datadog search-logs

Get logs matching log search query

Description

This command returns logs that match log search query, can be used to build complex logs filtering and search

Synopsis

datadog search-logs
    [--site <site>]
    [--query <query>]
    [--index <index>]
    [--from <from>]
    [--to <to>]
    [--storage_tier <storage_tier>]
    [--sort <sort>]
    [--offset <offset>]
    [--timezone <timezone>]
    [--cursor <cursor>]
    [--limit <limit>]

Arguments

`site` - (string)

     Site where this command will be executed
     Example: --site "site-1"
     Default: input.site      Attributes: optional

`query` - (string)

     Search query following logs syntax
     Example: --query "query-1"
     Default: _None_      Attributes: optional

`index` - (string)

     For customers with multiple indexes, the indexes to search Defaults to '*' which means all indexes
     Example: --index "index-1"
     Default: _None_      Attributes: optional

`from` - (time)

     Minimum timestamp for requested logs
     Example: --from "2019-10-12T07:20:50.52Z"
     Default: 15 miniutes ago      Attributes: optional

`to` - (time)

     Maximum timestamp for requested logs
     Example: --to "2019-10-12T07:20:50.52Z"
     Default: _None_      Attributes: optional

`storage_tier` - (string)

     Specifies the storage type to be used
     Example: --storage_tier "storage_tier-1"
     Default: _None_      Attributes: optional

Validation:
allowed values: indexes, online-archives

`sort` - (string)

     Order of logs in results
     Example: --sort "sort-1"
     Default: _None_      Attributes: optional

Validation:
allowed values: timestamp, -timestamp

`offset` - (duration)

     The time offset (in seconds) to apply to the query
     Example: --offset "5 seconds"
     Default: _None_      Attributes: optional

`timezone` - (string)

     The timezone can be specified as GMT, UTC, an offset from UTC (UTC+1), or as a Timezone Database identifier (America/New_York)
     Example: --timezone "timezone-1"
     Default: _None_      Attributes: optional

`cursor` - (string)

     List following results with a cursor provided in the previous query
     Example: --cursor "cursor-1"
     Default: _None_      Attributes: optional

`limit` - (int)

     Maximum number of logs in the response
     Example: --limit 1
     Default: _None_      Attributes: optional

Examples

Input:

!datadog search-logs --query "browser"

Output:

ID                                      STATUS  TAGS    TIMESTAMP
AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh         INFO      team:A    2019-01-02T09:42:36.320Z

Access Control

To use this command, you need access to the following:

Field	Value
Action	"read"
Service Type	"datadog"
Service Instance
Namespace
Object Type	"log"
Object ID

Please see Access Control for details.

datadog search-logs

Description

Synopsis

Arguments

site - (string)

query - (string)

index - (string)

from - (time)

to - (time)

storage_tier - (string)

sort - (string)

offset - (duration)

timezone - (string)

cursor - (string)

limit - (int)