Update Log Schema

Updates an existing log schema.

HTTP Request

PUT /api/sonar/log-schemas/:code
Request using cURL
curl -H "Authorization: Bearer <API_KEY>" \
     -d name="Ping" \
     -d fields="[{""name"":""_time"", ""type"":""DATE"", ""display_name"":""Time"", ""ordinal"":1}, {""name"":""src_ip"", ""type"":""IP"", ""display_name"":""SourceIP"", ""ordinal"":2}, {""name"":""dst_ip"", ""type"":""IP"", ""display_name"":""DestinationIP"", ""ordinal"":3},{""name"":""rtt"", ""type"":""INT"", ""display_name"":""RoundTripTime"", ""ordinal"":4}]" \
     -X PUT \
     https://HOSTNAME/api/sonar/log-schemas/ping
Request Parameters
KeyRequiredTypeDescriptionNote
codeOStringLog schema codeMinimum 1 to maximum 50 characters
nameOStringLog schema nameMinimum 1 to maximum 50 characters
descriptionXStringLog schema descriptionMaximum 255 characters
fieldsXStringList of field definitionsJSON array

fieldsis JSON array string that contains the following properties:

  • type (String): Field type
    • One of the following: DATE, STRING, IP, PORT, INT, LONG, DOUBLE, COUNTRY, MD5, SHA1, URL.
  • name (String): Name (Max. 50 characters)
  • display_name (String): Display name (Max. 50 characters)
  • ordinal (32-bit integer): Field order

Success Response

{}

Error Responses

No privilege to create a log schema

HTTP status code 500. Log schema is applied system wide. To create a log schema, cluster administrator privileges are required.

{
  "error_code": "illegal-state",
  "error_msg": "no-permission"
}
Required argument is missing

HTTP status code 400.

{
  "error_code": "null-argument",
  "error_msg": "code should be not null"
}
Invalid argument length

HTTP status code 400.

{
  "error_code": "invalid-argument",
  "error_msg": "'code' must be less than or equal to 50 characters."
}
Log schema is not found
{
  "error_code": "illegal-state",
  "error_msg": "log schema not found: test"
}