Method: logs.import

Full name: projects.locations.instances.logTypes.logs.import

Import log telemetry.

HTTP request


POST https://chronicle.africa-south1.rep.googleapis.com/v1beta/{parent}/logs:import

Path parameters

Parameters
parent

string

Required. The parent, which owns this collection of logs.

Request body

The request body contains data with the following structure:

JSON representation 
{
  "hint": string,

  // Union field source can be only one of the following:
  "inlineSource": {
    object (LogsInlineSource)
  }
  // End of list of possible types for union field source.
}
Fields
hint

string

Optional. Opaque hint to help parsing the log.

Union field source.

source can be only one of the following:
inlineSource

object (LogsInlineSource)

Required. Logs to be imported are specified inline.

Response body

If successful, the response body is empty.

Authorization scopes

Requires the following OAuth scope:

  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the parent resource:

  • chronicle.logs.import

For more information, see the IAM documentation.

LogsInlineSource

A import source with the logs to import included inline.

JSON representation 
{
  "logs": [
    {
      object (Log)
    }
  ],
  "forwarder": string,
  "sourceFilename": string
}
Fields
logs[]

object (Log)

Required. The logs being imported.
forwarder

string

Optional. The forwarder sending this import request.
sourceFilename

string

Optional. Source file name. Populated for certain types of files processed by the outofband processor which may have metadata encoded in it for use by the parser.

Log

Represents a telemetry log.

JSON representation 
{
  "name": string,
  "data": string,
  "logEntryTime": string,
  "collectionTime": string,
  "environmentNamespace": string,
  "labels": {
    string: {
      object (LogLabel)
    },
    ...
  },
  "additionals": {
    object
  }
}
Fields
name

string

Output only. The resource name of this log. Format: projects/{project}/locations/{region}/instances/{instance}/logTypes/{logType}/logs/{log}
data

string (bytes format)

Required. Raw data for the log entry.

A base64-encoded string.
logEntryTime

string (Timestamp format)

Required. Timestamp of the log entry.

Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".
collectionTime

string (Timestamp format)

Required. The time at which the log entry was collected. Must be after the logEntryTime.

Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".
environmentNamespace

string

Optional. The user-configured environment namespace to identify the data domain the logs originated from. This namespace will be used as a tag to identify the appropriate data domain for indexing and enrichment functionality.
labels

map (key: string, value: object (LogLabel))

Optional. The user-configured custom metadata labels.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
additionals

object (Struct format)

Optional. Metadata in JSON format.

LogLabel

Label for a user configured custom metadata key.

JSON representation 
{
  "value": string,
  "rbacEnabled": boolean
}
Fields
value

string

The value of the label.
rbacEnabled

boolean

Indicates whether this label can be used for Data RBAC.