event¶
event count¶
Usage
usage: -c event count [-h] [-f {adaptive_table,json,shell,table,value,yaml}]
[-c COLUMN] [-m [NAME=VALUE [NAME=VALUE ...]]]
[--max-width <integer>] [--noindent] [--prefix PREFIX]
[--event-type [EVENT_TYPE [EVENT_TYPE ...]]]
[--entity-type [ENTITY_TYPE [ENTITY_TYPE ...]]]
[--entity-id [ENTITY_ID [ENTITY_ID ...]]]
[--severity [SEVERITY [SEVERITY ...]]]
[--start-timestamp START_TIMESTAMP]
[--end-timestamp END_TIMESTAMP] [--limit LIMIT]
[--offset OFFSET]
[--project-id [PROJECT_ID [PROJECT_ID ...]]]
[--hostname [HOSTNAME [HOSTNAME ...]]]
[--request-id [REQUEST_ID [REQUEST_ID ...]]]
[--user-id [USER_ID [USER_ID ...]]]
[--group-by GROUP_BY]
Description
Get count of events filtered by given params and group by specific field - default: severity. If param value is None or [] it will not be used for filtering.
Return
Returns dict: Dictionary of counts of events matching the provided filters
Optional
optional arguments:
-h, --help show this help message and exit
--event-type [EVENT_TYPE [EVENT_TYPE ...]]
Filter by (default: None)
--entity-type [ENTITY_TYPE [ENTITY_TYPE ...]]
Filter by (default: None)
--entity-id [ENTITY_ID [ENTITY_ID ...]]
Filter by (default: None)
--severity [SEVERITY [SEVERITY ...]]
Filter by (default: None)
--start-timestamp START_TIMESTAMP
Start of query period (milliseconds since epoch), by default - 1 hour back
--end-timestamp END_TIMESTAMP
End of query period (milliseconds since epoch), by default - now
--limit LIMIT Limit amount of events (default: 50)
--offset OFFSET Offset to paginate the results (default: None)
--project-id [PROJECT_ID [PROJECT_ID ...]]
If the user is system admin, the project ID will be used to filter events if it is not
None, else, the project_id will be overriden with the users project ID
--hostname [HOSTNAME [HOSTNAME ...]]
Filter by (default: None)
--request-id [REQUEST_ID [REQUEST_ID ...]]
Filter by (default: None)
--user-id [USER_ID [USER_ID ...]]
Filter by (default: None)
--group-by GROUP_BY Count and group by specific field (default: severity)
event definition create¶
Usage
usage: -c event definition create [-h]
[-f {adaptive_table,json,shell,table,value,yaml}]
[-c COLUMN]
[-m [NAME=VALUE [NAME=VALUE ...]]]
[--max-width <integer>] [--noindent]
[--prefix PREFIX]
event_type entity_type severity display_name
description_templates
Description
Register new event type.
Return
None
Optional
optional arguments:
-h, --help show this help message and exit
event definition get¶
Usage
usage: -c event definition get [-h]
[-f {adaptive_table,json,shell,table,value,yaml}]
[-c COLUMN] [-m [NAME=VALUE [NAME=VALUE ...]]]
[--max-width <integer>] [--noindent]
[--prefix PREFIX]
event_type
Description
Get the details of the requested event.
Return
Returns dict: The requested event details
Optional
optional arguments:
-h, --help show this help message and exit
event definition list¶
Usage
usage: -c event definition list [-h]
[-f {adaptive_table,csv,json,table,value,yaml}]
[-c COLUMN] [-m [NAME=VALUE [NAME=VALUE ...]]]
[--max-width <integer>] [--noindent]
[--quote {all,minimal,none,nonnumeric}]
[--entity-type ENTITY_TYPE]
[--severity SEVERITY]
Description
Get a list event definitions.
Return
None
Optional
optional arguments:
-h, --help show this help message and exit
--entity-type ENTITY_TYPE
Filter by entity_type, if the param equals None, don't filter (default: None)
--severity SEVERITY The severity of the event
event query¶
Usage
usage: -c event query [-h] [-f {adaptive_table,csv,json,table,value,yaml}]
[-c COLUMN] [-m [NAME=VALUE [NAME=VALUE ...]]]
[--max-width <integer>] [--noindent]
[--quote {all,minimal,none,nonnumeric}]
[--event-type [EVENT_TYPE [EVENT_TYPE ...]]]
[--entity-type [ENTITY_TYPE [ENTITY_TYPE ...]]]
[--entity-id [ENTITY_ID [ENTITY_ID ...]]]
[--severity [SEVERITY [SEVERITY ...]]]
[--start-timestamp START_TIMESTAMP]
[--end-timestamp END_TIMESTAMP] [--limit LIMIT]
[--offset OFFSET]
[--project-id [PROJECT_ID [PROJECT_ID ...]]]
[--hostname [HOSTNAME [HOSTNAME ...]]]
[--request-id [REQUEST_ID [REQUEST_ID ...]]]
[--user-id [USER_ID [USER_ID ...]]]
Description
Get system events filtered by given params. If param value is None or [] it will not be used for filtering.
Return
None
Optional
optional arguments:
-h, --help show this help message and exit
--event-type [EVENT_TYPE [EVENT_TYPE ...]]
Filter by (default: None)
--entity-type [ENTITY_TYPE [ENTITY_TYPE ...]]
Filter by (default: None)
--entity-id [ENTITY_ID [ENTITY_ID ...]]
Filter by (default: None)
--severity [SEVERITY [SEVERITY ...]]
Filter by (default: None)
--start-timestamp START_TIMESTAMP
Start of query period (milliseconds since epoch), by default - 1 hour back
--end-timestamp END_TIMESTAMP
End of query period (milliseconds since epoch), by default - now
--limit LIMIT Limit amount of events (default: 50)
--offset OFFSET Offset to paginate the results (default: None)
--project-id [PROJECT_ID [PROJECT_ID ...]]
If the user is system admin, the project ID will be used to filter events if it is not
None, else, the project_id will be overriden with the users project ID
--hostname [HOSTNAME [HOSTNAME ...]]
Filter by (default: None)
--request-id [REQUEST_ID [REQUEST_ID ...]]
Filter by (default: None)
--user-id [USER_ID [USER_ID ...]]
Filter by (default: None)