All Products
Search
Document Center

Simple Log Service:GetLogsV2

Last Updated:Nov 28, 2024

Queries the raw log data in a Logstore of a project. The returned result contains the raw log data within a specific time range. The returned result is compressed before transmission.

Operation description

  • You can call this operation by using Alibaba Cloud SDK for Go, Java, TypeScript, or Python.
  • You can call this operation by using Simple Log Service SDK for Go or Java.
  • For more information, see GetLogs .

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Authorization information

There is currently no authorization information disclosed in the API.

Request syntax

POST /logstores/{logstore}/logs HTTP/1.1

Request parameters

ParameterTypeRequiredDescriptionExample
projectstringYes

The name of the project.

ali-test-project
logstorestringYes

The name of the Logstore.

test-logstore
Accept-EncodingstringYes

The compression format.

  • For Java, Python, and Go, only the lz4 and gzip algorithms are supported for decompression.
  • For PHP, JavaScript, and C#, only the gzip algorithm is supported for decompression.
lz4
bodyobjectNo

The body of the request.

fromintegerYes

The beginning of the time range to query. The value is the log time that is specified when log data is written.

The time range that is specified in this operation is a left-closed, right-open interval. The interval includes the start time specified by the from parameter, but does not include the end time specified by the to parameter. If you specify the same value for the from and to parameters, the interval is invalid, and an error message is returned. The value is a timestamp that follows the UNIX time format. It is the number of seconds that have elapsed since January 1, 1970, 00:00:00 UTC.

1627268185
tointegerYes

The end of the time range to query. The value is the log time that is specified when log data is written.

The time range that is specified in this operation is a left-closed, right-open interval. The interval includes the start time specified by the from parameter, but does not include the end time specified by the to parameter. If you specify the same value for the from and to parameters, the interval is invalid, and an error message is returned. The value is a timestamp that follows the UNIX time format. It is the number of seconds that have elapsed since January 1, 1970, 00:00:00 UTC.

1627268185
linelongNo

The maximum number of logs to return for the request. This parameter takes effect only when the query parameter is set to a search statement. Valid values: 0 to 100. Default value: 100.

100
offsetlongNo

The line from which the query starts. This parameter takes effect only when the query parameter is set to a search statement. Default value: 0.

0
reversebooleanNo

Specifies whether to return logs in reverse chronological order of log timestamps. The log timestamps are accurate to minutes. Valid values:

true: Logs are returned in reverse chronological order of log timestamps. false (default): Logs are returned in chronological order of log timestamps. Note: The reverse parameter takes effect only when the query parameter is set to a search statement. The reverse parameter specifies the method used to sort returned logs. If the query parameter is set to a query statement, the reverse parameter does not take effect. The method used to sort returned logs is specified by the ORDER BY clause in the analytic statement. If you use the keyword asc in the ORDER BY clause, the logs are sorted in chronological order. If you use the keyword desc in the ORDER BY clause, the logs are sorted in reverse chronological order. By default, asc is used in the ORDER BY clause.

false
powerSqlbooleanNo

Specifies whether to enable the SQL enhancement feature. By default, the feature is disabled.

false
sessionstringNo

The parameter that is used to query data.

mode=scan
topicstringNo

The topic of the logs. Default value: double quotation marks ("").

""
querystringNo

The search statement or query statement. For more information, see the "Log search overview" and "Log analysis overview" topics.

If you add set session parallel_sql=true; to the analytic statement in the query parameter, Dedicated SQL is used. Example: * | set session parallel_sql=true; select count(*) as pv.

Note: If you specify an analytic statement in the query parameter, the line and offset parameters do not take effect in this operation. In this case, we recommend that you set the line and offset parameters to 0 and use the LIMIT clause to specify the number of logs to return on each page. For more information, see the "Perform paged queries" topic.

status: 401 | SELECT remote_addr,COUNT(*) as pv GROUP by remote_addr ORDER by pv desc limit 5
forwardbooleanNo

Specifies whether to page forward or backward for the scan-based query or phrase search.

false
highlightbooleanNo

Specifies whether to highlight the returned result.

false

Response parameters

ParameterTypeDescriptionExample
headersobject
datestring

The time when the response was returned.

Sun, 27 May 2018 08:25:04 GMT
serverstring

The name of the server.

nginx
content-lengthstring

The length of the response body.

0
x-log-requestidstring

The request ID.

5B0A6B60BB6EE39764D458B5
x-log-bodyrawsizestring

The size of the response content.

120
connectionstring

Indicates whether the connection is persistent. Valid values: close: The connection is non-persistent. A TCP connection is re-established for each HTTP request. keep-alive: The connection is persistent. After a TCP connection is established, the connection remains open, and no more time or bandwidth is consumed to establish new connections.

keep-alive
content-typestring

The format in which the response body is returned.

json
x-log-compresstypestring

The compression format of the response content.

lz4
object

The returned data.

metaobject

The metadata of the returned data.

progressstring

Indicates whether the query result is complete. Valid values:

  • Complete: The query was successful, and the complete result is returned.
  • Incomplete: The query was successful, but the query result is incomplete. To obtain the complete result, you must call the operation again.
Complete
aggQuerystring

The SQL statement after | in the query statement.

select *
whereQuerystring

The part before | in the query statement.

*
hasSQLboolean

Indicates whether the query is an SQL query.

false
processedRowsinteger

The number of rows that are processed in the request.

10000
elapsedMillisecondlong

The amount of time that is consumed by the request. Unit: milliseconds.

5
keysarray

All keys in the query result.

string

key

key
termsarray<object>

All terms in the query statement.

object

The term.

{term=*, key=}
countinteger

The number of rows that are returned.

1
processedByteslong

The number of logs that are processed in the request.

10000
isAccurateboolean

Indicates whether the returned result is accurate to seconds.

true
telementryTypestring

The type of observable data.

None
dataarray<object>

The returned result.

object

The returned data.

string

The returned data.

{'remote_addr': '198.51.XXX.XXX', 'pv': '1', '__source__': '', '__time__': '1649902984'}

Examples

Sample success responses

JSONformat

{
  "meta": {
    "progress": "Complete",
    "aggQuery": "select *",
    "whereQuery": "*",
    "hasSQL": false,
    "processedRows": 10000,
    "elapsedMillisecond": 5,
    "cpuSec": 0.002,
    "cpuCores": 3,
    "keys": [
      "key"
    ],
    "terms": [
      {
        "test": "test",
        "test2": 1
      }
    ],
    "limited": 100,
    "mode": 0,
    "phraseQueryInfo": {
      "scanAll": true,
      "beginOffset": 0,
      "endOffset": 0,
      "endTime": 1
    },
    "scanBytes": 1024,
    "highlights": [
      [
        {
          "Key": "key-test",
          "Value": "value-test"
        }
      ]
    ],
    "count": 1,
    "processedBytes": 10000,
    "isAccurate": true,
    "columnTypes": [
      "long"
    ],
    "telementryType": "None"
  },
  "data": [
    {
      "key": "{'remote_addr': '198.51.XXX.XXX', 'pv': '1', '__source__': '', '__time__': '1649902984'}"
    }
  ]
}

Error codes

For a list of error codes, visit the Service error codes.