The Query API lets you perform LEQL queries through an API interface in the same manner that you would in the UI.
Via the API you can construct LEQL queries to return you search results which give you log data, or perform functions which return metrics using our groupby and calculate options.
Use the Core Query API to perform LEQL queries on any collection of logs or log sets, either by providing a query, or by using a saved query.
- List All Query API Endpoints
- Query Individual Logs
- Query Multiple Logs
- Query Individual Log Sets
- Query Multiple Log Sets
- Use a Saved Query (logs specified)
- Use a Saved Query (logs not specified)
- Poll a Query in Progress
Live Tail API
Use the Live Tail API to start a real-time feed of log entries matching a query. The query may be performed on any collection of logs (Live Tail on log sets is not supported), either by providing a LEQL query, or by using a saved query.
- Start a Live Tail Feed (Individual Logs)
- Start a Live Tail Feed (Multiple Logs)
- Start a Live Tail Feed With a Saved Query (logs specified)
- Start a Live Tail Feed With a Saved Query (logs not specified)
- Poll a Live Tail Feed
Search Context API
Use the Context API to retrieve the log entries immediately before and after some log entry.
Reserved Queries API
You can use the Reserved Queries API
to perform LEQL queries on a log in a reserved log set
(also known as an "audit log", or a "reserved log").
For example, you can use the Reserved Queries API to perform a query on logs in the
Internal Logs log set common to every account.
It has the same functionality as a subset of the Core Query API,
however logs are queried by name instead of by log key.
You can use either the Reserved Queries API or the Core Query API to query reserved logs.
Log Derived Metrics
Use the Log Derived Metrics Query API to view Log Derived Metrics as time series data. (Log Derived Metrics are customer defined LEQL calculations applied to logs in real time, created via the management/metrics/ endpoints.)