Log types

Log type APIs enable the creation and management of log types and parser rules, allowing users to define custom parsing logic for both structured and unstructured log data.

End Points

POST

/api/v2/log-type

/api/v2/log-type/parser

PUT

/api/v2/log-type/parser

GET

/api/v2/log-type/parser

DELETE

/api/v2/log-type/parser

Create log types

This API allows users to create a new log type by specifying its display name and type.
OAuth Scope : logs360cloud.logformats.CREATE

Arguments

log_type_display_name

string

(Required)

User-friendly name for the log type. Only alphanumeric characters and underscores are allowed. Maximum length is 36 characters.

type

string

(Required)

Type of log type (e.g., syslog, file_import).

Headers

account_id

string

(Required)

Account ID

Request Example

parameters_data='{"field1":"value1","field2":"value2"}';
headers_data = Map();
headers_data.put("account_id", "18XXXXX4");
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/log-type"
type: POST
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;

OkHttpClient client = new OkHttpClient();

MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}");
Request request = new Request.Builder()
  .url("https://log360cloud.manageengine.com/api/v2/log-type")
  .post(body)
  .addHeader("account_id", "18XXXXX4")
  .addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
  .addHeader("content-type", "application/json")
  .build();

Response response = client.newCall(request).execute();

const options = {
  method: 'POST',
  headers: {
    account_id: '18XXXXX4',
    Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f',
    'content-type': 'application/json'
  },
  body: '{"field1":"value1","field2":"value2"}'
};

fetch('https://log360cloud.manageengine.com/api/v2/log-type', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

import http.client

conn = http.client.HTTPSConnection("log360cloud.manageengine.com")

payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}"

headers = {
    'account_id': "18XXXXX4",
    'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
    'content-type': "application/json"
    }

conn.request("POST", "/api/v2/log-type", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

const http = require("https");

const options = {
  "method": "POST",
  "hostname": "log360cloud.manageengine.com",
  "port": null,
  "path": "/api/v2/log-type",
  "headers": {
    "account_id": "18XXXXX4",
    "Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
    "content-type": "application/json"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.write(JSON.stringify({field1: 'value1', field2: 'value2'}));
req.end();

curl --request POST \
  --url https://log360cloud.manageengine.com/api/v2/log-type \
  --header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
  --header 'account_id: 18XXXXX4' \
  --header 'content-type: application/json' \
  --data '{"field1":"value1","field2":"value2"}'

{
    "log_type_display_name": "MikroTik",
    "type": "syslog"
}

{
    "data": {
        "log_type_id": 4000000444796
    }
}

{
    "code": "00000101",
    "title": "Unauthorized",
    "detail": "Invalid OAuth Token"
}

{
    "error": {
        "code": "10001007",
        "title": "Bad Request",
        "detail": "Something went wrong."
    }
}

Get log types

This API retrieves the list of log types configured in the system.
OAuth Scope : logs360cloud.logformats.READ

Query Parameters

origin

string

Filter log types by origin (custom, predefined)

from

integer

Offset for pagination, used to skip a certain number of records.

limit

integer

Limit the number of records returned in the response. Default value is 10. Maximum value is 1000.

Headers

account_id

string

(Required)

Account ID

Request Example

headers_data = Map();
headers_data.put("account_id", "18XXXXX4");
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/log-type"
type: GET
headers: headers_data
connection: <connection_name>
];
info response;

OkHttpClient client = new OkHttpClient();

Request request = new Request.Builder()
  .url("https://log360cloud.manageengine.com/api/v2/log-type")
  .get()
  .addHeader("account_id", "18XXXXX4")
  .addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
  .build();

Response response = client.newCall(request).execute();

const options = {
  method: 'GET',
  headers: {
    account_id: '18XXXXX4',
    Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f'
  }
};

fetch('https://log360cloud.manageengine.com/api/v2/log-type', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

import http.client

conn = http.client.HTTPSConnection("log360cloud.manageengine.com")

headers = {
    'account_id': "18XXXXX4",
    'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
    }

conn.request("GET", "/api/v2/log-type", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

const http = require("https");

const options = {
  "method": "GET",
  "hostname": "log360cloud.manageengine.com",
  "port": null,
  "path": "/api/v2/log-type",
  "headers": {
    "account_id": "18XXXXX4",
    "Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.end();

curl --request GET \
  --url https://log360cloud.manageengine.com/api/v2/log-type \
  --header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
  --header 'account_id: 18XXXXX4'

{
    "data": {
        "types": [
            {
                "log_type_display_name": "MikroTik_custom",
                "origin": "custom",
                "log_type_id": 4000000444796,
                "log_type_name": "mikrotik_custom",
                "type": "syslog"
            }
        ]
    }
}

{
    "code": "00000101",
    "title": "Unauthorized",
    "detail": "Invalid OAuth Token"
}

{
    "error": {
        "code": "10001007",
        "title": "Bad Request",
        "detail": "Something went wrong."
    }
}

Delete log types

This API deletes an existing log type using its type ID. For predefined log types, only the custom parser rules are deleted; the log type itself cannot be deleted. If a parser rule is referenced by other modules, such as alerts or reports, those dependent profiles must be deleted before the parser rule can be removed.
OAuth Scope : logs360cloud.logformats.DELETE

Query Parameters

log_type_id

integer

(Required)

Unique identifier of the log type to be deleted. This ID is returned in the response of the Get Log Type API.

Headers

account_id

string

(Required)

Account ID

Request Example

headers_data = Map();
headers_data.put("account_id", "18XXXXX4");
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/log-type?log_type_id=456"
type: DELETE
headers: headers_data
connection: <connection_name>
];
info response;

OkHttpClient client = new OkHttpClient();

Request request = new Request.Builder()
  .url("https://log360cloud.manageengine.com/api/v2/log-type?log_type_id=456")
  .delete(null)
  .addHeader("account_id", "18XXXXX4")
  .addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
  .build();

Response response = client.newCall(request).execute();

const options = {
  method: 'DELETE',
  headers: {
    account_id: '18XXXXX4',
    Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f'
  }
};

fetch('https://log360cloud.manageengine.com/api/v2/log-type?log_type_id=456', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

import http.client

conn = http.client.HTTPSConnection("log360cloud.manageengine.com")

headers = {
    'account_id': "18XXXXX4",
    'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
    }

conn.request("DELETE", "/api/v2/log-type?log_type_id=456", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

const http = require("https");

const options = {
  "method": "DELETE",
  "hostname": "log360cloud.manageengine.com",
  "port": null,
  "path": "/api/v2/log-type?log_type_id=456",
  "headers": {
    "account_id": "18XXXXX4",
    "Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.end();

curl --request DELETE \
  --url 'https://log360cloud.manageengine.com/api/v2/log-type?log_type_id=456' \
  --header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
  --header 'account_id: 18XXXXX4'

{
    "data": {
        "title": "success"
    }
}

{
    "code": "00000101",
    "title": "Unauthorized",
    "detail": "Invalid OAuth Token"
}

{
    "error": {
        "code": "10001007",
        "title": "Bad Request",
        "detail": "Something went wrong."
    }
}

Create parser rule

Create a new parser rule for a specified log type by defining its extraction method and pattern.
OAuth Scope : logs360cloud.logformats.CREATE

Arguments

log_type_id

integer

(Required)

Unique identifier of the log type. This ID is returned in the response of the Get Log Type API.

rule_name

string

(Required)

Name of the parser rule.

method

string

(Required)

Parsing method to use (e.g., regex, delimiter, json) - regex requires the regex parameter with capturing groups - delimiter requires the delimiter parameter - json uses the path defined in each field to extract values

regex

string

Regular expression used to extract values from log entries (required when the extraction method is regex). It must contain capturing groups. Each field in the fields array must either: - Specify the group_number corresponding to a numbered capturing group, or - Use a named capturing group in the regex that matches the field's display_name.'

delimiter

string

Delimiter used to extract values from log entries (required when the extraction method is delimiter).

fields

array

(Required)

List of fields extracted by the parser rule.

Show Sub-Attributes

display_name

string

Field name.

value

string

Value of the open attribute.

path

string

JSON path to the field in the log entry (required when the extraction method is JSON).

is_open_attribute

boolean

Specifies if the field is an open attribute.

group_number

integer

Represents the position from which the value should be extracted. For regex-based parsing, this is the capture group number. For delimiter-based parsing, this is the index of the value (starting from 1).

apply_when

string

List of conditions that must be met for the parser rule to be applied.

sample_log

string

Sample log entry used to test the parser rule.

Headers

account_id

string

(Required)

Account ID

Request Example

parameters_data='{"field1":"value1","field2":"value2"}';
headers_data = Map();
headers_data.put("account_id", "18XXXXX4");
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/log-type/parser"
type: POST
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;

OkHttpClient client = new OkHttpClient();

MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}");
Request request = new Request.Builder()
  .url("https://log360cloud.manageengine.com/api/v2/log-type/parser")
  .post(body)
  .addHeader("account_id", "18XXXXX4")
  .addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
  .addHeader("content-type", "application/json")
  .build();

Response response = client.newCall(request).execute();

const options = {
  method: 'POST',
  headers: {
    account_id: '18XXXXX4',
    Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f',
    'content-type': 'application/json'
  },
  body: '{"field1":"value1","field2":"value2"}'
};

fetch('https://log360cloud.manageengine.com/api/v2/log-type/parser', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

import http.client

conn = http.client.HTTPSConnection("log360cloud.manageengine.com")

payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}"

headers = {
    'account_id': "18XXXXX4",
    'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
    'content-type': "application/json"
    }

conn.request("POST", "/api/v2/log-type/parser", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

const http = require("https");

const options = {
  "method": "POST",
  "hostname": "log360cloud.manageengine.com",
  "port": null,
  "path": "/api/v2/log-type/parser",
  "headers": {
    "account_id": "18XXXXX4",
    "Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
    "content-type": "application/json"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.write(JSON.stringify({field1: 'value1', field2: 'value2'}));
req.end();

curl --request POST \
  --url https://log360cloud.manageengine.com/api/v2/log-type/parser \
  --header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
  --header 'account_id: 18XXXXX4' \
  --header 'content-type: application/json' \
  --data '{"field1":"value1","field2":"value2"}'

{
    "log_type_id": 4000000444914,
    "rule_name": "username",
    "method": "regex",
    "regex": "(?sm)[^;]*;\\s+\\w+=(?<user_name>[^\\s+]+)",
    "delimiter": ",",
    "fields": [
        {
            "display_name": "user_name",
            "value": "openvalue",
            "path": "store.book.author",
            "is_open_attribute": false,
            "group_number": 1
        }
    ],
    "apply_when": "((HOSTTYPE regex 'Force.*Point') OR (ID equals_cs '1348')) AND ((SEVERITY multi '3,4,5') OR (EVENTID multi_range '528-540,4624,4625,4634'))",
    "sample_log": "<134>Mar 27 10:15:30 server01 sshd[12345]: Accepted password for user1 from 192.168.1.100 port 54321 ssh2"
}

{
    "data": {
        "rule_id": 5404
    }
}

{
    "code": "00000101",
    "title": "Unauthorized",
    "detail": "Invalid OAuth Token"
}

{
    "error": {
        "code": "10001007",
        "title": "Bad Request",
        "detail": "Something went wrong."
    }
}

Update parser rule

This API updates an existing parser rule associated with a specified log type.
OAuth Scope : logs360cloud.logformats.UPDATE

Arguments

rule_id

integer

(Required)

Unique identifier of a parser rule. This ID is returned in the response of the Get Parser Rules API.

rule_name

string

(Required)

Name of the parser rule.

method

string

(Required)

regex

string

delimiter

string

Delimiter used to extract values from log entries (required when the extraction method is delimiter).

fields

array

(Required)

List of fields extracted by the parser rule.

Show Sub-Attributes

display_name

string

Field name.

value

string

Value of the open attribute.

path

string

JSON path to the field in the log entry (required when the extraction method is JSON).

is_open_attribute

boolean

Specifies if the field is an open attribute.

group_number

integer

apply_when

string

List of conditions that must be met for the parser rule to be applied.

sample_log

string

Sample log entry used to test the parser rule.

Headers

account_id

string

(Required)

Account ID

Request Example

parameters_data='{"field1":"value1","field2":"value2"}';
headers_data = Map();
headers_data.put("account_id", "18XXXXX4");
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/log-type/parser"
type: PUT
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;

OkHttpClient client = new OkHttpClient();

MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}");
Request request = new Request.Builder()
  .url("https://log360cloud.manageengine.com/api/v2/log-type/parser")
  .put(body)
  .addHeader("account_id", "18XXXXX4")
  .addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
  .addHeader("content-type", "application/json")
  .build();

Response response = client.newCall(request).execute();

const options = {
  method: 'PUT',
  headers: {
    account_id: '18XXXXX4',
    Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f',
    'content-type': 'application/json'
  },
  body: '{"field1":"value1","field2":"value2"}'
};

fetch('https://log360cloud.manageengine.com/api/v2/log-type/parser', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

import http.client

conn = http.client.HTTPSConnection("log360cloud.manageengine.com")

payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}"

headers = {
    'account_id': "18XXXXX4",
    'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
    'content-type': "application/json"
    }

conn.request("PUT", "/api/v2/log-type/parser", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

const http = require("https");

const options = {
  "method": "PUT",
  "hostname": "log360cloud.manageengine.com",
  "port": null,
  "path": "/api/v2/log-type/parser",
  "headers": {
    "account_id": "18XXXXX4",
    "Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
    "content-type": "application/json"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.write(JSON.stringify({field1: 'value1', field2: 'value2'}));
req.end();

curl --request PUT \
  --url https://log360cloud.manageengine.com/api/v2/log-type/parser \
  --header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
  --header 'account_id: 18XXXXX4' \
  --header 'content-type: application/json' \
  --data '{"field1":"value1","field2":"value2"}'

{
    "rule_id": 4000000444914,
    "rule_name": "username",
    "method": "regex",
    "regex": "(?sm)[^;]*;\\s+\\w+=(?<user_name>[^\\s+]+)",
    "delimiter": ",",
    "fields": [
        {
            "display_name": "user_name",
            "value": "openvalue",
            "path": "store.book.author",
            "is_open_attribute": false,
            "group_number": 1
        }
    ],
    "apply_when": "((HOSTTYPE regex 'Force.*Point') OR (ID equals_cs '1348')) AND ((SEVERITY multi '3,4,5') OR (EVENTID multi_range '528-540,4624,4625,4634'))",
    "sample_log": "<134>Mar 27 10:15:30 server01 sshd[12345]: Accepted password for user1 from 192.168.1.100 port 54321 ssh2"
}

{
    "data": {
        "rule_id": 5404
    }
}

{
    "code": "00000101",
    "title": "Unauthorized",
    "detail": "Invalid OAuth Token"
}

{
    "error": {
        "code": "10001007",
        "title": "Bad Request",
        "detail": "Something went wrong."
    }
}

Get parser rules

Retrieve the list of custom parser rules associated with a specified log type.
OAuth Scope : logs360cloud.logformats.READ

Query Parameters

log_type_id

integer

(Required)

Unique identifier of the log type whose parser rules are to be retrieved. This ID is returned in the response of the Get Log Type API.

from

integer

Offset for pagination, used to skip a certain number of records.

limit

integer

Limit the number of records returned in the response. Default value is 10. Maximum value is 1000.

Headers

account_id

string

(Required)

Account ID

Request Example

headers_data = Map();
headers_data.put("account_id", "18XXXXX4");
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/log-type/parser?log_type_id=568"
type: GET
headers: headers_data
connection: <connection_name>
];
info response;

OkHttpClient client = new OkHttpClient();

Request request = new Request.Builder()
  .url("https://log360cloud.manageengine.com/api/v2/log-type/parser?log_type_id=568")
  .get()
  .addHeader("account_id", "18XXXXX4")
  .addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
  .build();

Response response = client.newCall(request).execute();

const options = {
  method: 'GET',
  headers: {
    account_id: '18XXXXX4',
    Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f'
  }
};

fetch('https://log360cloud.manageengine.com/api/v2/log-type/parser?log_type_id=568', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

import http.client

conn = http.client.HTTPSConnection("log360cloud.manageengine.com")

headers = {
    'account_id': "18XXXXX4",
    'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
    }

conn.request("GET", "/api/v2/log-type/parser?log_type_id=568", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

const http = require("https");

const options = {
  "method": "GET",
  "hostname": "log360cloud.manageengine.com",
  "port": null,
  "path": "/api/v2/log-type/parser?log_type_id=568",
  "headers": {
    "account_id": "18XXXXX4",
    "Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.end();

curl --request GET \
  --url 'https://log360cloud.manageengine.com/api/v2/log-type/parser?log_type_id=568' \
  --header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
  --header 'account_id: 18XXXXX4'

{
    "data": {
        "rules": [
            {
                "rule_id": 4000000445031,
                "method": "regex",
                "rule_name": "username",
                "origin": "custom",
                "regex": "(?sm)[^;]*;\\s+\\w+=(?<user_name>[^\\s+]+)",
                "apply_when": "((HOSTTYPE regex 'Force.*Point') OR (ID equals_cs '1348')) AND ((SEVERITY multi '3,4,5') OR (EVENTID multi_range '528-540,4624,4625,4634'))"
            }
        ]
    }
}

{
    "code": "00000101",
    "title": "Unauthorized",
    "detail": "Invalid OAuth Token"
}

{
    "error": {
        "code": "10001007",
        "title": "Bad Request",
        "detail": "Something went wrong."
    }
}

Delete parser rule

Delete a specific parser rule identified by its rule ID.
OAuth Scope : logs360cloud.logformats.DELETE

Query Parameters

rule_id

integer

(Required)

Unique identifier of the parser rule to be deleted. This ID is returned in the response of the Get Parser Rule API.

Headers

account_id

string

(Required)

Account ID

Request Example

headers_data = Map();
headers_data.put("account_id", "18XXXXX4");
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/log-type/parser?rule_id=4000000445031"
type: DELETE
headers: headers_data
connection: <connection_name>
];
info response;

OkHttpClient client = new OkHttpClient();

Request request = new Request.Builder()
  .url("https://log360cloud.manageengine.com/api/v2/log-type/parser?rule_id=4000000445031")
  .delete(null)
  .addHeader("account_id", "18XXXXX4")
  .addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
  .build();

Response response = client.newCall(request).execute();

const options = {
  method: 'DELETE',
  headers: {
    account_id: '18XXXXX4',
    Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f'
  }
};

fetch('https://log360cloud.manageengine.com/api/v2/log-type/parser?rule_id=4000000445031', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

import http.client

conn = http.client.HTTPSConnection("log360cloud.manageengine.com")

headers = {
    'account_id': "18XXXXX4",
    'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
    }

conn.request("DELETE", "/api/v2/log-type/parser?rule_id=4000000445031", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

const http = require("https");

const options = {
  "method": "DELETE",
  "hostname": "log360cloud.manageengine.com",
  "port": null,
  "path": "/api/v2/log-type/parser?rule_id=4000000445031",
  "headers": {
    "account_id": "18XXXXX4",
    "Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.end();

curl --request DELETE \
  --url 'https://log360cloud.manageengine.com/api/v2/log-type/parser?rule_id=4000000445031' \
  --header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
  --header 'account_id: 18XXXXX4'

{
    "data": {
        "title": "success"
    }
}

{
    "code": "00000101",
    "title": "Unauthorized",
    "detail": "Invalid OAuth Token"
}

{
    "error": {
        "code": "10001007",
        "title": "Bad Request",
        "detail": "Something went wrong."
    }
}