# Get Logs Pipeline Configuration

### Endpoint

**GET** `/api/pipelines/logs/config`

### Authentication

This endpoint requires API Key authentication via the Authorization header.

### Headers

```bash
Authorization: Bearer <YOUR_API_KEY>
Accept: */*
```

### Examples

#### Basic Request

Get current logs pipeline configuration:

```bash
curl -L \
  --url 'https://api.groundcover.com/api/pipelines/logs/config' \
  --header 'Authorization: Bearer <YOUR_API_KEY>' \
  --header 'Accept: */*'
```

#### Response Example

```json
{
  "ottlRules": [
    {
      "ruleName": "nginx_access_logs",
      "conditions": [
        "workload == \"nginx\" or container_name == \"nginx\""
      ],
      "statements": [
        "set(cache, ExtractGrokPatterns(body, \"^%{IPORHOST:remote_ip} - %{DATA:remote_user} \\[%{HTTPDATE:timestamp}\\] \\\"%{WORD:method} %{DATA:path} HTTP/%{NUMBER:http_version}\\\" %{INT:status} %{INT:body_bytes}\"))",
        "merge_maps(attributes, cache, \"insert\")"
      ],
      "statementsErrorMode": "skip",
      "conditionLogicOperator": "or"
    },
    {
      "ruleName": "json_log_parsing",
      "conditions": [
        "format == \"JSON\""
      ],
      "statements": [
        "set(parsed_json, ParseJSON(body))",
        "merge_maps(attributes, parsed_json, \"insert\")"
      ],
      "statementsErrorMode": "skip",
      "conditionLogicOperator": "and"
    },
    {
      "ruleName": "error_log_enrichment",
      "conditions": [
        "level == \"error\" or level == \"ERROR\""
      ],
      "statements": [
        "set(attributes[\"severity\"], \"high\")",
        "set(attributes[\"needs_attention\"], true)"
      ],
      "statementsErrorMode": "skip",
      "conditionLogicOperator": "or"
    }
  ]
}
```

### Related Documentation

For detailed information about configuring and writing OTTL transformations, see:

* [Log Parsing with OpenTelemetry Pipelines](https://docs.groundcover.com/log-parsing-with-opentelemetry-pipelines)