之前升級graylog rest 碰到的問題
http://adminkk.blogspot.com/2020/11/graylog-4-ova-ubuntu-18.html
官方文件上說明此種方法會停止支援
必須使用新方法
但官方文件上並沒有很詳細的說明
去forum上問了
感謝回答
語法如下
直接匯出txt
絕對時間的語法
curl -u admin:passwd -H 'Accept: text/csv' -H
"Content-Type:application/json" -H "Accept:application/json" -H
'X-Requested-By: cli' -d
'{"streams":["000000000000000000000001"],"timerange":["absolute",{"from":"2020-12-11T00:00:00.000Z","to":"2020-12-11T01:00:00.000Z"}],"query_string":{"type":"elasticsearch","query_string":"keyword"
}}' "http://10.0.0.1:9000/api/views/search/messages"
相對時間的語法
curl
-u admin:passwd -H 'Accept: text/csv' -H
"Content-Type:application/json" -H "Accept:application/json" -H
'X-Requested-By: cli' -d
'{"streams":["000000000000000000000001"],"timerange":{"type":
"relative","range":
300},"query_string":{"type":"elasticsearch","query_string":"keyword"
}}' "http://10.0.0.1:9000/api/views/search/messages"
https://community.graylog.org/t/how-to-search-messages-using-rest-api/17943
沒有留言:
張貼留言