The search command queries the Collector for matching patterns and returns the results in JSON format, limiting the output to a maximum of 1000 records.

JSON Input Data Format
{
    "id": string,
    "search": string,
    "time": string
}
id * Specifies the ID of the Collector.
search * Specifies the search query in Human Query Language (HQL) format, which operates as follows:
  • A word without double quotes indicates a partial match (e.g., err will display all lines that contain 'err' as part of a word).
  • A word enclosed in double quotes indicates a whole word match (e.g., "err" will display all lines that contain 'err' as a complete word).
  • The operators AND and OR can be used to refine the search (e.g., error AND "404" OR "505" will display all lines that contain the word 'error' and either the number '404' or '505' as a whole word).
time Specifies the time scope for the search. Possible values range from "1d," representing today, to "30d," representing the past 30 days. You can set the time scope as "1d" for today, "2d" for the past two days, "3d" for the past three days, and so on, up to "30d" for the past 30 days. The default is 1d.
* Indicates a mandatory field.

Code Snippets
Here are several code snippets provided for your direct use. Simply select your preferred tool/language by clicking on it.


Successful Response
{
    "result": "OK",
    "payload": [
        {
            "date": 1728448009,
            "remote": "192.168.234.1",
            "host": "-",
            "user": "-",
            "method": "GET",
            "path": "/images/x.svg",
            "code": "200",
            "size": "441",
            "referer": "https://192.168.234.160/",
            "agent": "xcware-Nexus",
            "time": "2022-10-09T04:48:12.398Z"
        },
        ...
    ]
}

Failed Response
{
    "result": "ERR",
    "message": "Error message ..."
}