Api Endpoint Overview

LogZilla documentation for Api Endpoint Overview

API Endpoint Overview

This page provides a practical map of commonly used API endpoints. It is sourced from lib/logzilla/api/urls.py. For full request/response schemas, filters, and examples, use the interactive docs at /api/docs.

  • Auth and session

    • GET/POST/DELETE /api/auth — session info, login, logout
    • POST /api/reset-password
    • GET /api/ping

  • Users and access control

    • GET/POST /api/users (and /{id})
    • GET/POST /api/groups (and /{id})
    • GET /api/permissions

  • Dashboards and widgets

    • GET/POST /api/dashboards (and /{id})
    • GET/POST /api/widgets (and /{id})
    • GET /api/widget-types
    • GET /api/widget-presets

  • Events

    • GET /api/events/{ev_id}
    • GET /api/events/{ev_id}/timestamps
    • GET /api/events/{ev_id}/triggers

  • Triggers

    • GET/POST /api/triggers (and /{id})
    • POST /api/triggers-validator — validate filters

  • Notifications

    • GET /api/notification-groups

  • Queries

    • POST /api/query — create
    • GET /api/query/{qid} — results (with paging for Search)
    • GET /api/query/{qid}/export — export results
    • GET /api/query-types — available query types
    • WebSocket: /ws/live-updates (see Making Queries)

  • Reports

    • GET/POST /api/reports-templates
    • GET/POST /api/reports-schedules
    • GET/DELETE /api/reports (download via retrieve)

  • Settings and system

    • GET/POST /api/settings (and extra configs)
    • POST /api/settings-update-publish
    • GET /api/license-info
    • GET/POST /api/customer-info
    • GET /api/monitor

  • Archives

    • GET /api/archives
    • POST /api/archives/remove (range)
    • POST /api/archives/migrate (range)
    • GET /api/archive-restore-logs

  • Forwarder counters

    • GET /api/forwarder-counters

  • Lookup tools

    • GET /api/lookup/{dns|whois|mac|cisco-mnemonic|geoip|mswin-eventid|mitre-id}/{pk}

  • Terminals (test utilities)

    • POST /api/terminals — create ephemeral shell session

  • Mailer and LDAP tester

    • POST /api/mailer
    • POST /api/ldap-tester

  • App store

    • GET /api/apps — available apps
    • GET /api/installed-apps

  • Misc

    • GET /api/async-results
    • GET /api/docs, GET /api/schema

Notes:

  • All endpoints require a valid user token in Authorization: token <TOKEN> unless explicitly marked public. See Getting Started for token usage.
  • The HTTP Receiver (ingestion) is separate and documented under Receiving Data; its interactive docs are typically at /incoming/docs.
Api Endpoint Overview | LogZilla Documentation