Loggly, Inc.

Welcome, Guest Login

Support Center

How could I retrieve data for Derived fields via API? Is there a endpoint for derived fields?

Last Updated: Feb 01, 2016 03:45PM PST
There is no separate endpoint for the derived fields. The same endpoint will provide the information for the derived fields. For example, below command will provide you the fields that are available. Notice the format for the derived fields as well.

curl -u username:password "http://subdomain.loggly.com/apiv2/fields?q=*&from=-2d&until=now&facet_size=100"
{
  "fields": [
    {
      "name": "tag"
    },
    {
      "name": "logtype"
},
 {
      "name": "derived.Tenant_ABC
    {
      "name": "json.RequestId"
    },
    {
      "name": "json.RequestHeaders"
    }
  ],
  "rsid": {
    "status": "SCHEDULED",
    "date_from": 1454196623697,
    "elapsed_time": 0.02071690559387207,
    "date_to": 1454369433697,
    "id": "871485282"
  }
}

So this means you could query further on that derived field i.e. "Tenant_ABC"

curl -u username:password "http://subdomain.loggly.com/apiv2/fields/derived.Tenant_ABC?q=*&from=-2d&until=now&facet_size=100"
{
  "derived.Tenant_ABC": [
    {
      "count": 12924,
      "term": "abc"
    },
    {
      "count": 2410,
      "term": "ABC"
    }
  ],
  "total_events": 3099632,
  "unique_field_count": 2
}

Contact Us

logglyassistly@zoho.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete