HTTP を介して Datadog プラットフォームでログを検索します。
ログの送信については、API バージョン 1 を参照してください。
POST https://api.datadoghq.eu/api/v2/logs/analytics/aggregatehttps://api.datadoghq.com/api/v2/logs/analytics/aggregate
イベントをバケットに集約しメトリクスと時系列を計算する API エンドポイント。
フィールド
種類
説明
compute
[object]
The list of metrics or timeseries to compute for the retrieved buckets.
aggregation [required]
enum
An aggregation function
Allowed enum values: count,cardinality,pc75,pc90,pc95,pc98,pc99,sum,min,max,avg
interval
string
The time buckets' size (only used for type=timeseries) Defaults to a resolution of 150 points
metric
string
The metric to use
type
enum
The type of compute
Allowed enum values: timeseries,total
filter
object
The search and filter query settings
from
string
The minimum time for the requested logs, supports date math and regular timestamps
indexes
[string]
For customers with multiple indexes, the indexes to search. Defaults to ['*'] which means all indexes.
query
string
The search query - following the log search syntax.
to
string
The maximum time for the requested logs, supports date math and regular timestamps
group_by
[object]
The rules for the group by
facet [required]
string
The name of the facet to use (required)
histogram
object
Used to perform a histogram computation (only for measure facets). Note: At most 100 buckets are allowed, the number of buckets is (max - min)/interval.
interval [required]
double
The bin size of the histogram buckets
max [required]
double
The maximum value for the measure used in the histogram (values greater than this one are filtered out)
min [required]
double
The minimum value for the measure used in the histogram (values smaller than this one are filtered out)
limit
int64
The maximum buckets to return for this group by
missing
<oneOf>
The value to use for logs that don't have the facet used to group by
Option 1
string
The missing value to use if there is string valued facet.
Option 2
double
The missing value to use if there is a number valued facet.
sort
object
A sort rule
aggregation
enum
An aggregation function
Allowed enum values: count,cardinality,pc75,pc90,pc95,pc98,pc99,sum,min,max,avg
metric
string
The metric to sort by (only used for type=measure)
order
enum
The order to use, ascending or descending
Allowed enum values: asc,desc
type
enum
The type of sorting algorithm
Allowed enum values: alphabetical,measure
total
<oneOf>
A resulting object to put the given computes in over all the matching records.
Option 1
boolean
If set to true, creates an additional bucket labeled "$facet_total"
Option 2
string
A string to use as the key value for the total bucket
Option 3
double
A number to use as the key value for the total bucket
options
object
Global query options that are used during the query. Note: You should only supply timezone or time offset but not both otherwise the query will fail.
timeOffset
int64
The time offset (in seconds) to apply to the query.
timezone
string
The timezone can be specified both as an offset, for example: "UTC+03:00".
paging
object
Paging settings
after
string
The returned paging point to use to get the next results
{
"compute": [
{
"aggregation": "pc90",
"interval": "5m",
"metric": "@duration",
"type": "string"
}
],
"filter": {
"from": "now-15m",
"indexes": [
"main",
"web"
],
"query": "service:web* AND @http.status_code:[200 TO 299]",
"to": "now"
},
"group_by": [
{
"facet": "host",
"histogram": {
"interval": 10,
"max": 100,
"min": 50
},
"limit": "integer",
"missing": "undefined",
"sort": {
"aggregation": "pc90",
"metric": "@duration",
"order": "asc",
"type": "string"
},
"total": "undefined"
}
],
"options": {
"timeOffset": "integer",
"timezone": "GMT"
},
"paging": {
"after": "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ=="
}
}OK
The response object for the logs aggregate API endpoint
フィールド
種類
説明
data
object
The query results
buckets
[object]
The list of matching buckets, one item per bucket
by
object
The key, value pairs for each group by
<any-key>
string
The values for each group by
computes
object
A map of the metric name -> value for regular compute or list of values for a timeseries
<any-key>
<oneOf>
A bucket value, can be either a timeseries or a single value
Option 1
string
A single string value
Option 2
double
A single number value
Option 3
[object]
A timeseries array
time
string
The time value for this point
value
double
The value for this point
meta
object
The metadata associated with a request
elapsed
int64
The time elapsed in milliseconds
page
object
Paging attributes.
after
string
The cursor to use to get the next results, if any. To make the next request, use the same.
parameters with the addition of the page[cursor].
request_id
string
The identifier of the request
status
enum
The status of the response
Allowed enum values: done,timeout
warnings
[object]
A list of warnings (non fatal errors) encountered, partial results might be returned if warnings are present in the response.
code
string
A unique code for this type of warning
detail
string
A detailed explanation of this specific warning
title
string
A short human-readable summary of the warning
{
"data": {
"buckets": [
{
"by": {
"<any-key>": "string"
},
"computes": {
"<any-key>": "undefined"
}
}
]
},
"meta": {
"elapsed": 132,
"page": {
"after": "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ=="
},
"request_id": "MWlFUjVaWGZTTTZPYzM0VXp1OXU2d3xLSVpEMjZKQ0VKUTI0dEYtM3RSOFVR",
"status": "done",
"warnings": [
{
"code": "unknown_index",
"detail": "indexes: foo, bar",
"title": "One or several indexes are missing or invalid, results hold data from the other indexes"
}
]
}
}Bad Request
API error response.
{
"errors": [
"Bad Request"
]
}Not Authorized
API error response.
{
"errors": [
"Bad Request"
]
}
# Curl command
curl -X POST "https://api.datadoghq.eu"https://api.datadoghq.com/api/v2/logs/analytics/aggregate" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_CLIENT_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_CLIENT_APP_KEY}" \
-d @- << EOF
{
"compute": [
{
"aggregation": "pc90"
}
],
"group_by": [
{
"facet": "host",
"histogram": {
"interval": 10,
"max": 100,
"min": 50
}
}
]
}
EOF
package main
import (
"context"
"encoding/json"
"fmt"
"os"
datadog "github.com/DataDog/datadog-api-client-go/api/v2/datadog"
)
func main() {
ctx := context.WithValue(
context.Background(),
datadog.ContextAPIKeys,
map[string]datadog.APIKey{
"apiKeyAuth": {
Key: os.Getenv("DD_CLIENT_API_KEY"),
},
"appKeyAuth": {
Key: os.Getenv("DD_CLIENT_APP_KEY"),
},
},
)
body := *datadog.NewLogsAggregateRequest() // LogsAggregateRequest |
configuration := datadog.NewConfiguration()
api_client := datadog.NewAPIClient(configuration)
resp, r, err := api_client.LogsApi.AggregateLogs(ctx).Body(body).Execute()
if err != nil {
fmt.Fprintf(os.Stderr, "Error when calling `LogsApi.AggregateLogs``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
}
// response from `AggregateLogs`: LogsAggregateResponse
response_content, _ := json.MarshalIndent(resp, "", " ")
fmt.Fprintf(os.Stdout, "Response from LogsApi.AggregateLogs:\n%s\n", response_content)
}
// Import classes:
import java.util.*;
import com.datadog.api.v2.client.ApiClient;
import com.datadog.api.v2.client.ApiException;
import com.datadog.api.v2.client.Configuration;
import com.datadog.api.v2.client.auth.*;
import com.datadog.api.v2.client.model.*;
import com.datadog.api.v2.client.api.LogsApi;
public class Example {
public static void main(String[] args) {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure the Datadog site to send API calls to
HashMap<String, String> serverVariables = new HashMap<String, String>();
String site = System.getenv("DD_SITE");
if (site != null) {
serverVariables.put("site", site);
defaultClient.setServerVariables(serverVariables);
}
// Configure API key authorization:
HashMap<String, String> secrets = new HashMap<String, String>();
secrets.put("apiKeyAuth", System.getenv("DD_CLIENT_API_KEY"));
secrets.put("appKeyAuth", System.getenv("DD_CLIENT_APP_KEY"));
defaultClient.configureApiKeys(secrets);
LogsApi apiInstance = new LogsApi(defaultClient);
LogsAggregateRequest body = new LogsAggregateRequest(); // LogsAggregateRequest |
try {
LogsAggregateResponse result = apiInstance.aggregateLogs()
.body(body)
.execute();
System.out.println(result);
} catch (ApiException e) {
System.err.println("Exception when calling LogsApi#aggregateLogs");
System.err.println("Status code: " + e.getCode());
System.err.println("Reason: " + e.getResponseBody());
System.err.println("Response headers: " + e.getResponseHeaders());
e.printStackTrace();
}
}
}
import os
from dateutil.parser import parse as dateutil_parser
import datadog_api_client.v2
from datadog_api_client.v2.api import logs_api
from datadog_api_client.v2.models import *
from pprint import pprint
# Defining the host is optional and defaults to https://api.datadoghq.com
# See configuration.py for a list of all supported configuration parameters.
configuration = datadog_api_client.v2.Configuration(
host = "https://api.datadoghq.com"
)
# The client must configure the authentication and authorization parameters
# in accordance with the API server security policy.
# Examples for each auth method are provided below, use the example that
# satisfies your auth use case.
# Configure API key authorization: apiKeyAuth
configuration.api_key['apiKeyAuth'] = os.getenv('DD_CLIENT_API_KEY')
# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
# configuration.api_key_prefix['apiKeyAuth'] = 'Bearer'
# Configure API key authorization: appKeyAuth
configuration.api_key['appKeyAuth'] = os.getenv('DD_CLIENT_APP_KEY')
# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
# configuration.api_key_prefix['appKeyAuth'] = 'Bearer'
# Enter a context with an instance of the API client
with datadog_api_client.v2.ApiClient(configuration) as api_client:
# Create an instance of the API class
api_instance = logs_api.LogsApi(api_client)
body = LogsAggregateRequest(
compute=[
LogsCompute(
aggregation=LogsAggregationFunction("pc90"),
interval="5m",
metric="@duration",
type=LogsComputeType("total"),
),
],
filter=LogsQueryFilter(
_from="now-15m",
indexes=["main","web"],
query="service:web* AND @http.status_code:[200 TO 299]",
to="now",
),
group_by=[
LogsGroupBy(
facet="host",
histogram=LogsGroupByHistogram(
interval=10,
max=100,
min=50,
),
limit=10,
missing=LogsGroupByMissing(),
sort=LogsAggregateSort(
aggregation=LogsAggregationFunction("pc90"),
metric="@duration",
order=LogsSortOrder("asc"),
type=LogsAggregateSortType("alphabetical"),
),
total=LogsGroupByTotal(),
),
],
options=LogsQueryOptions(
time_offset=1,
timezone="GMT",
),
paging=LogsAggregateRequestPaging(
after="eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==",
),
) # LogsAggregateRequest |
# example passing only required values which don't have defaults set
try:
# Aggregate events
api_response = api_instance.aggregate_logs(body)
pprint(api_response)
except datadog_api_client.v2.ApiException as e:
print("Exception when calling LogsApi->aggregate_logs: %s\n" % e)
require 'time'
require 'datadog_api_client/v2'
# setup authorization
DatadogAPIClient::V2.configure do |config|
# Configure API key authorization: apiKeyAuth
config.api_key['apiKeyAuth'] = ENV["DD_CLIENT_API_KEY"]
# Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil)
# config.api_key_prefix['apiKeyAuth'] = 'Bearer'
# Configure API key authorization: appKeyAuth
config.api_key['appKeyAuth'] = ENV["DD_CLIENT_APP_KEY"]
# Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil)
# config.api_key_prefix['appKeyAuth'] = 'Bearer'
end
api_instance = DatadogAPIClient::V2::LogsApi.new
body = DatadogAPIClient::V2::LogsAggregateRequest.new # LogsAggregateRequest |
begin
# Aggregate events
result = api_instance.aggregate_logs(body)
p result
rescue DatadogAPIClient::V2::ApiError => e
puts "Error when calling LogsApi->aggregate_logs: #{e}"
end
Note: This endpoint is in public beta. If you have any feedback, contact Datadog support.
POST https://api.datadoghq.eu/api/v2/logs/events/searchhttps://api.datadoghq.com/api/v2/logs/events/search
リストエンドポイントは、ログ検索クエリと一致するログを返します。 結果はページ区切りされます。
このエンドポイントと GET エンドポイントは、ログを一覧表示する際に互いに交換して 使用できます。
オーガニゼーションのためのログのアーカイブを目的とする場合は、 ログリスト API の代わりに Datadog のアーカイブ機能の使用を検討してください。 Datadog のログのアーカイブに関するドキュメントを参照してください。
フィールド
種類
説明
filter
object
The search and filter query settings
from
string
The minimum time for the requested logs, supports date math and regular timestamps
indexes
[string]
For customers with multiple indexes, the indexes to search. Defaults to ['*'] which means all indexes.
query
string
The search query - following the log search syntax.
to
string
The maximum time for the requested logs, supports date math and regular timestamps
options
object
Global query options that are used during the query. Note: You should only supply timezone or time offset but not both otherwise the query will fail.
timeOffset
int64
The time offset (in seconds) to apply to the query.
timezone
string
The timezone can be specified both as an offset, for example: "UTC+03:00".
page
object
Paging attributes for listing logs.
cursor
string
List following results with a cursor provided in the previous query.
limit
int32
Maximum number of logs in the response.
sort
enum
Sort parameters when querying logs.
Allowed enum values: timestamp,-timestamp
{
"filter": {
"from": "now-15m",
"indexes": [
"main",
"web"
],
"query": "service:web* AND @http.status_code:[200 TO 299]",
"to": "now"
},
"options": {
"timeOffset": "integer",
"timezone": "GMT"
},
"page": {
"cursor": "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==",
"limit": 25
},
"sort": "string"
}OK
Response object with all logs matching the request and pagination information.
フィールド
種類
説明
data
[object]
Array of logs matching the request.
attributes
object
JSON object containing all log attributes and their associated values.
attributes
object
JSON object of attributes from your log.
host
string
Name of the machine from where the logs are being sent.
message
string
The message reserved attribute of your log. By default, Datadog ingests the value of the message attribute as the body of the log entry. That value is then highlighted and displayed in the Logstream, where it is indexed for full text search.
service
string
The name of the application or service generating the log events. It is used to switch from Logs to APM, so make sure you define the same value when you use both products.
status
string
Status of the message associated with your log.
tags
[string]
Array of tags associated with your log.
timestamp
date-time
Timestamp of your log.
id
string
Unique ID of the Log.
type
enum
Type of the event.
Allowed enum values: log
links
object
Links attributes.
next
string
Link for the next set of results. Note that the request can also be made using the POST endpoint.
meta
object
The metadata associated with a request
elapsed
int64
The time elapsed in milliseconds
page
object
Paging attributes.
after
string
The cursor to use to get the next results, if any. To make the next request, use the same.
parameters with the addition of the page[cursor].
request_id
string
The identifier of the request
status
enum
The status of the response
Allowed enum values: done,timeout
warnings
[object]
A list of warnings (non fatal errors) encountered, partial results might be returned if warnings are present in the response.
code
string
A unique code for this type of warning
detail
string
A detailed explanation of this specific warning
title
string
A short human-readable summary of the warning
{
"data": [
{
"attributes": {
"attributes": [
{}
],
"host": "i-0123",
"message": "Host connected to remote",
"service": "agent",
"status": "INFO",
"tags": [
"team:A"
],
"timestamp": "2019-01-02T09:42:36.320Z"
},
"id": "AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA",
"type": "log"
}
],
"links": {
"next": "https://app.datadoghq.com/api/v2/logs/event?filter[query]=foo\u0026page[cursor]=eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ=="
},
"meta": {
"elapsed": 132,
"page": {
"after": "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ=="
},
"request_id": "MWlFUjVaWGZTTTZPYzM0VXp1OXU2d3xLSVpEMjZKQ0VKUTI0dEYtM3RSOFVR",
"status": "done",
"warnings": [
{
"code": "unknown_index",
"detail": "indexes: foo, bar",
"title": "One or several indexes are missing or invalid, results hold data from the other indexes"
}
]
}
}Bad Request
API error response.
{
"errors": [
"Bad Request"
]
}Not Authorized
API error response.
{
"errors": [
"Bad Request"
]
}
# Curl command
curl -X POST "https://api.datadoghq.eu"https://api.datadoghq.com/api/v2/logs/events/search" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_CLIENT_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_CLIENT_APP_KEY}" \
-d @- << EOF
{}
EOF
package main
import (
"context"
"encoding/json"
"fmt"
"os"
datadog "github.com/DataDog/datadog-api-client-go/api/v2/datadog"
)
func main() {
ctx := context.WithValue(
context.Background(),
datadog.ContextAPIKeys,
map[string]datadog.APIKey{
"apiKeyAuth": {
Key: os.Getenv("DD_CLIENT_API_KEY"),
},
"appKeyAuth": {
Key: os.Getenv("DD_CLIENT_APP_KEY"),
},
},
)
body := *datadog.NewLogsListRequest() // LogsListRequest | (optional)
configuration := datadog.NewConfiguration()
configuration.SetUnstableOperationEnabled("ListLogs", true)
api_client := datadog.NewAPIClient(configuration)
resp, r, err := api_client.LogsApi.ListLogs(ctx).Body(body).Execute()
if err != nil {
fmt.Fprintf(os.Stderr, "Error when calling `LogsApi.ListLogs``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
}
// response from `ListLogs`: LogsListResponse
response_content, _ := json.MarshalIndent(resp, "", " ")
fmt.Fprintf(os.Stdout, "Response from LogsApi.ListLogs:\n%s\n", response_content)
}
// Import classes:
import java.util.*;
import com.datadog.api.v2.client.ApiClient;
import com.datadog.api.v2.client.ApiException;
import com.datadog.api.v2.client.Configuration;
import com.datadog.api.v2.client.auth.*;
import com.datadog.api.v2.client.model.*;
import com.datadog.api.v2.client.api.LogsApi;
public class Example {
public static void main(String[] args) {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure the Datadog site to send API calls to
HashMap<String, String> serverVariables = new HashMap<String, String>();
String site = System.getenv("DD_SITE");
if (site != null) {
serverVariables.put("site", site);
defaultClient.setServerVariables(serverVariables);
}
// Configure API key authorization:
HashMap<String, String> secrets = new HashMap<String, String>();
secrets.put("apiKeyAuth", System.getenv("DD_CLIENT_API_KEY"));
secrets.put("appKeyAuth", System.getenv("DD_CLIENT_APP_KEY"));
defaultClient.configureApiKeys(secrets);
LogsApi apiInstance = new LogsApi(defaultClient);
LogsListRequest body = new LogsListRequest(); // LogsListRequest |
try {
LogsListResponse result = apiInstance.listLogs()
.body(body)
.execute();
System.out.println(result);
} catch (ApiException e) {
System.err.println("Exception when calling LogsApi#listLogs");
System.err.println("Status code: " + e.getCode());
System.err.println("Reason: " + e.getResponseBody());
System.err.println("Response headers: " + e.getResponseHeaders());
e.printStackTrace();
}
}
}
import os
from dateutil.parser import parse as dateutil_parser
import datadog_api_client.v2
from datadog_api_client.v2.api import logs_api
from datadog_api_client.v2.models import *
from pprint import pprint
# Defining the host is optional and defaults to https://api.datadoghq.com
# See configuration.py for a list of all supported configuration parameters.
configuration = datadog_api_client.v2.Configuration(
host = "https://api.datadoghq.com"
)
# The client must configure the authentication and authorization parameters
# in accordance with the API server security policy.
# Examples for each auth method are provided below, use the example that
# satisfies your auth use case.
# Configure API key authorization: apiKeyAuth
configuration.api_key['apiKeyAuth'] = os.getenv('DD_CLIENT_API_KEY')
# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
# configuration.api_key_prefix['apiKeyAuth'] = 'Bearer'
# Configure API key authorization: appKeyAuth
configuration.api_key['appKeyAuth'] = os.getenv('DD_CLIENT_APP_KEY')
# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
# configuration.api_key_prefix['appKeyAuth'] = 'Bearer'
configuration.unstable_operations["list_logs"] = True
# Enter a context with an instance of the API client
with datadog_api_client.v2.ApiClient(configuration) as api_client:
# Create an instance of the API class
api_instance = logs_api.LogsApi(api_client)
body = LogsListRequest(
filter=LogsQueryFilter(
_from="now-15m",
indexes=["main","web"],
query="service:web* AND @http.status_code:[200 TO 299]",
to="now",
),
options=LogsQueryOptions(
time_offset=1,
timezone="GMT",
),
page=LogsListRequestPage(
cursor="eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==",
limit=25,
),
sort=LogsSort("timestamp"),
) # LogsListRequest | (optional)
# example passing only required values which don't have defaults set
# and optional values
try:
# Get a list of logs
api_response = api_instance.list_logs(body=body)
pprint(api_response)
except datadog_api_client.v2.ApiException as e:
print("Exception when calling LogsApi->list_logs: %s\n" % e)
require 'time'
require 'datadog_api_client/v2'
# setup authorization
DatadogAPIClient::V2.configure do |config|
# Configure API key authorization: apiKeyAuth
config.api_key['apiKeyAuth'] = ENV["DD_CLIENT_API_KEY"]
# Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil)
# config.api_key_prefix['apiKeyAuth'] = 'Bearer'
# Configure API key authorization: appKeyAuth
config.api_key['appKeyAuth'] = ENV["DD_CLIENT_APP_KEY"]
# Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil)
# config.api_key_prefix['appKeyAuth'] = 'Bearer'
config.unstable_operations[:list_logs] = true
end
api_instance = DatadogAPIClient::V2::LogsApi.new
opts = {
body: DatadogAPIClient::V2::LogsListRequest.new # LogsListRequest |
}
begin
# Get a list of logs
result = api_instance.list_logs(opts)
p result
rescue DatadogAPIClient::V2::ApiError => e
puts "Error when calling LogsApi->list_logs: #{e}"
end
Note: This endpoint is in public beta. If you have any feedback, contact Datadog support.
GET https://api.datadoghq.eu/api/v2/logs/eventshttps://api.datadoghq.com/api/v2/logs/events
リストエンドポイントは、ログ検索クエリと一致するログを返します。 結果はページ区切りされます。
このエンドポイントと POST エンドポイントは、ログを一覧表示する際に互いに交換して使用できます。
オーガニゼーションのためのログのアーカイブを目的とする場合は、 ログリスト API の代わりに Datadog のアーカイブ機能の使用を検討してください。 Datadog のログのアーカイブに関するドキュメントを参照してください。
名前
種類
説明
filter[query]
string
Search query following logs syntax.
filter[index]
string
For customers with multiple indexes, the indexes to search Defaults to ‘*’ which means all indexes
filter[from]
string
Minimum timestamp for requested logs.
filter[to]
string
Maximum timestamp for requested logs.
sort
string
Order of logs in results.
page[cursor]
string
List following results with a cursor provided in the previous query.
page[limit]
integer
Maximum number of logs in the response.
OK
Response object with all logs matching the request and pagination information.
フィールド
種類
説明
data
[object]
Array of logs matching the request.
attributes
object
JSON object containing all log attributes and their associated values.
attributes
object
JSON object of attributes from your log.
host
string
Name of the machine from where the logs are being sent.
message
string
The message reserved attribute of your log. By default, Datadog ingests the value of the message attribute as the body of the log entry. That value is then highlighted and displayed in the Logstream, where it is indexed for full text search.
service
string
The name of the application or service generating the log events. It is used to switch from Logs to APM, so make sure you define the same value when you use both products.
status
string
Status of the message associated with your log.
tags
[string]
Array of tags associated with your log.
timestamp
date-time
Timestamp of your log.
id
string
Unique ID of the Log.
type
enum
Type of the event.
Allowed enum values: log
links
object
Links attributes.
next
string
Link for the next set of results. Note that the request can also be made using the POST endpoint.
meta
object
The metadata associated with a request
elapsed
int64
The time elapsed in milliseconds
page
object
Paging attributes.
after
string
The cursor to use to get the next results, if any. To make the next request, use the same.
parameters with the addition of the page[cursor].
request_id
string
The identifier of the request
status
enum
The status of the response
Allowed enum values: done,timeout
warnings
[object]
A list of warnings (non fatal errors) encountered, partial results might be returned if warnings are present in the response.
code
string
A unique code for this type of warning
detail
string
A detailed explanation of this specific warning
title
string
A short human-readable summary of the warning
{
"data": [
{
"attributes": {
"attributes": [
{}
],
"host": "i-0123",
"message": "Host connected to remote",
"service": "agent",
"status": "INFO",
"tags": [
"team:A"
],
"timestamp": "2019-01-02T09:42:36.320Z"
},
"id": "AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA",
"type": "log"
}
],
"links": {
"next": "https://app.datadoghq.com/api/v2/logs/event?filter[query]=foo\u0026page[cursor]=eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ=="
},
"meta": {
"elapsed": 132,
"page": {
"after": "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ=="
},
"request_id": "MWlFUjVaWGZTTTZPYzM0VXp1OXU2d3xLSVpEMjZKQ0VKUTI0dEYtM3RSOFVR",
"status": "done",
"warnings": [
{
"code": "unknown_index",
"detail": "indexes: foo, bar",
"title": "One or several indexes are missing or invalid, results hold data from the other indexes"
}
]
}
}Bad Request
API error response.
{
"errors": [
"Bad Request"
]
}Not Authorized
API error response.
{
"errors": [
"Bad Request"
]
}
# Curl command
curl -X GET "https://api.datadoghq.eu"https://api.datadoghq.com/api/v2/logs/events" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_CLIENT_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_CLIENT_APP_KEY}"
package main
import (
"context"
"encoding/json"
"fmt"
"os"
"time"
datadog "github.com/DataDog/datadog-api-client-go/api/v2/datadog"
)
func main() {
ctx := context.WithValue(
context.Background(),
datadog.ContextAPIKeys,
map[string]datadog.APIKey{
"apiKeyAuth": {
Key: os.Getenv("DD_CLIENT_API_KEY"),
},
"appKeyAuth": {
Key: os.Getenv("DD_CLIENT_APP_KEY"),
},
},
)
filterQuery := "@datacenter:us @role:db" // string | Search query following logs syntax. (optional)
filterIndex := "main" // string | For customers with multiple indexes, the indexes to search Defaults to '*' which means all indexes (optional)
filterFrom := time.Now() // time.Time | Minimum timestamp for requested logs. (optional)
filterTo := time.Now() // time.Time | Maximum timestamp for requested logs. (optional)
sort := datadog.LogsSort("timestamp") // LogsSort | Order of logs in results. (optional)
pageCursor := "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==" // string | List following results with a cursor provided in the previous query. (optional)
pageLimit := int32(25) // int32 | Maximum number of logs in the response. (optional) (default to 10)
configuration := datadog.NewConfiguration()
configuration.SetUnstableOperationEnabled("ListLogsGet", true)
api_client := datadog.NewAPIClient(configuration)
resp, r, err := api_client.LogsApi.ListLogsGet(ctx).FilterQuery(filterQuery).FilterIndex(filterIndex).FilterFrom(filterFrom).FilterTo(filterTo).Sort(sort).PageCursor(pageCursor).PageLimit(pageLimit).Execute()
if err != nil {
fmt.Fprintf(os.Stderr, "Error when calling `LogsApi.ListLogsGet``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
}
// response from `ListLogsGet`: LogsListResponse
response_content, _ := json.MarshalIndent(resp, "", " ")
fmt.Fprintf(os.Stdout, "Response from LogsApi.ListLogsGet:\n%s\n", response_content)
}
import java.time.OffsetDateTime;
// Import classes:
import java.util.*;
import com.datadog.api.v2.client.ApiClient;
import com.datadog.api.v2.client.ApiException;
import com.datadog.api.v2.client.Configuration;
import com.datadog.api.v2.client.auth.*;
import com.datadog.api.v2.client.model.*;
import com.datadog.api.v2.client.api.LogsApi;
public class Example {
public static void main(String[] args) {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure the Datadog site to send API calls to
HashMap<String, String> serverVariables = new HashMap<String, String>();
String site = System.getenv("DD_SITE");
if (site != null) {
serverVariables.put("site", site);
defaultClient.setServerVariables(serverVariables);
}
// Configure API key authorization:
HashMap<String, String> secrets = new HashMap<String, String>();
secrets.put("apiKeyAuth", System.getenv("DD_CLIENT_API_KEY"));
secrets.put("appKeyAuth", System.getenv("DD_CLIENT_APP_KEY"));
defaultClient.configureApiKeys(secrets);
LogsApi apiInstance = new LogsApi(defaultClient);
String filterQuery = "@datacenter:us @role:db"; // String | Search query following logs syntax.
String filterIndex = "main"; // String | For customers with multiple indexes, the indexes to search Defaults to '*' which means all indexes
OffsetDateTime filterFrom = OffsetDateTime.now(); // OffsetDateTime | Minimum timestamp for requested logs.
OffsetDateTime filterTo = OffsetDateTime.now(); // OffsetDateTime | Maximum timestamp for requested logs.
LogsSort sort = LogsSort.fromValue("timestamp"); // LogsSort | Order of logs in results.
String pageCursor = "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ=="; // String | List following results with a cursor provided in the previous query.
Integer pageLimit = 10; // Integer | Maximum number of logs in the response.
try {
LogsListResponse result = apiInstance.listLogsGet()
.filterQuery(filterQuery)
.filterIndex(filterIndex)
.filterFrom(filterFrom)
.filterTo(filterTo)
.sort(sort)
.pageCursor(pageCursor)
.pageLimit(pageLimit)
.execute();
System.out.println(result);
} catch (ApiException e) {
System.err.println("Exception when calling LogsApi#listLogsGet");
System.err.println("Status code: " + e.getCode());
System.err.println("Reason: " + e.getResponseBody());
System.err.println("Response headers: " + e.getResponseHeaders());
e.printStackTrace();
}
}
}
import os
from dateutil.parser import parse as dateutil_parser
import datadog_api_client.v2
from datadog_api_client.v2.api import logs_api
from datadog_api_client.v2.models import *
from pprint import pprint
# Defining the host is optional and defaults to https://api.datadoghq.com
# See configuration.py for a list of all supported configuration parameters.
configuration = datadog_api_client.v2.Configuration(
host = "https://api.datadoghq.com"
)
# The client must configure the authentication and authorization parameters
# in accordance with the API server security policy.
# Examples for each auth method are provided below, use the example that
# satisfies your auth use case.
# Configure API key authorization: apiKeyAuth
configuration.api_key['apiKeyAuth'] = os.getenv('DD_CLIENT_API_KEY')
# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
# configuration.api_key_prefix['apiKeyAuth'] = 'Bearer'
# Configure API key authorization: appKeyAuth
configuration.api_key['appKeyAuth'] = os.getenv('DD_CLIENT_APP_KEY')
# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
# configuration.api_key_prefix['appKeyAuth'] = 'Bearer'
configuration.unstable_operations["list_logs_get"] = True
# Enter a context with an instance of the API client
with datadog_api_client.v2.ApiClient(configuration) as api_client:
# Create an instance of the API class
api_instance = logs_api.LogsApi(api_client)
filter_query = "@datacenter:us @role:db" # str | Search query following logs syntax. (optional)
filter_index = "main" # str | For customers with multiple indexes, the indexes to search Defaults to '*' which means all indexes (optional)
filter_from = dateutil_parser('2019-01-02T09:42:36.320Z') # datetime | Minimum timestamp for requested logs. (optional)
filter_to = dateutil_parser('2019-01-03T09:42:36.320Z') # datetime | Maximum timestamp for requested logs. (optional)
sort = LogsSort("timestamp") # LogsSort | Order of logs in results. (optional)
page_cursor = "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==" # str | List following results with a cursor provided in the previous query. (optional)
page_limit = 25 # int | Maximum number of logs in the response. (optional) if omitted the server will use the default value of 10
# example passing only required values which don't have defaults set
# and optional values
try:
# Get a quick list of logs
api_response = api_instance.list_logs_get(filter_query=filter_query, filter_index=filter_index, filter_from=filter_from, filter_to=filter_to, sort=sort, page_cursor=page_cursor, page_limit=page_limit)
pprint(api_response)
except datadog_api_client.v2.ApiException as e:
print("Exception when calling LogsApi->list_logs_get: %s\n" % e)
require 'time'
require 'datadog_api_client/v2'
# setup authorization
DatadogAPIClient::V2.configure do |config|
# Configure API key authorization: apiKeyAuth
config.api_key['apiKeyAuth'] = ENV["DD_CLIENT_API_KEY"]
# Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil)
# config.api_key_prefix['apiKeyAuth'] = 'Bearer'
# Configure API key authorization: appKeyAuth
config.api_key['appKeyAuth'] = ENV["DD_CLIENT_APP_KEY"]
# Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil)
# config.api_key_prefix['appKeyAuth'] = 'Bearer'
config.unstable_operations[:list_logs_get] = true
end
api_instance = DatadogAPIClient::V2::LogsApi.new
opts = {
filter_query: '@datacenter:us @role:db', # String | Search query following logs syntax.
filter_index: 'main', # String | For customers with multiple indexes, the indexes to search Defaults to '*' which means all indexes
filter_from: Time.parse('2019-01-02T09:42:36.320Z'), # Time | Minimum timestamp for requested logs.
filter_to: Time.parse('2019-01-03T09:42:36.320Z'), # Time | Maximum timestamp for requested logs.
sort: DatadogAPIClient::V2::LogsSort::TIMESTAMP_ASCENDING, # LogsSort | Order of logs in results.
page_cursor: 'eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==', # String | List following results with a cursor provided in the previous query.
page_limit: 25 # Integer | Maximum number of logs in the response.
}
begin
# Get a quick list of logs
result = api_instance.list_logs_get(opts)
p result
rescue DatadogAPIClient::V2::ApiError => e
puts "Error when calling LogsApi->list_logs_get: #{e}"
end