JSON Results limited for 150 results per query

tzahi.fur · 2017-12-17 08:03:06 UTC

Hi,

We’re using Graylog 2.2.2 and when I try to query the search/universal/relative rest API in a JSON format, I get “total_results”:11090 but the messages array contains only 150 entries.

I didn’t find anything in the documentation limiting results for only 150 entries but in the REST API browser, the ‘Response Content Type’ I can select is only ‘text/csv’

This is the full command I’m using:
curl -u USER:PASS -H ‘Accept: application/json’ -X GET http://GRAYLOG_SERVER_ADDRESS/api/search/universal/relative?query=log_level%3AERROR&range=86400&fields=message%2Cservice-name

Anyone know what I’m missing?

Thanks,

Tzahi

jochen · 2017-12-17 18:45:31 UTC

Please upgrade to the latest stable version of Graylog and check if the problem still exists in that version.

tzahi.fur · 2017-12-19 12:08:36 UTC

Hi,

Thanks for the reply.

We’re currently unable to upgrade Graylog (some devops schedule issue).

I think that the problem is due to the fact that there are a lot of results and the data comes chunked.
I’m using multiple queries with a ‘limit’ and ‘offset’ parameters, but thought maybe there’s something I’m missing here.

Tzahi

system · 2018-01-02 12:08:58 UTC

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.