timeline -凯发k8国际|首页

j

api

events

路径

/search/events/

参数

参数含义合法值默认值
source_group日志分组all和用户定义的日志分组名all
time_range搜索的时间范围
  • 以逗号分隔的两个以毫秒计的unix时间戳
  • 第二个值可用字符串now表示当前时间
  • 第一个值可用负号加数字加d或m表示距当前时间几天或几分钟,如-1d,-1m
-3d,now
query搜索语句日志易的搜索语句支持全文检索、逻辑运算、正则表达式等:*
filter_field使用字段过滤使用字符串|-$!|分隔的field名和值。每个field的name和value之间用冒号分隔,value用双引号括起来;包括tag、 appname、 logtype也可通过此参数过滤:样例如logtype:"apache"|-$!|appache.status:"200"
order对结果排序descascdesc
page结果分页的页码大于等于0开始的数字0
size结果每页的数量大于等于1的数字20

参数样例

http://yottaapi.test:7001/v0/search/events/?ak=e35b49c3ee6bf2cfaf1312518d1799a8&qt=1418718860789&sign=86f7523bf4e9ea2bc4653fd8803c201d

返回结果说明

返回结果样例

{
    result: true,
    total: 101,
    page: 0,
    size: 20,
    events: [
      {
      "appname": "dev-access",
      "timestamp": 1418704239000,
      "hostname": "centos6-70-alltest",
      "raw_message": "192.168.1.118 - - [16/dec/2014:12:30:39  0800] \"get /api/v0/search/fields/?field=appname:&filters=&order=&page=1&query=*&size=50&sourcegroup=all&sourcegroupcn=所有日志&time_range=-1d,now&type=fields http/1.1\" 200 325 \"http://alltest.rizhiyi.com/search/?query=*&time_range=-1d,now&order=&size=20&page=1&sourcegroup=all&type=timeline&_t=1418704212442&title=新标签&index=2\" \"mozilla/5.0 (macintosh; intel mac os x 10.9; rv:34.0) gecko/20100101 firefox/34.0\"",
      "logtype": "apache",
      "apache": {
          "status": [
              200
          ],
          "referer_domain": [
              "alltest.rizhiyi.com"
          ],
          "resp_len": [
              325
          ],
          "version": [
              "1.1"
          ],
          "referer": [
              "http://alltest.rizhiyi.com/search/?query=*&time_range=-1d,now&order=&size=20&page=1&sourcegroup=all&type=timeline&_t=1418704212442&title=新标签&index=2"
          ],
          "clientip": [
              "192.168.1.118"
          ],
          "request_path": [
              "/api/v0/search/fields/"
          ],
          "ua": {
              "device": [
                  "other"
              ],
              "browser_v": [
                  "firefox 34.0"
              ],
              "os": [
                  "mac os x"
              ],
              "os_v": [
                  "mac os x 10.9"
              ],
              "browser": [
                  "firefox"
              ]
          },
          "method": [
              "get"
          ],
          "request_query": [
              "field=appname:&filters=&order=&page=1&query=*&size=50&sourcegroup=all&sourcegroupcn=所有日志&time_range=-1d,now&type=fields"
          ]
      },
      "tag": [
        "devtest"
        ]
      },
    ....
      ]
}