GET /config/event_sources/log_source_management/autodetection/config_records
Retrieves the list of Autodetection Config Records.
Retrieves the list of Autodetection Config Records.
MIME Type |
---|
application/json |
Parameter | Type | Optionality | Data Type | MIME Type | Description |
---|---|---|---|---|---|
Range |
header |
Optional |
String |
text/plain |
Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero. |
filter |
query |
Optional |
String |
text/plain |
Optional - This parameter is used to restrict the elements in a list base on the contents of various fields. |
sort |
query |
Optional |
String |
text/plain |
Optional - This parameter is used to sort the elements in a list. |
fields |
query |
Optional |
String |
text/plain |
Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas. |
HTTP Response Code | Unique Code | Description |
---|---|---|
200 |
The Autodetection Config Records were retrieved. |
|
422 |
1009 |
Sorting is only supported for the 'id', 'log_source_type_id' and 'precedence' fields. |
422 |
1010 |
The sort field that was provided does not exist. |
422 |
1011 |
Sorting on multiple fields is not supported. |
422 |
1019 |
A request parameter is not valid. |
500 |
1020 |
An error occurred during the attempt to retrieve the Autodetection Config Records. |
Response Description
- id - Number - The ID of the Autodetection Config Record.
- log_source_type_id - Number - The ID of the Log Source Type that corresponds with the Autodetection Config Record. See the Log Source Type API (/api/config/event_sources/log_source_management/log_source_types/).
- enabled - Boolean - If the associated log source type is enabled for autodetection, the condition is set to 'true'; otherwise, the condition is set to 'false'.
- precedence - Number - When an event is received from an unknown source, each log source type that is eligible for autodetection attempts to parse the event in ascending order of precedence. Lower values are attempted before greater values.
- minimum_successful_events - Number - The minimum number of events collected from a source that must be successfully parsed by the associated log source type for autodetection to occur.
- minimum_success_rate - Number - The minimum parsing success rate for events from a source that the associated log source type must have for autodetection to occur. Expressed as (number of events successfully parsed) / (number of events attempted) * 100.
- maximum_events_for_abandon - Number - The maximum number of events from a source that the associated log source type attempts to parse before it abandons tracking of that source. Note: If the conditions for autodetection (minimum_successful_events and minimum_success_rate) are met before this number of events are received, autodetection has already occurred and the log source type stopped tracking the source at that time.
- consecutive_failures_for_abandon - Number - The number of consecutive events from a source that the associated log source type failed to parse which causes the log source type to abandon tracking the source.
- log_source_name_template - String - The template that is used to set the name of autodetected log sources for the associated log source type. Two placeholder values can be used. These values are replaced by real values when the template is used for the creation of autodetected log sources. $$DEVICE_TYPE$$ is replaced with the log source type name. $$SOURCE_ADDRESS$$ is replaced with the log source's Log Source Identifier value. The default log_source_name_template is '$$DEVICE_TYPE$$ @ $$SOURCE_ADDRESS$$'.
- log_source_description_template - String - The template that is used to set the description of autodetected log sources for the associated log source type. Two placeholder values can be used. These values are replaced by real values when the template is used for the creation of autodetected log sources. $$DEVICE_TYPE$$ is replaced with the log source type name. $$SOURCE_ADDRESS$$ is replaced with the log source's Log Source Identifier value. The default log_source_description_template is '$$DEVICE_TYPE$$ device'.
Response Sample
[
{
"consecutive_failures_for_abandon": 42,
"custom": true,
"enabled": true,
"id": 42,
"log_source_description_template": "String",
"log_source_name_template": "String",
"log_source_type_id": 42,
"maximum_events_for_abandon": 42,
"minimum_success_rate": 42,
"minimum_successful_events": 42,
"precedence": 42
}
]