Versions Compared

Old Version 1

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

compared with

New Version 2

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

The request action is specified by appending the following paths to the endpoint URL:

Note

All requests must use one of the three supported authorization methods. In the example requests below, we use the API key + API secret authorization method.

...

This returns the current status of the query and some other basic information. 

Parameters

...

Parameter

...

Type

...

Description

...

jobId *required

...

String (path)

...

The job ID of the query. This appears in the url parameter.

...

Content-Type *required

...

String (header)

...

This must always be application/json.

...

x-logtrust-apikey *required

...

String (header)

...

The API key of the Devo domain. You can find this in the Access Keys tab of the Administration → Credentials window.

...

x-logtrust-sign *required

...

String (header)

...

HMAC SHA-256 using the API secret to sign the concatenation of the API key, body message and timestamp.

...

x-logtrust-timestamp *required

...

String (header)

...

Timestamp in milliseconds.

Example

Code Block
import requests

url = "https://apiv2-us.devo.com/search/job/3f6002a9-69cb-4495-9745-d47216fc58bf"

headers = {
    'Content-Type': "application/json",
    'x-logtrust-apikey': "my api key",
    'x-logtrust-timestamp': "1530010004072",
    'x-logtrust-sign': "e5841c4ee56a58d2918cc052136799b42c8a95aa2b947b06a91d3827f4178136",
    'Cache-Control': "no-cache",
    }

response = requests.request("GET", url, headers=headers)

print(response.text)

Response

The response may contain the following fields. 

...

Field name

...

Type

...

Description

...

success

...

Boolean

...

Indicates if the request was successful or not. Possible values are true (OK) or false (error)

...

msg

...

String

...

In the case of error, this describes what type of error occurred.

...

status

...

Integer

...

Numeric value that specifies the error code.

  • 0 - OK

  • 1 - Invalid request

...

cid

...

String

...

This is the ID that uniquely identifies the request.

...

timestamp

...

String

...

Indicates the moment when a certain event occurred.

...

object

...

Object

...

Job_Status object containing the current status of the job, the job id, events processed, and information about any errors generated.

Example

Code Block
{
    "status": 0,
    "cid": "Yh7lwm6VWq",
    "timestamp": 1530010004752,
    "object": {
        "status": "COMPLETED",
        "id": "3f6002a9-69cb-4495-9745-d47216fc58bf",
        "eventGenerated": 13572,
        "eventsSent": 13572,
        "lastDatetime": 1528278403836,
        "error": []
    }
}

...

This returns the status of all the queries that the account has launched and which are currently running.

Parameters

...

Parameter

...

Type

...

Description

...

x-logtrust-apikey *required

...

String (header)

...

The API key of the Devo domain. You can find this in Access Keys tab of the Administration → Credentials window.

...

Content-Type *required

...

String (header)

...

This must always be application/json.

...

x-logtrust-sign *required

...

String (header)

...

HMAC SHA-256 using the API secret to sign the concatenation of the API key, body message and timestamp.

...

x-logtrust-timestamp *required

...

String (header)

...

Timestamp in milliseconds.

...

Table of Contents
minLevel2
maxLevel2
typeflat

Overview

All query requests that forward their results to data storage systems like HDFS, Kafka, or S3 are assigned job IDs so that they can be monitored and managed. The job ID for a query is contained in the notification message returned to the query sender when the request is launched. This ID is used to monitor the status of the query or to manage it.

The request action is specified by appending the following paths to the endpoint URL:

Endpoints and methods

Description

Status
colourYellow
titleget
/job/{jobId} see below

Returns the current status of the query and some other basic information.

Status
colourYellow
titleget
/jobs see below

Returns the status of all the queries launched in the domain that are currently running.

Status
colourYellow
titleget
/job/stop/{jobId} see below

Stops a currently running query.

Status
colourYellow
titleget
/job/start/{jobId} see below

Starts a query that was previously stopped.

Status
colourYellow
titleget
/job/remove/{jobId} see below

Removes a query.

Endpoints and methods

Anchor
path1
path1
GET /job/{jobId}

Returns the current status of the query and some other basic information.

Rw ui expands macro
Rw expand
titleRequest

Path parameters

Add the following path parameters as part of the endpoint:

Parameter

Type

Description

jobId required 

string

The job ID of the query.

This is a request example:

Code Block
import requests

url = "https://apiv2-us.devo.com/search/job/3f6002a9-69cb-4495-9745-d47216fc58bf"

headers = {
    'Content-Type': "application/json",
    'x-logtrust-apikey': "my api key",
    'x-logtrust-timestamp': "1530010004072",
    'x-logtrust-sign': "e5841c4ee56a58d2918cc052136799b42c8a95aa2b947b06a91d3827f4178136",
    'Cache-Control': "no-cache",
    }

response = requests.request("GET", url, headers=headers)

print(response.text)
Rw expand
titleResponse

The response may include the following parameters:

Field name

Type

Description

success

boolean

Indicates if the request was successful or not. Possible values are true (OK) or false (error)

msg

string

In the case of error, this describes what type of error occurred.

status

integer

Numeric value that specifies the error code.

  • 0 - OK

  • 1 - Invalid request

cid

string

This is the ID that uniquely identifies the request.

timestamp

string

Indicates the moment when a certain event occurred.

object

object

Object containing the current status of the job, the job ID, events processed, and information about any errors generated.

And this is a response example:

Code Block
{
    "status": 0,
    "cid": "Yh7lwm6VWq",
    "timestamp": 1530010004752,
    "object": {
        "status": "COMPLETED",
        "id": "3f6002a9-69cb-4495-9745-d47216fc58bf",
        "eventGenerated": 13572,
        "eventsSent": 13572,
        "lastDatetime": 1528278403836,
        "error": []
    }
}

Anchor
path2
path2
GET /jobs

This returns the status of all the queries that the account has launched and which are currently running.

Rw ui expands macro
Rw expand
titleRequest

This is a request example:

Code Block
import requests

url = "https://apiv2-us.devo.com/search/jobs"

headers = {
    'Content-Type': "application/json",
    'x-logtrust-apikey': "my api key",
    'x-logtrust-timestamp': "1530009038403",
    'x-logtrust-sign': "662b2178b8857956cb63e6e68684a9b196e66b1d31ccdd04fd1aa60f00dcf9b3",
    'Cache-Control': "no-cache",
    }

response = requests.request("GET", url, headers=headers)

print(response.
text)

...

text)
Rw expand
titleResponse

The response may include the following parameters:

Field name

Type

Description

success

...

boolean

Indicates if the request was successful or not. Possible values are true (OK) or false (error)

...

msg

...

string

In the case of error, this describes what type of error occurred.

status

...

integer

Numeric value that specifies the error code.

  • 0 - OK

  • 1 - Invalid request

cid

...

string

This is the ID that uniquely identifies the request.

timestamp

...

string

Indicates the moment when a certain event occurred.

object

...

object

List of all the active jobs, including their current status, job IDs, and more.

Example

...

Code Block
{ "status": 0, "cid": "mrMlHGDbQC", "timestamp": 1530009833209, "object": [

And this is a response example:

Code Block
{
    
"status":
"STOPPED"
0,
"id
"cid": "
7629679a-8771-4bbe-8cc0-f95e73d10a82", 
mrMlHGDbQC",
    "
lastDatetime
timestamp":
0
1530009833209,
    "object": [
"type": "kafka",
 {
            "
friendlyName
status": "
kafka_LKwsktP686
STOPPED",
            "
query
id": "
from siem.logtrust.web.activityAll group every 5m by domain, username every 5m
7629679a-8771-4bbe-8cc0-f95e73d10a82",
            "
error
lastDatetime":
[] 
 0,
},
{
"type": "kafka",
            "
status
friendlyName": "
COMPLETED
kafka_LKwsktP686",
            "
id
query": "
3f6002a9-69cb-4495-9745-d47216fc58bf",
from siem.logtrust.web.activityAll group every 5m by domain, username every 5m",
            "error": []
"eventGenerated":
13572,
     },
"eventsSent": 13572,
 {
            "
lastDatetime
status":
1528278403836
"COMPLETED",
            "
error
id":
[] }, {
"3f6002a9-69cb-4495-9745-d47216fc58bf",
            "
status
eventGenerated":
"RUNNING"
13572,
            "
id
eventsSent":
"3360ccfa-4a32-413b-8b31-88ba758a20a4"
13572,
            "
eventGenerated
lastDatetime":
42
1528278403836,
            "
lastDatetime
error":
1530010198490
 []
        },
	{
            "
type
status": "
donothing
RUNNING",
            "
friendlyName
id": "
donothing_0wJnjMe9hy
3360ccfa-4a32-413b-8b31-88ba758a20a4",
            "
query
eventGenerated":
"from demo.ecommerce.data select *"
 42,
            "lastDatetime": 1530010198490,
            "
error
type":
[]
"donothing",
},
] }

...

This stops a currently running query.  Once stopped, a lastDatetime value is saved so that when the job is started again, it will pick up where it left off.  The lastDatetime parameter is contained in the object returned in the response.

Parameters

...

Parameter

...

Type

...

Description

...

jobId *required

...

String (path)

...

The job ID of the query. This appears in the url parameter

...

Content-Type *required

...

String (header)

...

This must always be application/json

...

x-logtrust-apikey *required

...

String (header)

...

The API key of the Devo domain. You can find this in Access Keys tab of the Administration → Credentials window.

...

x-logtrust-sign *required

...

String (header)

...

HMAC SHA-256 using the API secret to sign the concatenation of the API key, body message and timestamp.

...

x-logtrust-timestamp *required

...

String (header)

...

Timestamp in milliseconds.

"friendlyName": "donothing_0wJnjMe9hy",
            "query": "from demo.ecommerce.data select *",
            "error": []
        },
    ]
}

Anchor
path3
path3
GET /job/stop/{jobId}

This stops a currently running query. Once stopped, a lastDatetime value is saved so that when the job is started again, it will pick up where it left off. The lastDatetime parameter is contained in the object returned in the response.

Rw ui expands macro
Rw expand
titleRequest

Path parameters

Add the following path parameters as part of the endpoint:

Parameter

Type

Description

jobId required 

string

The job ID of the query.

This is a request example:

Code Block
import requests

url = "https://apiv2-us.devo.com/search/job/stop/3360ccfa-4a32-413b-8b31-88ba758a20a4"

headers = {
    'Content-Type': "application/json",
    'x-logtrust-apikey': "my api key",
    'x-logtrust-timestamp': "1530010250842",
    'x-logtrust-sign': "36599cc6bfae208a58e88f0c4d22876921c408448e706bc8563b76d650b40a7a",
    'Cache-Control': "no-cache",
    }

response = requests.request("GET", url, headers=headers)

print(response.text)
Rw expand
titleResponse

The response may include the following parameters:

Field name

Type

Description

success

...

boolean

Indicates if the request was successful or not. Possible values are true (OK) or false (error)

...

msg

...

string

In the case of error, this describes what type of error occurred.

status

...

integer

Numeric value that specifies the error code.

  • 0 - OK

  • 1 - Invalid request

cid

...

string

This is the ID that uniquely identifies the request.

timestamp

...

string

Indicates the moment when a certain event occurred.

object

object

Object

...

containing the current status of the job, the job

...

ID, events processed, and information about any errors generated.

...

And this is a response example:

Code Block
{
    "status": 0,
    "cid": "25WpxtgVel",
    "timestamp": 1530010251200,
    "object": {
        "status": "STOPPED",
        "id": "3360ccfa-4a32-413b-8b31-88ba758a20a4",
        "eventGenerated": 296,
        "lastDatetime": 1530010249501,
        "type": "donothing
", "friendlyName": "donothing_0wJnjMe9hy", "query": "from demo.ecommerce.data select *
",
        "
error": [] } }

...

This starts a query that was previously stopped. The query will continue from the time saved as the lastDatetime.

Parameters

...

Parameter

...

Type

...

Description

...

jobId *required

...

String (path)

...

The job ID of the query. This appears in the url parameter.

...

Content-Type *required

...

String (header)

...

This must always be application/json.

...

x-logtrust-apikey *required

...

String (header)

...

The API key of the Devo domain. You can find this in Access Keys tab of the Administration → Credentials window.

...

x-logtrust-sign *required

...

String (header)

...

HMAC SHA-256 using the API secret to sign the concatenation of the API key, body message and timestamp.

...

x-logtrust-timestamp *required

...

String (header)

...

Timestamp in milliseconds.

friendlyName": "donothing_0wJnjMe9hy",
        "query": "from demo.ecommerce.data select *",
        "error": []
    }
}

Anchor
path4
path4
GET /job/start/{jobId}

This starts a query that was previously stopped. The query will continue from the time saved as the lastDatetime.

Rw ui expands macro
Rw expand
titleRequest

Path parameters

Add the following path parameters as part of the endpoint:

Parameter

Type

Description

jobId required 

string

The job ID of the query.

This is a request example:

Code Block
import requests

url = "https://apiv2-us.devo.com/search/job/start/3360ccfa-4a32-413b-8b31-88ba758a20a4"

headers = {
    'Content-Type': "application/json",
    'x-logtrust-apikey': "my api key",
    'x-logtrust-timestamp': "1530010375717",
    'x-logtrust-sign': "8cba7c305ce1daaa78575e6b1ddaa944eea534cdd5e779b445b01a61c1bec917",
    'Cache-Control': "no-cache",
    }

response = requests.request("GET", url, headers=headers)

print(response.text)
Rw expand
titleResponse

The response may include the following parameters:

Field name

Type

Description

success

...

boolean

Indicates if the request was successful or not. Possible values are true (OK) or false (error)

...

msg

...

string

In the case of error, this describes what type of error occurred.

status

...

integer

Numeric value that specifies the error code.

  • 0 - OK

  • 1 - Invalid request

cid

...

string

This is the ID that uniquely identifies the request.

timestamp

...

string

Indicates the moment when a certain event occurred.

object

...

object

Details of the selected job, including its current status, job ID, last time active (lastDatetime), and more.

...

Example

...

And this is a response example:

Code Block
{
    "status": 0,
    "cid": "k8vGwEw8FV",
    "timestamp": 1530010376064,
    "object": {
        "status": "RUNNING",
        "id": "3360ccfa-4a32-413b-8b31-88ba758a20a4",
        "eventGenerated": 296,
        "lastDatetime": 1530010249501,
        "type": "donothing",
        "friendlyName": "donothing_0wJnjMe9hy",
        "query": "from demo.ecommerce.data select *",
        "error":
[] } }

...

Removes a query.

Parameters

...

Parameter

...

Type

...

Description

...

jobId *required

...

String (path)

...

The job ID of the query. This appears in the url parameter.

...

Content-Type *required

...

String (header)

...

This must always be application/json

...

x-logtrust-apikey *required

...

String (header)

...

The API key of the Devo domain. You can find this in Access Keys tab of the Administration → Credentials window.

...

x-logtrust-sign *required

...

String (header)

...

HMAC SHA-256 using the API secret to sign the concatenation of the API key, body message and timestamp.

...

x-logtrust-timestamp *required

...

String (header)

...

Timestamp in milliseconds.

[]
    }
}

Anchor
path5
path5
GET /job/remove/{jobId}

Removes a query.

Rw ui expands macro
Rw expand
titleRequest

Path parameters

Add the following path parameters as part of the endpoint:

Parameter

Type

Description

jobId required 

string

The job ID of the query.

This is a request example:

Code Block
import requests

url = "https://apiv2-us.devo.com/search/job/remove/3360ccfa-4a32-413b-8b31-88ba758a20a4"

headers = {
    'Content-Type': "application/json",
    'x-logtrust-apikey': "my api key",
    'x-logtrust-timestamp': "1530010533016",
    'x-logtrust-sign': "1fcb26ad2381ae0e14aa3e01713c223cba4f3b2e74ccf4a613fc7719ef115cde",
    'Cache-Control': "no-cache",
    }

response = requests.request("DELETE", url, headers=headers)

print(response.text)
Rw expand
titleResponse

The response may include the following parameters:

Field name

Type

Description

success

...

boolean

Indicates if the request was successful or not. Possible values are true (OK) or false (error).

msg

...

string

In the case of error, this describes what type of error occurred.

status

...

integer

Numeric value that specifies the error code.

  • 0 - OK

  • 1 - Invalid request

cid

...

string

This is the ID that uniquely identifies the request.

timestamp

...

string

Indicates the moment when a certain event occurred.

object

...

object

...

Details of the selected job, including its current status, job ID, last time active (lastDatetime), and more.

...

And this is a response example:

Code Block
{
    "status": 0,
    "cid": "4hIDrQrTQL",
    "timestamp": 1530010533365,
    "object": {
        "status": "REMOVED",
        "id": "3360ccfa-4a32-413b-8b31-88ba758a20a4",
        "eventGenerated": 1395,
        "lastDatetime": 1530010529199,
        "type": "donothing",
        "friendlyName": "donothing_0wJnjMe9hy",
        "query": "from demo.ecommerce.data select *",
        "error": []
    }
}