Count events in a relative time frame using graylog api browser

diynamix · November 14, 2020, 5:20am

Hi there,
I need a solution about how to count events in a time frame by using graylog api browser.

When I look for a count event option in graylog rest api browser ther is only one option;

In this option I can only choose a spesific stream, but I need events count in spesific time frame like last 30 minutes.
how can I querry this url by adding last 30 min time range?
https://graylog.***.com:443/api/count/5a9014c6abd9bf096aff683a/total

MajesticCo · November 19, 2020, 7:30am

Hey,

This is a bit of a hack that I used for a similar thing in the past, not sure if there is a nicer way of doing it.
Use the, now legacy, relative search API with query=*, limit=1 and range=1800. That way you will get the latest message and also some statistics, those are what you are looking for. In a bash one liner it would be this:
curl -s -k -u admin:password -H 'X-Requested-By: cli' "https://GRAYLOG_IP_OR_HOSTNAME/api/search/universal/relative?query=*&limit=1&range=1800&sort=timestamp:desc&pretty=true" -H "Accept: application/jsn" -H "Content-Type: application/json" | jq '.total_results'

system · December 3, 2020, 7:30am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Can I Get Graylog search results count via API Graylog Central (peer support)	3	3576	April 2, 2020
API Events Request Graylog Central (peer support)	1	58	August 16, 2024
API Search relative : range not working Graylog Central (peer support)	1	3348	February 9, 2021
API "since" date in relative form? Graylog Central (peer support)	5	25	November 13, 2024
Relative time using API? Graylog Central (peer support)	3	1167	August 6, 2020

Count events in a relative time frame using graylog api browser

Related topics