| Operation ID | Description |
|---|
| Lists available repositories and views |
| Ingest data into the application repository asynchronously |
| Ingest data into the application repository |
| Execute a dynamic saved search |
| Get the results of a saved search |
| Execute a saved search |
| Populate a saved search |
| Get the results of a saved search as a file |
| List views |
Lists available repositories and views
list_repos
| Method | Route |
|---|
 | /loggingapi/combined/repos/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|
| check_test_data |  | | query | boolean | Include whether test data is present in the application repository. |
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.list_repos(check_test_data=boolean)
print(response)
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ListReposV1(check_test_data=boolean)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ListReposV1", check_test_data=boolean)
print(response)
Ingest data into the application repository asynchronously
ingest_data_async
| Method | Route |
|---|
 | /loggingapi/entities/data-ingestion/ingest-async/v1 |
- Consumes: multipart/form-data
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|
| data_file | | | formData | file | Data file to ingest. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| repo | | | formData | string | Repository name to ingest data into. (If not part of a Foundry application.) |
| tag | | | formData | string or list of strings | Custom tag for ingested data in the form tag:value. |
| tag_source | | | formData | string | Tag the data with the specified source. |
| test_data | | | formData | boolean | Tag the data with test-ingest. |
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("file_name.ext", "rb") as upload_file:
response = falcon.ingest_data_async(tag="string",
tag_source="string",
test_data=boolean,
repo="string",
data_file=upload_file.read()
)
print(response)
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("file_name.ext", "rb") as upload_file:
response = falcon.IngestDataAsyncV1(tag="string",
tag_source="string",
test_data=boolean,
repo="string",
data_file=upload_file.read()
)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("file_name.ext", "rb") as upload_file:
response = falcon.command("IngestDataAsyncV1",
tag="string",
tag_source="string",
test_data=boolean,
repo="string",
data_file=upload_file.read()
)
print(response)
Ingest data into the application repository
ingest_data
| Method | Route |
|---|
| /loggingapi/entities/data-ingestion/ingest/v1 |
- Consumes: multipart/form-data
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|
| data_file | | | formData | file | Data file to ingest. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| tag | | | formData | string or list of strings | Custom tag for ingested data in the form tag:value. |
| tag_source | | | formData | string | Tag the data with the specified source. |
| test_data | | | formData | boolean | Tag the data with test-ingest. |
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("file_name.ext", "rb") as upload_file:
response = falcon.ingest_data(tag="string",
tag_source="string",
test_data=boolean,
data_file=upload_file.read()
)
print(response)
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("file_name.ext", "rb") as upload_file:
response = falcon.IngestDataV1(tag="string",
tag_source="string",
test_data=boolean,
data_file=upload_file.read()
)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("file_name.ext", "rb") as upload_file:
response = falcon.command("IngestDataV1",
tag="string",
tag_source="string",
test_data=boolean,
data_file=upload_file.read()
)
print(response)
Execute a dynamic saved search
execute_dynamic
| Method | Route |
|---|
| /loggingapi/entities/saved-searches/execute-dynamic/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|
| app_id | | | query | string | Application ID |
| end | |  | body | boolean | Dynamic search end |
| include_schema_generation | | | query | boolean | Include generated schemas in the response |
| include_test_data | | | query | boolean | Include test data when executing searches |
| infer_json_types | | | query | boolean | Whether to try to infer data types in json event response instead of returning map[string]string. |
| match_response_schema | | | query | boolean | Whether to validate search results against their schema. |
| metadata | | | query | boolean | Whether to include metadata in the response |
| mode | | | query | string | Mode to execute the query under. |
| body | | | body | string | Full body payload in JSON format, not required if using other keywords. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| repo_or_view | | | body | string | Repository or view to search |
| search_query | | | body | string | Search query to perform |
| search_query_args | | | body | dictionary | Search query arguments to leverage when processing the query |
| start | | | body | string | Dynamic search start |
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.execute_dynamic(app_id="string",
end="string",
include_schema_generation=boolean,
include_test_data=boolean,
infer_json_types=boolean,
match_response_schema=boolean,
metadata=boolean,
mode="string",
repo_or_view="string",
search_query="string",
seach_query_args = {},
start="string"
)
print(response)
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.CreateSavedSearchesDynamicExecuteV1(app_id="string",
end="string",
include_schema_generation=boolean,
include_test_data=boolean,
infer_json_types=boolean,
match_response_schema=boolean,
metadata=boolean,
mode="string",
repo_or_view="string",
search_query="string",
seach_query_args = {},
start="string")
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
body_payload = {
"end": "string",
"repo_or_view": "string",
"search_query": "string",
"search_query_args": {},
"start": "string"
}
response = falcon.command("CreateSavedSearchesDynamicExecuteV1",
app_id="string",
include_schema_generation=boolean,
include_test_data=boolean,
infer_json_types=boolean,
match_response_schema=boolean,
metadata=boolean,
mode="string",
body=body_payload
)
print(response)
Get the results of a saved search
get_search_results
| Method | Route |
|---|
| /loggingapi/entities/saved-searches/execute/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|
| app_id | | | query | string | Application ID |
| job_id | | | query | string | Job ID for a previously executed async query |
| limit | | | query | string | Maximum number of records to return. |
| infer_json_types | | | query | boolean | Whether to try to infer data types in json event response instead of returning map[string]string. |
| match_response_schema | | | query | boolean | Whether to validate search results against their schema. |
| metadata | | | query | boolean | Whether to include metadata in the response |
| offset | | | query | string | Starting pagination offset of records to return. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| version | | | query | string | Version of resource being created |
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_search_results(app_id="string",
job_id="string",
limit="string",
infer_json_types=boolean,
match_response_schema=boolean,
metadata=boolean,
offset="string",
version="string"
)
print(response)
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.GetSavedSearchesExecuteV1(app_id="string",
job_id="string",
limit="string",
infer_json_types=boolean,
match_response_schema=boolean,
metadata=boolean,
offset="string",
version="string"
)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("GetSavedSearchesExecuteV1",
app_id="string",
job_id="string",
limit="string",
infer_json_types=boolean,
match_response_schema=boolean,
metadata=boolean,
offset="string",
version="string"
)
print(response)
Execute a saved search
execute
| Method | Route |
|---|
| /loggingapi/entities/saved-searches/execute/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|
| app_id | | | query | string | Application ID |
| body | | | body | string | Full body payload in JSON format. Not required if using other keywords. |
| detailed | | | query | boolean | Whether to include search field details |
| end | | | body | string | Saved search end. |
| id | | | body | string | Saved search ID. |
| include_test_data | | | query | boolean | Include test data when executing searches |
| infer_json_types | | | query | boolean | Whether to try to infer data types in json event response instead of returning map[string]string. |
| match_response_schema | | | query | boolean | Whether to validate search results against their schema. |
| metadata | | | query | boolean | Whether to include metadata in the response |
| mode | | | body | string | Mode to execute the query under. If provided, takes precedence over the mode provided in the body. |
| name | | | body | string | Name of the saved search. |
| parameters | | | query | string | Full query string payload in JSON format. Not required if using other keywords. |
| search_parameters | | | body | dictionary | Parameters to use for the saved search. |
| start | | | body | string | Saved search start. |
| version | | | body | string | Version of resource being created |
| with_in | | | body | dictionary | Limit search results to field names matching the provided list. |
| with_limit | | | body | dictionary | Limit search results by a maximum count. |
| with_renames | | | body | list | Rename fields for display. |
| with_sort | | | body | dictionary | Apply sort criteria. |
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with_in_dictionary = {
"field": "string",
"values": [
"string"
]
}
with_limit_dictionary = {
"from": "string",
"limit": 0
}
with_renames_list = [
{
"as": "string",
"field": "string"
}
]
with_sort_dictionary = {
"fields": [
"string"
],
"limit": 0,
"order": [
"string"
],
"reverse": boolean,
"type": [
"string"
]
}
response = falcon.execute(app_id="string",
detailed=boolean,
end="string",
id="string",
include_test_data=boolean,
infer_json_types=boolean,
match_response_schema=boolean,
metadata=boolean,
mode="string",
name="string",
search_parameters={},
start="string",
version="string",
with_in = with_in_dictionary,
with_limit = with_limit_dictionary,
with_renames = with_renames_list,
with_sort = with_sort_dictionary
)
print(response)
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with_in_dictionary = {
"field": "string",
"values": [
"string"
]
}
with_limit_dictionary = {
"from": "string",
"limit": 0
}
with_renames_list = [
{
"as": "string",
"field": "string"
}
]
with_sort_dictionary = {
"fields": [
"string"
],
"limit": 0,
"order": [
"string"
],
"reverse": boolean,
"type": [
"string"
]
}
response = falcon.CreateSavedSearchesExecuteV1(app_id="string",
detailed=boolean,
end="string",
id="string",
include_test_data=boolean,
infer_json_types=boolean,
match_response_schema=boolean,
metadata=boolean,
mode="string",
name="string",
search_parameters={},
start="string",
version="string",
with_in = with_in_dictionary,
with_limit = with_limit_dictionary,
with_renames = with_renames_list,
with_sort = with_sort_dictionary
)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with_in_dictionary = {
"field": "string",
"values": [
"string"
]
}
with_limit_dictionary = {
"from": "string",
"limit": 0
}
with_renames_list = [
{
"as": "string",
"field": "string"
}
]
with_sort_dictionary = {
"fields": [
"string"
],
"limit": 0,
"order": [
"string"
],
"reverse": boolean,
"type": [
"string"
]
}
body_payload = {
"end": "string",
"id": "string",
"mode": "string",
"name": "string",
"parameters": {},
"start": "string",
"version": "string",
"with_in": with_in_dictionary,
"with_limit": with_limit_dictionary,
"with_renames": with_renames_list,
"with_sort": with_sort_dictionary
}
response = falcon.command("CreateSavedSearchesExecuteV1",
app_id="string",
detailed=boolean,
include_test_data=boolean,
infer_json_types=boolean,
match_response_schema=boolean,
metadata=boolean,
body=body_payload
)
print(response)
Populate a saved search
populate
| Method | Route |
|---|
| /loggingapi/entities/saved-searches/ingest/v1 |
- Consumes: multipart/form-data
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|
| app_id | | | query | string | Include generated schemas in the response |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.populate(app_id="string")
print(response)
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.CreateSavedSearchesIngestV1(app_id="string")
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("CreateSavedSearchesIngestV1", app_id="string")
print(response)
Get the results of a saved search as a file
download_results
| Method | Route |
|---|
| /loggingapi/entities/saved-searches/job-results-download/v1 |
- Consumes: application/json
- Produces: application/octet-stream
| Name | Service | Uber | Type | Data type | Description |
|---|
| job_id | | | query | string | Job ID for a previously executed async query |
| infer_json_types | | | query | boolean | Whether to try to infer data types in json event response instead of returning map[string]string. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| result_format | | | query | string | Result Format |
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("some_file.ext", "wb", encoding="utf-8") as save_file:
save_file.write(falcon.download_results(job_id="string",
result_format="string",
infer_json_types=boolean
))
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("some_file.ext", "wb", encoding="utf-8") as save_file:
save_file.write(falcon.GetSavedSearchesJobResultsDownloadV1(job_id="string",
result_format="string",
infer_json_types=boolean
))
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("some_file.ext", "wb", encoding="utf-8") as save_file:
save_file.write(falcon.command("GetSavedSearchesJobResultsDownloadV1",
job_id="string",
result_format="string",
infer_json_types=boolean
))
List views
list_views
| Method | Route |
|---|
| /loggingapi/entities/views/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|
| check_test_data | | | query | boolean | Include whether test data is present in the application repository. |
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.list_views(check_test_data=boolean)
print(response)
from falconpy import FoundryLogScale
# Do not hardcode API credentials!
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ListViewV1(check_test_data=boolean)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ListViewV1", check_test_data=boolean)
print(response)