Follow redirects
Make sure to follow redirects when using this API.
For example, use the -L
option with curl
.
Run Explore logs queries with an HTTP API.
Make sure to follow redirects when using this API.
For example, use the -L
option with curl
.
Query parameters
Comma-separated list of sources you want to query.
Filter logs with a SQL query. Use the same Log SQL you would in Explore logs. Read more about Explore logs with SQL.
Start of time range for the SQL query (ISO8601-formatted string: 2022-07-19T13:32:56+0000). Default: 30 minutes before to
. If to
is not specified then 30 minutes ago.
End of time range for the SQL query (ISO8601-formatted string: 2022-07-19T13:32:56+0000). Default: 30 minutes after from
. If from
is not specified then current time.
Headers
Bearer $TOKEN
Returned rows in JSONEachRow format
Response body
{"time":"2024-07-01 05:50:00","message":"Hello, world!"}
{"time":"2024-06-30 00:00:00","message":"Hello, you!"}
{"time":"2024-06-30 00:00:00","message":"Hello, me!"}
curl -L --request GET \
--header "Authorization: Bearer $TOKEN" \
--data-urlencode "source_ids=$SOURCE_ID" \
--data-urlencode "query=SELECT {{time}} as time, JSONExtract(json, 'level', 'Nullable(String)') AS level FROM {{source}} WHERE time BETWEEN {{start_time}} AND {{end_time}}" \
https://logs.betterstack.com/api/v2/query/explore-logs
By default rows are returned in the ClickHouse JSONEachRow format, you can change this by adding a FORMAT
clause to you query.
See the ClickHouse documentation for more information.