

Operation ID | Description |
| Lists available repositories and views |
| Ingest data into the application repository |
| Execute a dynamic saved search |
| Get the results of a saved search |
| Execute a saved search |
| Populate a saved search |
| Get the results of a saved search as a file |
| List views |
Lists available repositories and views
list_repos
Method | Route |
 | /loggingapi/combined/repos/v1 |
- Consumes: application/json
- Produces: application/json
No parameters
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.list_repos()
print(response)
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ListReposV1()
print(response)
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ListReposV1")
print(response)
Ingest data into the application repository
ingest_data
Method | Route |
 | /loggingapi/entities/data-ingestion/ingest/v1 |
- Consumes: multipart/form-data
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
data_file |  |  | formData | file | Data file to ingest. |
parameters |  |  | query | dictionary | Full query string parameters payload in JSON format. |
tag |  |  | formData | string or list of strings | Custom tag for ingested data in the form tag:value. |
tag_source |  |  | formData | string | Tag the data with the specified source. |
test_data |  |  | formData | boolean | Tag the data with test-ingest. |
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("file_name.ext", "rb") as upload_file:
response = falcon.ingest_data(tag="string",
tag_source="string",
test_data=boolean,
data_file=upload_file.read()
)
print(response)
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("file_name.ext", "rb") as upload_file:
response = falcon.IngestDataV1(tag="string",
tag_source="string",
test_data=boolean,
data_file=upload_file.read()
)
print(response)
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("file_name.ext", "rb") as upload_file:
response = falcon.command("IngestDataV1",
tag="string",
tag_source="string",
test_data=boolean,
data_file=upload_file.read()
)
print(response)
Execute a dynamic saved search
execute_dynamic
Method | Route |
 | /loggingapi/entities/saved-searches/execute-dynamic/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
app_id |  |  | query | string | Include generated schemas in the response |
end |  |  | body | boolean | Dynamic search end |
include_schema_generation |  |  | query | boolean | Include generated schemas in the response |
include_test_data |  |  | query | boolean | Include test data when executing searches |
metadata |  |  | query | boolean | Whether to include metadata in the response |
mode |  |  | query | string | Mode to execute the query under. |
body |  |  | body | string | Full body payload in JSON format, not required if using other keywords. |
parameters |  |  | query | dictionary | Full query string parameters payload in JSON format. |
repo_or_view |  |  | body | string | Repository or view to search |
search_query |  |  | body | string | Search query to perform |
search_query_args |  |  | body | dictionary | Search query arguments to leverage when processing the query |
start |  |  | body | string | Dynamic search start |
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.execute_dynamic(app_id="string",
end="string",
include_schema_generation=boolean,
include_test_data=boolean,
metadata=boolean,
mode="string",
repo_or_view="string",
search_query="string",
seach_query_args = {},
start="string"
)
print(response)
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.CreateSavedSearchesDynamicExecuteV1(app_id="string",
end="string",
include_schema_generation=boolean,
include_test_data=boolean,
metadata=boolean,
mode="string",
repo_or_view="string",
search_query="string",
seach_query_args = {},
start="string")
print(response)
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
body_payload = {
"end": "string",
"repo_or_view": "string",
"search_query": "string",
"search_query_args": {},
"start": "string"
}
response = falcon.command("CreateSavedSearchesDynamicExecuteV1",
app_id="string",
include_schema_generation=boolean,
include_test_data=boolean,
metadata=boolean,
mode="string",
body=body_payload
)
print(response)
Get the results of a saved search
get_search_results
Method | Route |
 | /loggingapi/entities/saved-searches/execute/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
job_id |  |  | query | string | Job ID for a previously executed async query |
limit |  |  | query | string | Maximum number of records to return. |
metadata |  |  | query | boolean | Whether to include metadata in the response |
offset |  |  | query | string | Starting pagination offset of records to return. |
parameters |  |  | query | dictionary | Full query string parameters payload in JSON format. |
version |  |  | query | string | Version of resource being created |
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_search_results(job_id="string",
limit="string",
metadata=boolean,
offset="string",
version="string"
)
print(response)
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.GetSavedSearchesExecuteV1(job_id="string",
limit="string",
metadata=boolean,
offset="string",
version="string"
)
print(response)
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("GetSavedSearchesExecuteV1",
job_id="string",
limit="string",
metadata=boolean,
offset="string",
version="string"
)
print(response)
Execute a saved search
execute
Method | Route |
 | /loggingapi/entities/saved-searches/execute/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
body |  |  | body | string | Full body payload in JSON format. Not required if using other keywords. |
detailed |  |  | query | boolean | Whether to include search field details |
end |  |  | body | string | Saved search end. |
id |  |  | body | string | Saved search ID. |
include_test_data |  |  | query | boolean | Include test data when executing searches |
metadata |  |  | query | boolean | Whether to include metadata in the response |
mode |  |  | body | string | Mode to execute the query under. If provided, takes precedence over the mode provided in the body. |
name |  |  | body | string | Name of the saved search. |
parameters |  |  | query | string | Full query string payload in JSON format. Not required if using other keywords. |
search_parameters |  |  | body | dictionary | Parameters to use for the saved search. |
start |  |  | body | string | Saved search start. |
version |  |  | body | string | Version of resource being created |
with_in |  |  | body | dictionary | Limit search results to field names matching the provided list. |
with_limit |  |  | body | dictionary | Limit search results by a maximum count. |
with_renames |  |  | body | list | Rename fields for display. |
with_sort |  |  | body | dictionary | Apply sort criteria. |
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with_in_dictionary = {
"field": "string",
"values": [
"string"
]
}
with_limit_dictionary = {
"from": "string",
"limit": 0
}
with_renames_list = [
{
"as": "string",
"field": "string"
}
]
with_sort_dictionary = {
"fields": [
"string"
],
"limit": 0,
"order": [
"string"
],
"reverse": boolean,
"type": [
"string"
]
}
response = falcon.execute(detailed=boolean,
end="string",
id="string",
include_test_data=boolean,
metadata=boolean,
mode="string",
name="string",
search_parameters={},
start="string",
version="string",
with_in = with_in_dictionary,
with_limit = with_limit_dictionary,
with_renames = with_renames_list,
with_sort = with_sort_dictionary
)
print(response)
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with_in_dictionary = {
"field": "string",
"values": [
"string"
]
}
with_limit_dictionary = {
"from": "string",
"limit": 0
}
with_renames_list = [
{
"as": "string",
"field": "string"
}
]
with_sort_dictionary = {
"fields": [
"string"
],
"limit": 0,
"order": [
"string"
],
"reverse": boolean,
"type": [
"string"
]
}
response = falcon.CreateSavedSearchesExecuteV1(detailed=boolean,
end="string",
id="string",
include_test_data=boolean,
metadata=boolean,
mode="string",
name="string",
search_parameters={},
start="string",
version="string",
with_in = with_in_dictionary,
with_limit = with_limit_dictionary,
with_renames = with_renames_list,
with_sort = with_sort_dictionary
)
print(response)
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with_in_dictionary = {
"field": "string",
"values": [
"string"
]
}
with_limit_dictionary = {
"from": "string",
"limit": 0
}
with_renames_list = [
{
"as": "string",
"field": "string"
}
]
with_sort_dictionary = {
"fields": [
"string"
],
"limit": 0,
"order": [
"string"
],
"reverse": boolean,
"type": [
"string"
]
}
body_payload = {
"end": "string",
"id": "string",
"mode": "string",
"name": "string",
"parameters": {},
"start": "string",
"version": "string",
"with_in": with_in_dictionary,
"with_limit": with_limit_dictionary,
"with_renames": with_renames_list,
"with_sort": with_sort_dictionary
}
response = falcon.command("CreateSavedSearchesExecuteV1",
detailed=boolean,
include_test_data=boolean,
metadata=boolean,
body=body_payload
)
print(response)
Populate a saved search
populate
Method | Route |
 | /loggingapi/entities/saved-searches/ingest/v1 |
- Consumes: multipart/form-data
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
app_id |  |  | query | string | Include generated schemas in the response |
parameters |  |  | query | dictionary | Full query string parameters payload in JSON format. |
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.populate(app_id="string")
print(response)
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.CreateSavedSearchesIngestV1(app_id="string")
print(response)
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("CreateSavedSearchesIngestV1", app_id="string")
print(response)
Get the results of a saved search as a file
download_results
Method | Route |
 | /loggingapi/entities/saved-searches/job-results-download/v1 |
- Consumes: application/json
- Produces: application/octet-stream
Name | Service | Uber | Type | Data type | Description |
job_id |  |  | query | string | Job ID for a previously executed async query |
parameters |  |  | query | dictionary | Full query string parameters payload in JSON format. |
result_format |  |  | query | string | Result Format |
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("some_file.ext", "wb", encoding="utf-8") as save_file:
save_file.write(falcon.download_results(job_id="string", result_format="string"))
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("some_file.ext", "wb", encoding="utf-8") as save_file:
save_file.write(falcon.GetSavedSearchesJobResultsDownloadV1(job_id="string",
result_format="string")
)
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
with open("some_file.ext", "wb", encoding="utf-8") as save_file:
save_file.write(falcon.command("GetSavedSearchesJobResultsDownloadV1",
job_id="string",
result_format="string"
))
List views
list_views
Method | Route |
 | /loggingapi/entities/views/v1 |
- Consumes: application/json
- Produces: application/json
No parameters
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.list_views()
print(response)
from falconpy import FoundryLogScale
falcon = FoundryLogScale(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ListViewV1()
print(response)
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ListViewV1")
print(response)