Loggly
Loggly API client for the Ruby programming language.
Installation
Add this line to your application's Gemfile:
gem 'loggly-rb', :require => 'loggly'
And then execute:
$ bundle
Or install it yourself as:
$ gem install loggly-rb
Usage
Connect
Simple connection method for Loggly authorization.
Required Connections Parameters:
params = { :uri => "http://<account>.loggly.com",
:username => <username>,
:password => <password> }
Connect:
Authorize the Loggly API with Loggy.connect(params)
Search
The Loggly API provides a simple interface to perform searches.
Single Field
The query :q => { :'loggly.tag' => "bar" }
outputs to loggly.tag:bar
Multiple Fields
There are multiple methods for performing more complex searches.
AND Method Only, for now
:q => {
:'loggly.tag' => "bar",
:'other.loggly.tag' => "baz"
}
outputs to loggly.tags:bar AND other.loggly.tags:baz
Interfacing with API:
Loggly::Event.all(:q => { :'loggly.tags' => "bar" })
returns an array of events.
Search Endpoint Parameters:
-
:q
- optional - query string. Defaults to"*"
. -
:from
- optional - Start time for the search. Defaults to-24h
. -
:until
- optional - End time for the search. Defaults tonow
. -
:order
- optional - Direction of results returned, eitherasc
ordesc
. Defaults todesc
. -
:per_page
- optional - Number of rows returned by search. Defaults to25
.
Check the official Loggy documentation for more assistance.
Events
Each Event has a Response and attributes that match the Loggly fields.
Response
{:total_events=>3292470,
:page=>0,
:events=>
[{:tags=>["chipper", "frontend"],
:timestamp => 1377431712208,
:logmsg => "{\timestamp\: \13-08-25 11:55:12,208191\, \baremsg\: \Alert is due to run\}"",
:event=>
{:syslog=>
{:priority=>142,
:timestamp=>"2013-08-25T11:55:12.208596+00:00",
:host=>"frontend01",
:severity=>"Informational",
:facility=>"local use 1"
},
:json=>
{:timestamp=>13-08-25 11:55:12,208191,
:baremsg=>"is due to run",
:level=>"INFO"
}
},
:logtypes=>["syslog", "json"],
:id=>"c693c674-0d7d-11e3-80e9-20ae90200ddd"
}]
}
-
total_events
- Total number of matching events for the entire time range -
page
- Which page of the result set -
tags
- An Array of any tags associated with the event -
timestamp
- See timestamps to understand how a reference timestamps is derived. -
logmsg
- The message portion of the log event. (Any headers aren't included.) -
event
- Any parsed fields are included. -
logtypes
- An array of log types that were detected. -
id
- Loggly's event ID.
Try the following to get an array of all the event attributes:
events = Loggly::Event.all
events.collect {|event| event.attributes}
TODO
- Sending Data
- Retrieve Account Information
- Field Search
-
OR
,NOT
andTO
search functionality - Filter Search by field
- Command Line Tools
Contributing
- Fork it ( http://github.com//loggly/fork )
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create new Pull Request