RawLogResult

JSON representation
RawLogSnippet
- JSON representation

RawLogResult contains a single result match that is one of unparsed raw log, telemetry event, or entity context event. Along with that this contains summary, id, logType of the log that generated the result.

JSON representation

JSON representation
{ "summary" : string , "id" : string , "logType" : { object ( `LogType` ) } , // Union field `result` can be only one of the following: "event" : { object ( `Event` ) } , "entity" : { object ( `Entity` ) } , "snippet" : { object ( `RawLogSnippet` ) } // End of list of possible types for union field `result` . }

 { 
 "summary" 
 : 
 string 
 , 
 "id" 
 : 
 string 
 , 
 "logType" 
 : 
 { 
 object (  LogType 
 
) 
 } 
 , 
 // Union field result 
can be only one of the following: 
 "event" 
 : 
 { 
 object (  Event 
 
) 
 } 
 , 
 "entity" 
 : 
 { 
 object (  Entity 
 
) 
 } 
 , 
 "snippet" 
 : 
 { 
 object (  RawLogSnippet 
 
) 
 } 
 // End of list of possible types for union field result 
. 
 }

Fields

summary

string

If the result is unparsed log, summary will be a snippet for unparsed raw log. If the result is a telemetry event or a context event, it will be a description of the event.

id

string ( bytes format)

Id for raw log / entity / event result.

A base64-encoded string.

logType

object ( LogType )

Log type of the result.

Union field result .

result can be only one of the following:

event

object ( Event )

Normalized UDM event from the raw log that matched search query.

entity

object ( Entity )

Normalized entity context event from the raw log that matched search query.

snippet

object ( RawLogSnippet )

Raw log snippet in case of unparsed log.

RawLogSnippet

RawLog contains raw log id, ingestion time, and a snippet of the log.

JSON representation
{ "id" : string , "snippet" : string , "ingestionTime" : string }

Fields

Fields
`id`	`string ( bytes format)` ID of the raw log. A base64-encoded string.
`snippet`	`string` Snippet of the raw log.
`ingestionTime`	`string ( Timestamp format)` Ingestion time of the raw log. Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: `"2014-10-02T15:01:23Z"` , `"2014-10-02T15:01:23.045123456Z"` or `"2014-10-02T15:01:23+05:30"` .

id

string ( bytes format)

ID of the raw log.

A base64-encoded string.

snippet

string

Snippet of the raw log.

ingestionTime

string ( Timestamp format)

Ingestion time of the raw log.

Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z" , "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30" .

RawLogResult Stay organized with collections Save and categorize content based on your preferences.

RawLogSnippet

RawLogResult