Skip to main content
POST
/
api
/
v1
/
config
/
log-ingest-config
cURL
curl --request POST \
  --url https://{tenant}.chronosphere.io/api/v1/config/log-ingest-config \
  --header 'API-Token: <api-key>' \
  --header 'Content-Type: application/json' \
  --data '{}'
{
  "log_ingest_config": {
    "created_at": "2023-11-07T05:31:56Z",
    "field_normalization": {
      "custom_field_normalization": [
        {
          "normalization": {
            "default_value": "<string>",
            "sanitize_patterns": [
              "<string>"
            ],
            "source": [
              {
                "selector": "<string>"
              }
            ],
            "value_map": {}
          },
          "target": "<string>"
        }
      ],
      "message": {
        "default_value": "<string>",
        "sanitize_patterns": [
          "<string>"
        ],
        "source": [
          {
            "selector": "<string>"
          }
        ],
        "value_map": {}
      },
      "service": {
        "default_value": "<string>",
        "sanitize_patterns": [
          "<string>"
        ],
        "source": [
          {
            "selector": "<string>"
          }
        ],
        "value_map": {}
      },
      "severity": {
        "default_value": "<string>",
        "sanitize_patterns": [
          "<string>"
        ],
        "source": [
          {
            "selector": "<string>"
          }
        ],
        "value_map": {}
      },
      "timestamp": {
        "source": [
          {
            "selector": "<string>"
          }
        ]
      }
    },
    "field_parsers": [
      {
        "destination": {
          "selector": "<string>"
        },
        "mode": "ENABLED",
        "parser": {
          "grok_parser": {
            "pattern": "<string>"
          },
          "key_value_parser": {
            "delimiter": "<string>",
            "pair_separator": "<string>",
            "trim_set": "<string>"
          },
          "parser_type": "JSON",
          "regex_parser": {
            "regex": "<string>"
          }
        },
        "source": {
          "selector": "<string>"
        }
      }
    ],
    "plaintext_parsers": [
      {
        "keep_original": true,
        "mode": "ENABLED",
        "name": "<string>",
        "parser": {
          "grok_parser": {
            "pattern": "<string>"
          },
          "key_value_parser": {
            "delimiter": "<string>",
            "pair_separator": "<string>",
            "trim_set": "<string>"
          },
          "parser_type": "JSON",
          "regex_parser": {
            "regex": "<string>"
          }
        }
      }
    ],
    "updated_at": "2023-11-07T05:31:56Z"
  }
}

Documentation Index

Fetch the complete documentation index at: https://docs.chronosphere.io/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

API-Token
string
header
required

Chronosphere API token

Body

application/json
dry_run
boolean

If true, validates the specified configuration without creating the LogIngestConfig. If the specified configuration is valid, the endpoint returns a partial response without the LogIngestConfig. If the specified configuration is invalid, the endpoint returns an error.

log_ingest_config
object

The LogIngestConfig to create.

Response

A successful response containing the created LogIngestConfig.

log_ingest_config
object

LogIngestConfig is a singleton configuration object that specifies the configuration for log ingest.