Log Analysis API 2.1

/v1/config/view/{viewId}

/v1/config/view/{viewId}

/v1/config/presetalert

/v1/config/presetalert

/v1/config/presetalert/{presetId}

/v1/config/presetalert/{presetId}

/v1/config/presetalert/{presetId}

/v1/config/categories/{type}

/v1/config/categories/{type}

/v1/config/categories/{type}/{id}

/v1/config/categories/{type}/{id}

/v1/config/categories/{type}/{id}

List Views

Get a list of views.

Auth

GET /v1/config/view

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/view' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Create View

Use this method to create a view and attach alerts to the view.

Auth

Request Body

Request parameters

object	object
name	string	Name of a view.
query	string	Search query.
hosts	array[string]
apps	array[string]
levels	array[string]
tags	array[string]
category	array[string]
presetid	string	ID of a preset alert.
channels	array[object]
integration	string	Defines the type of notification channel. Valid values are: `email`, `webhook`, `slack`, and `pagerduty`
emails	array[string]
url	string	Webhook URL.
key	string	PagerDuty key.
triggerlimit	string	Specify the number of log lines that match the view's filtering and search criteria. When the number of log lines is reached, an alert is triggered.
triggerinterval	string	Specify how often to trigger an alert. Valid values are: 30 seconds, 1 minute, 5 minutes, 15 minutes, 30 minutes, 1 hour, 6 hours, 12 hours, 24 hours, 25 hours
immediate	boolean	Set to true if you want the trigger condition to be evaluated as soon as the triggerlimit is reached.
terminal	boolean	Set to true if you want the trigger condition to be evaluated after the time that you specify in the triggerinterval field is reached.
operator	string	Type of alert. Valid values are: `presence`and `absence`.
timezone	string	Timezone used to report timestamps. This can be any value defined in the tz database https://en.wikipedia.org/wiki/List_of_tz_database_time_zones.
method	string	WebHook method such as POST. Enum: `POST`,`PUT`,`PATCH`
headers	object
timestamp	string	Header value
bodyTemplate	object
timestamp	string	Define the webhook body.
autoresolve	boolean	Set to true if you want the set a condition to resolve the incident that was raised by this alert. This property only applies to PagerDuty.
autoresolveinterval	string	Interval of time to aggregate and check # of matched lines against the auto resolve limit. Valid values are: 30 seconds, 1 minute, 5 minutes, 15 minutes, 30 minutes, 1 hour, 6 hours, 12 hours, 24 hours, 25 hours.
autoresolvelimit	string	Specify the number of log lines that match the view's filtering and search criteria. When the number of log lines is reached, this incident will be set to resolved in PagerDuty.

Expand

POST /v1/config/view

xxxxxxxxxx
 
curl --request POST \ --url 'https://api.mezmo.com/v1/config/view' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data '{  "name": "{string}",  "query": "{string}",  "hosts": [    "{array[string]...}"  ],  "apps": [    "{array[string]...}"  ],  "levels": [    "{array[string]...}"  ],  "tags": [    "{array[string]...}"  ],  "category": [    "{array[string]...}"  ],  "presetid": "{string}",  "channels": [    {      "integration": "{string}",      "emails": [        "{array[string]...}"      ],      "url": "{string}",      "key": "{string}",      "triggerlimit": "{string}",      "triggerinterval": "{string}",      "immediate": "{boolean}",      "terminal": "{boolean}",      "operator": "{string}",      "timezone": "America/Chicago, EST, Etc/UTC, etc...",      "method": "{string}",      "headers": {        "timestamp": "{string}"      },      "bodyTemplate": {        "timestamp": "{string}"      },      "autoresolve": "{boolean}",      "autoresolveinterval": "{string}",      "autoresolvelimit": "{string}"    }  ]}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Get View

Gets the configuration for a specific view.

Auth

Path Params

viewId

string

ID of a view.

GET /v1/config/view/{viewId}

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/view/%7BviewId%7D' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Update View

Use this method to update a view. You can change the view configuration details; add or remove view specific alerts; or attach and detach preset alerts.

Auth

Path Params

viewId

string

ID of a view.

Request Body

Request parameters

object	object
name	string	Name of a view.
query	string	Search query.
hosts	array[string]
apps	array[string]
levels	array[string]
tags	array[string]
category	array[string]
presetid	string	ID of a preset alert.
channels	array[object]
integration	string	Defines the type of notification channel. Valid values are: `email`, `webhook`, `slack`, and `pagerduty`
emails	array[string]
url	string	Webhook URL.
key	string	PagerDuty key.
triggerlimit	string	Specify the number of log lines that match the view's filtering and search criteria. When the number of log lines is reached, an alert is triggered.
triggerinterval	string	Specify how often to trigger an alert. Valid values are: 30 seconds, 1 minute, 5 minutes, 15 minutes, 30 minutes, 1 hour, 6 hours, 12 hours, 24 hours, 25 hours
immediate	boolean	Set to true if you want the trigger condition to be evaluated as soon as the triggerlimit is reached.
terminal	boolean	Set to true if you want the trigger condition to be evaluated after the time that you specify in the triggerinterval field is reached.
operator	string	Type of alert. Valid values are: `presence`and `absence`.
timezone	string	Timezone used to report timestamps. This can be any value defined in the tz database https://en.wikipedia.org/wiki/List_of_tz_database_time_zones.
method	string	WebHook method such as POST. Enum: `POST`,`PUT`,`PATCH`
headers	object
timestamp	string	Header value
bodyTemplate	object
timestamp	string	Define the webhook body.
autoresolve	boolean	Set to true if you want the set a condition to resolve the incident that was raised by this alert. This property only applies to PagerDuty.
autoresolveinterval	string	Interval of time to aggregate and check # of matched lines against the auto resolve limit. Valid values are: 30 seconds, 1 minute, 5 minutes, 15 minutes, 30 minutes, 1 hour, 6 hours, 12 hours, 24 hours, 25 hours.
autoresolvelimit	string	Specify the number of log lines that match the view's filtering and search criteria. When the number of log lines is reached, this incident will be set to resolved in PagerDuty.

Expand

PUT /v1/config/view/{viewId}

xxxxxxxxxx
 
curl --request PUT \ --url 'https://api.mezmo.com/v1/config/view/%7BviewId%7D' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data '{  "name": "{string}",  "query": "{string}",  "hosts": [    "{array[string]...}"  ],  "apps": [    "{array[string]...}"  ],  "levels": [    "{array[string]...}"  ],  "tags": [    "{array[string]...}"  ],  "category": [    "{array[string]...}"  ],  "presetid": "{string}",  "channels": [    {      "integration": "{string}",      "emails": [        "{array[string]...}"      ],      "url": "{string}",      "key": "{string}",      "triggerlimit": "{string}",      "triggerinterval": "{string}",      "immediate": "{boolean}",      "terminal": "{boolean}",      "operator": "{string}",      "timezone": "America/Chicago, EST, Etc/UTC, etc...",      "method": "{string}",      "headers": {        "timestamp": "{string}"      },      "bodyTemplate": {        "timestamp": "{string}"      },      "autoresolve": "{boolean}",      "autoresolveinterval": "{string}",      "autoresolvelimit": "{string}"    }  ]}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Delete View

Use this method to delete a view and any attached alerts.

Auth

Path Params

viewId

string

ID of a view.

DELETE /v1/config/view/{viewId}

xxxxxxxxxx
 
curl --request DELETE \ --url 'https://api.mezmo.com/v1/config/view/%7BviewId%7D' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

List Preset Alerts

Returns all Preset Alerts in the account.

Auth

GET /v1/config/presetalert

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/presetalert' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Create Preset Alert

Use this method to create a preset alert.

Auth

Request Body

Request parameters

object	object
name	string	Name of a view.
channels	array[object]
integration	string	Defines the type of notification channel. Valid values are: `email`, `webhook`, `slack`, and `pagerduty`
emails	array[string]
url	string	Webhook URL.
key	string	PagerDuty key.
triggerlimit	string	Specify the number of log lines that match the view's filtering and search criteria. When the number of log lines is reached, an alert is triggered.
triggerinterval	string	Specify how often to trigger an alert. Valid values are: 30 seconds, 1 minute, 5 minutes, 15 minutes, 30 minutes, 1 hour, 6 hours, 12 hours, 24 hours, 25 hours
immediate	boolean	Set to true if you want the trigger condition to be evaluated as soon as the triggerlimit is reached.
terminal	boolean	Set to true if you want the trigger condition to be evaluated after the time that you specify in the triggerinterval field is reached.
operator	string	Type of alert. Valid values are: `presence`and `absence`.
timezone	string	Timezone used to report timestamps. This can be any value defined in the tz database https://en.wikipedia.org/wiki/List_of_tz_database_time_zones.
method	string	WebHook method such as POST. Enum: `POST`,`PUT`,`PATCH`
headers	object
timestamp	string	Header value
bodyTemplate	object
timestamp	string	Define the webhook body.
autoresolve	boolean	Set to true if you want the set a condition to resolve the incident that was raised by this alert. This property only applies to PagerDuty.
autoresolveinterval	string	Interval of time to aggregate and check # of matched lines against the auto resolve limit. Valid values are: 30 seconds, 1 minute, 5 minutes, 15 minutes, 30 minutes, 1 hour, 6 hours, 12 hours, 24 hours, 25 hours.
autoresolvelimit	string	Specify the number of log lines that match the view's filtering and search criteria. When the number of log lines is reached, this incident will be set to resolved in PagerDuty.

Expand

POST /v1/config/presetalert

xxxxxxxxxx
 
curl --request POST \ --url 'https://api.mezmo.com/v1/config/presetalert' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data '{  "name": "{string}",  "channels": [    {      "integration": "{string}",      "emails": [        "{array[string]...}"      ],      "url": "{string}",      "key": "{string}",      "triggerlimit": "{string}",      "triggerinterval": "{string}",      "immediate": "{boolean}",      "terminal": "{boolean}",      "operator": "{string}",      "timezone": "America/Chicago, EST, Etc/UTC, etc...",      "method": "{string}",      "headers": {        "timestamp": "{string}"      },      "bodyTemplate": {        "timestamp": "{string}"      },      "autoresolve": "{boolean}",      "autoresolveinterval": "{string}",      "autoresolvelimit": "{string}"    }  ]}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Get Preset Alert

Get a specific preset alert

Auth

Path Params

presetId

string

ID of a preset alert.

GET /v1/config/presetalert/{presetId}

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/presetalert/%7BpresetId%7D' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Update Alert

Update a specific preset alert.

Auth

Path Params

presetId

string

ID of a preset alert.

Request Body

Request parameters

object	object
name	string	Name of a view.
channels	array[object]
integration	string	Defines the type of notification channel. Valid values are: `email`, `webhook`, `slack`, and `pagerduty`
emails	array[string]
url	string	Webhook URL.
key	string	PagerDuty key.
triggerlimit	string	Specify the number of log lines that match the view's filtering and search criteria. When the number of log lines is reached, an alert is triggered.
triggerinterval	string	Specify how often to trigger an alert. Valid values are: 30 seconds, 1 minute, 5 minutes, 15 minutes, 30 minutes, 1 hour, 6 hours, 12 hours, 24 hours, 25 hours
immediate	boolean	Set to true if you want the trigger condition to be evaluated as soon as the triggerlimit is reached.
terminal	boolean	Set to true if you want the trigger condition to be evaluated after the time that you specify in the triggerinterval field is reached.
operator	string	Type of alert. Valid values are: `presence`and `absence`.
timezone	string	Timezone used to report timestamps. This can be any value defined in the tz database https://en.wikipedia.org/wiki/List_of_tz_database_time_zones.
method	string	WebHook method such as POST. Enum: `POST`,`PUT`,`PATCH`
headers	object
timestamp	string	Header value
bodyTemplate	object
timestamp	string	Define the webhook body.
autoresolve	boolean	Set to true if you want the set a condition to resolve the incident that was raised by this alert. This property only applies to PagerDuty.
autoresolveinterval	string	Interval of time to aggregate and check # of matched lines against the auto resolve limit. Valid values are: 30 seconds, 1 minute, 5 minutes, 15 minutes, 30 minutes, 1 hour, 6 hours, 12 hours, 24 hours, 25 hours.
autoresolvelimit	string	Specify the number of log lines that match the view's filtering and search criteria. When the number of log lines is reached, this incident will be set to resolved in PagerDuty.

Expand

PUT /v1/config/presetalert/{presetId}

xxxxxxxxxx
 
curl --request PUT \ --url 'https://api.mezmo.com/v1/config/presetalert/%7BpresetId%7D' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data '{  "name": "{string}",  "channels": [    {      "integration": "{string}",      "emails": [        "{array[string]...}"      ],      "url": "{string}",      "key": "{string}",      "triggerlimit": "{string}",      "triggerinterval": "{string}",      "immediate": "{boolean}",      "terminal": "{boolean}",      "operator": "{string}",      "timezone": "America/Chicago, EST, Etc/UTC, etc...",      "method": "{string}",      "headers": {        "timestamp": "{string}"      },      "bodyTemplate": {        "timestamp": "{string}"      },      "autoresolve": "{boolean}",      "autoresolveinterval": "{string}",      "autoresolvelimit": "{string}"    }  ]}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Delete Alert

Use this method to delete a preset alert.

Auth

Path Params

presetId

string

ID of a preset alert.

DELETE /v1/config/presetalert/{presetId}

xxxxxxxxxx
 
curl --request DELETE \ --url 'https://api.mezmo.com/v1/config/presetalert/%7BpresetId%7D' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Create New Category

Creates a new category of this type.

Auth

Path Params

type

string

Category type. Must be [views, boards, screens]

Request Body

Request parameters

object	object
name	string	Name of a view.

POST /v1/config/categories/{type}

xxxxxxxxxx
 
curl --request POST \ --url 'https://api.mezmo.com/v1/config/categories/%7Btype%7D' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data '{  "name": "{string}"}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Get Category

Get a specific category

Auth

Path Params

type	string	Category type. Must be [views, boards, screens]
id	string	ID of category.

GET /v1/config/categories/{type}/{id}

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/categories/%7Btype%7D/%7Bid%7D' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Update Category

Update a specific category.

Auth

Path Params

type	string	Category type. Must be [views, boards, screens]
id	string	ID of category.

Request Body

Request parameters

object	object
name	string	Name of a view.

PUT /v1/config/categories/{type}/{id}

xxxxxxxxxx
 
curl --request PUT \ --url 'https://api.mezmo.com/v1/config/categories/%7Btype%7D/%7Bid%7D' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data '{  "name": "{string}"}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Delete Category

Use this method to delete a category.

Auth

Path Params

type	string	Category type. Must be [views, boards, screens]
id	string	ID of category.

DELETE /v1/config/categories/{type}/{id}

xxxxxxxxxx
 
curl --request DELETE \ --url 'https://api.mezmo.com/v1/config/categories/%7Btype%7D/%7Bid%7D' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Export

LogDNA provides two endpoints for exporting your log lines. Read the sections below to learn about each, and determine which is appropriate for your use case.

Export API v1

The Export API v1 is used to export log lines in JSONL format. Based on your specific plan, the maximum number of logs returned is limited to 10,000 / 20,000. There are two distinct functionalities:

Streaming desired log lines directly from the response as raw text data
Specifying an email to receive a link that can be used to the download the desired log lines

Note When an email address is specified, the desired log lines will not be streamed to the response body. The response will instead send a notification indicating that the request was successful and that the results will be sent to the email address provided in the request. This entails archiving and uploading the desired logs to a storage provider. The email includes a URI to download the logs. Be aware that access to this URI will expire after 24-48 hours.

Export API v2

The Export API v2 provides an enhancement over v1, allowing you to export any number of log lines using pagination and by-passing the plan-specific limit imposed in v1. By making (multiple) subsequent requests using the pagination_id parameter, you can retrieve logs in batches of JSON until all matching log lines have been returned.

Each Export API v2 request is limited to 10,000 lines.

Pagination Functionality

Pagination is only necessary when the desired set of log lines is larger than 10,000, since this is the maximum number of results that can be returned in a given page. If an export does not exceed this size, the behavior is similar to v1 -- all of the logs will be returned in a single "page" and no further requests are needed. When an export does exceed this size, refer to the steps outlined below.

This is the expected workflow to export a set (cardinality > 10,000) of log lines that requires pagination:

Send an initial request with valid query parameters to retrieve logs. Pass a null value for the pagination_id in the first request.
The JSON response contains 2 fields: lines and pagination_id. The former is an array containing the corresponding batch (the first batch in this case) of logs and the latter is a token used to retrieve the next page of results.
Send a subsequent request using the same initial query parameters and also passing in the token received in the response to the pagination_id parameter. This will retrieve the next page of results.
Repeat this request-response cycle, updating the pagination_id parameter with the token returned in every new response, until the response eventually returns a null value for the token. This indicates that the corresponding batch of logs is the last and that you have reached the final page.

Important Considerations In subsequent requests to paginate through results, make sure none of the query parameters & values are modified from the initial request (excluding pagination_id)

The tokens used in the pagination_id parameter are tied to a specific export and page so they can be used repeatedly in requests to return deterministic results

"0" can be passed in to the from and to parameters which will be resolved to timestamps for a plan's retention boundary and the current time respectively. This behavior is independent so the value can be passed interchangeably to the parameters -- resulting in 4 possible scenarios:

[from: <user-specified timestamp>, to: <user-specified timestamp>]

[from: 0 (retention boundary), to: <user-specified timestamp>]

[from: <user-specified timestamp>, to: 0 (current time)]

[from: 0 (retention boundary), to: 0 (current time)]

Export log lines

Use this method to export logs in JSON format from a logging instance.

Auth

Query String

from	string	Start time. Set as UNIX timestamp in seconds or milliseconds.
to	string	End time. Set as UNIX timestamp in seconds or milliseconds.
size	string	Number of log lines to include in the export.
hosts	string	Comma-separated list of hosts.
apps	string	Comma-separated list of applications.
levels	string	Comma-separated list of log levels.
query	string	Search query.
prefer	string	Defines the log lines that you want to export. Valid values are head, first log lines, and tail, last log lines. If not specified, defaults to tail.
email	string	Specifies the email with the downloadable link of your export. By default, the log lines are streamed.
emailSubject	string	Use to set the subject of the email. Use to represent a space. For example, a sample value is Export logs.

GET /v1/export

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/export' \ --header 'servicekey: {servicekey}' \ --data from={from} \ --data to={to} \ --data size={size} \ --data hosts={hosts} \ --data apps={apps} \ --data levels={levels} \ --data query={query} \ --data prefer={prefer} \ --data email={email} \ --data emailSubject={emailSubject}
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Export log lines

Use this method to export logs in JSON format from a logging instance.

Auth

Query String

from	string	Start time (inclusive). Set as UNIX timestamp in seconds or milliseconds.
to	string	End time (inclusive). Set as UNIX timestamp in seconds or milliseconds.
size	string	Number of log lines to include in the export.
hosts	string	Comma-separated list of hosts.
apps	string	Comma-separated list of applications.
levels	string	Comma-separated list of log levels.
query	string	Search query.
prefer	string	Defines the log lines that you want to export. Valid values are head, first log lines, and tail, last log lines. If not specified, defaults to tail.
pagination_id	string	ID that indicates which page of results to be retrieved. Leave empty for the initial export request.

GET /v2/export

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v2/export' \ --header 'servicekey: {servicekey}' \ --data from={from} \ --data to={to} \ --data size={size} \ --data hosts={hosts} \ --data apps={apps} \ --data levels={levels} \ --data query={query} \ --data prefer={prefer} \ --data pagination_id={pagination_id}
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Ingestion

Ingestion API

/logs/ingest

Send Log Lines

Use this method to send logs to a logging instance.

Authentication

You can find instructions on authentication here. Ingestion is similar to the other APIs, but instead of servicekey you will use apikey if you are using the header style authentication.

Metadata

Meta is a field reserved for custom information associated with a log line. To add metadata to an API call, specify the meta field under the lines object. Metadata can be viewed inside that line's context

WARNING: If inconsistent value types are used, that line's metadata, will not be parsed. For example, if a line is passed with a meta object, such as meta.myfield of type String, any subsequent lines with meta.myfield must have a String as the value type for meta.myfield.

Please be aware of service limits on this endpoint

Auth

Query String

hostname	string	Host name of the source.
mac	string	The network mac address of the host computer. pattern: `^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$`
ip	string	The local IP address of the host computer.
now	string	The source UNIX timestamp in milliseconds at the time of the request. Used to calculate time drift.
tags	string	Tags that are used to dynamically group hosts.

Request Body

You can send multiple log lines in a request.

object	object
lines	array[object]
timestamp	string	UNIX timestamp, including milliseconds, when the log entry was recorded.
line	string	Text of the log line.
app	string	Name of the application that generates the log line.
level	string	Set a value for the level. For example, sample values for this parameter are INFO, WARNING, ERROR.
meta	string	This field is reserved for custom information that is associated with a log line. To add metadata to an API call, specify the meta field under the lines object. Metadata can be viewed inside that line's context.

POST /logs/ingest

xxxxxxxxxx
 
curl --request POST \ --url 'https://logs.mezmo.com/logs/ingest' \ --header 'Content-Type: application/json' \ --header 'apikey: {apikey}' \ --data hostname={hostname} \ --data mac={mac} \ --data ip={ip} \ --data now={now} \ --data tags={tags} \ --data '{  "lines": [    {      "timestamp": "{string}",      "line": "{string}",      "app": "{string}",      "level": "{string}",      "meta": "{string}"    }  ]}'
Copy

Responses

200

object	object
*	object

401

Unauthorized

403

Forbidden

404

Not Found

Response

xxxxxxxxxx
 
{}
Copy

Exclusions

Authentication: You can find instructions on authentication here.

Control what you store by creating exclusion rules. New lines that match an exclusion rule will not be stored and will not count toward your storage quota.

/v1/config/ingestion/exclusions

/v1/config/ingestion/exclusions

/v1/config/ingestion/exclusions/{id}

PATCH

/v1/config/ingestion/exclusions/{id}

/v1/config/ingestion/exclusions/{id}

List Exclusion Rules

Returns a list of exclusion rules. Note: This does not return usage quota rules.

Auth

GET /v1/config/ingestion/exclusions

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/ingestion/exclusions' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

array	array[object]
hosts	array[string]
apps	array[string]
title	string	minLength: 1
active	boolean
indexonly	boolean	Default: true
query	string	Search query.
id	string	minLength: 1

500

Internal Server error occured when trying to fetch exclusion rules

Response

xxxxxxxxxx
 
[ {  "hosts": [   "{array[string]...}"  ],  "apps": [   "{array[string]...}"  ],  "title": "{string}",  "active": "{boolean}",  "indexonly": "{boolean}",  "query": "{string}",  "id": "{string}" }]
Copy

Create Exclusion Rule

Create a new ingestion exclusion rule to help reduce log volume

Auth

Request Body

Request parameters

object	object
hosts	array[string]
apps	array[string]
title	string	minLength: 1
active	boolean
indexonly	boolean	Default: true
query	string	Search query.

POST /v1/config/ingestion/exclusions

xxxxxxxxxx
 
curl --request POST \ --url 'https://api.mezmo.com/v1/config/ingestion/exclusions' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data '{  "hosts": [    "{array[string]...}"  ],  "apps": [    "{array[string]...}"  ],  "title": "{string}",  "active": "{boolean}",  "indexonly": "{boolean}",  "query": "{string}"}'
Copy

Responses

200

object	object
hosts	array[string]
apps	array[string]
title	string	minLength: 1
active	boolean
indexonly	boolean	Default: true
query	string	Search query.
id	string	minLength: 1

400

Bad request. Query inside of exclusion rule failed to parse.

500

An internal error occured when trying to create exclusion rule.

Response

xxxxxxxxxx
 
{ "hosts": [  "{array[string]...}" ], "apps": [  "{array[string]...}" ], "title": "{string}", "active": "{boolean}", "indexonly": "{boolean}", "query": "{string}", "id": "{string}"}
Copy

Get Exclusion Rule

Returns an exclusion rule with the id specified.

Auth

Path Params

string

ID of an exclusion rule.

GET /v1/config/ingestion/exclusions/{id}

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/ingestion/exclusions/%7Bid%7D' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

array	array[object]
hosts	array[string]
apps	array[string]
title	string	minLength: 1
active	boolean
indexonly	boolean	Default: true
query	string	Search query.
id	string	minLength: 1

400

Malformed ingestion exclusion rule response payload. The exclusion rule may be stored incorrectly

404

Exclusion rule not found

500

Internal Server Error. Failed to get exclusion rule

Response

xxxxxxxxxx
 
[ {  "hosts": [   "{array[string]...}"  ],  "apps": [   "{array[string]...}"  ],  "title": "{string}",  "active": "{boolean}",  "indexonly": "{boolean}",  "query": "{string}",  "id": "{string}" }]
Copy

Update Exclusion Rule

Updates an existing exclusion rule

Auth

Path Params

string

ID of an exclusion rule.

Request Body

Request parameters

object	object
hosts	array[string]
apps	array[string]
title	string	minLength: 1
active	boolean
indexonly	boolean	Default: true
query	string	Search query.

PATCH /v1/config/ingestion/exclusions/{id}

xxxxxxxxxx
 
curl --request PATCH \ --url 'https://api.mezmo.com/v1/config/ingestion/exclusions/%7Bid%7D' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data '{  "hosts": [    "{array[string]...}"  ],  "apps": [    "{array[string]...}"  ],  "title": "{string}",  "active": "{boolean}",  "indexonly": "{boolean}",  "query": "{string}"}'
Copy

Responses

200

object	object
hosts	array[string]
apps	array[string]
title	string	minLength: 1
active	boolean
indexonly	boolean	Default: true
query	string	Search query.
id	string	minLength: 1

400

Bad request. The rule is invalid. Double check rule and query syntax and try again.

500

Internal server error. The rule could not be updated at this time.

Response

xxxxxxxxxx
 
{ "hosts": [  "{array[string]...}" ], "apps": [  "{array[string]...}" ], "title": "{string}", "active": "{boolean}", "indexonly": "{boolean}", "query": "{string}", "id": "{string}"}
Copy

Delete Exclusion Rule

Use this method to delete an exclusion rule.

Auth

Path Params

string

ID of an exclusion rule.

DELETE /v1/config/ingestion/exclusions/{id}

xxxxxxxxxx
 
curl --request DELETE \ --url 'https://api.mezmo.com/v1/config/ingestion/exclusions/%7Bid%7D' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

No response body

404

Exclusion rule not found

500

Internal Server Error. Failed to delete exclusion rule.

Response

xxxxxxxxxx
 
No example response
Copy

Suspensions

Authentication: You can find instructions on authentication here.

The LogDNA Start/Stop Ingestion API allows users to programmatically manage their data ingestion status.

Users can get the current status of their ingestion, suspend their ingestion, and resume their ingestion. To prevent an accidental API call, the suspension of ingestion requires two subsequent API calls.

You can find instructions on authentication here.

/v1/config/ingestion/status

/v1/config/ingestion/suspend

/v1/config/ingestion/suspend/confirm

/v1/config/ingestion/resume

Get Ingestion Status

Retrieve the status of ingestion

Auth

GET /v1/config/ingestion/status

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/ingestion/status' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
isIngesting	boolean

500

Failed to fetch ingestion status

Response

xxxxxxxxxx
 
{ "isIngesting": "{boolean}"}
Copy

Initiate Ingestion Suspension

First step in suspending ingestion for the instance. Returns a token for use in /suspend/confirm to actually stop ingestion

Auth

POST /v1/config/ingestion/suspend

xxxxxxxxxx
 
curl --request POST \ --url 'https://api.mezmo.com/v1/config/ingestion/suspend' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

Token to be used in /suspend/confirm

object	object
token	string

Response

xxxxxxxxxx
 
{ "token": "03290da0-79a9-4090-9189-efb853d049ec"}
Copy

Confirm Ingestion Suspension

After /suspend is called, a token is returned for use with this route as a confirmation.

Auth

Request Body

Request parameters

object	object
token	string

POST /v1/config/ingestion/suspend/confirm

xxxxxxxxxx
 
curl --request POST \ --url 'https://api.mezmo.com/v1/config/ingestion/suspend/confirm' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data '{  "token": "03290da0-79a9-4090-9189-efb853d049ec"}'
Copy

Responses

200

object	object
status	string

400

Bad Suspend Token

500

Failed to fetch ingestion status

Response

xxxxxxxxxx
 
{ "status": "OK"}
Copy

Resume Ingestion

Resumes ingestion if it has been previously suspended

Auth

POST /v1/config/ingestion/resume

xxxxxxxxxx
 
curl --request POST \ --url 'https://api.mezmo.com/v1/config/ingestion/resume' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
status	string

500

Failed to fetch ingestion status

Response

xxxxxxxxxx
 
{ "status": "OK"}
Copy

Usage V1

Authentication: You can find instructions on authentication here.

The Usage API provides endpoints for retrieving aggregated usage information for applications, hosts and tags during a time period.

While the to and from times are unix timestamps, the report is granular by day. Therefore only the day portion is used to establish a date range.

How is Usage defined?

This API defines usage as a percentage of the total number of lines ingested by the account within the defined period of time. For example, an app called myapp that returns a percentage of 15 in the response object has 15 percent of their logs coming from myapp.

/v1/usage/apps

/v1/usage/apps/{name}

/v1/usage/tags

/v1/usage/tags/{name}

/v1/usage/hosts

/v1/usage/hosts/{name}

List Usage By App

Lists aggregated usage information for all apps during a time period.

Auth

Query String

from	integer	Start date. Set as UNIX timestamp in seconds.
to	integer	End date. Set as UNIX timestamp in seconds.
limit	integer	Maximum amount of apps to retrieve.

GET /v1/usage/apps

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/usage/apps' \ --header 'servicekey: {servicekey}' \ --data from={from} \ --data to={to} \ --data limit={limit}
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Get Usage By App

Gets the aggregated usage information for an app matching the name provided as a path parameter, during a time period. Returns null when not found.

Auth

Path Params

name

string

The name of the app from which to get the aggregated usage data

Query String

from	integer	Start date. Set as UNIX timestamp in seconds.
to	integer	End date. Set as UNIX timestamp in seconds.

GET /v1/usage/apps/{name}

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/usage/apps/%7Bname%7D' \ --header 'servicekey: {servicekey}' \ --data from={from} \ --data to={to}
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

List Usage by Tag

Lists aggregated usage information for all tags during a time period.

Auth

Query String

from	integer	Start date. Set as UNIX timestamp in seconds.
to	integer	End date. Set as UNIX timestamp in seconds.
limit	integer	Maximum amount of apps to retrieve.

GET /v1/usage/tags

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/usage/tags' \ --header 'servicekey: {servicekey}' \ --data from={from} \ --data to={to} \ --data limit={limit}
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Get Usage by Tag

Gets the aggregated usage information for a tag matching the name provided as a path parameter, during a time period. Returns null when not found.

Auth

Path Params

name

string

The name of the app from which to get the aggregated usage data

Query String

from	integer	Start date. Set as UNIX timestamp in seconds.
to	integer	End date. Set as UNIX timestamp in seconds.

GET /v1/usage/tags/{name}

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/usage/tags/%7Bname%7D' \ --header 'servicekey: {servicekey}' \ --data from={from} \ --data to={to}
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

List Usage by Host

Lists aggregated usage information for all hosts during a time period.

Auth

Query String

from	integer	Start date. Set as UNIX timestamp in seconds.
to	integer	End date. Set as UNIX timestamp in seconds.
limit	integer	Maximum amount of apps to retrieve.

GET /v1/usage/hosts

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/usage/hosts' \ --header 'servicekey: {servicekey}' \ --data from={from} \ --data to={to} \ --data limit={limit}
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Get Usage by Host

Gets the aggregated usage information for a host matching the name provided as a path parameter, during a time period. Returns null when not found.

Auth

Path Params

name

string

The name of the app from which to get the aggregated usage data

Query String

from	integer	Start date. Set as UNIX timestamp in seconds.
to	integer	End date. Set as UNIX timestamp in seconds.

GET /v1/usage/hosts/{name}

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/usage/hosts/%7Bname%7D' \ --header 'servicekey: {servicekey}' \ --data from={from} \ --data to={to}
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Usage V2

Authentication: You can find instructions on authentication here.

The Usage API provides endpoints for retrieving aggregated usage information for applications, hosts and tags during a time period.

While the to and from times are unix timestamps, the report is granular by day. Therefore only the day portion is used to establish a date range.

How is Usage defined?

This API defines usage as the number of bytes used by the log lines stored on disk by the account within the defined period of time. For example, an app called myapp that returns 150,000 total bytes in the response object indicates that myapp is consuming 150,000 bytes of disk storage over the time range.

/v2/usage/apps/{name}

/v2/usage/hosts

/v2/usage/hosts/{name}

/v2/usage/tags

/v1/config/groups/{groupId}

/v2/usage/tags/{name}

Retrieve account usage totals

Get aggregated usage information for an account's data during a time period.

Auth

Query String

from	string	Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.
to	string	End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.

GET /v2/usage

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v2/usage' \ --header 'servicekey: {servicekey}' \ --data from=2023-01-01T12:00:00-05:00 \ --data to=2023-01-01T12:00:00-05:00
Copy

Responses

200

object	object
from	string	The calculated starting time (exclusive) used internally.
to	string	The calculated ending time (exclusive) used internally.
results	object
plan_bytes	number
restored_bytes	number
xd_vr_bytes	number	The number of bytes of logs stored for this variable retention type where x is 3, 7, 14, or 30 day

400

Bad request

Response

xxxxxxxxxx
 
{ "from": "2022-12-31T23:59:59.999Z", "to": "2023-02-01T00:00:00.000Z", "results": {  "plan_bytes": 123000,  "restored_bytes": 1000,  "7d_vr_bytes": 1000 }}
Copy

List Usage By App

Lists aggregated usage information for all apps during a time period.

Auth

Query String

from	string	Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.
to	string	End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.
limit	integer	Maximum amount of apps to retrieve.
retention	string	Limit report to apps that contribute to a variable retention pool. Value must be a string indicating the retention pool duration, e.g. `7d` for a seven day retention pool.

GET /v2/usage/apps

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v2/usage/apps' \ --header 'servicekey: {servicekey}' \ --data from=2023-01-01T12:00:00-05:00 \ --data to=2023-01-01T12:00:00-05:00 \ --data limit={limit} \ --data retention=7d
Copy

Responses

200

object	object
from	string	The calculated starting time (exclusive) used internally.
to	string	The calculated ending time (exclusive) used internally.
results	array[object]
name	string	The name of the app.
total_bytes	integer	The number of bytes of disk the app consumes over the time range.

400

Bad request

Response

xxxxxxxxxx
 
{ "from": "{string}", "to": "{string}", "results": [  {   "name": "{string}",   "total_bytes": "{integer}"  } ]}
Copy

Get Usage By App

Gets the aggregated usage information for an app matching the name provided as a path parameter during a time period. The results will either have a singular item, or be an empty array.

Auth

Path Params

name

string

The name of the app from which to get the aggregated usage data.

Query String

from	string	Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.
to	string	End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.
retention	string	Limit report to apps that contribute to a variable retention pool. Value must be a string indicating the retention pool duration, e.g. `7d` for a seven day retention pool.

GET /v2/usage/apps/{name}

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v2/usage/apps/%7Bname%7D' \ --header 'servicekey: {servicekey}' \ --data from=2023-01-01T12:00:00-05:00 \ --data to=2023-01-01T12:00:00-05:00 \ --data retention=7d
Copy

Responses

200

object	object
from	string	The calculated starting time (exclusive) used internally.
to	string	The calculated ending time (exclusive) used internally.
results	array[object]
name	string	The name of the app.
total_bytes	integer	The number of bytes of disk the app consumes over the time range.

400

Bad request

Response

xxxxxxxxxx
 
{ "from": "{string}", "to": "{string}", "results": [  {   "name": "{string}",   "total_bytes": "{integer}"  } ]}
Copy

List Usage by Host

Lists aggregated usage information for all hosts during a time period.

Auth

Query String

from	string	Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.
to	string	End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.
limit	integer	Maximum amount of hosts to retrieve.
retention	string	Limit report to hosts that contribute to a variable retention pool. Value must be a string indicating the retention pool duration, e.g. `7d` for a seven day retention pool.

GET /v2/usage/hosts

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v2/usage/hosts' \ --header 'servicekey: {servicekey}' \ --data from=2023-01-01T12:00:00-05:00 \ --data to=2023-01-01T12:00:00-05:00 \ --data limit={limit} \ --data retention=7d
Copy

Responses

200

object	object
from	string	The calculated starting time (exclusive) used internally.
to	string	The calculated ending time (exclusive) used internally.
results	array[object]
name	string	The name of the host.
total_bytes	integer	The number of bytes of disk the host consumes over the time range.

400

Bad request

Response

xxxxxxxxxx
 
{ "from": "{string}", "to": "{string}", "results": [  {   "name": "{string}",   "total_bytes": "{integer}"  } ]}
Copy

Get Usage by Host

Gets the aggregated usage information for a host matching the name provided as a path parameter during a time period. The results will either have a singular item, or be an empty array.

Auth

Path Params

name

string

The name of the host from which to get the aggregated usage data.

Query String

from	string	Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.
to	string	End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.
retention	string	Limit report to hosts that contribute to a variable retention pool. Value must be a string indicating the retention pool duration, e.g. `7d` for a seven day retention pool.

GET /v2/usage/hosts/{name}

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v2/usage/hosts/%7Bname%7D' \ --header 'servicekey: {servicekey}' \ --data from=2023-01-01T12:00:00-05:00 \ --data to=2023-01-01T12:00:00-05:00 \ --data retention=7d
Copy

Responses

200

object	object
from	string	The calculated starting time (exclusive) used internally.
to	string	The calculated ending time (exclusive) used internally.
results	array[object]
name	string	The name of the host.
total_bytes	integer	The number of bytes of disk the host consumes over the time range.

400

Bad request

Response

xxxxxxxxxx
 
{ "from": "{string}", "to": "{string}", "results": [  {   "name": "{string}",   "total_bytes": "{integer}"  } ]}
Copy

List Usage by Tag

Lists aggregated usage information for all tags during a time period.

Auth

Query String

from	string	Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.
to	string	End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.
limit	integer	Maximum amount of tags to retrieve.
retention	string	Limit report to tags that contribute to a variable retention pool. Value must be a string indicating the retention pool duration, e.g. `7d` for a seven day retention pool.

GET /v2/usage/tags

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v2/usage/tags' \ --header 'servicekey: {servicekey}' \ --data from=2023-01-01T12:00:00-05:00 \ --data to=2023-01-01T12:00:00-05:00 \ --data limit={limit} \ --data retention=7d
Copy

Responses

200

object	object
from	string	The calculated starting time (exclusive) used internally.
to	string	The calculated ending time (exclusive) used internally.
results	array[object]
name	string	The name of the tag.
total_bytes	integer	The number of bytes of disk the tag consumes over the time range.

400

Bad request

Response

xxxxxxxxxx
 
{ "from": "{string}", "to": "{string}", "results": [  {   "name": "{string}",   "total_bytes": "{integer}"  } ]}
Copy

Get Usage by Tag

Gets the aggregated usage information for a tag matching the name provided as a path parameter during a time period. The results will either have a singular item, or be an empty array.

Auth

Path Params

name

string

The name of the tag from which to get the aggregated usage data.

Query String

from	string	Start time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the starting day; the exact time will not be used.
to	string	End time. A date-time string as defined by RFC 3339 §5.6 ("T" is required). This date-time will be used to calculate the ending day; the exact time will not be used.
retention	string	Limit report to tags that contribute to a variable retention pool. Value must be a string indicating the retention pool duration, e.g. `7d` for a seven day retention pool.

GET /v2/usage/tags/{name}

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v2/usage/tags/%7Bname%7D' \ --header 'servicekey: {servicekey}' \ --data from=2023-01-01T12:00:00-05:00 \ --data to=2023-01-01T12:00:00-05:00 \ --data retention=7d
Copy

Responses

200

object	object
from	string	The calculated starting time (exclusive) used internally.
to	string	The calculated ending time (exclusive) used internally.
results	array[object]
name	string	The name of the tag.
total_bytes	integer	The number of bytes of disk the tag consumes over the time range.

400

Bad request

Response

xxxxxxxxxx
 
{ "from": "{string}", "to": "{string}", "results": [  {   "name": "{string}",   "total_bytes": "{integer}"  } ]}
Copy

Groups

/v1/config/groups/{groupId}

PATCH

/v1/config/groups/{groupId}

List Groups

Use this method to list the log groups.

Auth

GET /v1/config/groups

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/groups' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Create Group

Use this method to create a log group where you can scope the data that is accessible by members in that group.

Auth

Headers

servicekey

string

A provisioned service key for your account.

Request Body

Request parameters

object	object
name	string	Name of a log group.
accessScopes	string	Query that determines the data that is visible to members of a group.

POST /v1/config/groups

xxxxxxxxxx
 
curl --request POST \ --url 'https://api.mezmo.com/v1/config/groups' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --header 'servicekey: {servicekey}' \ --data '{  "name": "{string}",  "accessScopes": "{string}"}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Get Group

Use this method to get information on a group.

Auth

Path Params

groupId

string

ID of a group.

GET /v1/config/groups/{groupId}

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/groups/%7BgroupId%7D' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Delete Group

Use this method to list the log groups.

Auth

Headers

servicekey

string

A provisioned service key for your account.

Path Params

groupId

string

ID of a group.

DELETE /v1/config/groups/{groupId}

xxxxxxxxxx
 
curl --request DELETE \ --url 'https://api.mezmo.com/v1/config/groups/%7BgroupId%7D' \ --header 'servicekey: {servicekey}' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Update Group

Use this method to modify a log group. You can change the name of the group and the access scope that defines the data that is accessible by members in that group.

Auth

Headers

servicekey

string

A provisioned service key for your account.

Path Params

groupId

string

ID of a group.

Request Body

Request parameters

object	object
name	string	Name of a log group.
accessScopes	string	Query that determines the data that is visible to members of a group.

PATCH /v1/config/groups/{groupId}

xxxxxxxxxx
 
curl --request PATCH \ --url 'https://api.mezmo.com/v1/config/groups/%7BgroupId%7D' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --header 'servicekey: {servicekey}' \ --data '{  "name": "{string}",  "accessScopes": "{string}"}'
Copy

Responses

200

object	object
*	object

400

Bad request

Response

xxxxxxxxxx
 
{}
Copy

Keys

Retrieve a list of all the keys

Retrieve a list of all the keys for an account. Supported key types include ingestion and service. Use the type parameter to filter which type of keys to retrieve.

Auth

Query String

type

string

The type of key to retrieve. Defaults to "all"

Enum: ingestion,service,all

GET /v1/config/keys

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/keys' \ --header 'servicekey: {servicekey}' \ --data type={type}
Copy

Responses

200

A list of keys is returned on success.

array	array[object]
id	string	The ID of the key
key	string	A secret key which can be used to authenticate requests to Mezmo.
name	string	A user friendly name for the key maxLength: 30
type	string	The type of the key Enum: `ingestion`,`service`
created	integer	The time the key was created as a Unix timestamp in milliseconds

400

The supplied request is invalid or malformed.

Response

xxxxxxxxxx
 
[ {  "id": "629e3f7e62295be60488fb26",  "key": "7b273eb8adc962f2711ad760730debb0",  "name": "servergroup_0_ingestion",  "type": "ingestion",  "created": 1654538253244 }]
Copy

Create a new key

Create a new key of the type specified by the type parameter. If a name is not supplied, one will be auto generated.

Auth

Query String

type

string

The type of key to be created

Enum: ingestion,service,all

Request Body

Modifiable fields can be set in the request body.

object object

name

string

A user friendly name for the key

maxLength: 30

POST /v1/config/keys

xxxxxxxxxx
 
curl --request POST \ --url 'https://api.mezmo.com/v1/config/keys' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data type={type} \ --data '{  "name": "servergroup_0_ingestion"}'
Copy

Responses

200

A new key was created successfully! The entire key resource is returned.

object	object
id	string	The ID of the key
key	string	A secret key which can be used to authenticate requests to Mezmo.
name	string	A user friendly name for the key maxLength: 30
type	string	The type of the key Enum: `ingestion`,`service`
created	integer	The time the key was created as a Unix timestamp in milliseconds

400

The supplied request is invalid or malformed.

Response

xxxxxxxxxx
 
{ "id": "629e3f7e62295be60488fb26", "key": "7b273eb8adc962f2711ad760730debb0", "name": "servergroup_0_ingestion", "type": "ingestion", "created": 1654538253244}
Copy

Retrieve a specific key

Retrieves a specific key by its id.

Auth

Path Params

string

The id of the key to retrieve

GET /v1/config/keys/{id}

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/keys/629e3f7e62295be60488fb26' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

The key with the supplied id was found, the entire resource is returned.

object	object
id	string	The ID of the key
key	string	A secret key which can be used to authenticate requests to Mezmo.
name	string	A user friendly name for the key maxLength: 30
type	string	The type of the key Enum: `ingestion`,`service`
created	integer	The time the key was created as a Unix timestamp in milliseconds

404

The specified key was not found.

Response

xxxxxxxxxx
 
{ "id": "629e3f7e62295be60488fb26", "key": "7b273eb8adc962f2711ad760730debb0", "name": "servergroup_0_ingestion", "type": "ingestion", "created": 1654538253244}
Copy

Delete a specific key

Delete a specific key by its id.

Auth

Path Params

string

The id of the key to delete

DELETE /v1/config/keys/{id}

xxxxxxxxxx
 
curl --request DELETE \ --url 'https://api.mezmo.com/v1/config/keys/629e3f7e62295be60488fb26' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

The key was deleted successfully, a simple status is returned.

object	object
message	string	The status of the request in a human-readable form
deleted	boolean	Indicates whether the key was deleted

404

The specified key was not found.

Response

xxxxxxxxxx
 
{ "message": "Key deleted successfully", "deleted": true}
Copy

Update one or more fields of a key resource

Updates all of the fields described in the request body of the specified key. Fields left out of the body will remain unaffected.

Auth

Path Params

string

The id of the key to update

Request Body

object object

name

string

A user friendly name for the key

maxLength: 30

PUT /v1/config/keys/{id}

xxxxxxxxxx
 
curl --request PUT \ --url 'https://api.mezmo.com/v1/config/keys/629e3f7e62295be60488fb26' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data '{  "name": "servergroup_0_ingestion"}'
Copy

Responses

200

The update was successful; the key resource is returned with updated fields.

object	object
id	string	The ID of the key
key	string	A secret key which can be used to authenticate requests to Mezmo.
name	string	A user friendly name for the key maxLength: 30
type	string	The type of the key Enum: `ingestion`,`service`
created	integer	The time the key was created as a Unix timestamp in milliseconds

400

The supplied request is invalid or malformed.

404

The specified key was not found.

Response

xxxxxxxxxx
 
{ "id": "629e3f7e62295be60488fb26", "key": "7b273eb8adc962f2711ad760730debb0", "name": "servergroup_0_ingestion", "type": "ingestion", "created": 1654538253244}
Copy

Index Rate Alert

/v1/config/index-rate

/v1/config/members/{email}

/v1/config/index-rate

Get Index Rate Alert

Gets the configuration for an Index Rate Alert

Auth

GET /v1/config/index-rate

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/index-rate' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

object	object
max_lines	integer	The number of lines required in order to trigger the alert.
max_z_score	integer	The number of standard deviations above the 30 day average lines in order to trigger the alert.
threshold_alert	string	Determines if you want alerts to be triggered if both the max lines and standard deviation have been triggered, or if one of the thresholds has been reached. Enum: `separate`,`both`
frequency	string	Notify recipients once per hour, or once per day, (starting when the threshold is passed the first time) until the index rate drops below the thresholds. When the index rate drops below the thresholds, alerting stops. Enum: `hourly`,`daily`
channels	object
email	array[string]
pagerduty	array[string]
slack	array[string]
webhook	array[object]
url	string	Webhook URL.
method	string	WebHook method such as POST. Enum: `POST`,`PUT`,`PATCH`
headers	object
timestamp	string	Header value
bodyTemplate	string
enabled	boolean

400

Bad request

500

Internal Server error occurred when trying to fetch index rate alerts

Response

xxxxxxxxxx
 
{ "max_lines": "{integer}", "max_z_score": "{integer}", "threshold_alert": "{string}", "frequency": "{string}", "channels": {  "email": [   "{array[string]...}"  ],  "pagerduty": [   "{array[string]...}"  ],  "slack": [   "{array[string]...}"  ],  "webhook": [   {    "url": "{string}",    "method": "{string}",    "headers": {     "timestamp": "{string}"    },    "bodyTemplate": "{string}"   }  ] }, "enabled": "{boolean}"}
Copy

Update Index Rate Alert

Use this method to update an index rate alert. You can change the alert's configuration details.

Auth

Request Body

Request parameters

object	object
max_lines	integer	The number of lines required in order to trigger the alert.
max_z_score	integer	The number of standard deviations above the 30 day average lines in order to trigger the alert.
threshold_alert	string	Determines if you want alerts to be triggered if both the max lines and standard deviation have been triggered, or if one of the thresholds has been reached. Enum: `separate`,`both`
frequency	string	Notify recipients once per hour, or once per day, (starting when the threshold is passed the first time) until the index rate drops below the thresholds. When the index rate drops below the thresholds, alerting stops. Enum: `hourly`,`daily`
channels	object
email	array[string]
pagerduty	array[string]
slack	array[string]
webhook	array[object]
url	string	Webhook URL.
method	string	WebHook method such as POST. Enum: `POST`,`PUT`,`PATCH`
headers	object
timestamp	string	Header value
bodyTemplate	string
enabled	boolean

PUT /v1/config/index-rate

xxxxxxxxxx
 
curl --request PUT \ --url 'https://api.mezmo.com/v1/config/index-rate' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data '{  "max_lines": "{integer}",  "max_z_score": "{integer}",  "threshold_alert": "{string}",  "frequency": "{string}",  "channels": {    "email": [      "{array[string]...}"    ],    "pagerduty": [      "{array[string]...}"    ],    "slack": [      "{array[string]...}"    ],    "webhook": [      {        "url": "{string}",        "method": "{string}",        "headers": {          "timestamp": "{string}"        },        "bodyTemplate": "{string}"      }    ]  },  "enabled": "{boolean}"}'
Copy

Responses

200

object	object
max_lines	integer	The number of lines required in order to trigger the alert.
max_z_score	integer	The number of standard deviations above the 30 day average lines in order to trigger the alert.
threshold_alert	string	Determines if you want alerts to be triggered if both the max lines and standard deviation have been triggered, or if one of the thresholds has been reached. Enum: `separate`,`both`
frequency	string	Notify recipients once per hour, or once per day, (starting when the threshold is passed the first time) until the index rate drops below the thresholds. When the index rate drops below the thresholds, alerting stops. Enum: `hourly`,`daily`
channels	object
email	array[string]
pagerduty	array[string]
slack	array[string]
webhook	array[object]
url	string	Webhook URL.
method	string	WebHook method such as POST. Enum: `POST`,`PUT`,`PATCH`
headers	object
timestamp	string	Header value
bodyTemplate	string
enabled	boolean

400

Bad request

500

Internal Server error occurred when trying to fetch index rate alerts

Response

xxxxxxxxxx
 
{ "max_lines": "{integer}", "max_z_score": "{integer}", "threshold_alert": "{string}", "frequency": "{string}", "channels": {  "email": [   "{array[string]...}"  ],  "pagerduty": [   "{array[string]...}"  ],  "slack": [   "{array[string]...}"  ],  "webhook": [   {    "url": "{string}",    "method": "{string}",    "headers": {     "timestamp": "{string}"    },    "bodyTemplate": "{string}"   }  ] }, "enabled": "{boolean}"}
Copy

Members

/v1/config/members/{email}

/v1/config/members/{email}

Lists all members

Retrieves all of the current members in an organization and returns their email, role, and groups.

Auth

GET /v1/config/members

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/members' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

A list of members is returned on success.

array	array[object]
email	string	Email of a member
role	string	role of member. Owner shall not be created or set through api Enum: `owner`,`admin`,`readonly`,`member`
groups	array[string]

Response

xxxxxxxxxx
 
[ {  "email": "testemail@gmail.com",  "role": "member",  "groups": [   "{array[string]...}"  ] }]
Copy

Creates a new member

Create a new user and add to the team by providing 'email', 'role' and an optional list of RBAC groups.

Auth

Request Body

Request parameters.

object	object
email	string	Email of a member
role	string	role of member. Owner shall not be created or set through api Enum: `owner`,`admin`,`readonly`,`member`
groups	array[string]

POST /v1/config/members

xxxxxxxxxx
 
curl --request POST \ --url 'https://api.mezmo.com/v1/config/members' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data '{  "email": "testemail@gmail.com",  "role": "member",  "groups": [    "{array[string]...}"  ]}'
Copy

Responses

200

A new member was created successfully! Entire memberResource is returned.

object	object
email	string	Email of a member
role	string	role of member. Owner shall not be created or set through api Enum: `owner`,`admin`,`readonly`,`member`
groups	array[string]

400

The supplied request is invalid or malformed.

409

The supplied request leads to an invalid state. The returned error will contain more helpful information.

Response

xxxxxxxxxx
 
{ "email": "testemail@gmail.com", "role": "member", "groups": [  "{array[string]...}" ]}
Copy

Retrieve a member

Returns the role and groups of the specified member.

Auth

Path Params

email string

GET /v1/config/members/{email}

xxxxxxxxxx
 
curl --get \ --url 'https://api.mezmo.com/v1/config/members/testemail%40gmail.com' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

The member with the supplied email was found, the entire resource is returned.

object	object
email	string	Email of a member
role	string	role of member. Owner shall not be created or set through api Enum: `owner`,`admin`,`readonly`,`member`
groups	array[string]

404

The specified member was not found.

Response

xxxxxxxxxx
 
{ "email": "testemail@gmail.com", "role": "member", "groups": [  "{array[string]...}" ]}
Copy

Delete a member

Removes a member from the organization. This does not delete the user.

Auth

Path Params

email string

DELETE /v1/config/members/{email}

xxxxxxxxxx
 
curl --request DELETE \ --url 'https://api.mezmo.com/v1/config/members/testemail%40gmail.com' \ --header 'servicekey: {servicekey}'
Copy

Responses

200

The member was removed successfully, a simple status is returned.

object	object
message	string	The status of the request in a human-readable form
deleted	boolean	Indicates whether the member was deleted

404

The specified member was not found.

409

The specified member (owner) cannot be removed

Response

xxxxxxxxxx
 
{ "message": "Member removed successfully.", "deleted": true}
Copy

Update a member

Updates all the fields described in the request body of the specified member. Creates a member if the member doesn't exist already. Fields left out of the body will remain unaffected.

Auth

Path Params

email string

Request Body

object object

role

string

role of member. Owner shall not be created or set through api

Enum: owner,admin,readonly,member

groups array[string]

PUT /v1/config/members/{email}

xxxxxxxxxx
 
curl --request PUT \ --url 'https://api.mezmo.com/v1/config/members/testemail%40gmail.com' \ --header 'Content-Type: application/json' \ --header 'servicekey: {servicekey}' \ --data '{  "role": "member",  "groups": [    "{array[string]...}"  ]}'
Copy

Responses

200

The update was successful; the member resource is returned with updated fields.

object	object
email	string	Email of a member
role	string	role of member. Owner shall not be created or set through api Enum: `owner`,`admin`,`readonly`,`member`
groups	array[string]

400

The supplied request is invalid or malformed.

409

The supplied request leads to an invalid state. The returned error will contain more helpful information.

Response

xxxxxxxxxx
 
{ "email": "testemail@gmail.com", "role": "member", "groups": [  "{array[string]...}" ]}
Copy

Enterprise

/v1/enterprise/account

/v1/enterprise/account

/v1/enterprise/account/{accountId}

/v1/enterprise/account/{accountId}

/v1/enterprise/account/{accountId}

/v1/enterprise/keys/{id}