EventLog Configuration APIs


These APIs allow an admin user to add, edit or delete EventLogs and to perform EventLog Configuration.

Supported HTTP methods: GET, POST

Allowed roles: Administrator

APIs for EventLogFile

This API allows an admin user to add, edit or delete EventLogs in Applications Manager.

The parameters involved in executing this API request are:

FieldDescription
logFileName LogFile property of the Events
category The Type of LogFile for Windows or WindowsAzure - EventLogs, AzureTraceLogs, AzureDiagnosticLogs
ruletype RULETYPE ID column from the AM_RULETYPE table for the logfile.
TO_DELETE Indicates whether the log file needs to be deleted. Value should only be true if log file needs to be deleted.

Add

Syntax

XML - https://[HOST]:[PORT]/AppManager/xml/logfile?apikey=[ API Key ]&logFileName=[ Log File Name ]&category=[ EventLogs Catagory ]
JSON - https://[HOST]:[PORT]/AppManager/json/logfile?apikey=[ API Key ]&logFileName=[ Log File Name ]&category= [ EventLogs Catagory ]

Example

https://apm-prod-server:8443/AppManager/xml/logfile?apikey=aaaaaabbbbbbccccccddddddeeeeee&logFileName=adminlogfile&category=EventLogs

Edit

Syntax

XML - https://[HOST]:[PORT]/AppManager/xml/logfile?apikey=[ API Key ]&logFileName=[ Log File Name ]&ruletype= [ Rule Type]
JSON - https://[HOST]:[PORT]/AppManager/json/logfile?apikey=[ API Key ]&logFileName=[ Log File Name ]&ruletype=[ Rule Type ]

Example

https://apm-prod-server:8443/AppManager/xml/logfile?apikey=aaaaaabbbbbbccccccddddddeeeeee&logFileName=newadminname&ruletype=10000

Delete

Syntax

XML - https://[HOST]:[PORT]/AppManager/xml/logfile?apikey=[ API Key ]&ruletype=[ Type ]&TO_DELETE=[ TRUE ]
JSON - https://[HOST]:[PORT]/AppManager/json/logfile?apikey=[ API Key ]&ruletype=[ Type ]&TO_DELETE=[ TRUE ]

Example

https://apm-prod-server:8443/AppManager/xml/logfile?apikey=aaaaaabbbbbbccccccddddddeeeeee&ruletype=10000&TO_DELETE=true

APIs for EventLog Configuration

This API allows an admin user to perform EventLog Configuration in Applications Manager. The parameters involved in executing this API request are:

FieldDescription
rulename Enter the Rule Name of your choice.
eventid Enter the Event ID associated with the Event Log File
source Source of the Event Log File
category EventLogs category
eventtype Values accepted are
  • 0 - Event of Any Type
  • 1 - Error
  • 2 - Warning
  • 3 - Information Respectively
severity 1,4 for Critical and Warning respectively
ruletype RULETYPE ID column from the AM_RULETYPE table for the logfile for Map to Application or Security events etc.
status Status of the EventLog. Values accepted are 1 and 0 for Enable and Disable Respectively
resourceids Resourceids of Windows monitors (Supports comma separated values).
logCategoryName EventLogs category name for Windows
ruleid Rule ID
servertypes Supported Windows Monitor Server types
haid Monitor Group id
TimeFrame Option to set alarm severity to 'Critical' or 'Warning' based on a given time window. Values accepted are:
  • 1 - used to mention current log rule is time frame based one.
  • 24 - used to mention current log rule is 24 hours based one
applyto Indicates the Monitor, Monitor Type or Monitor Group to which the log rule has to be applied.
message Word which need to be checked in the Event Message description.
displayname Display name of the logrule which you are creating.
username Indicates the user name that need to be matched in the event log monitoring, which is available under Show Advance option in UI.
type Indicates the Monitor, Monitor type or Monitor group for which the log rule has to be applied.
action Indicates the action that needs to be performed for the log rule.
TO_DELETE Indicates whether the log rule needs to be deleted. Value should only be true if log file needs to be deleted.

Syntax

XML - https://[HOST]:[PORT]/AppManager/xml/logfile?apikey=[ API Key ]&logFileName=[ Log File Name ]&ruletype= [ Rule Type ]&..
JSON https://[HOST]:[PORT]/AppManager/json/logfile?apikey=[ API Key ]&logFileName=[ Log File Name ]&ruletype= [ Rule Type ]&..

Add

Apply to All monitors:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&rulename=addedinrestapi&eventid=121&source=&category=&username=&eventtype=0&message=&severity=1&ruletype=1&status=1&resourceids=&logCategoryName=EventLogs&applyto=allmonitor&TimeFrame=1

Apply to Specific Monitor types:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&logCategoryName=WindowsEventLogs&status=1&rulename=adminmontyperestapi&rulescope=1&haid=10045&severity=1&eventid=210&resourceids=&message=-1&applyto=monitortype&ruletype=1&username=-1&category=-1&source=-1&servertypes=Windows 2000&eventtype=0&displayname=addmontype&TimeFrame=1

Apply to selected monitors:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&rulename=admintestindi&eventid=121&source=&category=&username=&eventtype=0&message=&severity=1&ruletype=1&status=1&resourceids=10000097,10000100,20000076,20000065&logCategoryName=EventLogs&applyto=monitorlist&TimeFrame=1

Apply to monitors under a group:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&logCategoryName=WindowsEventLogs&status=1&rulename=adminhaid&rulescope=1&haid=10056&severity=1&eventid=210&message=-1&applyto=monitorgroup&ruletype=1&username=-1&category=-1&source=-1&servertypes=&eventtype=0&TimeFrame=1

Edit

Change Advanced Options:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&logCategoryName=EventLogs&status=1&rulename=newname&severity=1&eventid=121&resourceids=&message=testdesc1&applyto=monitorlist&category=testcatecategory1&username=testuser1&ruletype=1&source=testsource1&ruleid=10003&eventtype=1&displayname=newname&TimeFrame=1

Change Event Type:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&eventtype=3&ruleid=10004&TimeFrame=1

Change Severity:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&severity=4&ruleid=10004&TimeFrame=1

Change Applyto Option:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&severity=4&ruleid=10004&applyto=monitorlist&resourceids=10000094&TimeFrame=1
https://apm-prod-server:8443/AppManager/xml/logrulet?apikey=aaaaaabbbbbbccccccddddddeeeeee&severity=4&ruleid=10005&applyto=monitorgroup&haid=10056&TimeFrame=1

Montype add/remove:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&type=monitortype&action=add&servertypes=Windows 2012&ruleid=10006&TimeFrame=1
https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&type=monitortype&action=remove&servertypes=Windows 2012&ruleid=10006&TimeFrame=1

To add/remove a monitor from a rule:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&action=add&resourceids=100001&ruleid=10007&type=monitorlist&TimeFrame=1
https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&action=remove&resourceids=10000097&ruleid=10007&type=monitorlist&TimeFrame=1

Change Status:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&action=changestatus&ruleids=10000003,10000002&status=disable&TimeFrame=1
https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&action=changestatus&ruleids=10000003,10000002&status=enable&TimeFrame=1

Delete

Delete Logrule:

https://apm-prod-server:8443/AppManager/xml/logrule?apikey=aaaaaabbbbbbccccccddddddeeeeee&action=changestatus&ruleids=10000003,10000002&status=disable&TO_DELETE=true