SolarWinds Loggly API

openapi: 3.1.0
info:
  title: SolarWinds Loggly API
  description: >-
    RESTful API for cloud-based log management including event submission,
    event retrieval, search, and account management. Supports sending events
    over HTTP/S and retrieving log data via paginating event retrieval endpoints.
  version: '2'
  contact:
    name: SolarWinds Support
    url: https://support.solarwinds.com
  termsOfService: https://www.solarwinds.com/legal/terms
externalDocs:
  description: Loggly API Documentation
  url: https://documentation.solarwinds.com/en/success_center/loggly/content/admin/api-overview.htm
servers:
- url: https://{subdomain}.loggly.com/apiv2
  description: Loggly API Server
  variables:
    subdomain:
      default: logs-01
      description: Your Loggly subdomain
tags:
- name: Account
  description: Account information and management
- name: Search
  description: Search and retrieve log events
security:
- bearerAuth: []
paths:
  /search:
    get:
      operationId: searchEvents
      summary: Solarwinds Initiate a Search Query
      description: >-
        Initiates a search query against log events. Returns a search ID
        (RSID) that can be used with the events endpoint to retrieve results.
      tags:
      - Search
      parameters:
      - name: q
        in: query
        required: true
        description: Search query string using Loggly search syntax
        schema:
          type: string
        example: '*'
      - name: from
        in: query
        description: Start time for search (ISO 8601 or relative like -24h)
        schema:
          type: string
        example: '-2h'
      - name: until
        in: query
        description: End time for search
        schema:
          type: string
        example: 'now'
      - name: size
        in: query
        description: Maximum number of events to return
        schema:
          type: integer
          default: 10
          maximum: 5000
        example: 10
      - name: order
        in: query
        description: Sort order
        schema:
          type: string
          enum:
          - asc
          - desc
        example: asc
      responses:
        '200':
          description: Search initiated
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SearchResponse'
              examples:
                Searchevents200Example:
                  summary: Default searchEvents 200 response
                  x-microcks-default: true
                  value:
                    rsid:
                      id: abc123
                      status: example_value
        '401':
          description: Unauthorized
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /events:
    get:
      operationId: getEvents
      summary: Solarwinds Retrieve Search Results
      description: >-
        Retrieves events for a previously initiated search using the RSID
        returned by the search endpoint.
      tags:
      - Search
      parameters:
      - name: rsid
        in: query
        required: true
        description: Result Set ID from the search endpoint
        schema:
          type: string
        example: '500123'
      responses:
        '200':
          description: Event results
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EventsResponse'
              examples:
                Getevents200Example:
                  summary: Default getEvents 200 response
                  x-microcks-default: true
                  value:
                    total_events: 10
                    page: 10
                    events:
                    - id: abc123
                      timestamp: 10
                      logmsg: example_value
                      logtypes: {}
                      event: example_value
                      tags: {}
        '401':
          description: Unauthorized
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /events/iterate:
    get:
      operationId: iterateEvents
      summary: Solarwinds Iterate Through Search Results
      description: >-
        Paginating event retrieval API for iterating through large result
        sets. Returns events and a next pointer for pagination.
      tags:
      - Search
      parameters:
      - name: rsid
        in: query
        required: true
        description: Result Set ID from the search endpoint
        schema:
          type: string
        example: '500123'
      - name: next
        in: query
        description: Pagination cursor for next page
        schema:
          type: string
        example: example_value
      responses:
        '200':
          description: Paginated event results
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IterateResponse'
              examples:
                Iterateevents200Example:
                  summary: Default iterateEvents 200 response
                  x-microcks-default: true
                  value:
                    events:
                    - id: abc123
                      timestamp: 10
                      logmsg: example_value
                      logtypes: {}
                      event: example_value
                      tags: {}
                    next: example_value
        '401':
          description: Unauthorized
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /customer:
    get:
      operationId: getAccountInfo
      summary: Solarwinds Get Account Information
      description: >-
        Returns customer account information including the customer token
        and a list of active Loggly users.
      tags:
      - Account
      responses:
        '200':
          description: Account information
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccountInfo'
              examples:
                Getaccountinfo200Example:
                  summary: Default getAccountInfo 200 response
                  x-microcks-default: true
                  value:
                    id: abc123
                    subdomain: example_value
                    tokens:
                    - example_value
                    subscription:
                      plan_name: example_value
                    users:
                    - id: abc123
                      email: [email protected]
        '401':
          description: Unauthorized
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
components:
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      description: API token for authentication via Authorization Bearer header
    customerToken:
      type: apiKey
      in: path
      name: token
      description: Customer token for event submission endpoints
  schemas:
    SearchResponse:
      type: object
      properties:
        rsid:
          type: object
          properties:
            id:
              type: string
              description: Result Set ID for retrieving events
            status:
              type: string
              description: Search status
          example: '500123'
    EventsResponse:
      type: object
      properties:
        total_events:
          type: integer
          description: Total number of matching events
          example: 10
        page:
          type: integer
          description: Current page number
          example: 10
        events:
          type: array
          items:
            $ref: '#/components/schemas/LogEvent'
          example: []
    IterateResponse:
      type: object
      properties:
        events:
          type: array
          items:
            $ref: '#/components/schemas/LogEvent'
          example: []
        next:
          type: string
          description: Cursor for next page of results
          example: example_value
    LogEvent:
      type: object
      properties:
        id:
          type: string
          description: Unique event identifier
          example: abc123
        timestamp:
          type: integer
          description: Event timestamp in milliseconds
          example: 10
        logmsg:
          type: string
          description: Raw log message
          example: example_value
        logtypes:
          type: array
          description: Detected log types
          items:
            type: string
          example: []
        event:
          type: object
          description: Parsed event fields
          additionalProperties: true
          example: example_value
        tags:
          type: array
          description: Tags associated with the event
          items:
            type: string
          example: []
    AccountInfo:
      type: object
      properties:
        id:
          type: integer
          description: Account ID
          example: abc123
        subdomain:
          type: string
          description: Account subdomain
          example: example_value
        tokens:
          type: array
          items:
            type: string
          description: Customer tokens
          example: []
        subscription:
          type: object
          properties:
            plan_name:
              type: string
          example: example_value
        users:
          type: array
          items:
            type: object
            properties:
              id:
                type: integer
              email:
                type: string
          example: []