Get Tables
Gets a list of Logpresso Sonar tables that match the search criteria. This operation requires administrator privileges.
Tip
Even on the same instance, configuration information for tables created in Logpresso Enterprise is not retrieved because it does not exist in Logpresso Sonar.
Required Permissions
Requires the MEMBER role or higher.
HTTP Request
GET /api/sonar/tables
cURL Example
curl -H "Authorization: Bearer <API_KEY>" \
https://HOSTNAME/api/sonar/tables
Request Parameters
| Key | Required | Type | Description | Note |
|---|---|---|---|---|
| offset | X | 32-bit integer | Number of records to skip | Default: 0 |
| limit | X | 32-bit integer | Maximum number of records to load | Default: 2147483647 |
| keywords | X | String | Keyword | Search available by table_name |
| schema_code | X | String | Schema code | Filter tables using the specified schema |
| table_name | X | String | Table name | Filter by specific table name |
| group_guid | X | String | Group GUID | Filter tables belonging to a specific table group |
Success Response
{
"total_count": 1,
"tables": [
{
"table_name": "evtx_system",
"layout": "columnar",
"compression": "snappy",
"retention": 180,
"crypto_profile_guid": "b2c3d4e5-f6g7-8901-bcde-f23456789012",
"crypto_profile_name": "Default Crypto Profile",
"encrypted": true,
"min_day": "2021-10-19 00:00:00+0900",
"max_day": "2022-09-14 00:00:00+0900",
"table_size": 7195337,
"index_size": 0,
"ratio": 0.75,
"group_guid": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"group_name": "Windows Events"
}
]
}
- total_count (32-bit integer): Total number of tables that match the search keyword
- tables (Array): Table list
- table_name (String): Table name
- layout (String): Block layout (
roworcolumnar), default:columnar - compression (String): Compression algorithm (
deflateorsnappy), default:snappy - retention (32-bit integer): Data retention period in days, default: 0 (unlimited)
- crypto_profile_guid (String, when
encryptedistrue): Crypto profile GUID - crypto_profile_name (String, when
encryptedistrue): Crypto profile name - encrypted (Boolean, optional): Encryption usage
- min_day (String, optional): Minimum log date stored (
_timefield based) - max_day (String, optional): Maximum log date stored (
_timefield based) - table_size (64-bit integer): Table data size (unit: bytes)
- index_size (64-bit integer): Index data size (unit: bytes)
- ratio (64-bit float): Disk usage ratio for the entire table (0~1)
- group_guid (String, optional): Table group GUID
- group_name (String, optional): Table group name
Note
For security reasons, the Get Tables API excludes shared_users, shared_groups, and node_stats fields. If you need this information, use the individual table retrieval API.
Error Responses
offset or limit value is not an integer
HTTP status code 400
{
"error_code": "invalid-argument",
"error_msg": "'offset' parameter should be int type"
}
offset or limit value is negative
HTTP status code 400
{
"error_code": "invalid-argument",
"error_msg": "'offset' must be greater than or equal to 0."
}
offset or limit value exceeds maximum value
HTTP status code 400
{
"error_code": "invalid-argument",
"error_msg": "'limit' must be less than or equal to 2147483647."
}
group_guid value is not in GUID format
HTTP status code 400
{
"error_code": "invalid-param-type",
"error_msg": "group_guid should be guid type."
}
Permission denied
HTTP status code 500
{
"error_code": "illegal-state",
"error_msg": "no-permission"
}