Specifies the name for the Collector, which can be any name.
sourcetype*
Indicates the source type, which can be one of the following:
instance - Indicates that the source is an instance.
skynode - Indicates that the source is a Sky Node.
nexus-log - Specifies that the source is the Nexus Server for non-API interactions.
nexus-api - Specifies that the source is the Nexus Server for API interactions.
source
Based on the source type, this field specifies either the instance ID or the cloud ID of a Sky Node. If the
source type is set to a Nexus type, this field will be ignored.
logtype*
Indicates the log type, which can be one of the following:
file - Specifies that the data collection will be from a file.
docker - Specifies that the data collection will be from docker files.
system - Specifies that the source is the operating system log.
logname
Based on the log type, this field specifies the path and name of the log file or the system logs.
parser*
The parser field indicates which pre-defined parser to use for scanning the logs. If the field begins with
"regex," a custom regular expression must follow to define a custom parser for log scanning.
The following pre-defined parsers are available:
json - JSON log parser
apache, apache2 - Apache Http log parser
nginx - Nginx Http log parser
docker - Docker log parser
systemd - System log parser
custom parser example - The following is a custom parser example:
example log => 10.1.0.1 GET /login everything is cool
example parser => regex ^(?<ip>.*?) (?<method>.*?) (?<uri>.*?)
(?<message>.*?)$
filter
Specifies a semi-colon-separated - ; - list of filter rules to be applied. You can pass an empty
string to remove all filters. The following format must be used for the filter:
OPERATOR->FIELDNAME PATTERN;...
OPERATOR:
Defines the inclusion or exclusion rule, which can be:
inc - to include if the pattern matches.
exc - to exclude if the pattern matches.
->:
Indicates the separator of the pattern rule, which must be specified as a dash "-" followed by the
greater-than ">" symbol (i.e., ->).
FIELDNAME PATTERN:
Specifies the field name to match the pattern against, followed by the text pattern to be used. A
space must be placed between the FIELDNAME and PATTERN.
Here are some examples:
inc->_COMM sshd
This rule will include only messages that contain the value "sshd" in the _COMM field.
exc->uri common.svg
This rule will exclude all messages that contain "common.svg" in the uri field.
filter string value
To set all the above example rules, the "filter" string value would look like this:
inc->_COMM sshd;exc->uri common.svg
* Indicates a mandatory field. Code Snippets
Here are several code snippets provided for your direct use. Simply select your
preferred tool/language by clicking on it.
const apiUrl = "https://your_nexus_server_or_ip/api/v3/";
//JSON data to be sent
const data = {
"name": "Nexus",
"sourcetype": "nexus-log",
"logtype": "file",
"parser": "json"
};
const requestOptions = {
method: "POST",
headers: {
"Content-Type": "application/json",
"x-access-account": "YOUR_ACCOUNT_ID",
"x-access-authorization": "YOUR_ACCESS_KEY",
"x-secret-key": "YOUR_SECRET_KEY",
"x-api": "API_NAME",
"x-api-command": "API_COMMAND"
},
body: JSON.stringify(data),
};
fetch(apiUrl, requestOptions)
.then((response) => {
if (!response.ok) {
throw new Error("Connection error");
}
return response.json();
})
.then((data) => {
//process received JSON data
console.log(JSON.stringify(data, null, 4));
if (data.result == "OK") {
console.log("TASK SUCCESSFUL");
} else {
console.log("ERROR: " + data.message);
}
})
.catch((error) => {
console.log("Error: " + error);
});
API Request
Copy
import fetch from 'node-fetch';
/*
Using the following code as a workaround for self-signed certificate
errors is discouraged in production environments.
*/
process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = 0;
const apiUrl = "https://your_nexus_server_or_ip/api/v3/";
//JSON data to be sent
const data = {
"name": "Nexus",
"sourcetype": "nexus-log",
"logtype": "file",
"parser": "json"
};
const requestOptions = {
method: "POST",
headers: {
"Content-Type": "application/json",
"x-access-account": "YOUR_ACCOUNT_ID",
"x-access-authorization": "YOUR_ACCESS_KEY",
"x-secret-key": "YOUR_SECRET_KEY",
"x-api": "API_NAME",
"x-api-command": "API_COMMAND"
},
body: JSON.stringify(data),
};
fetch(apiUrl, requestOptions)
.then((response) => {
if (!response.ok) {
throw new Error("Connection error");
}
return response.json();
})
.then((data) => {
//process received JSON data
console.log(JSON.stringify(data, null, 4));
if (data.result == "OK") {
console.log("TASK SUCCESSFUL");
} else {
console.log("ERROR: " + data.message);
}
})
.catch((error) => {
console.log("Error: " + error);
});
API Request
Copy
import requests
apiUrl = "https://your_nexus_server_or_ip/api/v3/"
#JSON data to be sent
data = {
"name": "Nexus",
"sourcetype": "nexus-log",
"logtype": "file",
"parser": "json"
}
headers = {
"Content-Type": "application/json",
"x-access-account": "YOUR_ACCOUNT_ID",
"x-access-authorization": "YOUR_ACCESS_KEY",
"x-secret-key": "YOUR_SECRET_KEY",
"x-api": "API_NAME",
"x-api-command": "API_COMMAND"
}
###
# Using verify=False in the following code as a workaround for
# self-signed certificate errors is discouraged in production environments.
###
response = requests.post(apiUrl, headers=headers, json=data, verify=False)
#process received JSON data
ret = response.json()
print(ret)
if (ret['result'] == "OK"):
print("TASK SUCCESSFUL")
else:
print("ERROR: "+ret['message'])
API Request
Copy
require 'uri'
require 'net/http'
require 'json'
apiUrl = URI.parse("https://your_nexus_server_or_ip/api/v3/")
@data = {
"name": "Nexus",
"sourcetype": "nexus-log",
"logtype": "file",
"parser": "json"
}.to_json
http = Net::HTTP.new(apiUrl.host, apiUrl.port)
http.use_ssl = true
###
# Using OpenSSL::SSL::VERIFY_NONE in the following code as a workaround for
# self-signed certificate errors is discouraged in production environments.
###
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
req = Net::HTTP::Post.new(apiUrl, initheader = {'Content-Type' => 'application/json'})
req['x-access-account'] = 'YOUR_ACCOUNT_ID'
req['x-access-authorization'] = 'YOUR_ACCESS_KEY'
req['x-secret-key'] = 'YOUR_SECRET_KEY'
req['x-api'] = 'API_NAME'
req['x-api-command'] = 'API_COMMAND'
req.body = @data
#make the api request
res = http.request(req)
# process received JSON data
ret = JSON.parse(res.body)
puts ret
if ret["result"] == "OK"
puts "TASK SUCCESSFUL"
else
puts "ERROR: "+ret["message"]
end
Successful Response
{
"result": "OK",
"payload": "The process was successfully completed",
"id": "V7-49ff499f-xxxx-xxxx-xxxx-b47fxxxx99af"
}