EventLog Configuration APIs

---

These APIs allow an admin user to add, edit or delete EventLogs and to perform EventLog Configuration.

• EventLogs
  • Add
  • Edit
  • Delete
• EventLog Configuration
  • Add
  • Edit
  • Delete

Supported HTTP methods: GET, POST

Allowed roles: Administrator

APIs for EventLogFile

This API allows an admin user to add, edit or delete EventLogs in Applications Manager.

The parameters involved in executing this API request are:

Field	Description
logFileName	LogFile property of the Events
category	The Type of LogFile for Windows or WindowsAzure - EventLogs, AzureTraceLogs, AzureDiagnosticLogs
ruletype	RULETYPE ID column from the AM_RULETYPE table for the logfile.
TO_DELETE	Indicates whether the log file needs to be deleted. Value should only be true if log file needs to be deleted.

Add

Syntax

XML - https://[HOST]:[PORT]/AppManager/xml/logfile?apikey=[ API Key ]&logFileName=[ Log File Name ]&category=[ EventLogs Catagory ]
JSON - https://[HOST]:[PORT]/AppManager/json/logfile?apikey=[ API Key ]&logFileName=[ Log File Name ]&category= [ EventLogs Catagory ]

Example

https://apm-prod-server:8443/AppManager/xml/logfile?apikey=aaaaaabbbbbbccccccddddddeeeeee&logFileName=adminlogfile&category=EventLogs

Edit

Syntax

XML - https://[HOST]:[PORT]/AppManager/xml/logfile?apikey=[ API Key ]&logFileName=[ Log File Name ]&ruletype= [ Rule Type]
JSON - https://[HOST]:[PORT]/AppManager/json/logfile?apikey=[ API Key ]&logFileName=[ Log File Name ]&ruletype=[ Rule Type ]

Example

https://apm-prod-server:8443/AppManager/xml/logfile?apikey=aaaaaabbbbbbccccccddddddeeeeee&logFileName=newadminname&ruletype=10000

Delete

Syntax

XML - https://[HOST]:[PORT]/AppManager/xml/logfile?apikey=[ API Key ]&ruletype=[ Type ]&TO_DELETE=[ TRUE ]
JSON - https://[HOST]:[PORT]/AppManager/json/logfile?apikey=[ API Key ]&ruletype=[ Type ]&TO_DELETE=[ TRUE ]

Example

https://apm-prod-server:8443/AppManager/xml/logfile?apikey=aaaaaabbbbbbccccccddddddeeeeee&ruletype=10000&TO_DELETE=true

APIs for EventLog Configuration

This API allows an admin user to perform EventLog Configuration in Applications Manager. The parameters involved in executing this API request are:

Field	Description
rulename	Enter the Rule Name of your choice.
eventid	Enter the Event ID associated with the Event Log File
source	Source of the Event Log File
category	EventLogs category
eventtype	Values accepted are 0 - Event of Any Type 1 - Error 2 - Warning 3 - Information Respectively
severity	1,4 for Critical and Warning respectively
ruletype	RULETYPE ID column from the AM_RULETYPE table for the logfile for Map to Application or Security events etc.
status	Status of the EventLog. Values accepted are 1 and 0 for Enable and Disable Respectively
resourceids	Resourceids of Windows monitors (Supports comma separated values).
logCategoryName	EventLogs category name for Windows
ruleid	Rule ID
servertypes	Supported Windows Monitor Server types
haid	Monitor Group id
TimeFrame	Option to set alarm severity to 'Critical' or 'Warning' based on a given time window. Values accepted are: 1 - used to mention current log rule is time frame based one. 24 - used to mention current log rule is 24 hours based one
applyto	Indicates the Monitor, Monitor Type or Monitor Group to which the log rule has to be applied.
message	Word which need to be checked in the Event Message description.
displayname	Display name of the logrule which you are creating.
username	Indicates the user name that need to be matched in the event log monitoring, which is available under Show Advance option in UI.
type	Indicates the Monitor, Monitor type or Monitor group for which the log rule has to be applied.
action	Indicates the action that needs to be performed for the log rule.
TO_DELETE	Indicates whether the log rule needs to be deleted. Value should only be true if log file needs to be deleted.

Syntax

XML - https://[HOST]:[PORT]/AppManager/xml/logfile?apikey=[ API Key ]&logFileName=[ Log File Name ]&ruletype= [ Rule Type ]&..
JSON - https://[HOST]:[PORT]/AppManager/json/logfile?apikey=[ API Key ]&logFileName=[ Log File Name ]&ruletype= [ Rule Type ]&..

Add

Apply to All monitors:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&rulename=addedinrestapi&eventid=121&source=&category=&username=&eventtype=0&message=&severity=1&ruletype=1&status=1&resourceids=&logCategoryName=EventLogs&applyto=allmonitor&TimeFrame=1

Apply to Specific Monitor types:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&logCategoryName=WindowsEventLogs&status=1&rulename=adminmontyperestapi&rulescope=1&haid=10045&severity=1&eventid=210&resourceids=&message=-1&applyto=monitortype&ruletype=1&username=-1&category=-1&source=-1&servertypes=Windows 2000&eventtype=0&displayname=addmontype&TimeFrame=1

Apply to selected monitors:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&rulename=admintestindi&eventid=121&source=&category=&username=&eventtype=0&message=&severity=1&ruletype=1&status=1&resourceids=10000097,10000100,20000076,20000065&logCategoryName=EventLogs&applyto=monitorlist&TimeFrame=1

Apply to monitors under a group:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&logCategoryName=WindowsEventLogs&status=1&rulename=adminhaid&rulescope=1&haid=10056&severity=1&eventid=210&message=-1&applyto=monitorgroup&ruletype=1&username=-1&category=-1&source=-1&servertypes=&eventtype=0&TimeFrame=1

Edit

Change Advanced Options:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&logCategoryName=EventLogs&status=1&rulename=newname&severity=1&eventid=121&resourceids=&message=testdesc1&applyto=monitorlist&category=testcatecategory1&username=testuser1&ruletype=1&source=testsource1&ruleid=10003&eventtype=1&displayname=newname&TimeFrame=1

Change Event Type:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&eventtype=3&ruleid=10004&TimeFrame=1

Change Severity:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&severity=4&ruleid=10004&TimeFrame=1

Change Applyto Option:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&severity=4&ruleid=10004&applyto=monitorlist&resourceids=10000094&TimeFrame=1
https://apm-prod-server:8443/AppManager/xml/logrulet?apikey=aaaaaabbbbbbccccccddddddeeeeee&severity=4&ruleid=10005&applyto=monitorgroup&haid=10056&TimeFrame=1

Montype add/remove:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&type=monitortype&action=add&servertypes=Windows 2012&ruleid=10006&TimeFrame=1
https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&type=monitortype&action=remove&servertypes=Windows 2012&ruleid=10006&TimeFrame=1

To add/remove a monitor from a rule:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&action=add&resourceids=100001&ruleid=10007&type=monitorlist&TimeFrame=1
https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&action=remove&resourceids=10000097&ruleid=10007&type=monitorlist&TimeFrame=1

Change Status:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&action=changestatus&ruleids=10000003,10000002&status=disable&TimeFrame=1
https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&action=changestatus&ruleids=10000003,10000002&status=enable&TimeFrame=1

Delete

Delete Logrule:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&action=changestatus&ruleids=10000003,10000002&status=disable&TO_DELETE=true