Get Logs Pipeline Configuration
Retrieve the current logs pipeline configuration.
Endpoint
GET /api/pipelines/logs/config
Authentication
This endpoint requires API Key authentication via the Authorization header.
Headers
Authorization: Bearer <YOUR_API_KEY>
Accept: */*
Examples
Basic Request
Get current logs pipeline configuration:
curl -L \
--url 'https://api.groundcover.com/api/pipelines/logs/config' \
--header 'Authorization: Bearer <YOUR_API_KEY>' \
--header 'Accept: */*'
Response Example
{
"ottlRules": [
{
"ruleName": "nginx_access_logs",
"conditions": [
"workload == \"nginx\" or container_name == \"nginx\""
],
"statements": [
"set(cache, ExtractGrokPatterns(body, \"^%{IPORHOST:remote_ip} - %{DATA:remote_user} \\[%{HTTPDATE:timestamp}\\] \\\"%{WORD:method} %{DATA:path} HTTP/%{NUMBER:http_version}\\\" %{INT:status} %{INT:body_bytes}\"))",
"merge_maps(attributes, cache, \"insert\")"
],
"statementsErrorMode": "skip",
"conditionLogicOperator": "or"
},
{
"ruleName": "json_log_parsing",
"conditions": [
"format == \"JSON\""
],
"statements": [
"set(parsed_json, ParseJSON(body))",
"merge_maps(attributes, parsed_json, \"insert\")"
],
"statementsErrorMode": "skip",
"conditionLogicOperator": "and"
},
{
"ruleName": "error_log_enrichment",
"conditions": [
"level == \"error\" or level == \"ERROR\""
],
"statements": [
"set(attributes[\"severity\"], \"high\")",
"set(attributes[\"needs_attention\"], true)"
],
"statementsErrorMode": "skip",
"conditionLogicOperator": "or"
}
]
}
Related Documentation
For detailed information about configuring and writing OTTL transformations, see:
Last updated