REST API to send log data, export data and manage configuration

To utilize the inline testing functionality here, please go into your Mezmo account and add the following address to your CORS Origins page: https://docs.mezmo.com.

Server
https://api.mezmo.com
Server Variables

This key is used for all apis with the exception o ingest. You can obtain it following these instructions and placing the key in the header of your call.

Fields
KeyIn
servicekeyHeader
apiKey apikeyAuth

This key is used for ingestion. You can obtain it following these instructions and placing the key in the header of your call.

Fields
KeyIn
apikeyHeader

As an alternative to authenticating with a header value, you can also use basic authentication. To use either apiKey or servicekey as basic authentication, simply pass the key as the username with no password. For example:

curl https://api.logdna.com/v1/config/view -u INSERT_INGESTION_KEY:

Archiving

Authentication: You can find instructions on authentication here.

The LogDNA Archiving API enables you to programmatically configure your archiving instances via code. Specifically you can set up cold storage buckets to send your logs for long term storage.

Get Archive Configuration

Use this method to get an existing archiving configuration.

Auth
GET /v1/config/archiving
Copy
Responses
200

OK

objectobject
integrationstring

Defines the type of notification channel. Valid values are: email, webhook, slack, and pagerduty

bucketstring

Name of the bucket.

endpointstring

Private endpoint associated with the bucket.

apikeystring

API key that is needed to authenticate with the Cloud Object Storage service.

resourceinstanceidstring

CRN of the Cloud Object Storage instance ID where the bucket is available.

accountnamestring

Account name

accountkeystring

Account key

projectidstring

Project ID

spacestring

Space

accesskeystring

Access key

secretkeystring

Secret key

authurlstring

Auth URL

expiresstring

Expires

usernamestring

Username

passwordstring

Password provided in credentials for authorization

tenantnamestring

Tenant name

404

Archiving configuration not found

Response
Copy

Create Archive Configuration

Use this method to configure archiving for an instance. Only one archiving configuration may exist at any time.

Auth
Request Body

Request parameters

objectobject
integrationstring

Defines the type of notification channel. Valid values are: email, webhook, slack, and pagerduty

bucketstring

Name of the bucket.

endpointstring

Private endpoint associated with the bucket.

apikeystring

API key that is needed to authenticate with the Cloud Object Storage service.

resourceinstanceidstring

CRN of the Cloud Object Storage instance ID where the bucket is available.

accountnamestring

Account name

accountkeystring

Account key

projectidstring

Project ID

spacestring

Space

accesskeystring

Access key

secretkeystring

Secret key

authurlstring

Auth URL

expiresstring

Expires

usernamestring

Username

passwordstring

Password provided in credentials for authorization

tenantnamestring

Tenant name

POST /v1/config/archiving
Copy
Responses
200

OK

objectobject
integrationstring

Defines the type of notification channel. Valid values are: email, webhook, slack, and pagerduty

bucketstring

Name of the bucket.

endpointstring

Private endpoint associated with the bucket.

apikeystring

API key that is needed to authenticate with the Cloud Object Storage service.

resourceinstanceidstring

CRN of the Cloud Object Storage instance ID where the bucket is available.

accountnamestring

Account name

accountkeystring

Account key

projectidstring

Project ID

spacestring

Space

accesskeystring

Access key

secretkeystring

Secret key

authurlstring

Auth URL

expiresstring

Expires

usernamestring

Username

passwordstring

Password provided in credentials for authorization

tenantnamestring

Tenant name

400

Bad request

409

An archiving configuration already exists. Cannot create a new one

Response
Copy

Update Archive Configuration

Use this method to update an existing archiving configuration.

Auth
Request Body

Request parameters

objectobject
integrationstring

Defines the type of notification channel. Valid values are: email, webhook, slack, and pagerduty

bucketstring

Name of the bucket.

endpointstring

Private endpoint associated with the bucket.

apikeystring

API key that is needed to authenticate with the Cloud Object Storage service.

resourceinstanceidstring

CRN of the Cloud Object Storage instance ID where the bucket is available.

accountnamestring

Account name

accountkeystring

Account key

projectidstring

Project ID

spacestring

Space

accesskeystring

Access key

secretkeystring

Secret key

authurlstring

Auth URL

expiresstring

Expires

usernamestring

Username

passwordstring

Password provided in credentials for authorization

tenantnamestring

Tenant name

PUT /v1/config/archiving
Copy
Responses
200

OK

objectobject
integrationstring

Defines the type of notification channel. Valid values are: email, webhook, slack, and pagerduty

bucketstring

Name of the bucket.

endpointstring

Private endpoint associated with the bucket.

apikeystring

API key that is needed to authenticate with the Cloud Object Storage service.

resourceinstanceidstring

CRN of the Cloud Object Storage instance ID where the bucket is available.

accountnamestring

Account name

accountkeystring

Account key

projectidstring

Project ID

spacestring

Space

accesskeystring

Access key

secretkeystring

Secret key

authurlstring

Auth URL

expiresstring

Expires

usernamestring

Username

passwordstring

Password provided in credentials for authorization

tenantnamestring

Tenant name

400

Bad request

404

Existing archiving integration not found

Response
Copy

Delete Archive Configuration

Use this method to delete the archiving configuration.

Auth
DELETE /v1/config/archiving
Copy
Responses
200

OK

No response body
404

Archiving configuration not found

Response
Copy

List Views

Get a list of views.

Auth
GET /v1/config/view
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Create View

Use this method to create a view and attach alerts to the view.

Auth
Request Body

Request parameters

POST /v1/config/view
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Get View

Gets the configuration for a specific view.

Auth
Path Params
viewIdstring

ID of a view.

GET /v1/config/view/{viewId}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Update View

Use this method to update a view. You can change the view configuration details; add or remove view specific alerts; or attach and detach preset alerts.

Auth
Path Params
viewIdstring

ID of a view.

Request Body

Request parameters

PUT /v1/config/view/{viewId}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Delete View

Use this method to delete a view and any attached alerts.

Auth
Path Params
viewIdstring

ID of a view.

DELETE /v1/config/view/{viewId}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

List Preset Alerts

Returns all Preset Alerts in the account.

Auth
GET /v1/config/presetalert
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Create Preset Alert

Use this method to create a preset alert.

Auth
Request Body

Request parameters

POST /v1/config/presetalert
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Get Preset Alert

Get a specific preset alert

Auth
Path Params
presetIdstring

ID of a preset alert.

GET /v1/config/presetalert/{presetId}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Update Alert

Update a specific preset alert.

Auth
Path Params
presetIdstring

ID of a preset alert.

Request Body

Request parameters

PUT /v1/config/presetalert/{presetId}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Delete Alert

Use this method to delete a preset alert.

Auth
Path Params
presetIdstring

ID of a preset alert.

DELETE /v1/config/presetalert/{presetId}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

List Categories

Returns all Categories of a type.

Auth
Path Params
typestring

Category type. Must be [views, boards, screens]

GET /v1/config/categories/{type}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Create New Category

Creates a new category of this type.

Auth
Path Params
typestring

Category type. Must be [views, boards, screens]

Request Body

Request parameters

objectobject
namestring

Name of a view.

POST /v1/config/categories/{type}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Get Category

Get a specific category

Auth
Path Params
typestring

Category type. Must be [views, boards, screens]

idstring

ID of category.

GET /v1/config/categories/{type}/{id}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Update Category

Update a specific category.

Auth
Path Params
typestring

Category type. Must be [views, boards, screens]

idstring

ID of category.

Request Body

Request parameters

objectobject
namestring

Name of a view.

PUT /v1/config/categories/{type}/{id}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Delete Category

Use this method to delete a category.

Auth
Path Params
typestring

Category type. Must be [views, boards, screens]

idstring

ID of category.

DELETE /v1/config/categories/{type}/{id}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Export

LogDNA provides two endpoints for exporting your log lines. Read the sections below to learn about each, and determine which is appropriate for your use case.

Export API v1

The Export API v1 is used to export log lines in JSONL format. Based on your specific plan, the maximum number of logs returned is limited to 10,000 / 20,000. There are two distinct functionalities:

  1. Streaming desired log lines directly from the response as raw text data
  2. Specifying an email to receive a link that can be used to the download the desired log lines

Note When an email address is specified, the desired log lines will not be streamed to the response body. The response will instead send a notification indicating that the request was successful and that the results will be sent to the email address provided in the request. This entails archiving and uploading the desired logs to a storage provider. The email includes a URI to download the logs. Be aware that access to this URI will expire after 24-48 hours.

Export API v2

The Export API v2 provides an enhancement over v1, allowing you to export any number of log lines using pagination and by-passing the plan-specific limit imposed in v1. By making (multiple) subsequent requests using the pagination_id parameter, you can retrieve logs in batches of JSON until all matching log lines have been returned.

Each Export API v2 request is limited to 10,000 lines.

Pagination Functionality

Pagination is only necessary when the desired set of log lines is larger than 10,000, since this is the maximum number of results that can be returned in a given page. If an export does not exceed this size, the behavior is similar to v1 -- all of the logs will be returned in a single "page" and no further requests are needed. When an export does exceed this size, refer to the steps outlined below.

This is the expected workflow to export a set (cardinality > 10,000) of log lines that requires pagination:

  1. Send an initial request with valid query parameters to retrieve logs. Pass a null value for the pagination_id in the first request.
  2. The JSON response contains 2 fields: lines and pagination_id. The former is an array containing the corresponding batch (the first batch in this case) of logs and the latter is a token used to retrieve the next page of results.
  3. Send a subsequent request using the same initial query parameters and also passing in the token received in the response to the pagination_id parameter. This will retrieve the next page of results.
  4. Repeat this request-response cycle, updating the pagination_id parameter with the token returned in every new response, until the response eventually returns a null value for the token. This indicates that the corresponding batch of logs is the last and that you have reached the final page.

Important Considerations In subsequent requests to paginate through results, make sure none of the query parameters & values are modified from the initial request (excluding pagination_id)

The tokens used in the pagination_id parameter are tied to a specific export and page so they can be used repeatedly in requests to return deterministic results

"0" can be passed in to the from and to parameters which will be resolved to timestamps for a plan's retention boundary and the current time respectively. This behavior is independent so the value can be passed interchangeably to the parameters -- resulting in 4 possible scenarios:

  • [from: <user-specified timestamp>, to: <user-specified timestamp>]
  • [from: 0 (retention boundary), to: <user-specified timestamp>]
  • [from: <user-specified timestamp>, to: 0 (current time)]
  • [from: 0 (retention boundary), to: 0 (current time)]

Export log lines

Use this method to export logs in JSON format from a logging instance.

Auth
Query String
fromstring

Start time. Set as UNIX timestamp in seconds or milliseconds.

tostring

End time. Set as UNIX timestamp in seconds or milliseconds.

sizestring

Number of log lines to include in the export.

hostsstring

Comma-separated list of hosts.

appsstring

Comma-separated list of applications.

levelsstring

Comma-separated list of log levels.

querystring

Search query.

preferstring

Defines the log lines that you want to export. Valid values are head, first log lines, and tail, last log lines. If not specified, defaults to tail.

emailstring

Specifies the email with the downloadable link of your export. By default, the log lines are streamed.

emailSubjectstring

Use to set the subject of the email. Use to represent a space. For example, a sample value is Export logs.

GET /v1/export
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Export log lines

Use this method to export logs in JSON format from a logging instance.

Auth
Query String
fromstring

Start time (inclusive). Set as UNIX timestamp in seconds or milliseconds.

tostring

End time (inclusive). Set as UNIX timestamp in seconds or milliseconds.

sizestring

Number of log lines to include in the export.

hostsstring

Comma-separated list of hosts.

appsstring

Comma-separated list of applications.

levelsstring

Comma-separated list of log levels.

querystring

Search query.

preferstring

Defines the log lines that you want to export. Valid values are head, first log lines, and tail, last log lines. If not specified, defaults to tail.

pagination_idstring

ID that indicates which page of results to be retrieved. Leave empty for the initial export request.

GET /v2/export
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Ingestion

Ingestion API

Send Log Lines

Use this method to send logs to a logging instance.

Authentication

You can find instructions on authentication here. Ingestion is similar to the other APIs, but instead of servicekey you will use apikey if you are using the header style authentication.

Metadata

Meta is a field reserved for custom information associated with a log line. To add metadata to an API call, specify the meta field under the lines object. Metadata can be viewed inside that line's context

WARNING: If inconsistent value types are used, that line's metadata, will not be parsed. For example, if a line is passed with a meta object, such as meta.myfield of type String, any subsequent lines with meta.myfield must have a String as the value type for meta.myfield.

Please be aware of service limits on this endpoint

Auth
Query String
hostnamestring

Host name of the source.

macstring

The network mac address of the host computer.

pattern: ^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$

ipstring

The local IP address of the host computer.

nowstring

The source UNIX timestamp in milliseconds at the time of the request. Used to calculate time drift.

tagsstring

Tags that are used to dynamically group hosts.

Request Body

You can send multiple log lines in a request.

objectobject
linesarray[object]
timestampstring

UNIX timestamp, including milliseconds, when the log entry was recorded.

linestring

Text of the log line.

appstring

Name of the application that generates the log line.

levelstring

Set a value for the level. For example, sample values for this parameter are INFO, WARNING, ERROR.

metastring

This field is reserved for custom information that is associated with a log line. To add metadata to an API call, specify the meta field under the lines object. Metadata can be viewed inside that line's context.

POST /logs/ingest
Copy
Responses
200

OK

objectobject
*object
401

Unauthorized

403

Forbidden

404

Not Found

Response
Copy

Exclusions

Authentication: You can find instructions on authentication here.

Control what you store by creating exclusion rules. New lines that match an exclusion rule will not be stored and will not count toward your storage quota.

List Exclusion Rules

Returns a list of exclusion rules. Note: This does not return usage quota rules.

Auth
GET /v1/config/ingestion/exclusions
Copy
Responses
200

OK

arrayarray[object]
hostsarray[string]
appsarray[string]
titlestring

minLength: 1

activeboolean
indexonlyboolean

Default: true

querystring

Search query.

idstring

minLength: 1

500

Internal Server error occured when trying to fetch exclusion rules

Response
Copy

Create Exclusion Rule

Create a new ingestion exclusion rule to help reduce log volume

Auth
Request Body

Request parameters

objectobject
hostsarray[string]
appsarray[string]
titlestring

minLength: 1

activeboolean
indexonlyboolean

Default: true

querystring

Search query.

POST /v1/config/ingestion/exclusions
Copy
Responses
200

OK

objectobject
hostsarray[string]
appsarray[string]
titlestring

minLength: 1

activeboolean
indexonlyboolean

Default: true

querystring

Search query.

idstring

minLength: 1

400

Bad request. Query inside of exclusion rule failed to parse.

500

An internal error occured when trying to create exclusion rule.

Response
Copy

Get Exclusion Rule

Returns an exclusion rule with the id specified.

Auth
Path Params
idstring

ID of an exclusion rule.

GET /v1/config/ingestion/exclusions/{id}
Copy
Responses
200

OK

arrayarray[object]
hostsarray[string]
appsarray[string]
titlestring

minLength: 1

activeboolean
indexonlyboolean

Default: true

querystring

Search query.

idstring

minLength: 1

400

Malformed ingestion exclusion rule response payload. The exclusion rule may be stored incorrectly

404

Exclusion rule not found

500

Internal Server Error. Failed to get exclusion rule

Response
Copy

Update Exclusion Rule

Updates an existing exclusion rule

Auth
Path Params
idstring

ID of an exclusion rule.

Request Body

Request parameters

objectobject
hostsarray[string]
appsarray[string]
titlestring

minLength: 1

activeboolean
indexonlyboolean

Default: true

querystring

Search query.

PATCH /v1/config/ingestion/exclusions/{id}
Copy
Responses
200

OK

objectobject
hostsarray[string]
appsarray[string]
titlestring

minLength: 1

activeboolean
indexonlyboolean

Default: true

querystring

Search query.

idstring

minLength: 1

400

Bad request. The rule is invalid. Double check rule and query syntax and try again.

500

Internal server error. The rule could not be updated at this time.

Response
Copy

Delete Exclusion Rule

Use this method to delete an exclusion rule.

Auth
Path Params
idstring

ID of an exclusion rule.

DELETE /v1/config/ingestion/exclusions/{id}
Copy
Responses
200

OK

No response body
404

Exclusion rule not found

500

Internal Server Error. Failed to delete exclusion rule.

Response
Copy

Suspensions

Authentication: You can find instructions on authentication here.

The LogDNA Start/Stop Ingestion API allows users to programmatically manage their data ingestion status.

Users can get the current status of their ingestion, suspend their ingestion, and resume their ingestion. To prevent an accidental API call, the suspension of ingestion requires two subsequent API calls.

You can find instructions on authentication here.

Get Ingestion Status

Retrieve the status of ingestion

Auth
GET /v1/config/ingestion/status
Copy
Responses
200

OK

objectobject
isIngestingboolean
500

Failed to fetch ingestion status

Response
Copy

Initiate Ingestion Suspension

First step in suspending ingestion for the instance. Returns a token for use in /suspend/confirm to actually stop ingestion

Auth
POST /v1/config/ingestion/suspend
Copy
Responses
200

Token to be used in /suspend/confirm

objectobject
tokenstring
Response
Copy

Confirm Ingestion Suspension

After /suspend is called, a token is returned for use with this route as a confirmation.

Auth
Request Body

Request parameters

objectobject
tokenstring
POST /v1/config/ingestion/suspend/confirm
Copy
Responses
200

OK

objectobject
statusstring
400

Bad Suspend Token

500

Failed to fetch ingestion status

Response
Copy

Resume Ingestion

Resumes ingestion if it has been previously suspended

Auth
POST /v1/config/ingestion/resume
Copy
Responses
200

OK

objectobject
statusstring
500

Failed to fetch ingestion status

Response
Copy

Usage V1

Authentication: You can find instructions on authentication here.

The Usage API provides endpoints for retrieving aggregated usage information for applications, hosts and tags during a time period.

While the to and from times are unix timestamps, the report is granular by day. Therefore only the day portion is used to establish a date range.

How is Usage defined?

This API defines usage as a percentage of the total number of lines ingested by the account within the defined period of time. For example, an app called myapp that returns a percentage of 15 in the response object has 15 percent of their logs coming from myapp.

List Usage By App

Lists aggregated usage information for all apps during a time period.

Auth
Query String
frominteger

Start date. Set as UNIX timestamp in seconds.

tointeger

End date. Set as UNIX timestamp in seconds.

limitinteger

Maximum amount of apps to retrieve.

GET /v1/usage/apps
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Get Usage By App

Gets the aggregated usage information for an app matching the name provided as a path parameter, during a time period. Returns null when not found.

Auth
Path Params
namestring

The name of the app from which to get the aggregated usage data

Query String
frominteger

Start date. Set as UNIX timestamp in seconds.

tointeger

End date. Set as UNIX timestamp in seconds.

GET /v1/usage/apps/{name}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

List Usage by Tag

Lists aggregated usage information for all tags during a time period.

Auth
Query String
frominteger

Start date. Set as UNIX timestamp in seconds.

tointeger

End date. Set as UNIX timestamp in seconds.

limitinteger

Maximum amount of apps to retrieve.

GET /v1/usage/tags
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Get Usage by Tag

Gets the aggregated usage information for a tag matching the name provided as a path parameter, during a time period. Returns null when not found.

Auth
Path Params
namestring

The name of the app from which to get the aggregated usage data

Query String
frominteger

Start date. Set as UNIX timestamp in seconds.

tointeger

End date. Set as UNIX timestamp in seconds.

GET /v1/usage/tags/{name}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

List Usage by Host

Lists aggregated usage information for all hosts during a time period.

Auth
Query String
frominteger

Start date. Set as UNIX timestamp in seconds.

tointeger

End date. Set as UNIX timestamp in seconds.

limitinteger

Maximum amount of apps to retrieve.

GET /v1/usage/hosts
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Get Usage by Host

Gets the aggregated usage information for a host matching the name provided as a path parameter, during a time period. Returns null when not found.

Auth
Path Params
namestring

The name of the app from which to get the aggregated usage data

Query String
frominteger

Start date. Set as UNIX timestamp in seconds.

tointeger

End date. Set as UNIX timestamp in seconds.

GET /v1/usage/hosts/{name}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Usage V2

Authentication: You can find instructions on authentication here.

The Usage API provides endpoints for retrieving aggregated usage information for applications, hosts and tags during a time period.

While the to and from times are unix timestamps, the report is granular by day. Therefore only the day portion is used to establish a date range.

How is Usage defined?

This API defines usage as the number of bytes used by the log lines stored on disk by the account within the defined period of time. For example, an app called myapp that returns 150,000 total bytes in the response object indicates that myapp is consuming 150,000 bytes of disk storage over the time range.

Retrieve account usage totals

Get aggregated usage information for an account's data during a time period.

Auth
Query String
fromstring

Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.

tostring

End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.

GET /v2/usage
Copy
Responses
200

OK

objectobject
fromstring

The calculated starting time (exclusive) used internally.

tostring

The calculated ending time (exclusive) used internally.

resultsobject
plan_bytesnumber
restored_bytesnumber
xd_vr_bytesnumber

The number of bytes of logs stored for this variable retention type where x is 3, 7, 14, or 30 day

400

Bad request

Response
Copy

List Usage By App

Lists aggregated usage information for all apps during a time period.

Auth
Query String
fromstring

Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.

tostring

End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.

limitinteger

Maximum amount of apps to retrieve.

retentionstring

Limit report to apps that contribute to a variable retention pool. Value must be a string indicating the retention pool duration, e.g. 7d for a seven day retention pool.

GET /v2/usage/apps
Copy
Responses
200

OK

objectobject
fromstring

The calculated starting time (exclusive) used internally.

tostring

The calculated ending time (exclusive) used internally.

resultsarray[object]
namestring

The name of the app.

total_bytesinteger

The number of bytes of disk the app consumes over the time range.

400

Bad request

Response
Copy

Get Usage By App

Gets the aggregated usage information for an app matching the name provided as a path parameter during a time period. The results will either have a singular item, or be an empty array.

Auth
Path Params
namestring

The name of the app from which to get the aggregated usage data.

Query String
fromstring

Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.

tostring

End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.

retentionstring

Limit report to apps that contribute to a variable retention pool. Value must be a string indicating the retention pool duration, e.g. 7d for a seven day retention pool.

GET /v2/usage/apps/{name}
Copy
Responses
200

OK

objectobject
fromstring

The calculated starting time (exclusive) used internally.

tostring

The calculated ending time (exclusive) used internally.

resultsarray[object]
namestring

The name of the app.

total_bytesinteger

The number of bytes of disk the app consumes over the time range.

400

Bad request

Response
Copy

List Usage by Host

Lists aggregated usage information for all hosts during a time period.

Auth
Query String
fromstring

Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.

tostring

End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.

limitinteger

Maximum amount of hosts to retrieve.

retentionstring

Limit report to hosts that contribute to a variable retention pool. Value must be a string indicating the retention pool duration, e.g. 7d for a seven day retention pool.

GET /v2/usage/hosts
Copy
Responses
200

OK

objectobject
fromstring

The calculated starting time (exclusive) used internally.

tostring

The calculated ending time (exclusive) used internally.

resultsarray[object]
namestring

The name of the host.

total_bytesinteger

The number of bytes of disk the host consumes over the time range.

400

Bad request

Response
Copy

Get Usage by Host

Gets the aggregated usage information for a host matching the name provided as a path parameter during a time period. The results will either have a singular item, or be an empty array.

Auth
Path Params
namestring

The name of the host from which to get the aggregated usage data.

Query String
fromstring

Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.

tostring

End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.

retentionstring

Limit report to hosts that contribute to a variable retention pool. Value must be a string indicating the retention pool duration, e.g. 7d for a seven day retention pool.

GET /v2/usage/hosts/{name}
Copy
Responses
200

OK

objectobject
fromstring

The calculated starting time (exclusive) used internally.

tostring

The calculated ending time (exclusive) used internally.

resultsarray[object]
namestring

The name of the host.

total_bytesinteger

The number of bytes of disk the host consumes over the time range.

400

Bad request

Response
Copy

List Usage by Tag

Lists aggregated usage information for all tags during a time period.

Auth
Query String
fromstring

Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.

tostring

End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.

limitinteger

Maximum amount of tags to retrieve.

retentionstring

Limit report to tags that contribute to a variable retention pool. Value must be a string indicating the retention pool duration, e.g. 7d for a seven day retention pool.

GET /v2/usage/tags
Copy
Responses
200

OK

objectobject
fromstring

The calculated starting time (exclusive) used internally.

tostring

The calculated ending time (exclusive) used internally.

resultsarray[object]
namestring

The name of the tag.

total_bytesinteger

The number of bytes of disk the tag consumes over the time range.

400

Bad request

Response
Copy

Get Usage by Tag

Gets the aggregated usage information for a tag matching the name provided as a path parameter during a time period. The results will either have a singular item, or be an empty array.

Auth
Path Params
namestring

The name of the tag from which to get the aggregated usage data.

Query String
fromstring

Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.

tostring

End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.

retentionstring

Limit report to tags that contribute to a variable retention pool. Value must be a string indicating the retention pool duration, e.g. 7d for a seven day retention pool.

GET /v2/usage/tags/{name}
Copy
Responses
200

OK

objectobject
fromstring

The calculated starting time (exclusive) used internally.

tostring

The calculated ending time (exclusive) used internally.

resultsarray[object]
namestring

The name of the tag.

total_bytesinteger

The number of bytes of disk the tag consumes over the time range.

400

Bad request

Response
Copy

List Groups

Use this method to list the log groups.

Auth
GET /v1/config/groups
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Create Group

Use this method to create a log group where you can scope the data that is accessible by members in that group.

Auth
Headers
servicekeystring

A provisioned service key for your account.

Request Body

Request parameters

objectobject
namestring

Name of a log group.

accessScopesstring

Query that determines the data that is visible to members of a group.

POST /v1/config/groups
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Get Group

Use this method to get information on a group.

Auth
Path Params
groupIdstring

ID of a group.

GET /v1/config/groups/{groupId}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Delete Group

Use this method to list the log groups.

Auth
Headers
servicekeystring

A provisioned service key for your account.

Path Params
groupIdstring

ID of a group.

DELETE /v1/config/groups/{groupId}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Update Group

Use this method to modify a log group. You can change the name of the group and the access scope that defines the data that is accessible by members in that group.

Auth
Headers
servicekeystring

A provisioned service key for your account.

Path Params
groupIdstring

ID of a group.

Request Body

Request parameters

objectobject
namestring

Name of a log group.

accessScopesstring

Query that determines the data that is visible to members of a group.

PATCH /v1/config/groups/{groupId}
Copy
Responses
200

OK

objectobject
*object
400

Bad request

Response
Copy

Retrieve a list of all the keys

Retrieve a list of all the keys for an account. Supported key types include ingestion and service. Use the type parameter to filter which type of keys to retrieve.

Auth
Query String
typestring

The type of key to retrieve. Defaults to "all"

Enum: ingestion,service,all

GET /v1/config/keys
Copy
Responses
200

A list of keys is returned on success.

arrayarray[object]
idstring

The ID of the key

keystring

A secret key which can be used to authenticate requests to Mezmo.

namestring

A user friendly name for the key

maxLength: 30

typestring

The type of the key

Enum: ingestion,service

createdinteger

The time the key was created as a Unix timestamp in milliseconds

400

The supplied request is invalid or malformed.

Response
Copy

Create a new key

Create a new key of the type specified by the type parameter. If a name is not supplied, one will be auto generated.

Auth
Query String
typestring

The type of key to be created

Enum: ingestion,service,all

Request Body

Modifiable fields can be set in the request body.

objectobject
namestring

A user friendly name for the key

maxLength: 30

POST /v1/config/keys
Copy
Responses
200

A new key was created successfully! The entire key resource is returned.

objectobject
idstring

The ID of the key

keystring

A secret key which can be used to authenticate requests to Mezmo.

namestring

A user friendly name for the key

maxLength: 30

typestring

The type of the key

Enum: ingestion,service

createdinteger

The time the key was created as a Unix timestamp in milliseconds

400

The supplied request is invalid or malformed.

Response
Copy

Retrieve a specific key

Retrieves a specific key by its id.

Auth
Path Params
idstring

The id of the key to retrieve

GET /v1/config/keys/{id}
Copy
Responses
200

The key with the supplied id was found, the entire resource is returned.

objectobject
idstring

The ID of the key

keystring

A secret key which can be used to authenticate requests to Mezmo.

namestring

A user friendly name for the key

maxLength: 30

typestring

The type of the key

Enum: ingestion,service

createdinteger

The time the key was created as a Unix timestamp in milliseconds

404

The specified key was not found.

Response
Copy

Delete a specific key

Delete a specific key by its id.

Auth
Path Params
idstring

The id of the key to delete

DELETE /v1/config/keys/{id}
Copy
Responses
200

The key was deleted successfully, a simple status is returned.

objectobject
messagestring

The status of the request in a human-readable form

deletedboolean

Indicates whether the key was deleted

404

The specified key was not found.

Response
Copy

Update one or more fields of a key resource

Updates all of the fields described in the request body of the specified key. Fields left out of the body will remain unaffected.

Auth
Path Params
idstring

The id of the key to update

Request Body
objectobject
namestring

A user friendly name for the key

maxLength: 30

PUT /v1/config/keys/{id}
Copy
Responses
200

The update was successful; the key resource is returned with updated fields.

objectobject
idstring

The ID of the key

keystring

A secret key which can be used to authenticate requests to Mezmo.

namestring

A user friendly name for the key

maxLength: 30

typestring

The type of the key

Enum: ingestion,service

createdinteger

The time the key was created as a Unix timestamp in milliseconds

400

The supplied request is invalid or malformed.

404

The specified key was not found.

Response
Copy

Get Index Rate Alert

Gets the configuration for an Index Rate Alert

Auth
GET /v1/config/index-rate
Copy
Responses
200

OK

objectobject
max_linesinteger

The number of lines required in order to trigger the alert.

max_z_scoreinteger

The number of standard deviations above the 30 day average lines in order to trigger the alert.

threshold_alertstring

Determines if you want alerts to be triggered if both the max lines and standard deviation have been triggered, or if one of the thresholds has been reached.

Enum: separate,both

frequencystring

Notify recipients once per hour, or once per day, (starting when the threshold is passed the first time) until the index rate drops below the thresholds. When the index rate drops below the thresholds, alerting stops.

Enum: hourly,daily

channelsobject
emailarray[string]
pagerdutyarray[string]
slackarray[string]
webhookarray[object]
urlstring

Webhook URL.

methodstring

WebHook method such as POST.

Enum: POST,PUT,PATCH

headersobject
timestampstring

Header value

bodyTemplatestring
enabledboolean
400

Bad request

500

Internal Server error occurred when trying to fetch index rate alerts

Response
Copy

Update Index Rate Alert

Use this method to update an index rate alert. You can change the alert's configuration details.

Auth
Request Body

Request parameters

objectobject
max_linesinteger

The number of lines required in order to trigger the alert.

max_z_scoreinteger

The number of standard deviations above the 30 day average lines in order to trigger the alert.

threshold_alertstring

Determines if you want alerts to be triggered if both the max lines and standard deviation have been triggered, or if one of the thresholds has been reached.

Enum: separate,both

frequencystring

Notify recipients once per hour, or once per day, (starting when the threshold is passed the first time) until the index rate drops below the thresholds. When the index rate drops below the thresholds, alerting stops.

Enum: hourly,daily

channelsobject
emailarray[string]
pagerdutyarray[string]
slackarray[string]
webhookarray[object]
urlstring

Webhook URL.

methodstring

WebHook method such as POST.

Enum: POST,PUT,PATCH

headersobject
timestampstring

Header value

bodyTemplatestring
enabledboolean
PUT /v1/config/index-rate
Copy
Responses
200

OK

objectobject
max_linesinteger

The number of lines required in order to trigger the alert.

max_z_scoreinteger

The number of standard deviations above the 30 day average lines in order to trigger the alert.

threshold_alertstring

Determines if you want alerts to be triggered if both the max lines and standard deviation have been triggered, or if one of the thresholds has been reached.

Enum: separate,both

frequencystring

Notify recipients once per hour, or once per day, (starting when the threshold is passed the first time) until the index rate drops below the thresholds. When the index rate drops below the thresholds, alerting stops.

Enum: hourly,daily

channelsobject
emailarray[string]
pagerdutyarray[string]
slackarray[string]
webhookarray[object]
urlstring

Webhook URL.

methodstring

WebHook method such as POST.

Enum: POST,PUT,PATCH

headersobject
timestampstring

Header value

bodyTemplatestring
enabledboolean
400

Bad request

500

Internal Server error occurred when trying to fetch index rate alerts

Response
Copy

Lists all members

Retrieves all of the current members in an organization and returns their email, role, and groups.

Auth
GET /v1/config/members
Copy
Responses
200

A list of members is returned on success.

arrayarray[object]
emailstring

Email of a member

rolestring

role of member. Owner shall not be created or set through api

Enum: owner,admin,readonly,member

groupsarray[string]
Response
Copy

Creates a new member

Create a new user and add to the team by providing 'email', 'role' and an optional list of RBAC groups.

Auth
Request Body

Request parameters.

objectobject
emailstring

Email of a member

rolestring

role of member. Owner shall not be created or set through api

Enum: owner,admin,readonly,member

groupsarray[string]
POST /v1/config/members
Copy
Responses
200

A new member was created successfully! Entire memberResource is returned.

objectobject
emailstring

Email of a member

rolestring

role of member. Owner shall not be created or set through api

Enum: owner,admin,readonly,member

groupsarray[string]
400

The supplied request is invalid or malformed.

409

The supplied request leads to an invalid state. The returned error will contain more helpful information.

Response
Copy

Retrieve a member

Returns the role and groups of the specified member.

Auth
Path Params
emailstring
GET /v1/config/members/{email}
Copy
Responses
200

The member with the supplied email was found, the entire resource is returned.

objectobject
emailstring

Email of a member

rolestring

role of member. Owner shall not be created or set through api

Enum: owner,admin,readonly,member

groupsarray[string]
404

The specified member was not found.

Response
Copy

Delete a member

Removes a member from the organization. This does not delete the user.

Auth
Path Params
emailstring
DELETE /v1/config/members/{email}
Copy
Responses
200

The member was removed successfully, a simple status is returned.

objectobject
messagestring

The status of the request in a human-readable form

deletedboolean

Indicates whether the member was deleted

404

The specified member was not found.

409

The specified member (owner) cannot be removed

Response
Copy

Update a member

Updates all the fields described in the request body of the specified member. Creates a member if the member doesn't exist already. Fields left out of the body will remain unaffected.

Auth
Path Params
emailstring
Request Body
objectobject
rolestring

role of member. Owner shall not be created or set through api

Enum: owner,admin,readonly,member

groupsarray[string]
PUT /v1/config/members/{email}
Copy
Responses
200

The update was successful; the member resource is returned with updated fields.

objectobject
emailstring

Email of a member

rolestring

role of member. Owner shall not be created or set through api

Enum: owner,admin,readonly,member

groupsarray[string]
400

The supplied request is invalid or malformed.

409

The supplied request leads to an invalid state. The returned error will contain more helpful information.

Response
Copy

List all accounts

Retrieves a list of all child organizations that belong to the enterprise.

Auth
GET /v1/enterprise/account
Copy
Responses
200

A list of child organizations is returned on success.

arrayarray[object]
accountstring

Account number of the organization

enterprisestring

Unique Id of the enterprise organization

retentioninteger

Current retention period selected for the child organization

ownerstring

The email of a user to be given owner privileges of an account.

retentionTiersarray[integer]

Available log retention options for the child organization

planstring

The name of a plan.

servicekeystring

A secret key which can be used to authenticate requests to Mezmo.

400

A poorly formatted request returns with a BadRequest code.

Response
Copy

Attach a child organization to an enterprise

Attaches an existing organization to an enterprise. The retention and owner field are optional, and will be defaulted if not specified.

Auth
Request Body

Request parameters.

objectobject
retentioninteger

Current retention period selected for the child organization

ownerstring

The email of a user to be given owner privileges of an account.

POST /v1/enterprise/account
Copy
Responses
200

Child organization successfully attached.

objectobject
accountstring

Account number of the organization

enterprisestring

Unique Id of the enterprise organization

retentioninteger

Current retention period selected for the child organization

ownerstring

The email of a user to be given owner privileges of an account.

retentionTiersarray[integer]

Available log retention options for the child organization

planstring

The name of a plan.

servicekeystring

A secret key which can be used to authenticate requests to Mezmo.

400

A poorly formatted request returns with a BadRequest code.

409

The supplied request leads to an invalid state. The returned error will contain more helpful information.

Response
Copy

Get details of a child organization

Retrieves a specific child organization by its id. If the organization does not belong to the enterprise, a 404 error is returned.

Auth
Path Params
accountIdstring
GET /v1/enterprise/account/{accountId}
Copy
Responses
200

The child organization was found and returned.

objectobject
accountstring

Account number of the organization

enterprisestring

Unique Id of the enterprise organization

retentioninteger

Current retention period selected for the child organization

ownerstring

The email of a user to be given owner privileges of an account.

retentionTiersarray[integer]

Available log retention options for the child organization

planstring

The name of a plan.

servicekeystring

A secret key which can be used to authenticate requests to Mezmo.

Response
Copy

Update Child Organization Contract

Makes an update to the specified child organization. Used to modify the current retention with the retention field or the current owner with the owner field.

Auth
Path Params
accountIdstring
Request Body
objectobject
retentioninteger

Current retention period selected for the child organization

ownerstring

The email of a user to be given owner privileges of an account.

PUT /v1/enterprise/account/{accountId}
Copy
Responses
200

The account was found, the enterpriseId and retention details are updated.

objectobject
accountstring

Account number of the organization

enterprisestring

Unique Id of the enterprise organization

retentioninteger

Current retention period selected for the child organization

ownerstring

The email of a user to be given owner privileges of an account.

retentionTiersarray[integer]

Available log retention options for the child organization

planstring

The name of a plan.

servicekeystring

A secret key which can be used to authenticate requests to Mezmo.

400

Invalid body

404

Unable to update account which not belong to enterprise

409

Return error when account does not have contract tier

Response
Copy

Detach a child org from Enterprise

Detaches a child organization from the enterprise. The child organization is not deleted and can continue to work afterwards.

Auth
Path Params
accountIdstring
DELETE /v1/enterprise/account/{accountId}
Copy
Responses
200

The child org was removed successfully, a simple status is returned.

objectobject
accountstring

Account number of the organization

400

Invalid body

409

Account enterprise id mismatch

Response
Copy

List all enterprise keys

Retrieves all keys of the enterprise

Auth
GET /v1/enterprise/keys
Copy
Responses
200

A list of enterprise service keys is returned on success.

arrayarray[object]
idstring

The ID of the key

keystring

A secret key which can be used to authenticate requests to Mezmo.

namestring

A user friendly name for the key

maxLength: 30

typestring

The type of the key

Enum: ingestion,service

createdinteger

The time the key was created as a Unix timestamp in milliseconds

400

Invalid query params

Response
Copy

Generate a new Key for the Enterprise

Generate a new ServiceKey for the enterprise

Auth
POST /v1/enterprise/keys
Copy
Responses
200

A new Service Key is generated and saved to the Key collection

objectobject
idstring

The ID of the key

keystring

A secret key which can be used to authenticate requests to Mezmo.

namestring

A user friendly name for the key

maxLength: 30

typestring

The type of the key

Enum: ingestion,service

createdinteger

The time the key was created as a Unix timestamp in milliseconds

400

The supplied request is invalid or malformed.

409

The supplied request leads to an invalid state. The returned error will contain more helpful information.

Response
Copy

Retrieve a specific entperise key

Retrieves a specific enterprise key by its id.

Auth
Path Params
idstring
GET /v1/enterprise/keys/{id}
Copy
Responses
200

The key with the supplied id was found, the entire resource is returned.

objectobject
idstring

The ID of the key

keystring

A secret key which can be used to authenticate requests to Mezmo.

namestring

A user friendly name for the key

maxLength: 30

typestring

The type of the key

Enum: ingestion,service

createdinteger

The time the key was created as a Unix timestamp in milliseconds

400

Invalid query params

Response
Copy

Delete an Enterprise ServiceKey

Delete an Enterprise ServiceKey from list of keys for the Enterprise

Auth
Path Params
idstring
DELETE /v1/enterprise/keys/{id}
Copy
Responses
200

The Enterprise ServiceKey was deleted successfully, a simple status is returned.

objectobject
messagestring

The status of the request in a human-readable form

deletedboolean

Indicates whether the member was deleted

Response
Copy