responses
Response samples
- 200
- default
{- "id": "C03E086C137F38B4"
}Content export job status.
Get the status of an asynchronous content export request for the given job identifier. On success, use the getExportResult endpoint to get the result of the export job.
Authorizations:
path Parameters
| contentId required | string The identifier of the exported content item. |
| jobId required | string The identifier of the asynchronous export job. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Responses
Response samples
- 200
- default
{- "status": "Success",
- "statusMessage": ""
}Content export job result.
Get results from content export job for the given job identifier. The results from this export are incompatible with the Library import feature in the Sumo user interface.
Authorizations:
path Parameters
| contentId required | string The identifier of the exported content item. |
| jobId required | string The identifier of the asynchronous job. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Responses
Response samples
- 200
- default
{- "type": "FolderSyncDefinition",
- "name": "string",
- "description": "string",
- "children": [
- {
- "type": "string",
- "name": "string"
}
]
}Start a content import job.
Schedule an asynchronous import of content inside an existing folder with the given identifier. Import requests can be used to create or update content within a folder. Content items need to have a unique name within their folder. If there is already a content item with the same name in the folder, you can set the overwrite parameter to true to overwrite existing content items. By default, the overwrite parameter is set to false, where the import will fail if a content item with the same name already exist. Keep in mind when importing large folders that there is a limit of 1000 content objects that can be imported at once. If you want to import more than 1000 content objects, then be sure to split the import into batches of 1000 objects or less.
Authorizations:
path Parameters
| folderId required | string The identifier of the folder to import into. Identifiers from the Library in the Sumo user interface are provided in decimal format which is incompatible with this API. The identifier needs to be in hexadecimal format. |
query Parameters
| overwrite | boolean Default: false Set this to "true" to overwrite a content item if the name already exists. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Request Body schema: application/json
The content to import.
| type required | string The content item type. Note:
|
| name required | string The name of the item. |
| description | string An optional description for the folder. |
required | Array of objects (ContentSyncDefinition) [ items ] The items in the folder, a list of Dashboard and/or Folder items. |
Responses
Request samples
- Payload
{- "type": "FolderSyncDefinition",
- "name": "string",
- "description": "string",
- "children": [
- {
- "type": "string",
- "name": "string"
}
]
}Response samples
- 200
- default
{- "id": "C03E086C137F38B4"
}Content import job status.
Get the status of a content import job for the given job identifier.
Authorizations:
path Parameters
| folderId required | string The identifier of the folder to import into. |
| jobId required | string The identifier of the import request. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Responses
Response samples
- 200
- default
{- "status": "Success",
- "statusMessage": ""
}Start a content deletion job.
Start an asynchronous content deletion job with the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of the content to delete. Identifiers from the Library in the Sumo user interface are provided in decimal format which is incompatible with this API. The identifier needs to be in hexadecimal format. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Responses
Response samples
- 200
- default
{- "id": "C03E086C137F38B4"
}Content deletion job status.
Get the status of an asynchronous content deletion job request for the given job identifier.
Authorizations:
path Parameters
| id required | string Identifier of the content to delete. |
| jobId required | string The identifier of the asynchronous job. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Responses
Response samples
- 200
- default
{- "status": "Success",
- "statusMessage": ""
}Start a content copy job.
Start an asynchronous content copy job with the given identifier to the destination folder. If the content item is a folder, everything under the folder is copied recursively.
Authorizations:
path Parameters
| id required | string The identifier of the content item to copy. Identifiers from the Library in the Sumo user interface are provided in decimal format which is incompatible with this API. The identifier needs to be in hexadecimal format. |
query Parameters
| destinationFolder required | string The identifier of the destination folder. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Responses
Response samples
- 200
- default
{- "id": "C03E086C137F38B4"
}Content copy job status.
Get the status of the copy request with the given job identifier. On success, field statusMessage will contain identifier of the newly copied content in format: id: {hexIdentifier}.
Authorizations:
path Parameters
| id required | string The identifier of the content which was copied. |
| jobId required | string The identifier of the asynchronous copy request job. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Responses
Response samples
- 200
- default
{- "status": "Success",
- "statusMessage": "id: 0000000000000197"
}Move an item.
Moves an item from its current location to another folder.
Authorizations:
path Parameters
| id required | string Identifier of the item the user wants to move. |
query Parameters
| destinationFolderId required | string Identifier of the destination folder. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Dashboard (New) management API.
Dashboard (New) allows you to analyze metric and log data on the same dashboard, in a seamless view. This gives you control over the visual display of metric and log data. Dashboard (New) streamlines dashboard configurations and on-the-fly analytic visualizations with its new templating features. For more information see Dashboard (New).
List all dashboards.
List all dashboards under the Personal folder created by the user.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 100 ] Default: 50 Example: limit=50 Limit the number of dashboard returned in the response. The number of dashboards returned may be less than the |
| token | string Example: token=GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "dashboards": [
- {
- "title": "Kubernetes Dashboard",
- "description": "A view of pods, namespaces and nodes of your cluster.",
- "folderId": "000000000C1C17C6",
- "topologyLabelMap": {
- "service": [
- "kube-scheduler",
- "kube-dns"
]
}, - "domain": "aws",
- "hierarchies": [
- "Kubernetes Node View"
], - "refreshInterval": 30,
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "panels": [
- {
- "id": "2F7D449E3D511066",
- "key": "panelca6280e4a75fca45",
- "title": "This panel shows memory usage for your kubernetes pod.",
- "visualSettings": "{\\\"general\\\":{\\\"type\\\":\\\"column\\\"}",
- "keepVisualSettingsConsistentWithParent": true,
- "panelType": "SumoSearchPanel"
}
], - "layout": {
- "layoutType": "Grid",
- "layoutStructures": [
- {
- "key": "panelPANE-3DC454FD977E2A46",
- "structure": "{\\\"height\\\":5,\\\"width\\\":9,\\\"x\\\":0,\\\"y\\\":0}"
}
]
}, - "variables": [
- {
- "id": "string",
- "name": "_sourceHost",
- "displayName": "Source Host",
- "defaultValue": "default_value",
- "sourceDefinition": {
- "variableSourceType": "MetadataVariableSourceDefinition"
}, - "allowMultiSelect": false,
- "includeAllOption": true,
- "hideFromUI": false,
- "valueType": "Any"
}
], - "theme": "light",
- "id": "B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2",
- "contentId": "1"
}
], - "next": "GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc"
}Create a new dashboard.
Creates a new dashboard.
Authorizations:
Request Body schema: application/json
Information to create the new dashboard.
| title required | string [ 1 .. 255 ] characters Title of the dashboard. |
| description | string Description of the dashboard. |
| folderId | string The identifier of the folder to save the dashboard in. By default it is saved in your personal folder. |
object (TopologyLabelMap) Map of the topology labels. Each label has a key and a list of values. If a value is | |
| domain | string Default: "" If set denotes that the dashboard concerns a given domain (e.g. |
| hierarchies | Array of strings <= 20 items Default: [] If set to non-empty array denotes that the dashboard concerns given hierarchies. |
| refreshInterval | integer <int32> Interval of time (in seconds) to automatically refresh the dashboard. A value of 0 means we never automatically refresh the dashboard. Allowed values are |
required | object (ResolvableTimeRange) |
Array of objects (Panel) [ items ] Panels in the dashboard. | |
object (Layout) | |
Array of objects (Variable) [ items ] Variables to apply to the panels. | |
| theme | string^(light|dark|Light|Dark)$ Default: "Light" Theme for the dashboard. Either |
Responses
Request samples
- Payload
{- "title": "Kubernetes Dashboard",
- "description": "A view of pods, namespaces and nodes of your cluster.",
- "folderId": "000000000C1C17C6",
- "topologyLabelMap": {
- "service": [
- "kube-scheduler",
- "kube-dns"
]
}, - "domain": "aws",
- "hierarchies": [
- "Kubernetes Node View"
], - "refreshInterval": 30,
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "panels": [
- {
- "id": "2F7D449E3D511066",
- "key": "panelca6280e4a75fca45",
- "title": "This panel shows memory usage for your kubernetes pod.",
- "visualSettings": "{\\\"general\\\":{\\\"type\\\":\\\"column\\\"}",
- "keepVisualSettingsConsistentWithParent": true,
- "panelType": "SumoSearchPanel"
}
], - "layout": {
- "layoutType": "Grid",
- "layoutStructures": [
- {
- "key": "panelPANE-3DC454FD977E2A46",
- "structure": "{\\\"height\\\":5,\\\"width\\\":9,\\\"x\\\":0,\\\"y\\\":0}"
}
]
}, - "variables": [
- {
- "id": "string",
- "name": "_sourceHost",
- "displayName": "Source Host",
- "defaultValue": "default_value",
- "sourceDefinition": {
- "variableSourceType": "MetadataVariableSourceDefinition"
}, - "allowMultiSelect": false,
- "includeAllOption": true,
- "hideFromUI": false,
- "valueType": "Any"
}
], - "theme": "light"
}Response samples
- 200
- default
{- "title": "Kubernetes Dashboard",
- "description": "A view of pods, namespaces and nodes of your cluster.",
- "folderId": "000000000C1C17C6",
- "topologyLabelMap": {
- "service": [
- "kube-scheduler",
- "kube-dns"
]
}, - "domain": "aws",
- "hierarchies": [
- "Kubernetes Node View"
], - "refreshInterval": 30,
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "panels": [
- {
- "id": "2F7D449E3D511066",
- "key": "panelca6280e4a75fca45",
- "title": "This panel shows memory usage for your kubernetes pod.",
- "visualSettings": "{\\\"general\\\":{\\\"type\\\":\\\"column\\\"}",
- "keepVisualSettingsConsistentWithParent": true,
- "panelType": "SumoSearchPanel"
}
], - "layout": {
- "layoutType": "Grid",
- "layoutStructures": [
- {
- "key": "panelPANE-3DC454FD977E2A46",
- "structure": "{\\\"height\\\":5,\\\"width\\\":9,\\\"x\\\":0,\\\"y\\\":0}"
}
]
}, - "variables": [
- {
- "id": "string",
- "name": "_sourceHost",
- "displayName": "Source Host",
- "defaultValue": "default_value",
- "sourceDefinition": {
- "variableSourceType": "MetadataVariableSourceDefinition"
}, - "allowMultiSelect": false,
- "includeAllOption": true,
- "hideFromUI": false,
- "valueType": "Any"
}
], - "theme": "light",
- "id": "B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2",
- "contentId": "1"
}Get a dashboard.
Get a dashboard by the given identifier.
Authorizations:
path Parameters
| id required | string UUID of the dashboard to return. |
Responses
Response samples
- 200
- default
{- "title": "Kubernetes Dashboard",
- "description": "A view of pods, namespaces and nodes of your cluster.",
- "folderId": "000000000C1C17C6",
- "topologyLabelMap": {
- "service": [
- "kube-scheduler",
- "kube-dns"
]
}, - "domain": "aws",
- "hierarchies": [
- "Kubernetes Node View"
], - "refreshInterval": 30,
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "panels": [
- {
- "id": "2F7D449E3D511066",
- "key": "panelca6280e4a75fca45",
- "title": "This panel shows memory usage for your kubernetes pod.",
- "visualSettings": "{\\\"general\\\":{\\\"type\\\":\\\"column\\\"}",
- "keepVisualSettingsConsistentWithParent": true,
- "panelType": "SumoSearchPanel"
}
], - "layout": {
- "layoutType": "Grid",
- "layoutStructures": [
- {
- "key": "panelPANE-3DC454FD977E2A46",
- "structure": "{\\\"height\\\":5,\\\"width\\\":9,\\\"x\\\":0,\\\"y\\\":0}"
}
]
}, - "variables": [
- {
- "id": "string",
- "name": "_sourceHost",
- "displayName": "Source Host",
- "defaultValue": "default_value",
- "sourceDefinition": {
- "variableSourceType": "MetadataVariableSourceDefinition"
}, - "allowMultiSelect": false,
- "includeAllOption": true,
- "hideFromUI": false,
- "valueType": "Any"
}
], - "theme": "light",
- "id": "B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2",
- "contentId": "1"
}Update a dashboard.
Update a dashboard by the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of the dashboard to update. |
Request Body schema: application/json
Information to update on the dashboard.
| title required | string [ 1 .. 255 ] characters Title of the dashboard. |
| description | string Description of the dashboard. |
| folderId | string The identifier of the folder to save the dashboard in. By default it is saved in your personal folder. |
object (TopologyLabelMap) Map of the topology labels. Each label has a key and a list of values. If a value is | |
| domain | string Default: "" If set denotes that the dashboard concerns a given domain (e.g. |
| hierarchies | Array of strings <= 20 items Default: [] If set to non-empty array denotes that the dashboard concerns given hierarchies. |
| refreshInterval | integer <int32> Interval of time (in seconds) to automatically refresh the dashboard. A value of 0 means we never automatically refresh the dashboard. Allowed values are |
required | object (ResolvableTimeRange) |
Array of objects (Panel) [ items ] Panels in the dashboard. | |
object (Layout) | |
Array of objects (Variable) [ items ] Variables to apply to the panels. | |
| theme | string^(light|dark|Light|Dark)$ Default: "Light" Theme for the dashboard. Either |
Responses
Request samples
- Payload
{- "title": "Kubernetes Dashboard",
- "description": "A view of pods, namespaces and nodes of your cluster.",
- "folderId": "000000000C1C17C6",
- "topologyLabelMap": {
- "service": [
- "kube-scheduler",
- "kube-dns"
]
}, - "domain": "aws",
- "hierarchies": [
- "Kubernetes Node View"
], - "refreshInterval": 30,
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "panels": [
- {
- "id": "2F7D449E3D511066",
- "key": "panelca6280e4a75fca45",
- "title": "This panel shows memory usage for your kubernetes pod.",
- "visualSettings": "{\\\"general\\\":{\\\"type\\\":\\\"column\\\"}",
- "keepVisualSettingsConsistentWithParent": true,
- "panelType": "SumoSearchPanel"
}
], - "layout": {
- "layoutType": "Grid",
- "layoutStructures": [
- {
- "key": "panelPANE-3DC454FD977E2A46",
- "structure": "{\\\"height\\\":5,\\\"width\\\":9,\\\"x\\\":0,\\\"y\\\":0}"
}
]
}, - "variables": [
- {
- "id": "string",
- "name": "_sourceHost",
- "displayName": "Source Host",
- "defaultValue": "default_value",
- "sourceDefinition": {
- "variableSourceType": "MetadataVariableSourceDefinition"
}, - "allowMultiSelect": false,
- "includeAllOption": true,
- "hideFromUI": false,
- "valueType": "Any"
}
], - "theme": "light"
}Response samples
- 200
- default
{- "title": "Kubernetes Dashboard",
- "description": "A view of pods, namespaces and nodes of your cluster.",
- "folderId": "000000000C1C17C6",
- "topologyLabelMap": {
- "service": [
- "kube-scheduler",
- "kube-dns"
]
}, - "domain": "aws",
- "hierarchies": [
- "Kubernetes Node View"
], - "refreshInterval": 30,
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "panels": [
- {
- "id": "2F7D449E3D511066",
- "key": "panelca6280e4a75fca45",
- "title": "This panel shows memory usage for your kubernetes pod.",
- "visualSettings": "{\\\"general\\\":{\\\"type\\\":\\\"column\\\"}",
- "keepVisualSettingsConsistentWithParent": true,
- "panelType": "SumoSearchPanel"
}
], - "layout": {
- "layoutType": "Grid",
- "layoutStructures": [
- {
- "key": "panelPANE-3DC454FD977E2A46",
- "structure": "{\\\"height\\\":5,\\\"width\\\":9,\\\"x\\\":0,\\\"y\\\":0}"
}
]
}, - "variables": [
- {
- "id": "string",
- "name": "_sourceHost",
- "displayName": "Source Host",
- "defaultValue": "default_value",
- "sourceDefinition": {
- "variableSourceType": "MetadataVariableSourceDefinition"
}, - "allowMultiSelect": false,
- "includeAllOption": true,
- "hideFromUI": false,
- "valueType": "Any"
}
], - "theme": "light",
- "id": "B23OjNs5ZCyn5VdMwOBoLo3PjgRnJSAlNTKEDAcpuDG2CIgRe9KFXMofm2H2",
- "contentId": "1"
}Delete a dashboard.
Delete a dashboard by the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of the dashboard to delete. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Start a report job
Schedule an asynchronous job to generate a report from a template. All items in the template will be included unless specified. See template section for more details on individual templates. Reports can be generated in Pdf or Png format and exported in various methods (ex. direct download). You will get back an asynchronous job identifier on success. Use the getAsyncReportGenerationStatus endpoint and the job identifier you got back in the response to track the status of an asynchronous report generation job.
Authorizations:
Request Body schema: application/json
Request for a report.
required | object (ReportAction) The base class of all report action types. |
| exportFormat required | string^(Pdf|Png)$ File format of the report. Can be |
| timezone required | string Time zone for the query time ranges. Follow the format in the IANA Time Zone Database. |
required | object (Template) |
Responses
Request samples
- Payload
{- "action": {
- "actionType": "DirectDownloadReportAction"
}, - "exportFormat": "Pdf",
- "timezone": "America/Los_Angeles",
- "template": {
- "templateType": "DashboardTemplate"
}
}Response samples
- 200
- default
{- "id": "C03E086C137F38B4"
}Get report generation job status
Get the status of an asynchronous report generation request for the given job identifier. On success, use the getReportGenerationResult endpoint to get the result of the report generation job.
Authorizations:
path Parameters
| jobId required | string The identifier of the asynchronous report generation job. |
Responses
Response samples
- 200
- default
{- "status": "Success",
- "statusMessage": ""
}Get report generation job result
Get the result of an asynchronous report generation request for the given job identifier.
Authorizations:
path Parameters
| jobId required | string The identifier of the asynchronous report generation job. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Folder management API.
You can add folders and subfolders to the Library in order to organize your content for easy access or to share content. For more information see Add Folders to the Library. You can perform the request as a Content Administrator by using the isAdminMode parameter. For more information see Admin Mode.
Create a new folder.
Creates a new folder under the given parent folder. Set the header parameter isAdminMode to "true" to create a folder inside "Admin Recommended" folder.
Authorizations:
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Request Body schema: application/json
Information about the new folder.
| name required | string [ 1 .. 128 ] characters The name of the folder. |
| description | string [ 0 .. 255 ] characters The description of the folder. |
| parentId required | string The identifier of the parent folder. |
Responses
Request samples
- Payload
{- "name": "SampleFolder",
- "description": "This is a sample folder.",
- "parentId": "string"
}Response samples
- 200
- default
{- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000C1C17C6",
- "name": "Personal",
- "itemType": "Folder",
- "parentId": "0000000001C41EF2",
- "permissions": [
- "View",
- "GrantView",
- "Edit"
], - "description": "This is a sample folder.",
- "children": [
- {
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000C1C17C6",
- "name": "Personal",
- "itemType": "Folder",
- "parentId": "0000000001C41EF2",
- "permissions": [
- "View",
- "GrantView",
- "Edit"
]
}
]
}Get a folder.
Get a folder with the given identifier. Set the header parameter isAdminMode to "true" if fetching a folder inside "Admin Recommended" folder.
Authorizations:
path Parameters
| id required | string Identifier of the folder to fetch. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Responses
Response samples
- 200
- default
{- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000C1C17C6",
- "name": "Personal",
- "itemType": "Folder",
- "parentId": "0000000001C41EF2",
- "permissions": [
- "View",
- "GrantView",
- "Edit"
], - "description": "This is a sample folder.",
- "children": [
- {
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000C1C17C6",
- "name": "Personal",
- "itemType": "Folder",
- "parentId": "0000000001C41EF2",
- "permissions": [
- "View",
- "GrantView",
- "Edit"
]
}
]
}Update a folder.
Update an existing folder with the given identifier. Set the header parameter isAdminMode to "true" if updating a folder inside "Admin Recommended" folder.
Authorizations:
path Parameters
| id required | string Identifier of the folder to update. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Request Body schema: application/json
Information to update about the folder.
| name required | string [ 1 .. 128 ] characters The name of the folder. |
| description | string [ 0 .. 255 ] characters The description of the folder. |
Responses
Request samples
- Payload
{- "name": "SampleFolder",
- "description": "This is a sample folder."
}Response samples
- 200
- default
{- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000C1C17C6",
- "name": "Personal",
- "itemType": "Folder",
- "parentId": "0000000001C41EF2",
- "permissions": [
- "View",
- "GrantView",
- "Edit"
], - "description": "This is a sample folder.",
- "children": [
- {
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000C1C17C6",
- "name": "Personal",
- "itemType": "Folder",
- "parentId": "0000000001C41EF2",
- "permissions": [
- "View",
- "GrantView",
- "Edit"
]
}
]
}Response samples
- 200
- default
{- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000C1C17C6",
- "name": "Personal",
- "itemType": "Folder",
- "parentId": "0000000001C41EF2",
- "permissions": [
- "View",
- "GrantView",
- "Edit"
], - "description": "This is a sample folder.",
- "children": [
- {
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000C1C17C6",
- "name": "Personal",
- "itemType": "Folder",
- "parentId": "0000000001C41EF2",
- "permissions": [
- "View",
- "GrantView",
- "Edit"
]
}
]
}Schedule Global View job
Schedule an asynchronous job to get Global View. Global View contains all top-level content items that a user has permissions to view in the organization. User can traverse the top-level folders using GetFolder API to get rest of the content items. Make sure you set isAdminMode header parameter to true when traversing top-level items.
Global View is not a real folder, therefore there is no folder identifier associated with it.
You get back a identifier of asynchronous job in response to this endpoint. See Asynchronous-Request section for more details on how to work with asynchronous request.
Authorizations:
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Responses
Response samples
- 200
- default
{- "id": "C03E086C137F38B4"
}Get Global View job status
Get the status of an asynchronous Global View job for the given job identifier. If job succeeds, use Global View Result endpoint to fetch all content items that you have permissions to view.
Authorizations:
path Parameters
| jobId required | string The identifier of the asynchronous Global View job. |
Responses
Response samples
- 200
- default
{- "status": "Success",
- "statusMessage": ""
}Get Global View job result
Get result of a Global View job for the given job identifier. The result will be a list of all content items that a user has permissions to view in the organization.
Authorizations:
path Parameters
| jobId required | string The identifier of the asynchronous Global View job. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000C1C17C6",
- "name": "Personal",
- "itemType": "Folder",
- "parentId": "0000000001C41EF2",
- "permissions": [
- "View",
- "GrantView",
- "Edit"
]
}
]
}Schedule Admin Recommended folder job
Schedule an asynchronous job to get the top-level Admin Recommended content items. You can read more about Admin Recommended folder here.
You get back a identifier of asynchronous job in response to this endpoint. See Asynchronous-Request section for more details on how to work with asynchronous request.
Authorizations:
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Responses
Response samples
- 200
- default
{- "id": "C03E086C137F38B4"
}Get Admin Recommended folder job status
Get the status of an asynchronous Admin Recommended folder job for the given job identifier. If job succeeds, use Admin Recommended Job Result endpoint to fetch top-level content items in Admin Recommended folder.
Authorizations:
path Parameters
| jobId required | string The identifier of the asynchronous Admin Recommended folder job. |
Responses
Response samples
- 200
- default
{- "status": "Success",
- "statusMessage": ""
}Get Admin Recommended folder job result
Get result of an Admin Recommended job for the given job identifier. The result will be "Admin Recommended" folder with a list of top-level Admin Recommended content items in children field.
Authorizations:
path Parameters
| jobId required | string The identifier of the asynchronous Admin Recommended folder job. |
Responses
Response samples
- 200
- default
{- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000C1C17C6",
- "name": "Personal",
- "itemType": "Folder",
- "parentId": "0000000001C41EF2",
- "permissions": [
- "View",
- "GrantView",
- "Edit"
], - "description": "This is a sample folder.",
- "children": [
- {
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000C1C17C6",
- "name": "Personal",
- "itemType": "Folder",
- "parentId": "0000000001C41EF2",
- "permissions": [
- "View",
- "GrantView",
- "Edit"
]
}
]
}Lookup Table management API.
A Lookup Table is a table of data hosted on Sumo Logic that you can use to enrich the log and event data received by Sumo Logic. You must create a table schema before you can populate the table. For more information see Lookup Tables.
Create a lookup table.
Create a new lookup table by providing a schema and specifying its configuration. Providing parentFolderId is mandatory. Use the getItemByPath endpoint to get content id of a path. Please check Content management API and Folder management API for all available options.
Authorizations:
Request Body schema: application/json
The schema and configuration for the lookup table.
| description required | string <= 1000 characters The description of the lookup table. |
required | Array of objects (LookupTableField) non-empty [ items ] The list of fields in the lookup table. |
| primaryKeys required | Array of strings non-empty unique The names of the fields that make up the primary key for the lookup table. These will be a subset of the fields that the table will contain. |
| ttl | integer <int32> [ 0 .. 525600 ] Default: 0 A time to live for each entry in the lookup table (in minutes). 365 days is the maximum time to live for each entry that you can specify. Setting it to 0 means that the records will not expire automatically. |
| sizeLimitAction | string^(StopIncomingMessages|DeleteOldData)$ Default: "StopIncomingMessages" The action that needs to be taken when the size limit is reached for the table. The possible values can be |
| name required | string <= 255 characters The name of the lookup table. |
| parentFolderId required | string The parent-folder-path identifier of the lookup table in the Library. |
Responses
Request samples
- Payload
{- "description": "This is a sample lookup table description.",
- "fields": [
- {
- "fieldName": "FieldName1",
- "fieldType": "boolean"
}
], - "primaryKeys": [
- "FieldName1"
], - "ttl": 100,
- "sizeLimitAction": "DeleteOldData",
- "name": "SampleLookupTable",
- "parentFolderId": "0000000001C41EE4"
}Response samples
- 200
- default
{- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "description": "This is a sample lookup table description.",
- "fields": [
- {
- "fieldName": "FieldName1",
- "fieldType": "boolean"
}
], - "primaryKeys": [
- "FieldName1"
], - "ttl": 100,
- "sizeLimitAction": "DeleteOldData",
- "name": "SampleLookupTable",
- "parentFolderId": "0000000001C41EE4",
- "id": "0000000001C41EE4",
- "contentPath": "/Library/Users/johndoe@acme.com/lookupTable",
- "size": 100
}Get a lookup table.
Get a lookup table for the given identifier.
Authorizations:
path Parameters
| id required | string Example: 0000000001C41EE4 Identifier of the lookup table. |
Responses
Response samples
- 200
- default
{- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "description": "This is a sample lookup table description.",
- "fields": [
- {
- "fieldName": "FieldName1",
- "fieldType": "boolean"
}
], - "primaryKeys": [
- "FieldName1"
], - "ttl": 100,
- "sizeLimitAction": "DeleteOldData",
- "name": "SampleLookupTable",
- "parentFolderId": "0000000001C41EE4",
- "id": "0000000001C41EE4",
- "contentPath": "/Library/Users/johndoe@acme.com/lookupTable",
- "size": 100
}Edit a lookup table.
Edit the lookup table data. All the fields are mandatory in the request.
Authorizations:
path Parameters
| id required | string Example: 0000000001C41EE4 Identifier of the lookup table. |
Request Body schema: application/json
The configuration changes for the lookup table.
| ttl required | integer <int32> [ 0 .. 525600 ] Default: 0 A time to live for each entry in the lookup table (in minutes). 0 is a special value. A TTL of 0 implies entry will never be deleted from the table. |
| description required | string <= 1000 characters The description of the lookup table. The description cannot be blank. |
| sizeLimitAction | string Default: "StopIncomingMessages" The action that needs to be taken when the size limit is reached for the table. The possible values can be |
Responses
Request samples
- Payload
{- "ttl": 100,
- "description": "This is a sample lookup table description.",
- "sizeLimitAction": "DeleteOldData"
}Response samples
- 200
- default
{- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "description": "This is a sample lookup table description.",
- "fields": [
- {
- "fieldName": "FieldName1",
- "fieldType": "boolean"
}
], - "primaryKeys": [
- "FieldName1"
], - "ttl": 100,
- "sizeLimitAction": "DeleteOldData",
- "name": "SampleLookupTable",
- "parentFolderId": "0000000001C41EE4",
- "id": "0000000001C41EE4",
- "contentPath": "/Library/Users/johndoe@acme.com/lookupTable",
- "size": 100
}Delete a lookup table.
Delete a lookup table completely.
Warning: This operation cannot be undone.
Authorizations:
path Parameters
| id required | string Example: 0000000001C41EE4 Identifier of the lookup table. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Upload a CSV file.
Create a request to populate a lookup table with a CSV file.
Authorizations:
path Parameters
| id required | string Example: 0000000001C41EE4 Identifier of the lookup table to populate. |
query Parameters
| merge | boolean Default: false Example: merge=true This indicates whether the file contents will be merged with existing data in the lookup table or not. If this is true then data with the same primary keys will be updated while the rest of the rows will be appended. By default, merge is false. The response includes a request identifier that you need to use in the Request Status API to track the status of the upload request. |
| fileEncoding | string Default: "UTF-8" Example: fileEncoding=UTF-16 File encoding of file being uploaded. |
Request Body schema: multipart/form-data
| file required | string <binary> The CSV file to upload.
|
Responses
Response samples
- 200
- default
{- "id": "0000000001C41EF2"
}Get the status of an async job.
Retrieve the status of a previously made request. If the request was successful, the status of the response object will be Success.
Authorizations:
path Parameters
| jobId required | string Example: 0000000001C41AA3 An identifier returned in response to an asynchronous request. |
Responses
Response samples
- 200
- default
{- "jobId": "0000000001C41EF2",
- "status": "string",
- "statusMessages": [
- "string"
], - "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short.",
- "detail": "Your password was 5 characters long, the minimum length is 12 characters. See http://example.com/password for more information.",
- "meta": {
- "minLength": 12,
- "actualLength": 5
}
}
], - "warnings": [
- {
- "message": "60 rows were dropped.",
- "cause": "Primary key values were duplicate."
}
], - "lookupContentId": "0000000001C41EE4",
- "lookupName": "sampleLookup",
- "lookupContentPath": "/Library/Users/xyz@demo.com/sampleLookup",
- "requestType": "BulkMerge",
- "userId": "0000000006743FDD",
- "createdAt": "2018-10-16T09:10:00Z",
- "modifiedAt": "2018-10-16T09:10:00Z"
}Insert or Update a lookup table row.
Insert or update a row of a lookup table with the given identifier. A new row is inserted if the primary key does not exist already, otherwise the existing row with the specified primary key is updated. All the fields of the lookup table are required and will be updated to the given values. In case a field is not specified then it will be assumed to be set to null. If the table size exceeds the maximum limit of 100MB then based on the size limit action of the table the update will be processed or discarded.
Authorizations:
path Parameters
| id required | string Example: 0000000001C41EE4 Identifier of the lookup table. |
Request Body schema: application/json
Lookup table row update definition.
required | Array of objects (TableRow) <= 1000 items [ items ] A list of all the field identifiers and their corresponding values. | ||||
Array (<= 1000 items)
| |||||
Responses
Request samples
- Payload
{- "row": [
- {
- "columnName": "user_id",
- "columnValue": "user1"
}
]
}Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Delete a lookup table row.
Delete a row from lookup table by giving primary key. The complete set of primary key fields of the lookup table should be provided.
Authorizations:
path Parameters
| id required | string Example: 0000000001C41EE4 Identifier of the lookup table. |
Request Body schema: application/json
Lookup table row delete definition.
required | Array of objects (TableRow) <= 1000 items [ items ] A list of all primary key field identifiers and their corresponding values. | ||||
Array (<= 1000 items)
| |||||
Responses
Request samples
- Payload
{- "primaryKey": [
- {
- "columnName": "user_id",
- "columnValue": "user1"
}
]
}Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Content permissions API.
You can share your folders, searches, and dashboards with specific users or roles. For more information see Share Content. You can perform the request as a Content Administrator by using the isAdminMode parameter. For more information see Admin Mode.
Get permissions of a content item
Returns content permissions of a content item with the given identifier.
Authorizations:
path Parameters
| id required | string The identifier of the content item. |
query Parameters
| explicitOnly | boolean Default: false There are two permission types: explicit and implicit. Permissions specifically assigned to the content item are explicit. Permissions derived from a parent content item, like a folder are implicit. To return only explicit permissions set this to true. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Responses
Response samples
- 200
- default
{- "explicitPermissions": [
- {
- "permissionName": "string",
- "sourceType": "role",
- "sourceId": "string",
- "contentId": "string"
}
], - "implicitPermissions": [
- {
- "permissionName": "string",
- "sourceType": "role",
- "sourceId": "string",
- "contentId": "string"
}
]
}Add permissions to a content item.
Add permissions to a content item with the given identifier.
Authorizations:
path Parameters
| id required | string The identifier of the content item. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Request Body schema: application/json
New permissions to add to the content item with the given identifier.
required | Array of objects (ContentPermissionAssignment) [ items ] Content permissions to be updated. |
| notifyRecipients required | boolean Set this to "true" to notify the users who had a permission update. |
| notificationMessage required | string The notification message sent to the users who had a permission update. |
Responses
Request samples
- Payload
{- "contentPermissionAssignments": [
- {
- "permissionName": "string",
- "sourceType": "role",
- "sourceId": "string",
- "contentId": "string"
}
], - "notifyRecipients": true,
- "notificationMessage": "string"
}Response samples
- 200
- default
{- "explicitPermissions": [
- {
- "permissionName": "string",
- "sourceType": "role",
- "sourceId": "string",
- "contentId": "string"
}
], - "implicitPermissions": [
- {
- "permissionName": "string",
- "sourceType": "role",
- "sourceId": "string",
- "contentId": "string"
}
]
}Remove permissions from a content item.
Remove permissions from a content item with the given identifier.
Authorizations:
path Parameters
| id required | string The identifier of the content item. |
header Parameters
| isAdminMode | string Set this to "true" if you want to perform the request as a Content Administrator. |
Request Body schema: application/json
Permissions to remove from a content item with the given identifier.
required | Array of objects (ContentPermissionAssignment) [ items ] Content permissions to be updated. |
| notifyRecipients required | boolean Set this to "true" to notify the users who had a permission update. |
| notificationMessage required | string The notification message sent to the users who had a permission update. |
Responses
Request samples
- Payload
{- "contentPermissionAssignments": [
- {
- "permissionName": "string",
- "sourceType": "role",
- "sourceId": "string",
- "contentId": "string"
}
], - "notifyRecipients": true,
- "notificationMessage": "string"
}Response samples
- 200
- default
{- "explicitPermissions": [
- {
- "permissionName": "string",
- "sourceType": "role",
- "sourceId": "string",
- "contentId": "string"
}
], - "implicitPermissions": [
- {
- "permissionName": "string",
- "sourceType": "role",
- "sourceId": "string",
- "contentId": "string"
}
]
}Metrics Search management API.
Save metrics searches in the content library and organize them in a folder hierarchy. Share useful queries with users in your organization. For more information see Sharing Metric Charts.
Save a metrics search.
Saves a metrics search in the content library. Metrics search consists of one or more queries, a time range, a quantization period and a set of chart properties like line width.
Authorizations:
Request Body schema: application/json
The definition of the metrics search.
| title required | string [ 1 .. 255 ] characters ^[a-zA-Z0-9 +%-@.,_()]+$ Item title in the content library. |
| description required | string <= 8192 characters Item description in the content library. |
required | object (ResolvableTimeRange) |
| logQuery | string <= 10240 characters Log query used to add an overlay to the chart. |
required | Array of objects (MetricsSearchQuery) [ items ] Metrics queries, up to the maximum of six. |
| desiredQuantizationInSecs | integer <int32> >= 0 Default: 0 Desired quantization in seconds. |
| properties | string Chart properties, like line width, color palette, and the fill missing data method. Leave this field empty to use the defaults. This property contains JSON object encoded as a string. |
| parentId required | string Identifier of a folder to which the metrics search should be added. |
Responses
Request samples
- Payload
{- "title": "Short title",
- "description": "Long and detailed description",
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "logQuery": "my_metric | timeslice 1m | count by _timeslice",
- "metricsQueries": [
- {
- "rowId": "A",
- "query": "my_metric | avg"
}
], - "desiredQuantizationInSecs": 60,
- "properties": "{ \\\"key\\\": \\\"value\\\" }",
- "parentId": "000000000000001A"
}Response samples
- 200
- default
{- "title": "Short title",
- "description": "Long and detailed description",
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "logQuery": "my_metric | timeslice 1m | count by _timeslice",
- "metricsQueries": [
- {
- "rowId": "A",
- "query": "my_metric | avg"
}
], - "desiredQuantizationInSecs": 60,
- "properties": "{ \\\"key\\\": \\\"value\\\" }",
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000000001A",
- "parentId": "0000000000007D2B"
}Get a metrics search.
Returns a metrics search with the specified identifier.
Authorizations:
path Parameters
| id required | string Identifier of the metrics search. |
Responses
Response samples
- 200
- default
{- "title": "Short title",
- "description": "Long and detailed description",
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "logQuery": "my_metric | timeslice 1m | count by _timeslice",
- "metricsQueries": [
- {
- "rowId": "A",
- "query": "my_metric | avg"
}
], - "desiredQuantizationInSecs": 60,
- "properties": "{ \\\"key\\\": \\\"value\\\" }",
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000000001A",
- "parentId": "0000000000007D2B"
}Updates a metrics search.
Updates a metrics search with the specified identifier. Partial updates are not supported, you must provide values for all fields.
Authorizations:
path Parameters
| id required | string Identifier of the metrics search. |
Request Body schema: application/json
An updated metrics search definition.
| title required | string [ 1 .. 255 ] characters ^[a-zA-Z0-9 +%-@.,_()]+$ Item title in the content library. |
| description required | string <= 8192 characters Item description in the content library. |
required | object (ResolvableTimeRange) |
| logQuery | string <= 10240 characters Log query used to add an overlay to the chart. |
required | Array of objects (MetricsSearchQuery) [ items ] Metrics queries, up to the maximum of six. |
| desiredQuantizationInSecs | integer <int32> >= 0 Default: 0 Desired quantization in seconds. |
| properties | string Chart properties, like line width, color palette, and the fill missing data method. Leave this field empty to use the defaults. This property contains JSON object encoded as a string. |
Responses
Request samples
- Payload
{- "title": "Short title",
- "description": "Long and detailed description",
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "logQuery": "my_metric | timeslice 1m | count by _timeslice",
- "metricsQueries": [
- {
- "rowId": "A",
- "query": "my_metric | avg"
}
], - "desiredQuantizationInSecs": 60,
- "properties": "{ \\\"key\\\": \\\"value\\\" }"
}Response samples
- 200
- default
{- "title": "Short title",
- "description": "Long and detailed description",
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "logQuery": "my_metric | timeslice 1m | count by _timeslice",
- "metricsQueries": [
- {
- "rowId": "A",
- "query": "my_metric | avg"
}
], - "desiredQuantizationInSecs": 60,
- "properties": "{ \\\"key\\\": \\\"value\\\" }",
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000000001A",
- "parentId": "0000000000007D2B"
}Deletes a metrics search.
Deletes a metrics search from the content library.
Authorizations:
path Parameters
| id required | string Identifier of the metrics search. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Transformation Rule management API. Metrics Transformation Rules allow you control how long raw metrics are retained. You can also aggregate metrics at collection time and specify a separate retention period for the aggregated metrics. For more information see Metrics Transformation Rules.
Get a list of transformation rules.
Get a list of transformation rules in the organization. The response is paginated with a default limit of 100 rules per page.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Example: limit=10 Limit the number of transformation rules returned in the response. |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "ruleDefinition": {
- "name": "Transformation Rule 1",
- "selector": "_sourceCategory=metricsstore",
- "dimensionTransformations": [
- {
- "transformationType": "AggregateOnTransformation",
- "aggregateOn": [
- "metric"
]
}, - {
- "transformationType": "AddOrReplaceTransformation",
- "dimensionToReplace": "metric",
- "value": "{{metric}}_aggregated"
}
], - "transformedMetricsRetention": 8,
- "retention": 8
}, - "enabled": true,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "string"
}
], - "next": "aGNzTmZBN1ZZWFk9"
}Create a new transformation rule.
Create a new transformation rule.
Authorizations:
Request Body schema: application/json
The configuration of the transformation rule to create.
required | object (TransformationRuleDefinition) The properties that define a transformation rule. |
| enabled required | boolean True if the rule is enabled. |
Responses
Request samples
- Payload
{- "ruleDefinition": {
- "name": "Transformation Rule 1",
- "selector": "_sourceCategory=metricsstore",
- "dimensionTransformations": [
- {
- "transformationType": "AggregateOnTransformation",
- "aggregateOn": [
- "metric"
]
}, - {
- "transformationType": "AddOrReplaceTransformation",
- "dimensionToReplace": "metric",
- "value": "{{metric}}_aggregated"
}
], - "transformedMetricsRetention": 8,
- "retention": 8
}, - "enabled": true
}Response samples
- 200
- default
{- "ruleDefinition": {
- "name": "Transformation Rule 1",
- "selector": "_sourceCategory=metricsstore",
- "dimensionTransformations": [
- {
- "transformationType": "AggregateOnTransformation",
- "aggregateOn": [
- "metric"
]
}, - {
- "transformationType": "AddOrReplaceTransformation",
- "dimensionToReplace": "metric",
- "value": "{{metric}}_aggregated"
}
], - "transformedMetricsRetention": 8,
- "retention": 8
}, - "enabled": true,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "string"
}Get a transformation rule.
Get a transformation rule with the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of transformation rule to return. |
Responses
Response samples
- 200
- default
{- "ruleDefinition": {
- "name": "Transformation Rule 1",
- "selector": "_sourceCategory=metricsstore",
- "dimensionTransformations": [
- {
- "transformationType": "AggregateOnTransformation",
- "aggregateOn": [
- "metric"
]
}, - {
- "transformationType": "AddOrReplaceTransformation",
- "dimensionToReplace": "metric",
- "value": "{{metric}}_aggregated"
}
], - "transformedMetricsRetention": 8,
- "retention": 8
}, - "enabled": true,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "string"
}Update a transformation rule.
Update an existing transformation rule. All properties specified in the request are replaced. Missing properties will remain the same.
Authorizations:
path Parameters
| id required | string Identifier of the transformation rule to update. |
Request Body schema: application/json
Information to update about the transformation rule.
required | object (TransformationRuleDefinition) The properties that define a transformation rule. |
| enabled required | boolean True if the rule is enabled. |
Responses
Request samples
- Payload
{- "ruleDefinition": {
- "name": "Transformation Rule 1",
- "selector": "_sourceCategory=metricsstore",
- "dimensionTransformations": [
- {
- "transformationType": "AggregateOnTransformation",
- "aggregateOn": [
- "metric"
]
}, - {
- "transformationType": "AddOrReplaceTransformation",
- "dimensionToReplace": "metric",
- "value": "{{metric}}_aggregated"
}
], - "transformedMetricsRetention": 8,
- "retention": 8
}, - "enabled": true
}Response samples
- 200
- default
{- "ruleDefinition": {
- "name": "Transformation Rule 1",
- "selector": "_sourceCategory=metricsstore",
- "dimensionTransformations": [
- {
- "transformationType": "AggregateOnTransformation",
- "aggregateOn": [
- "metric"
]
}, - {
- "transformationType": "AddOrReplaceTransformation",
- "dimensionToReplace": "metric",
- "value": "{{metric}}_aggregated"
}
], - "transformedMetricsRetention": 8,
- "retention": 8
}, - "enabled": true,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "string"
}Delete a transformation rule.
Delete a transformation rule with the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of the transformation rule to delete. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Metrics Query API.
The Metrics Query API allows you to execute queries on various metrics and retrieve multiple time-series (data-points) over time range(s). For more information see Metrics - Classic.
Run metrics queries
Execute up to six metrics queries. If you specify multiple queries, each is returned as a separate set of time series. A metric query returns a maximum of 300 data points per metric. A metric query will process a maximum of 15K unique time series to calculate the query results. Query results are limited to 1000 unique time series. For more information see Metrics Queries.
Authorizations:
Request Body schema: application/json
The parameters for the metrics query.
required | Array of objects (MetricsQueryRow) non-empty [ items ] A list of metrics queries. |
required | object (ResolvableTimeRange) |
Responses
Request samples
- Payload
{- "queries": [
- {
- "rowId": "A",
- "query": "metric=CPU_Idle",
- "quantization": 60000,
- "rollup": "Avg",
- "timeshift": -3600000
}
], - "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}
}Response samples
- 200
- default
{- "queryResult": [
- {
- "rowId": "A",
- "timeSeriesList": {
- "timeSeries": [
- {
- "metricDefinition": {
- "metric": "CPU_Total",
- "dimensions": {
- "_sourceHost": "us2-alert-1",
- "_sourceCategory": "alert"
}
}, - "points": {
- "timestamps": [
- 1623258710000
], - "values": [
- 1.5
]
}
}
], - "unit": "1/second",
- "timeShiftLabel": "-1h"
}
}
], - "errors": {
- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}
}Access Key management API.
Access Keys allow you to securely register new Collectors and access Sumo Logic APIs. For more information see Access Keys.
List all access keys.
List all access keys in your account.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Limit the number of access keys returned in the response. The number of access keys returned may be less than the |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "id": "su0w3Q37CBzHUM",
- "label": "collector access key",
- "disabled": false,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z"
}
], - "next": "GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc"
}Create an access key.
Creates a new access ID and key pair. The new access key can be used from the domains specified in corsHeaders field. Whether Sumo Logic accepts or rejects an API request depends on whether it contains an ORIGIN header and the entries in the allowlist. Sumo Logic will reject:
- Requests with an ORIGIN header but the allowlist is empty.
- Requests with an ORIGIN header that don't match any entry in the allowlist.
Authorizations:
Request Body schema: application/json
| label required | string <= 128 characters A name for the access key to be created. |
| corsHeaders | Array of strings <= 20 items An array of domains for which the access key is valid. Whether Sumo Logic accepts or rejects an API request depends on whether it contains an ORIGIN header and the entries in the allowlist. Sumo Logic will reject:
|
Responses
Request samples
- Payload
{- "label": "automation access key",
}Response samples
- 200
- default
{- "id": "su0w3Q37CBzHUM",
- "label": "collector access key",
- "disabled": false,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "key": "F9GZvb4fISxUZHM7pqHCsGXGWf4OArgmt9Tz8ewZ"
}Response samples
- 200
- default
{- "data": [
- {
- "id": "su0w3Q37CBzHUM",
- "label": "collector access key",
- "disabled": false,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z"
}
]
}Update an access key.
Updates the properties of existing accessKey by accessId. It can be used to enable or disable the access key and to update the corsHeaders list.
Authorizations:
path Parameters
| id required | string The accessId of the access key to update. |
Request Body schema: application/json
| disabled required | boolean Indicates whether the access key is disabled or not. |
| corsHeaders | Array of strings <= 20 items An array of domains for which the access key is valid. Whether Sumo Logic accepts or rejects an API request depends on whether it contains an ORIGIN header and the entries in the allowlist. Sumo Logic will reject:
|
Responses
Request samples
- Payload
{- "disabled": true,
}Response samples
- 200
- default
{- "id": "su0w3Q37CBzHUM",
- "label": "collector access key",
- "disabled": false,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z"
}Delete an access key.
Deletes the access key with the given accessId.
Authorizations:
path Parameters
| id required | string The accessId of the access key to delete. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Account Management API.
Manage the custom subdomain for the URL used to access your Sumo Logic account. For more information see Manage Organization.
Get overview of the account status.
Get information related to the account's plan, pricing model, expiration and payment status.
Authorizations:
Responses
Response samples
- 200
- default
{- "pricingModel": "credits",
- "canUpdatePlan": true,
- "planType": "Free",
- "planExpirationDays": 20,
- "applicationUse": "ALLOWED",
- "accountActivated": true
}Response samples
- 200
- default
{- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "subdomain": "my-company",
}Update account subdomain.
Update a subdomain. Only the Account Owner can update the subdomain.
Authorizations:
Request Body schema: application/json
The new subdomain.
| subdomain required | string [ 4 .. 63 ] characters ^(?!xn--)[a-z0-9]([a-z0-9-]*[a-z0-9])?$ The new subdomain. |
Responses
Request samples
- Payload
{- "subdomain": "my-company"
}Response samples
- 200
- default
{- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "subdomain": "my-company",
}Create account subdomain.
Create a subdomain. Only the Account Owner can create a subdomain.
Authorizations:
Request Body schema: application/json
The new subdomain.
| subdomain required | string [ 4 .. 63 ] characters ^(?!xn--)[a-z0-9]([a-z0-9-]*[a-z0-9])?$ The new subdomain. |
Responses
Request samples
- Payload
{- "subdomain": "my-company"
}Response samples
- 200
- default
{- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "subdomain": "my-company",
}Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Recover subdomains for a user.
Send an email with the subdomain information for a user with the given email address.
Authorizations:
query Parameters
| email required | string Email address of the user to get subdomain information. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Password Policy Management API
The password policy controls how user passwords are managed. The "Manage Password Policy" role capability is required to update the password policy. For more information see how to set a password policy.
Response samples
- 200
- default
{- "minLength": 8,
- "maxLength": 128,
- "mustContainLowercase": true,
- "mustContainUppercase": true,
- "mustContainDigits": true,
- "mustContainSpecialChars": true,
- "maxPasswordAgeInDays": 365,
- "minUniquePasswords": 10,
- "accountLockoutThreshold": 6,
- "failedLoginResetDurationInMins": 10,
- "accountLockoutDurationInMins": 30,
- "requireMfa": false,
- "rememberMfa": true
}Update password policy.
Update the current password policy.
Authorizations:
Request Body schema: application/json
| minLength | integer <int32> [ 8 .. 128 ] Default: 8 The minimum length of the password. |
| maxLength | integer <int32> [ 128 .. 128 ] Default: 128 The maximum length of the password. (Setting this to any value other than 128 is no longer supported; this field may be deprecated in the future.) |
| mustContainLowercase | boolean Default: true If the password must contain lower case characters. |
| mustContainUppercase | boolean Default: true If the password must contain upper case characters. |
| mustContainDigits | boolean Default: true If the password must contain digits. |
| mustContainSpecialChars | boolean Default: true If the password must contain special characters. |
| maxPasswordAgeInDays | integer <int32> [ -1 .. 365 ] Default: 365 Maximum number of days that a password can be used before user is required to change it. Put -1 if the user should not have to change their password. |
| minUniquePasswords | integer <int32> [ 4 .. 10 ] Default: 10 The minimum number of unique new passwords that a user must use before an old password can be reused. |
| accountLockoutThreshold | integer <int32> [ 3 .. 10 ] Default: 6 Number of failed login attempts allowed before account is locked-out. |
| failedLoginResetDurationInMins | integer <int32> [ 1 .. 10 ] Default: 10 The duration of time in minutes that must elapse from the first failed login attempt after which failed login count is reset to 0. |
| accountLockoutDurationInMins | integer <int32> [ 30 .. 120 ] Default: 30 The duration of time in minutes that a locked-out account remained locked before getting unlocked automatically. |
| requireMfa | boolean Default: false If MFA should be required to log in. By default, this field is set to |
| rememberMfa | boolean Default: true If MFA should be remembered on the browser. |
Responses
Request samples
- Payload
{- "minLength": 8,
- "maxLength": 128,
- "mustContainLowercase": true,
- "mustContainUppercase": true,
- "mustContainDigits": true,
- "mustContainSpecialChars": true,
- "maxPasswordAgeInDays": 365,
- "minUniquePasswords": 10,
- "accountLockoutThreshold": 6,
- "failedLoginResetDurationInMins": 10,
- "accountLockoutDurationInMins": 30,
- "requireMfa": false,
- "rememberMfa": true
}Response samples
- 200
- default
{- "minLength": 8,
- "maxLength": 128,
- "mustContainLowercase": true,
- "mustContainUppercase": true,
- "mustContainDigits": true,
- "mustContainSpecialChars": true,
- "maxPasswordAgeInDays": 365,
- "minUniquePasswords": 10,
- "accountLockoutThreshold": 6,
- "failedLoginResetDurationInMins": 10,
- "accountLockoutDurationInMins": 30,
- "requireMfa": false,
- "rememberMfa": true
}Policies management API.
Policies control the security and share settings of your organization. For more information see Security.
Get Audit policy.
Get the Audit policy. This policy specifies whether audit records for your account are enabled. You can access details about reported account events in the Sumo Logic Audit Index. Learn More
Authorizations:
Responses
Response samples
- 200
- default
{- "enabled": true
}Set Audit policy.
Set the Audit policy. This policy specifies whether audit records for your account are enabled. You can access details about reported account events in the Sumo Logic Audit Index. Learn More
Authorizations:
Request Body schema: application/json
| enabled required | boolean Whether the Audit policy is enabled. |
Responses
Request samples
- Payload
{- "enabled": true
}Response samples
- 200
- default
{- "enabled": true
}Get Search Audit policy.
Get the Search Audit policy. This policy specifies whether search records for your account are enabled. You can access details about your account's search capacity, queries run by users from the Sumo Search Audit Index. Learn More
Authorizations:
Responses
Response samples
- 200
- default
{- "enabled": true
}Set Search Audit policy.
Set the Search Audit policy. This policy specifies whether search records for your account are enabled. You can access details about your account's search capacity, queries run by users from the Sumo Search Audit Index. Learn More
Authorizations:
Request Body schema: application/json
| enabled required | boolean Whether the Search Audit policy is enabled. |
Responses
Request samples
- Payload
{- "enabled": true
}Response samples
- 200
- default
{- "enabled": true
}Get Data Access Level policy.
Get the Data Access Level policy. When enabled, this policy sets the default data access level for all newly created dashboards to the viewer’s role access filter. Otherwise, newly created dashboards will default to the sharer’s role access filter and might display data that viewers’ roles don’t allow them to view. Learn More
Authorizations:
Responses
Response samples
- 200
- default
{- "enabled": true
}Set Data Access Level policy.
Set the Data Access Level policy. When enabled, this policy sets the default data access level for all newly created dashboards to the viewer’s role access filter. Otherwise, newly created dashboards will default to the sharer’s role access filter and might display data that viewers’ roles don’t allow them to view. Learn More
Authorizations:
Request Body schema: application/json
| enabled required | boolean Whether the Data Access Level policy is enabled. |
Responses
Request samples
- Payload
{- "enabled": true
}Response samples
- 200
- default
{- "enabled": true
}Get User Concurrent Sessions Limit policy.
Get the User Concurrent Sessions Limit policy. When enabled, the number of concurrent sessions a user may have is limited to the value entered. If a user exceeds the allowed number of sessions, the user's oldest session will be logged out to accommodate the new one. Disabling this policy means a user may have an unlimited number of concurrent sessions. Learn More
Authorizations:
Responses
Response samples
- 200
- default
{- "enabled": true,
- "maxConcurrentSessions": 50
}Set User Concurrent Sessions Limit policy.
Set the User Concurrent Sessions Limit policy. When enabled, the number of concurrent sessions a user may have is limited to the value entered. If a user exceeds the allowed number of sessions, the user's oldest session will be logged out to accommodate the new one. Disabling this policy means a user may have an unlimited number of concurrent sessions. Learn More
Authorizations:
Request Body schema: application/json
| enabled required | boolean Whether the User Concurrent Sessions Limit policy is enabled. |
| maxConcurrentSessions | integer <int32> [ 1 .. 100 ] Default: 100 Maximum number of concurrent sessions a user may have. |
Responses
Request samples
- Payload
{- "enabled": true,
- "maxConcurrentSessions": 50
}Response samples
- 200
- default
{- "enabled": true,
- "maxConcurrentSessions": 50
}Get Max User Session Timeout policy.
Get the Max User Session Timeout policy. When enabled, this policy sets the maximum web session timeout users are able to configure within their user preferences. Users preferences will be updated to match this value only if their current preference is set to a higher value. Learn More
Authorizations:
Responses
Response samples
- 200
- default
{- "maxUserSessionTimeout": "1d"
}Set Max User Session Timeout policy.
Set the Max User Session Timeout policy. When enabled, this policy sets the maximum web session timeout users are able to configure within their user preferences. Users preferences will be updated to match this value only if their current preference is set to a higher value. Learn More
Authorizations:
Request Body schema: application/json
| maxUserSessionTimeout required | string^(5m|15m|30m|1h|2h|6h|12h|1d|2d|3d|5d|7d)$ Maximum web session timeout users are able to configure within their user preferences. Valid values are: |
Responses
Request samples
- Payload
{- "maxUserSessionTimeout": "1d"
}Response samples
- 200
- default
{- "maxUserSessionTimeout": "1d"
}SAML configuration management API
Organizations with Enterprise accounts can provision Security Assertion Markup Language (SAML) 2.0 to enable Single Sign-On (SSO) for user access to Sumo Logic. For more information see SAML Configuration.
Get a list of SAML configurations.
Get a list of all SAML configurations in the organization.
Authorizations:
Responses
Response samples
- 200
- default
[- {
- "configurationName": "SumoLogic",
- "spInitiatedLoginEnabled": false,
- "x509cert1": "string",
- "x509cert2": "",
- "x509cert3": "",
- "onDemandProvisioningEnabled": {
- "onDemandProvisioningRoles": "[\"Analyst\", \"Administrator\"]"
}, - "rolesAttribute": "Sumo_Role",
- "logoutEnabled": false,
- "emailAttribute": "attribute/subject",
- "debugMode": false,
- "signAuthnRequest": false,
- "disableRequestedAuthnContext": false,
- "isRedirectBinding": false,
- "certificate": "string",
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "00000000361130F7",
}
]Create a new SAML configuration.
Create a new SAML configuration in the organization.
Authorizations:
Request Body schema: application/json
The configuration of the SAML identity provider.
| spInitiatedLoginPath | string Deprecated Default: "" This property has been deprecated and is no longer used. |
| configurationName required | string Name of the SSO policy or another name used to describe the policy internally. |
| issuer required | string The unique URL assigned to the organization by the SAML Identity Provider. |
| spInitiatedLoginEnabled | boolean Default: false True if Sumo Logic redirects users to your identity provider with a SAML AuthnRequest when signing in. |
| authnRequestUrl | string Default: "" The URL that the identity provider has assigned for Sumo Logic to submit SAML authentication requests to the identity provider. |
| x509cert1 required | string The certificate is used to verify the signature in SAML assertions. |
| x509cert2 | string Default: "" The backup certificate used to verify the signature in SAML assertions when x509cert1 expires. |
| x509cert3 | string Default: "" The backup certificate used to verify the signature in SAML assertions when x509cert1 expires and x509cert2 is empty. |
object (OnDemandProvisioningInfo) | |
| rolesAttribute | string Default: "" The role that Sumo Logic will assign to users when they sign in. |
| logoutEnabled | boolean Default: false True if users are redirected to a URL after signing out of Sumo Logic. |
| logoutUrl | string Default: "" The URL that users will be redirected to after signing out of Sumo Logic. |
| emailAttribute | string Default: "" The email address of the new user account. |
| debugMode | boolean Default: false True if additional details are included when a user fails to sign in. |
| signAuthnRequest | boolean Default: false True if Sumo Logic will send signed Authn requests to the identity provider. |
| disableRequestedAuthnContext | boolean Default: false True if Sumo Logic will include the RequestedAuthnContext element of the SAML AuthnRequests it sends to the identity provider. |
| isRedirectBinding | boolean Default: false True if the SAML binding is of HTTP Redirect type. |
Responses
Request samples
- Payload
{- "configurationName": "SumoLogic",
- "spInitiatedLoginEnabled": false,
- "x509cert1": "string",
- "x509cert2": "",
- "x509cert3": "",
- "onDemandProvisioningEnabled": {
- "onDemandProvisioningRoles": "[\"Analyst\", \"Administrator\"]"
}, - "rolesAttribute": "Sumo_Role",
- "logoutEnabled": false,
- "emailAttribute": "attribute/subject",
- "debugMode": false,
- "signAuthnRequest": false,
- "disableRequestedAuthnContext": false,
- "isRedirectBinding": false
}Response samples
- 200
- default
{- "configurationName": "SumoLogic",
- "spInitiatedLoginEnabled": false,
- "x509cert1": "string",
- "x509cert2": "",
- "x509cert3": "",
- "onDemandProvisioningEnabled": {
- "onDemandProvisioningRoles": "[\"Analyst\", \"Administrator\"]"
}, - "rolesAttribute": "Sumo_Role",
- "logoutEnabled": false,
- "emailAttribute": "attribute/subject",
- "debugMode": false,
- "signAuthnRequest": false,
- "disableRequestedAuthnContext": false,
- "isRedirectBinding": false,
- "certificate": "string",
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "00000000361130F7",
}Update a SAML configuration.
Update an existing SAML configuration in the organization.
Authorizations:
path Parameters
| id required | string Identifier of the SAML configuration to update. |
Request Body schema: application/json
Information to update in the SAML configuration.
| spInitiatedLoginPath | string Deprecated Default: "" This property has been deprecated and is no longer used. |
| configurationName required | string Name of the SSO policy or another name used to describe the policy internally. |
| issuer required | string The unique URL assigned to the organization by the SAML Identity Provider. |
| spInitiatedLoginEnabled | boolean Default: false True if Sumo Logic redirects users to your identity provider with a SAML AuthnRequest when signing in. |
| authnRequestUrl | string Default: "" The URL that the identity provider has assigned for Sumo Logic to submit SAML authentication requests to the identity provider. |
| x509cert1 required | string The certificate is used to verify the signature in SAML assertions. |
| x509cert2 | string Default: "" The backup certificate used to verify the signature in SAML assertions when x509cert1 expires. |
| x509cert3 | string Default: "" The backup certificate used to verify the signature in SAML assertions when x509cert1 expires and x509cert2 is empty. |
object (OnDemandProvisioningInfo) | |
| rolesAttribute | string Default: "" The role that Sumo Logic will assign to users when they sign in. |
| logoutEnabled | boolean Default: false True if users are redirected to a URL after signing out of Sumo Logic. |
| logoutUrl | string Default: "" The URL that users will be redirected to after signing out of Sumo Logic. |
| emailAttribute | string Default: "" The email address of the new user account. |
| debugMode | boolean Default: false True if additional details are included when a user fails to sign in. |
| signAuthnRequest | boolean Default: false True if Sumo Logic will send signed Authn requests to the identity provider. |
| disableRequestedAuthnContext | boolean Default: false True if Sumo Logic will include the RequestedAuthnContext element of the SAML AuthnRequests it sends to the identity provider. |
| isRedirectBinding | boolean Default: false True if the SAML binding is of HTTP Redirect type. |
Responses
Request samples
- Payload
{- "configurationName": "SumoLogic",
- "spInitiatedLoginEnabled": false,
- "x509cert1": "string",
- "x509cert2": "",
- "x509cert3": "",
- "onDemandProvisioningEnabled": {
- "onDemandProvisioningRoles": "[\"Analyst\", \"Administrator\"]"
}, - "rolesAttribute": "Sumo_Role",
- "logoutEnabled": false,
- "emailAttribute": "attribute/subject",
- "debugMode": false,
- "signAuthnRequest": false,
- "disableRequestedAuthnContext": false,
- "isRedirectBinding": false
}Response samples
- 200
- default
{- "configurationName": "SumoLogic",
- "spInitiatedLoginEnabled": false,
- "x509cert1": "string",
- "x509cert2": "",
- "x509cert3": "",
- "onDemandProvisioningEnabled": {
- "onDemandProvisioningRoles": "[\"Analyst\", \"Administrator\"]"
}, - "rolesAttribute": "Sumo_Role",
- "logoutEnabled": false,
- "emailAttribute": "attribute/subject",
- "debugMode": false,
- "signAuthnRequest": false,
- "disableRequestedAuthnContext": false,
- "isRedirectBinding": false,
- "certificate": "string",
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "00000000361130F7",
}Delete a SAML configuration.
Delete a SAML configuration with the given identifier from the organization.
Authorizations:
path Parameters
| id required | string Identifier of the SAML configuration to delete. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Response samples
- 200
- default
[- {
- "userId": "string",
- "firstName": "string",
- "lastName": "string",
- "email": "john@sumologic.com",
- "canManageSaml": true,
- "isActive": true,
- "lastLogin": "2019-08-24T14:15:22Z"
}
]Allowlist a user.
Allowlist a user from SAML lockdown allowing them to sign in using a password in addition to SAML.
Authorizations:
path Parameters
| userId required | string Identifier of the user. |
Responses
Response samples
- 200
- default
{- "userId": "string",
- "firstName": "string",
- "lastName": "string",
- "email": "john@sumologic.com",
- "canManageSaml": true,
- "isActive": true,
- "lastLogin": "2019-08-24T14:15:22Z"
}Remove an allowlisted user.
Remove an allowlisted user requiring them to sign in using SAML.
Authorizations:
path Parameters
| userId required | string Identifier of user that will no longer be allowlisted from SAML Lockdown. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Require SAML for sign-in.
Enabling SAML lockdown requires users to sign in using SAML preventing them from logging in with an email and password.
Authorizations:
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Service Allowlist management API
Service Allowlist Settings allow you to explicitly grant access to specific IP addresses and/or CIDR notations for logins, APIs, and dashboard access. For more information see Service Allowlist Settings.
Allowlist CIDRs/IP addresses.
Add CIDR notations and/or IP addresses to the allowlist of the organization if not already there. When service allowlisting functionality is enabled, CIDRs/IP addresses that are allowlisted will have access to Sumo Logic and/or content sharing.
Authorizations:
Request Body schema: application/json
List of all CIDR notations and/or IP addresses to be added to the allowlist of the organization.
required | Array of objects (Cidr) <= 50 items [ items ] An array of CIDR notations and/or IP addresses. | ||||
Array (<= 50 items)
| |||||
Responses
Request samples
- Payload
{- "data": [
- {
- "cidr": "192.35.24.1",
- "description": "Accountant"
}
]
}Response samples
- 200
- default
{- "data": [
- {
- "cidr": "192.35.24.1",
- "description": "Accountant"
}
]
}Remove allowlisted CIDRs/IP addresses.
Remove allowlisted CIDR notations and/or IP addresses from the organization. Removed CIDRs/IPs will immediately lose access to Sumo Logic and content sharing.
Authorizations:
Request Body schema: application/json
List of all CIDR notations and/or IP addresses to be removed from the allowlist of the organization.
required | Array of objects (Cidr) <= 50 items [ items ] An array of CIDR notations and/or IP addresses. | ||||
Array (<= 50 items)
| |||||
Responses
Request samples
- Payload
{- "data": [
- {
- "cidr": "192.35.24.1",
- "description": "Accountant"
}
]
}Response samples
- 200
- default
{- "data": [
- {
- "cidr": "192.35.24.1",
- "description": "Accountant"
}
]
}Enable service allowlisting.
Enable service allowlisting functionality for the organization. The service allowlisting can be for 1. Login: If enabled, access to Sumo Logic is granted only to CIDRs/IP addresses that are allowlisted. 2. Content: If enabled, dashboards can be shared with users connecting from CIDRs/IP addresses that are allowlisted without logging in.
Authorizations:
query Parameters
| allowlistType required | string^(Login|Content|Both)$ Example: allowlistType=Login The type of allowlisting to be enabled. It can be one of: |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Disable service allowlisting.
Disable service allowlisting functionality for login/API authentication or content sharing for the organization.
Authorizations:
query Parameters
| allowlistType required | string^(Login|Content|Both)$ Example: allowlistType=Login The type of allowlisting to be disabled. It can be one of: |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Connection management API.
Set up connections to send alerts to other tools. For more information see Connections and Integrations.
Get a list of connections.
Get a list of all connections in the organization. The response is paginated with a default limit of 100 connections per page.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Limit the number of connections returned in the response. The number of connections returned may be less than the |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "type": "string",
- "id": "string",
- "name": "string",
- "description": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string"
}
], - "next": "string"
}Create a new connection.
Create a new connection in the organization.
Authorizations:
Request Body schema: application/json
Information about the new connection.
| type required | string^(WebhookDefinition|ServiceNowDefinition)$ Type of connection. Valid values are |
| name required | string [ 1 .. 127 ] characters ^([a-zA-Z0-9 +%\-@.,_()]+)$ Name of connection. Name should be a valid alphanumeric value. |
| description | string <= 1024 characters Default: "" Description of the connection. |
| url required | string URL for the ServiceNow connection. |
| username required | string User name for the ServiceNow connection. |
| password required | string User password for the ServiceNow connection. |
Responses
Request samples
- Payload
{- "type": "ServiceNowDefinition",
- "name": "string",
- "description": "",
- "username": "string",
- "password": "string"
}Response samples
- 200
- default
{- "type": "ServiceNowConnection",
- "id": "string",
- "name": "string",
- "description": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "url": "string",
- "username": "string"
}Test a new connection url.
Test a new connection url is valid and can connect.
Authorizations:
Request Body schema: application/json
Information about the new connection.
| type required | string^(WebhookDefinition|ServiceNowDefinition)$ Type of connection. Valid values are |
| name required | string [ 1 .. 127 ] characters ^([a-zA-Z0-9 +%\-@.,_()]+)$ Name of connection. Name should be a valid alphanumeric value. |
| description | string <= 1024 characters Default: "" Description of the connection. |
| url required | string URL for the ServiceNow connection. |
| username required | string User name for the ServiceNow connection. |
| password required | string User password for the ServiceNow connection. |
Responses
Request samples
- Payload
{- "type": "ServiceNowDefinition",
- "name": "string",
- "description": "",
- "username": "string",
- "password": "string"
}Response samples
- 200
- default
{- "statusCode": 0,
- "responseContent": "string"
}Get a connection.
Get a connection with the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of connection to return. |
query Parameters
| type required | string Default: "WebhookConnection" Type of connection to return. Valid values are |
Responses
Response samples
- 200
- default
{- "type": "ServiceNowConnection",
- "id": "string",
- "name": "string",
- "description": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "url": "string",
- "username": "string"
}Update a connection.
Update an existing connection.
Authorizations:
path Parameters
| id required | string Identifier of the connection to update. |
Request Body schema: application/json
Information to update about the connection.
| type required | string^(WebhookDefinition|ServiceNowDefinition)$ Type of connection. Valid values are |
| name required | string [ 1 .. 127 ] characters ^([a-zA-Z0-9 +%\-@.,_()]+)$ Name of connection. Name should be a valid alphanumeric value. |
| description | string <= 1024 characters Default: "" Description of the connection. |
| url required | string URL for the ServiceNow connection. |
| username required | string User name for the ServiceNow connection. |
| password required | string User password for the ServiceNow connection. |
Responses
Request samples
- Payload
{- "type": "ServiceNowDefinition",
- "name": "string",
- "description": "",
- "username": "string",
- "password": "string"
}Response samples
- 200
- default
{- "type": "ServiceNowConnection",
- "id": "string",
- "name": "string",
- "description": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "url": "string",
- "username": "string"
}Delete a connection.
Delete a connection with the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of the connection to delete. |
query Parameters
| type required | string^(WebhookConnection|ServiceNowConnection)$ Type of connection to delete. Valid values are |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Dynamic Parsing management API.
Dynamic Parsing allows automatic field extraction from your log messages when you run a search. This allows you to view fields from logs without having to manually specify parsing logic. For more information see Dynamic Parsing.
Get a list of dynamic parsing rules.
Get a list of all dynamic parsing rules. The response is paginated with a default limit of 100 dynamic parsing rules per page.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Example: limit=10 Limit the number of dynamic parsing rules returned in the response. The number of dynamic parsing rules returned may be less than the |
| token | string Example: token=0000000001C51FF7 Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "name": "DynamicParsingRule123",
- "scope": "_sourceHost=127.0.0.1",
- "enabled": false,
- "createdAt": "string",
- "createdBy": "string",
- "modifiedAt": "string",
- "modifiedBy": "string",
- "id": "0000000001C41EE4",
- "isSystemRule": false
}
], - "next": "0000000001C51FF7"
}Create a new dynamic parsing rule.
Create a new dynamic parsing rule.
Authorizations:
Request Body schema: application/json
Information about the new dynamic parsing rule.
| name required | string [ 1 .. 256 ] characters Name of the dynamic parsing rule. Use a name that makes it easy to identify the rule. |
| scope required | string [ 1 .. 2048 ] characters Scope of the dynamic parsing rule. This could be a sourceCategory, sourceHost, or any other metadata that describes the data you want to extract from. Think of the Scope as the first portion of an ad hoc search, before the first pipe ( | ). You'll use the Scope to run a search against the rule. |
| enabled required | boolean Default: true Is the dynamic parsing rule enabled. |
Responses
Request samples
- Payload
{- "name": "DynamicParsingRule123",
- "scope": "_sourceHost=127.0.0.1",
- "enabled": false
}Response samples
- 200
- default
{- "name": "DynamicParsingRule123",
- "scope": "_sourceHost=127.0.0.1",
- "enabled": false,
- "createdAt": "string",
- "createdBy": "string",
- "modifiedAt": "string",
- "modifiedBy": "string",
- "id": "0000000001C41EE4",
- "isSystemRule": false
}Get a dynamic parsing rule.
Get a dynamic parsing rule with the given identifier.
Authorizations:
path Parameters
| id required | string Example: 0000000001C41EE4 Identifier of dynamic parsing rule to return. |
Responses
Response samples
- 200
- default
{- "name": "DynamicParsingRule123",
- "scope": "_sourceHost=127.0.0.1",
- "enabled": false,
- "createdAt": "string",
- "createdBy": "string",
- "modifiedAt": "string",
- "modifiedBy": "string",
- "id": "0000000001C41EE4",
- "isSystemRule": false
}Update a dynamic parsing rule.
Update an existing dynamic parsing rule. All properties specified in the request are replaced. Missing properties are set to their default values.
Authorizations:
path Parameters
| id required | string Example: 0000000001C41EE4 Identifier of the dynamic parsing rule to update. |
Request Body schema: application/json
Information to update about the dynamic parsing rule.
| name required | string [ 1 .. 256 ] characters Name of the dynamic parsing rule. Use a name that makes it easy to identify the rule. |
| scope required | string [ 1 .. 2048 ] characters Scope of the dynamic parsing rule. This could be a sourceCategory, sourceHost, or any other metadata that describes the data you want to extract from. Think of the Scope as the first portion of an ad hoc search, before the first pipe ( | ). You'll use the Scope to run a search against the rule. |
| enabled required | boolean Default: true Is the dynamic parsing rule enabled. |
Responses
Request samples
- Payload
{- "name": "DynamicParsingRule123",
- "scope": "_sourceHost=127.0.0.1",
- "enabled": false
}Response samples
- 200
- default
{- "name": "DynamicParsingRule123",
- "scope": "_sourceHost=127.0.0.1",
- "enabled": false,
- "createdAt": "string",
- "createdBy": "string",
- "modifiedAt": "string",
- "modifiedBy": "string",
- "id": "0000000001C41EE4",
- "isSystemRule": false
}Delete a dynamic parsing rule.
Delete a dynamic parsing rule with the given identifier.
Authorizations:
path Parameters
| id required | string Example: 0000000001C41EE4 Identifier of the dynamic parsing rule to delete. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Field Extraction Rule management API.
Field Extraction Rules allow you to parse fields from your log messages at the time the messages are ingested eliminating the need to parse fields in your query. For more information see Manage Field Extraction.
Get a list of field extraction rules.
Get a list of all field extraction rules. The response is paginated with a default limit of 100 field extraction rules per page.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Limit the number of field extraction rules returned in the response. The number of field extraction rules returned may be less than the |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "name": "ExtractionRule123",
- "scope": "_sourceHost=127.0.0.1",
- "parseExpression": "csv _raw extract 1 as f1",
- "enabled": true,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "string",
- "fieldNames": [
- "string"
]
}
], - "next": "string"
}Create a new field extraction rule.
Create a new field extraction rule.
Authorizations:
Request Body schema: application/json
Information about the new field extraction rule.
| name required | string [ 1 .. 256 ] characters Name of the field extraction rule. Use a name that makes it easy to identify the rule. |
| scope required | string [ 0 .. 2048 ] characters Scope of the field extraction rule. This could be a sourceCategory, sourceHost, or any other metadata that describes the data you want to extract from. Think of the Scope as the first portion of an ad hoc search, before the first pipe ( | ). You'll use the Scope to run a search against the rule. |
| parseExpression required | string <= 16384 characters Describes the fields to be parsed. |
| enabled | boolean Default: true Is the field extraction rule enabled. |
Responses
Request samples
- Payload
{- "name": "ExtractionRule123",
- "scope": "_sourceHost=127.0.0.1",
- "parseExpression": "csv _raw extract 1 as f1",
- "enabled": true
}Response samples
- 200
- default
{- "name": "ExtractionRule123",
- "scope": "_sourceHost=127.0.0.1",
- "parseExpression": "csv _raw extract 1 as f1",
- "enabled": true,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "string",
- "fieldNames": [
- "string"
]
}Get a field extraction rule.
Get a field extraction rule with the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of field extraction rule to return. |
Responses
Response samples
- 200
- default
{- "name": "ExtractionRule123",
- "scope": "_sourceHost=127.0.0.1",
- "parseExpression": "csv _raw extract 1 as f1",
- "enabled": true,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "string",
- "fieldNames": [
- "string"
]
}Update a field extraction rule.
Update an existing field extraction rule. All properties specified in the request are replaced. Missing properties are set to their default values.
Authorizations:
path Parameters
| id required | string Identifier of the field extraction rule to update. |
Request Body schema: application/json
Information to update about the field extraction rule.
| name required | string [ 1 .. 256 ] characters Name of the field extraction rule. Use a name that makes it easy to identify the rule. |
| scope required | string [ 0 .. 2048 ] characters Scope of the field extraction rule. This could be a sourceCategory, sourceHost, or any other metadata that describes the data you want to extract from. Think of the Scope as the first portion of an ad hoc search, before the first pipe ( | ). You'll use the Scope to run a search against the rule. |
| parseExpression required | string <= 16384 characters Describes the fields to be parsed. |
| enabled required | boolean Is the field extraction rule enabled. |
Responses
Request samples
- Payload
{- "name": "ExtractionRule123",
- "scope": "_sourceHost=127.0.0.1",
- "parseExpression": "csv _raw extract 1 as f1",
- "enabled": true
}Response samples
- 200
- default
{- "name": "ExtractionRule123",
- "scope": "_sourceHost=127.0.0.1",
- "parseExpression": "csv _raw extract 1 as f1",
- "enabled": true,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "string",
- "fieldNames": [
- "string"
]
}Delete a field extraction rule.
Delete a field extraction rule with the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of the field extraction rule to delete. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Field management API.
Fields allow you to reference log data based on meaningful associations. They act as metadata tags that are assigned to your logs so you can search with them. Each field contains a key-value pair, where the field name is the key. Fields may be referred to as Log Metadata Fields. For more information see Fields.
Create a new field.
Adding a field will define it in the Fields schema allowing it to be assigned as metadata to your logs.
Authorizations:
Request Body schema: application/json
Name of a field to add. The name is used as the key in the key-value pair.
| fieldName required | string [ 1 .. 255 ] characters Field name. |
Responses
Request samples
- Payload
{- "fieldName": "hostIP"
}Response samples
- 200
- default
{- "fieldName": "hostIP",
- "fieldId": "00000000031D02DA",
- "dataType": "String",
- "state": "Enabled"
}Get a custom field.
Get the details of a custom field.
Authorizations:
path Parameters
| id required | string Example: 00000000031D02DA Identifier of a field. |
Responses
Response samples
- 200
- default
{- "fieldName": "hostIP",
- "fieldId": "00000000031D02DA",
- "dataType": "String",
- "state": "Enabled"
}Delete a custom field.
Deleting a field does not delete historical data assigned with that field. If you delete a field by mistake and one or more of those dependencies break, you can re-add the field to get things working properly again. You should always disable a field and ensure things are behaving as expected before deleting a field.
Authorizations:
path Parameters
| id required | string Example: 00000000031D02DA Identifier of a field to delete. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Enable custom field with a specified identifier.
Fields have to be enabled to be assigned to your data. This operation ensures that a specified field is enabled and Sumo Logic will treat it as safe to process. All manually created custom fields are enabled by default.
Authorizations:
path Parameters
| id required | string Example: 00000000031D02DA Identifier of a field to enable. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Disable a custom field.
After disabling a field Sumo Logic will start dropping its incoming values at ingest. As a result, they won't be searchable or usable. Historical values are not removed and remain searchable.
Authorizations:
path Parameters
| id required | string Example: 00000000031D02DA Identifier of a field to disable. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Get a list of dropped fields.
Dropped fields are fields sent to Sumo Logic, but are ignored since they are not defined in your Fields schema. In order to save these values a field must both exist and be enabled.
Authorizations:
Responses
Response samples
- 200
- default
{- "data": [
- {
- "fieldName": "hostIP"
}
]
}Get a list of built-in fields.
Built-in fields are created automatically by Sumo Logic for standard configuration purposes. They include _sourceHost and _sourceCategory. Built-in fields can't be deleted or disabled.
Authorizations:
Responses
Response samples
- 200
- default
{- "data": [
- {
- "fieldName": "hostIP",
- "fieldId": "00000000031D02DA",
- "dataType": "String",
- "state": "Enabled"
}
]
}Get a built-in field.
Get the details of a built-in field.
Authorizations:
path Parameters
| id required | string Example: 000000000000000A Identifier of a built-in field. |
Responses
Response samples
- 200
- default
{- "fieldName": "hostIP",
- "fieldId": "00000000031D02DA",
- "dataType": "String",
- "state": "Enabled"
}Partition management API.
Creating a Partition allows you to improve search performance by searching over a smaller number of messages. For more information see Manage Partitions.
Get a list of partitions.
Get a list of all partitions in the organization. The response is paginated with a default limit of 100 partitions per page.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Limit the number of partitions returned in the response. The number of partitions returned may be less than the |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
| viewTypes | Array of strings Example: viewTypes=AuditIndex,Partition The type of partitions to retrieve. Valid values are:
More than one type of partitions can be retrieved in same request. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "name": "apache",
- "routingExpression": "_sourcecategory=*/Apache",
- "analyticsTier": "continuous",
- "retentionPeriod": 365,
- "isCompliant": false,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "1",
- "totalBytes": 42,
- "isActive": true,
- "newRetentionPeriod": 300,
- "indexType": "Partition",
- "retentionEffectiveAt": "2019-08-24T14:15:22Z",
- "dataForwardingId": "string"
}
], - "next": "1"
}Create a new partition.
Create a new partition.
Authorizations:
Request Body schema: application/json
Information about the new partition.
| name required | string <= 255 characters The name of the partition. |
| routingExpression required | string [ 1 .. 16384 ] characters The query that defines the data to be included in the partition. |
| analyticsTier | string^(frequent|infrequent|continuous)$ Default: "continuous" The Data Tier where the data in the partition will reside. Possible values are:
1. |
| retentionPeriod | integer Default: -1 The number of days to retain data in the partition, or -1 to use the default value for your account. Only relevant if your account has variable retention enabled. |
| isCompliant | boolean Default: false Whether the partition is compliant or not. Mark a partition as compliant if it contains data used for compliance or audit purpose. Retention for a compliant partition can only be increased and cannot be reduced after the partition is marked compliant. A partition once marked compliant, cannot be marked non-compliant later. |
Responses
Request samples
- Payload
{- "name": "apache",
- "routingExpression": "_sourcecategory=*/Apache",
- "analyticsTier": "continuous",
- "retentionPeriod": 365,
- "isCompliant": false
}Response samples
- 200
- default
{- "name": "apache",
- "routingExpression": "_sourcecategory=*/Apache",
- "analyticsTier": "continuous",
- "retentionPeriod": 365,
- "isCompliant": false,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "1",
- "totalBytes": 42,
- "isActive": true,
- "newRetentionPeriod": 300,
- "indexType": "Partition",
- "retentionEffectiveAt": "2019-08-24T14:15:22Z",
- "dataForwardingId": "string"
}Get a partition.
Get a partition with the given identifier from the organization.
Authorizations:
path Parameters
| id required | string Identifier of partition to return. |
Responses
Response samples
- 200
- default
{- "name": "apache",
- "routingExpression": "_sourcecategory=*/Apache",
- "analyticsTier": "continuous",
- "retentionPeriod": 365,
- "isCompliant": false,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "1",
- "totalBytes": 42,
- "isActive": true,
- "newRetentionPeriod": 300,
- "indexType": "Partition",
- "retentionEffectiveAt": "2019-08-24T14:15:22Z",
- "dataForwardingId": "string"
}Update a partition.
Update an existing partition in the organization.
Authorizations:
path Parameters
| id required | string Identifier of the partition to update. |
Request Body schema: application/json
Information to update about the partition.
| retentionPeriod | integer The number of days to retain data in the partition, or -1 to use the default value for your account. Only relevant if your account has variable retention enabled. |
| reduceRetentionPeriodImmediately | boolean Default: false This is required if the newly specified |
| isCompliant | boolean Default: false Whether to mark a partition as compliant. Mark a partition as compliant if it contains data used for compliance or audit purpose. Retention for a compliant partition can only be increased and cannot be reduced after the partition marked as compliant. A partition once marked compliant, cannot be marked non-compliant later. |
| routingExpression | string [ 1 .. 16384 ] characters The query that defines the data to be included in the partition. |
Responses
Request samples
- Payload
{- "retentionPeriod": 365,
- "reduceRetentionPeriodImmediately": false,
- "isCompliant": false,
- "routingExpression": "_sourcecategory=*/Apache"
}Response samples
- 200
- default
{- "name": "apache",
- "routingExpression": "_sourcecategory=*/Apache",
- "analyticsTier": "continuous",
- "retentionPeriod": 365,
- "isCompliant": false,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "1",
- "totalBytes": 42,
- "isActive": true,
- "newRetentionPeriod": 300,
- "indexType": "Partition",
- "retentionEffectiveAt": "2019-08-24T14:15:22Z",
- "dataForwardingId": "string"
}Decommission a partition.
Decommission a partition with the given identifier from the organization.
Authorizations:
path Parameters
| id required | string Identifier of the partition to decommission. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Cancel a retention update for a partition
Cancel update to retention of a partition for which retention was updated previously using reduceRetentionPeriodImmediately parameter as false
Authorizations:
path Parameters
| id required | string Example: 1 Identifier of the partition to cancel the retention update for. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Scheduled View management API.
Scheduled Views speed the search process for small and historical subsets of your data by functioning as a pre-aggregated index. For more information see Manage Scheduled Views.
Get a list of scheduled views.
Get a list of all scheduled views in the organization. The response is paginated with a default limit of 100 scheduled views per page.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Limit the number of scheduled views returned in the response. The number of scheduled views returned may be less than the |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "query": "_sourcecategory=*/Apache",
- "indexName": "TestScheduledView",
- "startTime": "2020-06-03T17:22:35Z",
- "retentionPeriod": 365,
- "dataForwardingId": "string",
- "parsingMode": "AutoParse",
- "id": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "createdByOptimizeIt": true,
- "error": "string",
- "status": "string",
- "totalBytes": 0,
- "totalMessageCount": 0,
- "createdBy": "string"
}
], - "next": "string"
}Create a new scheduled view.
Creates a new scheduled view in the organization.
Authorizations:
Request Body schema: application/json
Information about the new scheduled view.
| query required | string [ 1 .. 16384 ] characters The query that defines the data to be included in the scheduled view. |
| indexName required | string [ 0 .. 255 ] characters Name of the index for the scheduled view. |
| startTime required | string <date-time> Start timestamp in UTC in RFC3339 format. |
| retentionPeriod | integer <int32> Default: -1 The number of days to retain data in the scheduled view, or -1 to use the default value for your account. Only relevant if your account has multi-retention. enabled. |
| dataForwardingId | string An optional ID of a data forwarding configuration to be used by the scheduled view. |
| parsingMode | string^(AutoParse|Manual)$ Default: "Manual" Define the parsing mode to scan the JSON format log messages. Possible values are:
|
Responses
Request samples
- Payload
{- "query": "_sourcecategory=*/Apache",
- "indexName": "TestScheduledView",
- "startTime": "2020-06-03T17:22:35Z",
- "retentionPeriod": 365,
- "dataForwardingId": "string",
- "parsingMode": "AutoParse"
}Response samples
- 200
- default
{- "query": "_sourcecategory=*/Apache",
- "indexName": "TestScheduledView",
- "startTime": "2020-06-03T17:22:35Z",
- "retentionPeriod": 365,
- "dataForwardingId": "string",
- "parsingMode": "AutoParse",
- "id": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "createdByOptimizeIt": true,
- "error": "string",
- "status": "string",
- "totalBytes": 0,
- "totalMessageCount": 0,
- "createdBy": "string"
}Get a scheduled view.
Get a scheduled view with the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of the scheduled view to fetch. |
Responses
Response samples
- 200
- default
{- "query": "_sourcecategory=*/Apache",
- "indexName": "TestScheduledView",
- "startTime": "2020-06-03T17:22:35Z",
- "retentionPeriod": 365,
- "dataForwardingId": "string",
- "parsingMode": "AutoParse",
- "id": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "createdByOptimizeIt": true,
- "error": "string",
- "status": "string",
- "totalBytes": 0,
- "totalMessageCount": 0,
- "createdBy": "string"
}Update a scheduled view.
Update an existing scheduled view.
Authorizations:
path Parameters
| id required | string Identifier of the scheduled view to update. |
Request Body schema: application/json
Information to update about the scheduled view.
| dataForwardingId | string An optional ID of a data forwarding configuration to be used by the scheduled view. |
| retentionPeriod | integer <int32> Default: -1 The number of days to retain data in the scheduled view, or -1 to use the default value for your account. Only relevant if your account has multi-retention. enabled. |
| reduceRetentionPeriodImmediately | boolean Default: false This is required if the newly specified |
Responses
Request samples
- Payload
{- "dataForwardingId": "string",
- "retentionPeriod": 365,
- "reduceRetentionPeriodImmediately": false
}Response samples
- 200
- default
{- "query": "_sourcecategory=*/Apache",
- "indexName": "TestScheduledView",
- "startTime": "2020-06-03T17:22:35Z",
- "retentionPeriod": 365,
- "dataForwardingId": "string",
- "parsingMode": "AutoParse",
- "id": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "createdByOptimizeIt": true,
- "error": "string",
- "status": "string",
- "totalBytes": 0,
- "totalMessageCount": 0,
- "createdBy": "string"
}Disable a scheduled view.
Disable a scheduled view with the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of the scheduled view to disable. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Pause a scheduled view.
Pause a scheduled view with the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of the scheduled view to pause. |
Responses
Response samples
- 200
- default
{- "query": "_sourcecategory=*/Apache",
- "indexName": "TestScheduledView",
- "startTime": "2020-06-03T17:22:35Z",
- "retentionPeriod": 365,
- "dataForwardingId": "string",
- "parsingMode": "AutoParse",
- "id": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "createdByOptimizeIt": true,
- "error": "string",
- "status": "string",
- "totalBytes": 0,
- "totalMessageCount": 0,
- "createdBy": "string"
}Start a scheduled view.
Start a scheduled view with the given identifier.
Authorizations:
path Parameters
| id required | string Identifier of the scheduled view to start. |
Responses
Response samples
- 200
- default
{- "query": "_sourcecategory=*/Apache",
- "indexName": "TestScheduledView",
- "startTime": "2020-06-03T17:22:35Z",
- "retentionPeriod": 365,
- "dataForwardingId": "string",
- "parsingMode": "AutoParse",
- "id": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "createdByOptimizeIt": true,
- "error": "string",
- "status": "string",
- "totalBytes": 0,
- "totalMessageCount": 0,
- "createdBy": "string"
}Tokens management API.
Tokens are associated with your organization to authorize specific operations. Currently, we support collector registration tokens, which can be used to register Installed Collectors. Managing tokens requires the Manage Tokens role capability. For more information see Installation Tokens.
Response samples
- 200
- default
{- "data": [
- {
- "id": "string",
- "name": "token-name",
- "description": "token description: for test.",
- "status": "Active",
- "type": "CollectorRegistrationTokenResponse",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string"
}
]
}Create a token.
Create a token in the token library.
Authorizations:
Request Body schema: application/json
Information about the token to create.
| name required | string [ 1 .. 255 ] characters Name of the token. |
| description | string [ 0 .. 4096 ] characters Description of the token. |
| status required | string^(Active|Inactive)$ Status of the token. Can be |
| type required | string^(CollectorRegistration)$ Type of the token. Valid values: 1) CollectorRegistration |
Responses
Request samples
- Payload
{- "name": "token-name",
- "description": "token description: for test.",
- "status": "Active",
- "type": "CollectorRegistration"
}Response samples
- 200
- default
{- "id": "string",
- "name": "token-name",
- "description": "token description: for test.",
- "status": "Active",
- "type": "CollectorRegistrationTokenResponse",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "encodedTokenAndUrl": "string"
}Get a token.
Get a token with the given identifier in the token library.
Authorizations:
path Parameters
| id required | string Identifier of the token to return. |
Responses
Response samples
- 200
- default
{- "id": "string",
- "name": "token-name",
- "description": "token description: for test.",
- "status": "Active",
- "type": "CollectorRegistrationTokenResponse",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "encodedTokenAndUrl": "string"
}Update a token.
Update a token with the given identifier in the token library.
Authorizations:
path Parameters
| id required | string Identifier of the token to update. |
Request Body schema: application/json
The token to update.
| name required | string [ 1 .. 255 ] characters Name of the token. |
| description | string [ 0 .. 4096 ] characters Description of the token. |
| status required | string^(Active|Inactive)$ Status of the token. Can be |
| type required | string^(CollectorRegistration)$ Type of the token. Valid values: 1) CollectorRegistration |
| version required | integer <int64> Version of the token. |
Responses
Request samples
- Payload
{- "name": "token-name",
- "description": "token description: for test.",
- "status": "Active",
- "type": "CollectorRegistration",
- "version": 0
}Response samples
- 200
- default
{- "id": "string",
- "name": "token-name",
- "description": "token description: for test.",
- "status": "Active",
- "type": "CollectorRegistrationTokenResponse",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "encodedTokenAndUrl": "string"
}Delete a token.
Delete a token with the given identifier in the token library.
Authorizations:
path Parameters
| id required | string Identifier of the token to delete. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Traces API
The Traces API allows you to browse traces collected in the system. You can execute queries to find traces matching provided search criteria as well as gather detailed information about individual traces and spans. For more information see View and investigate traces.
Run a trace search query asynchronously.
Execute a trace search query and get the id to fetch its status and results. Use the Trace Query Status endpoint to check a query status. When the query has been completed, use the Trace Query Result endpoint to get the result of the asynchronous query.
Authorizations:
Request Body schema: application/json
Query parameters.
required | Array of objects (AsyncTraceQueryRow) [ items ] A list of trace queries. |
required | object (ResolvableTimeRange) |
Responses
Request samples
- Payload
{- "queryRows": [
- {
- "query": {
- "type": "string"
}, - "rowId": "#A",
- "orderBy": {
- "fieldName": "start_timestamp",
- "order": "Asc"
}
}
], - "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}
}Response samples
- 200
- default
{- "queryId": "cafaebf2f4f8320f"
}Cancel a trace search query.
Cancel a currently processed trace search query with the given id.
Authorizations:
path Parameters
| queryId required | string Example: 798a13dc1ceeb19a Identifier of the query to cancel. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Get a trace search query status.
Get a status of a trace query with the given id. When the query has been completed, use the Trace Query Result endpoint to get the result of the asynchronous query.
Authorizations:
path Parameters
| queryId required | string Example: 195038749d21ad109242c95cbbc8709d Identifier of the executed query. |
Responses
Response samples
- 200
- default
{- "queryRows": [
- {
- "rowId": "A",
- "status": "Processing",
- "statusMessage": "Finished successfully",
- "count": 3215
}
], - "status": "Processing"
}Get results of a trace search query.
Get a list of traces matching a query with the specified id. The response is paginated with a default limit of 100 traces per page.
Authorizations:
path Parameters
| queryId required | string Example: 195038749d21ad109242c95cbbc8709d Identifier of the executed query. |
| rowId required | string Example: A Identifier of the query row. |
query Parameters
| limit | integer <int32> [ 1 .. 500 ] Default: 100 Example: limit=100 Limit of the number of traces returned in the response. |
| token | string Example: token=dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "results": [
- {
- "id": "00000000000120CB",
- "rootService": "user-service",
- "rootResource": "http.request",
- "rootStatus": {
- "code": "OK",
- "message": "404"
}, - "rootOperationName": "retrieveAccount",
- "metrics": {
- "_duration": 143984411
}, - "startedAt": "2019-11-22T09:00:00Z",
- "criticalPathServiceBreakdownSummary": {
- "elements": [
- {
- "service": "user-service",
- "serviceColor": "#fa41c6",
- "duration": 12957153
}
], - "otherServicesDuration": 12957153
}
}
], - "next": "10001"
}Get trace search query metrics.
Get a list of available trace metrics that can be used in trace search queries.
Authorizations:
Responses
Response samples
- 200
- default
{- "metrics": [
- {
- "metric": "_duration",
- "description": "The duration of a trace in nanoseconds.",
- "type": "IntegerTracingValue"
}
]
}Get filter fields for trace search queries.
Get a list of available fields which can be used in trace search queries.
Authorizations:
Responses
Response samples
- 200
- default
{- "fields": [
- {
- "field": "operation",
- "valueListing": false,
- "description": "A piece of the workflow represented by a span",
- "type": "StringTracingValue",
- "noValuesReason": {
- "code": "HighCardinalityField",
- "message": "Autocomplete has been disabled for this field due to high cardinality."
}
}
]
}Get trace search query filter field values.
Get a list of available values for the given trace search query filter field. Not all fields support value listing. The response is paginated with a default limit of 10 values per page.
Authorizations:
path Parameters
| field required | string Field identifier. |
query Parameters
| query | string Search filter to apply on the values to be returned. Only values containing the search query term will be returned. |
| limit | integer <int32> [ 1 .. 500 ] Default: 10 The maximum number of results to fetch. |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "fieldValues": [
- "string"
], - "totalCount": 1234,
- "next": "Mi93V0ZqTTBzaW89"
}Get trace details.
Get details of a trace with the given identifier.
Authorizations:
path Parameters
| traceId required | string Identifier of the trace to get the details. |
Responses
Response samples
- 200
- default
{- "id": "00000000000120CB",
- "rootService": "user-service",
- "rootResource": "http.request",
- "rootStatus": {
- "code": "OK",
- "message": "404"
}, - "rootOperationName": "retrieveAccount",
- "metrics": {
- "_duration": 143984411
}, - "startedAt": "2019-11-22T09:00:00Z",
- "criticalPathServiceBreakdownSummary": {
- "elements": [
- {
- "service": "user-service",
- "serviceColor": "#fa41c6",
- "duration": 12957153
}
], - "otherServicesDuration": 12957153
}
}Get a list of trace spans.
Get a list of spans for the given trace. The response is paginated with a default limit of 100 spans per page.
Authorizations:
path Parameters
| traceId required | string Identifier of the trace to get the spans. |
query Parameters
| limit | integer <int32> [ 1 .. 500 ] Default: 100 The maximum number of results to fetch. |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "spanPage": [
- {
- "id": "00000000002317A9",
- "parentId": "000000000003C7BE",
- "operationName": "retrieveAccount",
- "resource": "http.request",
- "service": "user-service",
- "serviceColor": "#fa41c6",
- "serviceType": "HTTP",
- "duration": 212957153,
- "startedAt": "2019-11-22T09:00:00Z",
- "status": {
- "code": "OK",
- "message": "404"
}, - "kind": "SERVER",
- "remoteService": "external-service",
- "remoteServiceColor": "#fa41c6",
- "remoteServiceType": "HTTP",
- "info": {
- "type": "TraceHttpSpanInfo"
}
}
], - "totalCount": 1234,
- "next": "dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI"
}Get a list of events (without their attributes) per span for a trace.
Gets a list of the events (without their attributes) attached to each span in a given trace. The response is paginated with a default limit of 100 spans per page.
Authorizations:
path Parameters
| traceId required | string [ 16 .. 32 ] characters Example: 695068749d21cd104222a95cabc4707c Identifier of the trace for which span events will be returned. |
query Parameters
| limit | integer <int32> [ 1 .. 500 ] Default: 100 The maximum number of spans with events returned by a single query. |
| token | string Example: token=dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "spanEvents": {
- "property1": [
- {
- "timestamp": "2021-04-19T17:36:57.476Z",
- "name": "domContentLoadedEventStart"
}
], - "property2": [
- {
- "timestamp": "2021-04-19T17:36:57.476Z",
- "name": "domContentLoadedEventStart"
}
]
}, - "next": "dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI"
}Get a critical path of a trace.
Get a list of span segments composing the critical path of the trace. A span segment represents the processing time that was consumed within the span itself and does not incorporate the processing time of its children. The critical path is the sequence of span segments that contribute to the total trace duration. An increase of the processing time of any segment from the critical path would result in an increase of the total trace processing time.
Authorizations:
path Parameters
| traceId required | string Identifier of the trace. |
query Parameters
| limit | integer <int32> [ 1 .. 500 ] Default: 100 The maximum number of results to fetch. |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "segments": [
- {
- "spanId": "00000000000120CB",
- "service": "user-service",
- "serviceColor": "#fa41c6",
- "startOffset": 311285715,
- "duration": 12957153,
- "fraction": 0.4
}
], - "next": "Mi93V0ZqTTBzaW89"
}Get a critical path service breakdown of a trace.
Get a critical path breakdown by services of the spans contributing to the critical path of a trace with the given identifier.
Authorizations:
path Parameters
| traceId required | string Identifier of the trace. |
Responses
Response samples
- 200
- default
{- "elements": [
- {
- "service": "user-service",
- "serviceColor": "#fa41c6",
- "duration": 12957153,
- "numSpans": 12957153,
- "longestSegmentDuration": 12957153
}
]
}Get span details.
Get details of a span with the given identifier.
Authorizations:
path Parameters
| traceId required | string Identifier of the trace the span belongs to. |
| spanId required | string Identifier of the span to get the details. |
Responses
Response samples
- 200
- default
{- "id": "00000000002317A9",
- "parentId": "000000000003C7BE",
- "operationName": "retrieveAccount",
- "resource": "http.request",
- "service": "user-service",
- "serviceColor": "#fa41c6",
- "serviceType": "HTTP",
- "duration": 212957153,
- "startedAt": "2019-11-22T09:00:00Z",
- "status": {
- "code": "OK",
- "message": "404"
}, - "kind": "SERVER",
- "remoteService": "external-service",
- "remoteServiceColor": "#fa41c6",
- "remoteServiceType": "HTTP",
- "info": {
- "type": "TraceHttpSpanInfo"
}, - "errorMessage": "Exception in thread \"local[9]\" java.lang.OutOfMemoryError: Java heap space\n at my.app.force.fields.SpaceShipForceField.main(SpaceShipForceField.java:17)\n",
- "fields": {
- "component": {
- "type": "StringTracingValue",
- "value": "http"
}, - "http.method": {
- "type": "StringTracingValue",
- "value": "GET"
}, - "http.url": {
- "type": "StringTracingValue",
- "value": "/v1/users/123"
}, - "http.status_code": {
- "type": "StringTracingValue",
- "value": "200"
}
}, - "criticalPathContribution": {
- "duration": 12957153,
- "fraction": 0.4
}, - "logs": [
- "[19/Dec/2019:10:58:21 +0000] 'GET /v1/users/123 HTTP/1.1' 200 8215 'http://111.111.11.1/' 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_11_1) AppleWebKit/111.11 (KHTML, like Gecko) Chrome/11.1.1111.11 Safari/111.11'",
- "[19/Dec/2019:10:58:24 +0000] 'GET /logo.png HTTP/1.1' 404 555 'http://111.111.11.1/' 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_11_1) AppleWebKit/111.11 (KHTML, like Gecko) Chrome/11.1.1111.11 Safari/111.11'"
], - "events": [
- {
- "timestamp": "2021-04-19T17:36:57.476Z",
- "name": "domContentLoadedEventStart",
- "attributes": [
- {
- "attributeName": "message_details",
- "attributeValue": {
- "type": "BooleanAttributeValue"
}
}
]
}
]
}Get span billing details.
Get the billing information of the span.
Authorizations:
path Parameters
| traceId required | string Identifier of the trace the span belongs to. |
| spanId required | string Identifier of the span to get the billing info. |
Responses
Response samples
- 200
- default
{- "billedBytes": 502,
- "billedFormat": "traceId=2ff9c457b1aa00f4;spanId=97872e33215c4275;parentSpanId=98bcdfc5da874c40;operation=spanId-97872e33215c4275;startTimestamp=1603283111874000000;endTimestamp=1603283112268000000;service=ServiceA;status.code=ERROR;status.message=ERROR;kind=SERVER;custom-tag-2=value2;_sourcehost=127.0.0.1;http.url=/api/operation-x;message=Some error message;_sourcecategory=Http Input;custom-tag-1=value1;error=true;_sourcename=Http Input;error.kind=InvalidInput;_collector=trace-generator-collector;http.method=GET;"
}Span Analytics API
The Span Analytics API allows you to browse spans collected in the system. You can execute queries to find individual spans matching provided search criteria as well as run aggregated span queries and retrieve their results. For more information see Spans.
Run a span analytics query asynchronously.
Execute a span analytics query and get the id to fetch its status and results. Use the Span Query Status endpoint to check a query status. When the query has been completed, use the Span Query Result endpoint to get the result of the asynchronous query.
Authorizations:
Request Body schema: application/json
Query parameters.
required | Array of objects (SpanQueryRow) [ items ] A list of span analytics queries. |
required | object (ResolvableTimeRange) |
| timeZone | string Default: "UTC" Time zone for the query time ranges. Follow the format in the IANA Time Zone Database. |
Responses
Request samples
- Payload
{- "queryRows": [
- {
- "queryString": "string",
- "rowId": "A"
}
], - "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}
}, - "timeZone": "America/Los_Angeles"
}Response samples
- 200
- default
{- "queryId": "string",
- "queryRows": [
- {
- "rowId": "A",
- "errors": [
- {
- "code": "spanquery:query_validation_error",
- "message": "Query A was invalid",
- "details": "[1.78] failure: '(' expected but ')' found."
}
], - "isAggregation": true,
- "executedQuery": "_index=_trace_spans traceId=00000000002317A9"
}
], - "hasErrors": true,
- "timeRange": {
- "type": "BeginBoundedTimeRange",
- "from": {
- "type": "RelativeTimeRangeBoundary",
- "relativeTime": "-15m"
}, - "to": {
- "type": "RelativeTimeRangeBoundary"
}
}
}Cancel a span analytics query.
Cancel a currently processed span search query with the given id.
Authorizations:
path Parameters
| queryId required | string Example: 195038749d21ad109242c95cbbc8709d Identifier of the query to cancel. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Get a span analytics query status.
Get a status of a span analytics query with the given id. When the query has been completed, use the Span Query Result endpoint to get the result of the asynchronous query.
Authorizations:
path Parameters
| queryId required | string Example: 195038749d21ad109242c95cbbc8709d Identifier of the executed query. |
Responses
Response samples
- 200
- default
{- "queryRows": [
- {
- "rowId": "A",
- "status": "Processing",
- "statusMessage": "Finished successfully",
- "count": 3215,
- "approximatedFieldCounts": false,
- "facetsCompleted": false
}
], - "status": "Processing"
}Pause a span analytics query.
Pause a currently processed span search query with the given id.
Authorizations:
path Parameters
| queryId required | string Example: 195038749d21ad109242c95cbbc8709d Identifier of the query to pause. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Resume a span analytics query.
Resume a previously paused span search query with the given id.
Authorizations:
path Parameters
| queryId required | string Example: 195038749d21ad109242c95cbbc8709d Identifier of the query to resume. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Get results of a span analytics query.
Get a list of spans matching a query with the specified id. The response is paginated with a default limit of 100 spans per page.
Authorizations:
path Parameters
| queryId required | string Example: 195038749d21ad109242c95cbbc8709d Identifier of the executed query. |
| rowId required | string Example: A Identifier of the query row. |
query Parameters
| limit | integer <int32> [ 1 .. 500 ] Default: 100 Example: limit=100 Limit of the number of spans returned in the response. |
| token | string Example: token=dlFXd0lhSkxzRjAwYnpVZkMrRmlhYnF4cGtNMWdnVEI Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "spanPage": [
- {
- "spanId": "00000000002317A9",
- "traceId": "1BB004A0005213C2",
- "parentSpanId": "000000000003C7BE",
- "operationName": "retrieveAccount",
- "service": "user-service",
- "remoteService": "external-service",
- "duration": 212957153,
- "startedAt": "2019-11-22T09:00:00Z",
- "status": {
- "code": "OK",
- "message": "404"
}, - "kind": "SERVER",
- "tagsJSON": "{\n "http.host":"http://example.com",\n "http.method":"GET"\n}",
- "metadata": {
- "_sourceCategory": "account-backend"
}
}
], - "next": "Mi93V0ZqTTBzaW89"
}Get a list of facets of a span analytics query.
Get a list of facets of a span analytics query with the specified id.
Authorizations:
path Parameters
| queryId required | string Example: 195038749d21ad109242c95cbbc8709d Identifier of the executed query. |
| rowId required | string Example: A Identifier of the query row. |
Responses
Response samples
- 200
- default
{- "facets": [
- {
- "name": "_sourceHost",
- "cardinality": 3,
- "dataType": "String",
- "inSchema": false,
- "valueFrequency": {
- "_sourceHost": 34099
}
}
]
}Get span analytics query aggregated results.
Get span aggregation results for an aggregated span analytics query with the specified id. Only aggregated rows being part of the executed query will have matching results in the response of this endpoint.
Authorizations:
path Parameters
| queryId required | string Example: 195038749d21ad109242c95cbbc8709d Identifier of the executed query. |
Responses
Response samples
- 200
- default
{- "result": {
- "status": "Processing",
- "statusMessage": "Finished successfully",
- "series": [
- {
- "queryId": "A",
- "name": "max(Disk_Used)",
- "dataPoints": [
- {
- "x": 1,
- "y": "12.3",
- "xAxisValues": {
- "operation": "/get/accounts",
- "service": "accountService"
}
}
], - "aggregateInfo": {
- "max": 10,
- "min": 1.2,
- "avg": 5.6,
- "sum": 123.4,
- "latest": 23.4,
- "count": 600
}, - "metaData": {
- "data": {
- "deployment": "dev",
- "cluster": "frontend",
- "instance": "frontend-12"
}
}, - "seriesType": "TIMESERIES",
- "xAxisKeys": [
- "_sourceCategory",
- "_sourceHost"
], - "valueType": "DOUBLE"
}
]
}
}Get filter fields for span analytics queries.
Get a list of available fields which can be used in span analytics queries.
Authorizations:
Responses
Response samples
- 200
- default
{- "fields": [
- {
- "field": "operation",
- "valueListing": false,
- "description": "A piece of the workflow represented by a span",
- "type": "StringTracingValue",
- "noValuesReason": {
- "code": "HighCardinalityField",
- "message": "Autocomplete has been disabled for this field due to high cardinality."
}, - "inSchema": false
}
]
}Get span analytics query filter field values.
Get a list of available values for the given span analytics query filter field. Not all fields support value listing. The response is paginated with a default limit of 10 field values per page.
Authorizations:
path Parameters
| field required | string Field identifier. |
query Parameters
| query | string Search filter to apply on the values to be returned. Only values containing the search query term will be returned. |
| limit | integer <int32> [ 1 .. 500 ] Default: 10 The maximum number of results to fetch. |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
Responses
Response samples
- 200
- default
{- "fieldValues": [
- "string"
], - "totalCount": 1234,
- "next": "Mi93V0ZqTTBzaW89"
}Service Map API
The Service Map API allows you to fetch a graph representation of the Service Map, which is a high-level view of your application environment, automatically derived from tracing data. For more information see Service Map.
Get a service map.
Run a search request to get a map of services and connections between them.
Authorizations:
Responses
Response samples
- 200
- default
{- "nodes": [
- {
- "serviceName": "service_name_1",
- "lastSeenAt": "2019-11-22T09:00:00Z",
- "isRemote": true,
- "serviceType": "HTTP"
}
], - "edges": [
- {
- "source": "service_name_1",
- "target": "service_name_2",
- "lastSeenAt": "2019-11-22T09:00:00Z"
}
]
}Role management API.
Roles determine the functions that users are able to perform in Sumo Logic. To manage roles, you must have an administrator role or your role must have been assigned the manage users and roles capability. For more information see Manage Roles.
Get a list of roles.
Get a list of all the roles in the organization. The response is paginated with a default limit of 100 roles per page.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Limit the number of roles returned in the response. The number of roles returned may be less than the |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
| sortBy | string Sort the list of roles by the |
| name | string non-empty Only return roles matching the given name. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "name": "DataAdmin",
- "description": "Manage data of the org.",
- "filterPredicate": "!_sourceCategory=billing",
- "users": [
- "0000000006743FE0",
- "0000000005FCE0EE"
], - "capabilities": [
- "manageContent",
- "manageDataVolumeFeed",
- "manageFieldExtractionRules",
- "manageS3DataForwarding"
], - "autofillDependencies": true,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "0000000000E20FE3",
- "systemDefined": false
}
], - "next": "GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc"
}Create a new role.
Create a new role in the organization.
Authorizations:
Request Body schema: application/json
Information about the new role.
| name required | string [ 1 .. 128 ] characters Name of the role. |
| description | string [ 0 .. 255 ] characters Description of the role. |
| filterPredicate | string A search filter to restrict access to specific logs. The filter is silently added to the beginning of each query a user runs. For example, using '!_sourceCategory=billing' as a filter predicate will prevent users assigned to the role from viewing logs from the source category named 'billing'. |
| users | Array of strings List of user identifiers to assign the role to. |
| capabilities | Array of strings List of capabilities associated with this role. Valid values are Data Management
Entity management
Metrics
Security
Dashboards
UserManagement
Observability
Cloud SIEM Enterprise
Alerting
|
| autofillDependencies | boolean Default: true Set this to true if you want to automatically append all missing capability requirements. If set to false an error will be thrown if any capabilities are missing their dependencies. |
Responses
Request samples
- Payload
{- "name": "DataAdmin",
- "description": "Manage data of the org.",
- "filterPredicate": "!_sourceCategory=billing",
- "users": [
- "0000000006743FE0",
- "0000000005FCE0EE"
], - "capabilities": [
- "manageContent",
- "manageDataVolumeFeed",
- "manageFieldExtractionRules",
- "manageS3DataForwarding"
], - "autofillDependencies": true
}Response samples
- 200
- default
{- "name": "DataAdmin",
- "description": "Manage data of the org.",
- "filterPredicate": "!_sourceCategory=billing",
- "users": [
- "0000000006743FE0",
- "0000000005FCE0EE"
], - "capabilities": [
- "manageContent",
- "manageDataVolumeFeed",
- "manageFieldExtractionRules",
- "manageS3DataForwarding"
], - "autofillDependencies": true,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "0000000000E20FE3",
- "systemDefined": false
}Get a role.
Get a role with the given identifier in the organization.
Authorizations:
path Parameters
| id required | string Identifier of the role to fetch. |
Responses
Response samples
- 200
- default
{- "name": "DataAdmin",
- "description": "Manage data of the org.",
- "filterPredicate": "!_sourceCategory=billing",
- "users": [
- "0000000006743FE0",
- "0000000005FCE0EE"
], - "capabilities": [
- "manageContent",
- "manageDataVolumeFeed",
- "manageFieldExtractionRules",
- "manageS3DataForwarding"
], - "autofillDependencies": true,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "0000000000E20FE3",
- "systemDefined": false
}Update a role.
Update an existing role in the organization.
Authorizations:
path Parameters
| id required | string Identifier of the role to update. |
Request Body schema: application/json
Information to update about the role.
| name required | string [ 1 .. 128 ] characters Name of the role. |
| description required | string [ 0 .. 255 ] characters Description of the role. |
| filterPredicate required | string A search filter to restrict access to specific logs. The filter is silently added to the beginning of each query a user runs. For example, using '!_sourceCategory=billing' as a filter predicate will prevent users assigned to the role from viewing logs from the source category named 'billing'. |
| users required | Array of strings List of user identifiers to assign the role to. |
| capabilities required | Array of strings List of capabilities associated with this role. Valid values are Data Management
Entity management
Metrics
Security
Dashboards
UserManagement
Observability
Cloud SIEM Enterprise
Alerting
|
| autofillDependencies | boolean Default: true Set this to true if you want to automatically append all missing capability requirements. If set to false an error will be thrown if any capabilities are missing their dependencies. |
Responses
Request samples
- Payload
{- "name": "DataAdmin",
- "description": "Manage data of the org.",
- "filterPredicate": "!_sourceCategory=billing",
- "users": [
- "0000000006743FE0",
- "0000000005FCE0EE"
], - "capabilities": [
- "manageContent",
- "manageDataVolumeFeed",
- "manageFieldExtractionRules",
- "manageS3DataForwarding"
], - "autofillDependencies": true
}Response samples
- 200
- default
{- "name": "DataAdmin",
- "description": "Manage data of the org.",
- "filterPredicate": "!_sourceCategory=billing",
- "users": [
- "0000000006743FE0",
- "0000000005FCE0EE"
], - "capabilities": [
- "manageContent",
- "manageDataVolumeFeed",
- "manageFieldExtractionRules",
- "manageS3DataForwarding"
], - "autofillDependencies": true,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "0000000000E20FE3",
- "systemDefined": false
}Delete a role.
Delete a role with the given identifier from the organization.
Authorizations:
path Parameters
| id required | string Identifier of the role to delete. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Assign a role to a user.
Assign a role to a user in the organization.
Authorizations:
path Parameters
| roleId required | string Identifier of the role to assign. |
| userId required | string Identifier of the user to assign the role to. |
Responses
Response samples
- 200
- default
{- "name": "DataAdmin",
- "description": "Manage data of the org.",
- "filterPredicate": "!_sourceCategory=billing",
- "users": [
- "0000000006743FE0",
- "0000000005FCE0EE"
], - "capabilities": [
- "manageContent",
- "manageDataVolumeFeed",
- "manageFieldExtractionRules",
- "manageS3DataForwarding"
], - "autofillDependencies": true,
- "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "0000000000E20FE3",
- "systemDefined": false
}Remove role from a user.
Remove a role from a user in the organization.
Authorizations:
path Parameters
| roleId required | string Identifier of the role to delete. |
| userId required | string Identifier of the user to remove the role from. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}User management API.
To manage users, you must have the administrator role or your role must have been assigned the manage users and roles capability. For more information see Manage Users.
Get a list of users.
Get a list of all users in the organization. The response is paginated with a default limit of 100 users per page.
Authorizations:
query Parameters
| limit | integer <int32> [ 1 .. 1000 ] Default: 100 Limit the number of users returned in the response. The number of users returned may be less than the |
| token | string Continuation token to get the next page of results. A page object with the next continuation token is returned in the response body. Subsequent GET requests should specify the continuation token to get the next page of results. |
| sortBy | string Sort the list of users by the |
string non-empty Find user with the given email address. |
Responses
Response samples
- 200
- default
{- "data": [
- {
- "firstName": "John",
- "lastName": "Doe",
- "email": "johndoe@acme.com",
- "roleIds": [
- "00000000000001DF",
- "00000000000002D2"
], - "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000FE20FE2",
- "isActive": true,
- "isLocked": false,
- "isMfaEnabled": false,
- "lastLoginTimestamp": "2019-08-24T14:15:22Z"
}
], - "next": "GDCiRv4vebF3UWFJQ1kySXBOR3Bzh69GR0RyWm9vCtc"
}Create a new user.
Create a new user in the organization.
Authorizations:
Request Body schema: application/json
Information about the new user.
| firstName required | string [ 1 .. 128 ] characters First name of the user. |
| lastName required | string [ 0 .. 128 ] characters Last name of the user. |
| email required | string <email> <= 255 characters Email address of the user. |
| roleIds required | Array of strings List of roleIds associated with the user. |
Responses
Request samples
- Payload
{- "firstName": "John",
- "lastName": "Doe",
- "email": "johndoe@acme.com",
- "roleIds": [
- "00000000000001DF",
- "00000000000002D2"
]
}Response samples
- 200
- default
{- "firstName": "John",
- "lastName": "Doe",
- "email": "johndoe@acme.com",
- "roleIds": [
- "00000000000001DF",
- "00000000000002D2"
], - "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000FE20FE2",
- "isActive": true,
- "isLocked": false,
- "isMfaEnabled": false,
- "lastLoginTimestamp": "2019-08-24T14:15:22Z"
}Get a user.
Get a user with the given identifier from the organization.
Authorizations:
path Parameters
| id required | string Identifier of user to return. |
Responses
Response samples
- 200
- default
{- "firstName": "John",
- "lastName": "Doe",
- "email": "johndoe@acme.com",
- "roleIds": [
- "00000000000001DF",
- "00000000000002D2"
], - "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000FE20FE2",
- "isActive": true,
- "isLocked": false,
- "isMfaEnabled": false,
- "lastLoginTimestamp": "2019-08-24T14:15:22Z"
}Update a user.
Update an existing user in the organization.
Authorizations:
path Parameters
| id required | string Identifier of the user to update. |
Request Body schema: application/json
Information to update about the user.
| firstName required | string [ 1 .. 128 ] characters First name of the user. |
| lastName required | string [ 0 .. 128 ] characters Last name of the user. |
| isActive required | boolean This has the value |
| roleIds required | Array of strings List of role identifiers associated with the user. |
Responses
Request samples
- Payload
{- "firstName": "John",
- "lastName": "Doe",
- "isActive": true,
- "roleIds": [
- "00000000000001DF",
- "00000000000002D2"
]
}Response samples
- 200
- default
{- "firstName": "John",
- "lastName": "Doe",
- "email": "johndoe@acme.com",
- "roleIds": [
- "00000000000001DF",
- "00000000000002D2"
], - "createdAt": "2018-10-16T09:10:00Z",
- "createdBy": "0000000006743FDD",
- "modifiedAt": "2018-10-16T09:10:00Z",
- "modifiedBy": "0000000006743FE8",
- "id": "000000000FE20FE2",
- "isActive": true,
- "isLocked": false,
- "isMfaEnabled": false,
- "lastLoginTimestamp": "2019-08-24T14:15:22Z"
}Delete a user.
Delete a user with the given identifier from the organization and transfer their content to the user with the identifier specified in "transferTo".
Authorizations:
path Parameters
| id required | string Identifier of the user to delete. |
query Parameters
| transferTo | string Identifier of the user to receive the transfer of content from the deleted user. |
| deleteContent | boolean Whether to delete content from the deleted user or not. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Change email address.
An email with an activation link is sent to the user’s new email address. The user must click the link in the email within seven days to complete the email address change, or the link will expire.
Authorizations:
path Parameters
| id required | string Identifier of the user to change email address. |
Request Body schema: application/json
New email address of the user.
| email required | string <email> <= 255 characters New email address of the user. |
Responses
Request samples
- Payload
{- "email": "johndoe@acme.com"
}Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Reset password.
Reset a user's password.
Authorizations:
path Parameters
| id required | string Identifier of the user to reset password. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Unlock a user.
Unlock another user's account.
Authorizations:
path Parameters
| id required | string The id of the user that needs to be unlocked. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Disable MFA for user.
Disable multi-factor authentication for given user.
Authorizations:
path Parameters
| id required | string Identifier of the user to disable MFA for. |
Request Body schema: application/json
Email and Password of the user to disable MFA for.
| email required | string <email> <= 255 characters Email of user whose mfa is being disabled. |
| password required | string Password of user whose mfa is being disabled. |
Responses
Request samples
- Payload
{- "email": "johndoe@cme.com",
- "password": "string"
}Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Monitor Management API.
Monitors continuously query your data to monitor and send notifications when specific events occur. For more information see Monitors.
Disable monitors.
Bulk disable monitors by the given identifiers.
Authorizations:
query Parameters
| ids required | Array of strings Example: ids=0000000000000001,0000000000000002,0000000000000003 A comma-separated list of identifiers. |
Responses
Response samples
- 200
- default
{- "monitors": {
- "property1": {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
], - "monitorType": "Logs",
- "evaluationDelay": "5m",
- "alertName": "string",
- "queries": [
- {
- "rowId": "A",
- "query": "_sourceCategory=search error"
}
], - "triggers": [
- {
- "detectionMethod": "StaticCondition",
- "timeRange": "15m",
- "triggerType": "Critical",
- "threshold": 50,
- "thresholdType": "GreaterThanOrEqual",
- "occurrenceType": "ResultCount",
- "triggerSource": "AllResults"
}, - {
- "detectionMethod": "StaticCondition",
- "timeRange": "15m",
- "triggerType": "ResolvedCritical",
- "threshold": 50,
- "thresholdType": "LessThan",
- "occurrenceType": "ResultCount",
- "triggerSource": "AllResults"
}
], - "notifications": [
- {
- "notification": {
- "connectionType": "Slack",
- "connectionId": "0000000000000005"
}, - "runForTriggerTypes": [
- "Critical"
]
}, - {
- "notification": {
- "connectionType": "Email",
- "messageBody": "Alert Triggered!",
- "recipients": [
- "john@doe.com"
], - "subject": "Monitor Alert: {{TriggerType}} on {{SearchName}}",
- "timeZone": "America/Los_Angeles"
}, - "runForTriggerTypes": [
- "Critical"
]
}
], - "isDisabled": false,
- "status": "[Normal]",
- "groupNotifications": true,
- "warnings": {
- "property1": "string",
- "property2": "string"
}, - "playbook": "This issue typically happens when database calls are timing out. Look at ServiceA's dashboard to investigate further"
}, - "property2": {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
], - "monitorType": "Logs",
- "evaluationDelay": "5m",
- "alertName": "string",
- "queries": [
- {
- "rowId": "A",
- "query": "_sourceCategory=search error"
}
], - "triggers": [
- {
- "detectionMethod": "StaticCondition",
- "timeRange": "15m",
- "triggerType": "Critical",
- "threshold": 50,
- "thresholdType": "GreaterThanOrEqual",
- "occurrenceType": "ResultCount",
- "triggerSource": "AllResults"
}, - {
- "detectionMethod": "StaticCondition",
- "timeRange": "15m",
- "triggerType": "ResolvedCritical",
- "threshold": 50,
- "thresholdType": "LessThan",
- "occurrenceType": "ResultCount",
- "triggerSource": "AllResults"
}
], - "notifications": [
- {
- "notification": {
- "connectionType": "Slack",
- "connectionId": "0000000000000005"
}, - "runForTriggerTypes": [
- "Critical"
]
}, - {
- "notification": {
- "connectionType": "Email",
- "messageBody": "Alert Triggered!",
- "recipients": [
- "john@doe.com"
], - "subject": "Monitor Alert: {{TriggerType}} on {{SearchName}}",
- "timeZone": "America/Los_Angeles"
}, - "runForTriggerTypes": [
- "Critical"
]
}
], - "isDisabled": false,
- "status": "[Normal]",
- "groupNotifications": true,
- "warnings": {
- "property1": "string",
- "property2": "string"
}, - "playbook": "This issue typically happens when database calls are timing out. Look at ServiceA's dashboard to investigate further"
}
}, - "warnings": [
- {
- "code": "content:not_found",
- "message": "Monitor id=0000000000000001 not found."
}
]
}Bulk read a monitor or folder.
Bulk read a monitor or folder by the given identifiers from the monitors library.
Authorizations:
query Parameters
| ids required | Array of strings Example: ids=0000000000000001,0000000000000002,0000000000000003 A comma-separated list of identifiers. |
Responses
Response samples
- 200
- default
{- "property1": {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
]
}, - "property2": {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
]
}
}Create a monitor or folder.
Create a monitor or folder in the monitors library.
Authorizations:
query Parameters
| parentId required | string Identifier of the parent folder in which to create the monitor or folder. |
Request Body schema: application/json
The monitor or folder to create.
| name required | string Name of the monitor or folder. |
| description | string Default: "" Description of the monitor or folder. |
| type required | string Type of the object model. Valid values:
|
Responses
Request samples
- Payload
{- "name": "string",
- "description": "",
- "type": "MonitorsLibraryFolder"
}Response samples
- 200
- default
{- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "MonitorsLibraryFolderResponse",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
], - "children": [
- {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
]
}
]
}Bulk delete a monitor or folder.
Bulk delete a monitor or folder by the given identifiers in the monitors library.
Authorizations:
query Parameters
| ids required | Array of strings Example: ids=0000000000000001,0000000000000002,0000000000000003 A comma-separated list of identifiers. |
Responses
Response samples
- 200
- default
{- "property1": {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
]
}, - "property2": {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
]
}
}Get the root monitors folder.
Get the root folder in the monitors library.
Authorizations:
Responses
Response samples
- 200
- default
{- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "MonitorsLibraryFolderResponse",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
], - "children": [
- {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
]
}
]
}Read a monitor or folder by its path.
Read a monitor or folder by its path in the monitors library structure.
Authorizations:
query Parameters
| path required | string The path of the monitor or folder. |
Responses
Response samples
- 200
- default
{- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "MonitorsLibraryFolderResponse",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
], - "children": [
- {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
]
}
]
}Search for a monitor or folder.
Search for a monitor or folder in the monitors library structure.
Authorizations:
query Parameters
| query required | string Example: query=createdBy:000000000000968B Test The search query to find monitor or folder. Below is the list of different filters with examples:
You can also use multiple filters in one query. For example to search for all content objects created by user with identifier 000000000000968B with creation timestamp after 1457997222 containing the text Test, the query would look like: |
| limit | integer <int32> Default: 100 Example: limit=10 Maximum number of items you want in the response. |
| offset | integer <int32> Default: 0 Example: offset=5 The position or row from where to start the search operation. |
Responses
Response samples
- 200
- default
[- {
- "item": {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
]
}, - "path": "/Monitors/SampleFolder/TestMonitor"
}
]Get a monitor or folder.
Get a monitor or folder from the monitors library.
Authorizations:
path Parameters
| id required | string Identifier of the monitor or folder to read. |
Responses
Response samples
- 200
- default
{- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "MonitorsLibraryFolderResponse",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
], - "children": [
- {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
]
}
]
}Update a monitor or folder.
Update a monitor or folder in the monitors library.
Authorizations:
path Parameters
| id required | string Identifier of the monitor or folder to update. |
Request Body schema: application/json
The monitor or folder to update. The content version must match its latest version number in the monitors library. If the version does not match it will not be updated.
| name required | string The name of the monitor or folder. |
| description | string Default: "" The description of the monitor or folder. |
| version required | integer <int64> The version of the monitor or folder. |
| type required | string Type of the object model. |
Responses
Request samples
- Payload
{- "name": "string",
- "description": "",
- "version": 0,
- "type": "MonitorsLibraryFolderUpdate"
}Response samples
- 200
- default
{- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "MonitorsLibraryFolderResponse",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
], - "children": [
- {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
]
}
]
}Delete a monitor or folder.
Delete a monitor or folder from the monitors library.
Authorizations:
path Parameters
| id required | string Identifier of the monitor or folder to delete. |
Responses
Response samples
- default
{- "id": "IUUQI-DGH5I-TJ045",
- "errors": [
- {
- "code": "auth:password_too_short",
- "message": "Your password was too short."
}, - {
- "code": "auth:password_character_classes",
- "message": "Your password did not contain any non-alphanumeric characters"
}
]
}Get the path of a monitor or folder.
Get the full path of the monitor or folder in the monitors library.
Authorizations:
path Parameters
| id required | string Identifier of the monitor or folder. |
Responses
Response samples
- 200
- default
{- "pathItems": [
- {
- "id": "string",
- "name": "string"
}
], - "path": "string"
}Move a monitor or folder.
Move a monitor or folder to a different location in the monitors library.
Authorizations:
path Parameters
| id required | string Identifier of the monitor or folder to move. |
query Parameters
| parentId required | string Identifier of the parent folder to move the monitor or folder to. |
Responses
Response samples
- 200
- default
{- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "MonitorsLibraryFolderResponse",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
], - "children": [
- {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
]
}
]
}Copy a monitor or folder.
Copy a monitor or folder in the monitors library.
Authorizations:
path Parameters
| id required | string Identifier of the monitor or folder to copy. |
Request Body schema: application/json
Fields include:
- Identifier of the parent folder to copy to.
- Optionally provide a new name.
- Optionally provide a new description.
- Optionally set to true if you want to copy and preserve the locked status. Requires
LockMonitorscapability.
| parentId required | string Identifier of the parent folder to copy to. |
| name | string Optionally provide a new name. |
| description | string Optionally provide a new description. |
Responses
Request samples
- Payload
{- "parentId": "string",
- "name": "string",
- "description": "string"
}Response samples
- 200
- default
{- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "MonitorsLibraryFolderResponse",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
], - "children": [
- {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
]
}
]
}Export a monitor or folder.
Export a monitor or folder. If the given identifier is a folder, everything under the folder is exported recursively with folder as the root.
Authorizations:
path Parameters
| id required | string Identifier of the monitor or folder to export. |
Responses
Response samples
- 200
- default
{- "name": "string",
- "description": "string",
- "type": "MonitorsLibraryFolderExport",
- "children": [
- {
- "name": "string",
- "description": "string",
- "type": "string"
}
]
}Import a monitor or folder.
Import a monitor or folder.
Authorizations:
path Parameters
| parentId required | string Identifier of the parent folder in which to import the monitor or folder. |
Request Body schema: application/json
The monitor or folder to be imported.
| name required | string Name of the monitor or folder. |
| description | string Description of the monitor or folder. |
| type required | string Type of the object model. |
Array of objects (MonitorsLibraryBaseExport) [ items ] The items in the folder. A multi-type list of types monitor or folder. |
Responses
Request samples
- Payload
{- "name": "string",
- "description": "string",
- "type": "MonitorsLibraryFolderExport",
- "children": [
- {
- "name": "string",
- "description": "string",
- "type": "string"
}
]
}Response samples
- 200
- default
{- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "MonitorsLibraryFolderResponse",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
], - "children": [
- {
- "id": "string",
- "name": "string",
- "description": "string",
- "version": 0,
- "createdAt": "2019-08-24T14:15:22Z",
- "createdBy": "string",
- "modifiedAt": "2019-08-24T14:15:22Z",
- "modifiedBy": "string",
- "parentId": "string",
- "contentType": "string",
- "type": "string",
- "isSystem": true,
- "isMutable": true,
- "permissions": [
- "Read",
- "Delete"
]
}
]
}