Table of Contents |
---|
minLevel | 2 |
---|
maxLevel | 2 |
---|
type | flat |
---|
|
Overview
All query requests that forward their results to data storage systems like HDFS, Kafka, or S3 are assigned job IDs so that they can be monitored and managed. The job ID for a query is contained in the notification message returned to the query sender when the request is launched. This ID is used to monitor the status of the query or to manage it.
The request action is specified by appending the following paths to the endpoint URL:
Endpoints and methods | Description |
---|
/job/{jobId} see below | Returns the current status of the query and some other basic information. |
/jobs see below | Returns the status of all the queries launched in the domain that are currently running. |
/job/stop/{jobId} see below | Stops a currently running query. |
/job/start/{jobId} see below | Starts a query that was previously stopped. |
/job/remove/{jobId} see below | Removes a query. |
Endpoints and methods
GET /job/{jobId}
Returns the current status of the query and some other basic information.
Rw ui expands macro |
---|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
jobId required
| string
| The job ID of the query. |
This is a request example: Code Block |
---|
import requests
url = "https://apiv2-us.devo.com/search/job/3f6002a9-69cb-4495-9745-d47216fc58bf"
headers = {
'Content-Type': "application/json",
'x-logtrust-apikey': "my api key",
'x-logtrust-timestamp': "1530010004072",
'x-logtrust-sign': "e5841c4ee56a58d2918cc052136799b42c8a95aa2b947b06a91d3827f4178136",
'Cache-Control': "no-cache",
}
response = requests.request("GET", url, headers=headers)
print(response.text) |
The response may include the following parameters: Field name | Type | Description |
---|
success
| boolean
| Indicates if the request was successful or not. Possible values are true (OK) or false (error) | msg
| string
| In the case of error, this describes what type of error occurred. | status
| integer
| Numeric value that specifies the error code. 0 - OK
1 - Invalid request
| cid
| string
| This is the ID that uniquely identifies the request. | timestamp
| string
| Indicates the moment when a certain event occurred. | object
| object
| Object containing the current status of the job, the job ID, events processed, and information about any errors generated. |
And this is a response example: Code Block |
---|
{
"status": 0,
"cid": "Yh7lwm6VWq",
"timestamp": 1530010004752,
"object": {
"status": "COMPLETED",
"id": "3f6002a9-69cb-4495-9745-d47216fc58bf",
"eventGenerated": 13572,
"eventsSent": 13572,
"lastDatetime": 1528278403836,
"error": []
}
} |
|
GET /jobs
This returns the status of all the queries that the account has launched and which are currently running.
Rw ui expands macro |
---|
This is a request example: Code Block |
---|
import requests
url = "https://apiv2-us.devo.com/search/jobs"
headers = {
'Content-Type': "application/json",
'x-logtrust-apikey': "my api key",
'x-logtrust-timestamp': "1530009038403",
'x-logtrust-sign': "662b2178b8857956cb63e6e68684a9b196e66b1d31ccdd04fd1aa60f00dcf9b3",
'Cache-Control': "no-cache",
}
response = requests.request("GET", url, headers=headers)
print(response.text) |
The response may include the following parameters: Field name | Type | Description |
---|
success
| boolean
| Indicates if the request was successful or not. Possible values are true (OK) or false (error) | msg
| string
| In the case of error, this describes what type of error occurred. | status
| integer
| Numeric value that specifies the error code. 0 - OK
1 - Invalid request
| cid
| string
| This is the ID that uniquely identifies the request. | timestamp
| string
| Indicates the moment when a certain event occurred. | object
| object
| List of all the active jobs, including their current status, job IDs, and more. |
And this is a response example: Code Block |
---|
{
"status": 0,
"cid": "mrMlHGDbQC",
"timestamp": 1530009833209,
"object": [
{
"status": "STOPPED",
"id": "7629679a-8771-4bbe-8cc0-f95e73d10a82",
"lastDatetime": 0,
"type": "kafka",
"friendlyName": "kafka_LKwsktP686",
"query": "from siem.logtrust.web.activityAll group every 5m by domain, username every 5m",
"error": []
},
{
"status": "COMPLETED",
"id": "3f6002a9-69cb-4495-9745-d47216fc58bf",
"eventGenerated": 13572,
"eventsSent": 13572,
"lastDatetime": 1528278403836,
"error": []
},
{
"status": "RUNNING",
"id": "3360ccfa-4a32-413b-8b31-88ba758a20a4",
"eventGenerated": 42,
"lastDatetime": 1530010198490,
"type": "donothing",
"friendlyName": "donothing_0wJnjMe9hy",
"query": "from demo.ecommerce.data select *",
"error": []
},
]
} |
|
GET /job/stop/{jobId}
This stops a currently running query. Once stopped, a lastDatetime
value is saved so that when the job is started again, it will pick up where it left off. The lastDatetime
parameter is contained in the object returned in the response.
Rw ui expands macro |
---|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
jobId required
| string
| The job ID of the query. |
This is a request example: Code Block |
---|
import requests
url = "https://apiv2-us.devo.com/search/job/stop/3360ccfa-4a32-413b-8b31-88ba758a20a4"
headers = {
'Content-Type': "application/json",
'x-logtrust-apikey': "my api key",
'x-logtrust-timestamp': "1530010250842",
'x-logtrust-sign': "36599cc6bfae208a58e88f0c4d22876921c408448e706bc8563b76d650b40a7a",
'Cache-Control': "no-cache",
}
response = requests.request("GET", url, headers=headers)
print(response.text) |
The response may include the following parameters: Field name | Type | Description |
---|
success
| boolean
| Indicates if the request was successful or not. Possible values are true (OK) or false (error) | msg
| string
| In the case of error, this describes what type of error occurred. | status
| integer
| Numeric value that specifies the error code. 0 - OK
1 - Invalid request
| cid
| string
| This is the ID that uniquely identifies the request. | timestamp
| string
| Indicates the moment when a certain event occurred. | object
| object
| Object containing the current status of the job, the job ID, events processed, and information about any errors generated. |
And this is a response example: Code Block |
---|
{
"status": 0,
"cid": "25WpxtgVel",
"timestamp": 1530010251200,
"object": {
"status": "STOPPED",
"id": "3360ccfa-4a32-413b-8b31-88ba758a20a4",
"eventGenerated": 296,
"lastDatetime": 1530010249501,
"type": "donothing",
"friendlyName": "donothing_0wJnjMe9hy",
"query": "from demo.ecommerce.data select *",
"error": []
}
} |
|
GET /job/start/{jobId}
This starts a query that was previously stopped. The query will continue from the time saved as the lastDatetime
.
Rw ui expands macro |
---|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
jobId required
| string
| The job ID of the query. |
This is a request example: Code Block |
---|
import requests
url = "https://apiv2-us.devo.com/search/job/start/3360ccfa-4a32-413b-8b31-88ba758a20a4"
headers = {
'Content-Type': "application/json",
'x-logtrust-apikey': "my api key",
'x-logtrust-timestamp': "1530010375717",
'x-logtrust-sign': "8cba7c305ce1daaa78575e6b1ddaa944eea534cdd5e779b445b01a61c1bec917",
'Cache-Control': "no-cache",
}
response = requests.request("GET", url, headers=headers)
print(response.text) |
The response may include the following parameters: Field name | Type | Description |
---|
success
| boolean
| Indicates if the request was successful or not. Possible values are true (OK) or false (error) | msg
| string
| In the case of error, this describes what type of error occurred. | status
| integer
| Numeric value that specifies the error code. 0 - OK
1 - Invalid request
| cid
| string
| This is the ID that uniquely identifies the request. | timestamp
| string
| Indicates the moment when a certain event occurred. | object
| object
| Details of the selected job, including its current status, job ID, last time active (lastDatetime ), and more. |
And this is a response example: Code Block |
---|
{
"status": 0,
"cid": "k8vGwEw8FV",
"timestamp": 1530010376064,
"object": {
"status": "RUNNING",
"id": "3360ccfa-4a32-413b-8b31-88ba758a20a4",
"eventGenerated": 296,
"lastDatetime": 1530010249501,
"type": "donothing",
"friendlyName": "donothing_0wJnjMe9hy",
"query": "from demo.ecommerce.data select *",
"error": []
}
} |
|
GET /job/remove/{jobId}
Removes a query.
Rw ui expands macro |
---|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
jobId required
| string
| The job ID of the query. |
This is a request example: Code Block |
---|
import requests
url = "https://apiv2-us.devo.com/search/job/remove/3360ccfa-4a32-413b-8b31-88ba758a20a4"
headers = {
'Content-Type': "application/json",
'x-logtrust-apikey': "my api key",
'x-logtrust-timestamp': "1530010533016",
'x-logtrust-sign': "1fcb26ad2381ae0e14aa3e01713c223cba4f3b2e74ccf4a613fc7719ef115cde",
'Cache-Control': "no-cache",
}
response = requests.request("DELETE", url, headers=headers)
print(response.text) |
The response may include the following parameters: Field name | Type | Description |
---|
success
| boolean
| Indicates if the request was successful or not. Possible values are true (OK) or false (error). | msg
| string
| In the case of error, this describes what type of error occurred. | status
| integer
| Numeric value that specifies the error code. 0 - OK
1 - Invalid request
| cid
| string
| This is the ID that uniquely identifies the request. | timestamp
| string
| Indicates the moment when a certain event occurred. | object
| object
| Details of the selected job, including its current status, job ID, last time active (lastDatetime ), and more. |
And this is a response example: Code Block |
---|
{
"status": 0,
"cid": "4hIDrQrTQL",
"timestamp": 1530010533365,
"object": {
"status": "REMOVED",
"id": "3360ccfa-4a32-413b-8b31-88ba758a20a4",
"eventGenerated": 1395,
"lastDatetime": 1530010529199,
"type": "donothing",
"friendlyName": "donothing_0wJnjMe9hy",
"query": "from demo.ecommerce.data select *",
"error": []
}
} |
|