日志检索

无标签
接口
发布日期:   2025-02-01
更新日期:   2025-04-11
文章字数:   387
阅读时长:   2 分
阅读次数:  
简要描述
  • 日志检索
请求URL
  • http://xx.com/search/
请求方式
  • GET
参数
参数名 必选 类型 说明
dtype string 日志类型
stime string 起始时间例2025-01-11T00:00:00.971Z
etime string 结束时间
sip string 源ip检索
dip string 目标ip检索
page string 页码
limit string 条数
返回示例
 {
    "data": [
        {
            "_id": "AZRJHDKvaQJO78oCbm29",
            "_index": "original-attack2-2025.01.09",
            "_score": null,
            "_source": {
                "@timestamp": "2025-01-09T03:29:32.131Z",
                "@version": "1",
                "Action": "PERMIT",
                "Content": "POLICY*: The packet was through because the firewall policy is permit",
                "DIP": "10.21.4.1",
                "DstIP": "10.21.4.1",
                "FwPolicyID": "1",
                "GenTime": "2025-01-09 11:28:14",
                "InInterface": "ge0/0",
                "OutInterface": "ge0/1",
                "Protocol": "ICMP",
                "SIP": "10.21.4.206",
                "SerialNum": "101Y3-15A5O-1F001-1F223-YLS1K",
                "SrcIP": "10.21.4.206",
                "code": "0",
                "geoip": {},
                "host": "10.21.4.161",
                "logsource": "host",
                "program": "FILTER",
                "severity": "6",
                "severity_label": "info",
                "tags": [
                    "_geoip_lookup_failure"
                ],
                "timestamp": "Jan  9 11:28:14",
                "type": "8"
            },
            "_type": "8",
            "sort": [
                1736393372131
            ]
        }
    ],
    "limit": "1",
    "page": "1",
    "total": 54
}
返回参数说明
参数名 类型 说明
groupid int 用户组id,1:超级管理员;2:普通用户
备注
  • 更多返回错误代码请看首页的错误代码描述
文章作者: W SQ
文章链接: https://wangshuaiqiang.chat/2025/02/01/%E6%97%A5%E5%BF%97%E6%A3%80%E7%B4%A2/
版权声明: 本博客所有文章除特別声明外,均采用 CC BY 4.0 许可协议。转载请注明来源 W SQ !
无标签
评论
  目录
-->