Get log

Available in Classic and VPC

Get logs collected from the Cloud Log Analytics service.

Request

This section describes the request format. The method and URI are as follows:

Method	URI
POST	/api/{regionCode}-v1/logs/search

Request headers

For information about the headers common to all Cloud Log Analytics APIs, see Cloud Log Analytics request headers.

Request path parameters

You can use the following path parameters with your request:

Field	Type	Required	Description
`regionCode`	String	Required	Region code `kr` \| `sgn` \| `jpn` \| `uswn` \| `den` `kr`: Korea Region `sgn`: Singapore Region `jpn`: Japan Region `uswn`: US West Region `den`: Germany Region

Request body

You can include the following data in the body of your request:

Field	Type	Required	Description
`interval`	String	Optional	Query interval `5m` (default) <e.g.> `1d`, `1h`, `1m`
`keyword`	String	Optional	Query keyword Search all (default)
`logTypes`	String	Optional	Log type Search all (default) <e.g.>`SYSLOG`, `security_log`, `tomcat`
`timestampFrom`	String	Optional	Query start date and time Unix timestamp format
`timestampTo`	String	Optional	Query end date and time Unix timestamp format
`pageNo`	Integer	Optional	Page number 1-100 (default: 1)
`pageSize`	Integer	Optional	Number of items per page 10-100 (default: 10)

Request example

The request example is as follows:

curl --location --request POST 'https://cloudloganalytics.apigw.ntruss.com/api/{regionCode}-v1/logs/search' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Content-Type: application/json' \
-date '{
  "interval": "30m",
  "pageNo": 1,
  "pageSize": 10
}'

Response

This section describes the response format.

Response body

The response body includes the following data:

Field	Type	Required	Description
`code`	Integer	-	Response status codes
`message`	String	-	Response status message
`result`	Object	-	Response result
`result.pageSize`	Integer	-	Number of items per page
`result.currentPage`	Integer	-	Current page number
`result.totalPage`	Integer	-	Total page number
`result.totalCount`	Integer	-	Total number of logs
`result.isPaged`	Boolean	-	Whether additional pages exist `true` \| `false` `true`: It exists `false`: It doesn't exist
`result.chartData`	Array	-	Number of logs Log occurrence time Unix timestamp format Number of logs generated
`result.searchResult`	Array	-	Query result

`searchResult`

The following describes searchResult.

Field	Type	Required	Description
`logTime`	Integer	-	Log occurrence time Unix timestamp format
`logType`	String	-	Log type
`servername`	String	-	Name of server to collect logs from
`logDetail`	String	-	Log content

Response status codes

For response status codes common to all Cloud Log Analytics APIs, see Cloud Log Analytics response status codes.

Response example

The response example is as follows:

{
    "code": 0,
    "message": "The request has been successfully processed.",
    "result": {
        "pageSize": 3,
        "currentPage": 1,
        "totalPage": 1695,
        "totalCount": 5083,
        "isPaged": true,
        "chartData": [
            [
                1731987000000,
                2111
            ],
            [
                1731988800000,
                2620
            ],
            [
                1731990600000,
                352
            ]
        ],
        "searchResult": [
            {
                "logTime": "1731990853000",
                "logType": "CDB_MSSQL",
                "servername": "m-100514954-002",
                "logDetail": "select \r\n\tcase \r\n\t\twhen count(a.name) + count(b.name) = 0 then 'not exists'\r\n\t\twhen count(a.name) + count(b.name) = 1 then 'stop'\r\n\t\twhen count(a.name) + count(b.name) = 2 then 'start'\r\n\tend xe_status\r\nfrom sys.server_event_sessions a\r\n\tleft join sys.dm_xe_sessions b\r\n\ton a.name = b.name \r\nwhere a.name = 'AuditLog'"
            },
            {
                "logTime": "1731990847925",
                "logType": "ses_log",
                "servername": "{name=ses-test-m-62vl}",
                "logDetail": "[2024-11-19T13:34:07,621][WARN ][o.o.p.c.u.JsonConverter  ] [ses-test-m-62vl] Json Mapping Error: Cannot invoke \"java.lang.Long.longValue()\" because \"this.cacheMaxSize\" is null (through reference chain: org.opensearch.performanceanalyzer.collectors.CacheConfigMetricsCollector$CacheMaxSizeStatus[\"Cache_MaxSize\"])"
            },
            {
                "logTime": "1731990847000",
                "logType": "CDB_MSSQL",
                "servername": "m-100514954-001",
                "logDetail": "select \r\n\tcase \r\n\t\twhen count(a.name) + count(b.name) = 0 then 'not exists'\r\n\t\twhen count(a.name) + count(b.name) = 1 then 'stop'\r\n\t\twhen count(a.name) + count(b.name) = 2 then 'start'\r\n\tend xe_status\r\nfrom sys.server_event_sessions a\r\n\tleft join sys.dm_xe_sessions b\r\n\ton a.name = b.name \r\nwhere a.name = 'AuditLog'"
            }
        ]
    }
}