API Query all Fields

brumi · December 5, 2023, 3:41pm

Hi, in older versions of Graylog the search/universal/relative API endpoint would return all fields by default. I’ve upgraded Graylog to 5.2 and am now using the new API endpoint for searching, api/search/messages. This endpoint requires specifying the fields. Is there a way to return all fields instead? The data I’m querying can have a dynamic number of fields so I’m unable to safely determine what fields to return. Or is there another endpoint that supports this?

Query being used:

https://domain.com/api/search/messages

Body:

{
	"timerange": {
    "type": "relative",
		"from": 300
  },
  "size": 50,
  "query": "tag:application",
  "sort_order": "Ascending"
}

chris.black-gl · December 12, 2023, 8:38pm

I put your question to one of our developers and got the reply that we don’t support the exact use case you are asking about today.

However, you can use our search API like so:

The response is a bit verbose, but you’ll find all the fields you need

I hope this helps.

Chris

system · December 26, 2023, 8:38pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
API Formatting returning specific fields Documentation Campfire	1	442	June 15, 2023
Rest API query for two fields and many streams Graylog Central (peer support)	3	938	May 29, 2020
Limiting fields in api call (graylog 4.2) Graylog Central (peer support) script , automation	2	137	April 4, 2024
Requesting all feidsl via API Graylog Central (peer support)	2	384	February 8, 2018
API Search Example Graylog Central (peer support)	4	10921	March 30, 2020

API Query all Fields

Related Topics