Firewall Logs Aggregation Query.
const url = 'https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/data/namespaces/example/firewall_logs/aggregation';const options = { method: 'POST', headers: {Authorization: '<Authorization>', 'Content-Type': 'application/json'}, body: '{"aggs":{},"end_time":"example","namespace":"example","query":"example","start_time":"example"}'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/data/namespaces/example/firewall_logs/aggregation \ --header 'Authorization: <Authorization>' \ --header 'Content-Type: application/json' \ --data '{ "aggs": {}, "end_time": "example", "namespace": "example", "query": "example", "start_time": "example" }'Request to GET summary/analytics data for the firewall logs that matches the query in request for a given namespace.
Authorizations
Section titled “Authorizations”Parameters
Section titled “Parameters”Path Parameters
Section titled “Path Parameters”Namespace GET aggregation data for a given namespace.
Request Bodyrequired
Section titled “Request Bodyrequired”Request to GET only aggregation data for Firewall logs.
object
Aggregations provide summary/analytics data over the log response. If the number of logs that matched the query is large and cannot be returned in a single response message, user can GET helpful insights/summary using aggregations. The aggregations are key’ed by user-defined aggregation name. The response will be key’ed with the same name. Optional.
object
Fetch Firewall logs whose timestamp <= end_time format: unix_timestamp|RFC 3339
Optional: If not specified, then the end_time will be evaluated to start_time+10m
If start_time is not specified, then the end_time will be evaluated to
GET aggregation data for a given namespace.
Query is used to specify the list of matchers
syntax for query := {[”|”!”]
= : equal to
!= : not equal to
=~ : regex match
!~ : not regex match
When more than one matcher is specified in the query, then Firewall logs matching ALL the matchers will be returned in the response.
Optional: If not specified, all the Firewall logs matching the given tenant, namespace will be returned in the response.
Fetch Firewall logs whose timestamp >= start_time format: unix_timestamp|RFC 3339
Optional: If not specified, then the start_time will be evaluated to end_time-10m
If end_time is not specified, then the start_time will be evaluated to
Examplegenerated
{ "aggs": {}, "end_time": "example", "namespace": "example", "query": "example", "start_time": "example"}Responses
Section titled “Responses”A successful response.
Response message for AuditLogAggregationRequest/AccessLogAggregationRequest.
object
Aggregations provide summary/analytics data over the log response. If the number of logs that matched the query is large and cannot be returned in a single response message, user can GET helpful insights/summary using aggregations. The aggregation data is key’ed with the aggregation name specified in the request.
object
Total number of log messages that matched the query.
Examplegenerated
{ "aggs": {}, "total_hits": "example"}Returned when operation is not authorized.
Examplegenerated
exampleReturned when there is no permission to access resource.
Examplegenerated
exampleReturned when resource is not found.
Examplegenerated
exampleReturned when operation on resource is conflicting with current value.
Examplegenerated
exampleReturned when operation has been rejected as it is happening too frequently.
Examplegenerated
exampleReturned when server encountered an error in processing API.
Examplegenerated
exampleReturned when service is unavailable temporarily.
Examplegenerated
exampleReturned when server timed out processing request.
Examplegenerated
example