POST https://console.baleen.cloud/api/logs/access-logs
Retrieves a limited amount of access logs in a timerange with optional filtering
Authorization
The user must be authentificated using his personal access token
The baleen namespace must be set within the cookie baleen-namespace
Query Params
Param | Required/Optional | Type | Description |
---|---|---|---|
start | optional | <long> | The timestamp (in seconds) to collect data from |
end | optional | <long> | The timestamp (in seconds) to collect data to |
size | optional | 100 | The page size of log entries to retrieve |
page | optional | 0 | The page number of log entries to retrieve |
Body Params
filters object[] (optional)
Array allowing to define the filters to apply on the access logs using the following parameters
Param | Type | Description |
---|---|---|
field | enum | The field targeted to filter the logs Has to be one of the following value :
|
operator | enum | The operator used to filter the logs Has to be one of the following value :
|
value | string | The value considered to filter the logs |
Response body
Field | Required/Optional | Type | Description |
---|---|---|---|
timestamp | required | ISO 8601 GMT | ISO 8601 uses the 24-hour clock system |
status | required | HTTP status | Hypertext Transfer Protocol (HTTP) response status codes |
remoteAddr | optional | IP address | client IP proxy or client IP address |
upstream | optional | IP address | Baleen proxy-out IP address |
scheme | required | URI Scheme | |
requestFateAction | optional | Baleen BotDetection Fate Action | Baleen Botdetection action for this request |
bodyBytesSent | required | Byte data type | request body size |
botCategory | optional | Baleen Bot Category | Bot Category assigned to this request |
httpHost | required | URL scheme | Request Host header value |
httpUserAgent | optional | String | Request User-Agent header value |
remoteUser | optional | IP address | |
requestTime | optional | Duration (Seconds) | Request processing time |
clientIP | required | IP address | Client IP adress |
httpXForwardedFor | optional | comma separated IP addresses | identifying the originating IP address of a client connecting to a web server through an HTTP proxy or a load balancer |
httpReferrer | optional | URL scheme | Request Referer header value |
upstreamResponseTime | optional | Duration (Second) | Origine response time for this request |
requestFate | optional | Baleen Bot Detection Action | Baleen action for this request |
requestJa3 | optional | string | Device TLS fingerprint |
sslProtocol | required | string | Client TLS protocol |
serverProtocol | required | string | |
requestURI | required | URI scheme | Request ressource identifier |
requestMethod | required | HTTP Request Method | |
requestArgs | optional | string | Request URI query strings |
requestISP | optional | string | Client Internet Service Provider |
requestCountry | optional | string | country code ISO3166-1 format |
requestConnectionType | optional | string | |
requestionIsAnonymousProxy | optional | Boolean | Tells if this request was made using an anonymous proxy like à VPN |
responseContentType | optional | string | Response Content Type Header |
Example
The following example shows a request retrieving logs of requests from France having targeted the path “/” between April 25th 2023 3PM and April 25th 2023 8PM.
Query
POST https://console.baleen.cloud/api/logs/access-logs?start=1682427600&end=1682445600&page=0&size=100
Request body
{ "filters": [ { "field": "uri", "value": "/", "operator": "equals" }, { "field": "country", "value": "FR", "operator": "equals" } ] }
Response body
[ { "timestamp": "2023-04-25T17:59:59.976999998Z", "status": "200", "remoteAddr": "5.182.212.102", "upstream": "", "scheme": "https", "requestFateAction": "challengejs_displayed", "bodyBytesSent": "2263", "botCategory": "unknown", "triggeredRuleId": "", "triggeredRuleTrackingId": "", "httpHost": "www.cdiscount.com", "httpUserAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0", "remoteUser": "", "requestTime": "0.000", "clientIp": "89.85.86.142", "httpXForwardedFor": "89.85.86.142", "httpReferrer": "", "upstreamResponseTime": "", "requestFate": "challengejs", "requestJa3": "579ccef312d18482fc42e2b822ca2430", "sslProtocol": "TLSv1.3", "serverProtocol": "HTTP/1.1", "requestUri": "/", "requestMethod": "GET", "requestIsp": "Bouygues Telecom", "requestCountry": "FR", "requestAsn": "5410", "requestConnectionType": "Cable/DSL", "requestIsAnonymousProxy": false, "responseContentType": "text/html" }, { "timestamp": "2023-04-25T17:59:59.928999900Z", "status": "200", "remoteAddr": "5.182.213.95", "upstream": "", "scheme": "https", "requestFateAction": "challengejs_displayed", "bodyBytesSent": "2344", "botCategory": "unknown", "triggeredRuleId": "", "triggeredRuleTrackingId": "", "httpHost": "www.cdiscount.com", "httpUserAgent": "Mozilla/5.0 (iPhone; CPU iPhone OS 16_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.4 Mobile/15E148 Safari/604.1", "remoteUser": "", "requestTime": "0.000", "clientIp": "92.162.167.105", "httpXForwardedFor": "92.162.167.105", "httpReferrer": "", "upstreamResponseTime": "", "requestFate": "challengejs", "requestJa3": "c3133b31632d390d16ba92a92d674580", "sslProtocol": "TLSv1.3", "serverProtocol": "HTTP/1.1", "requestUri": "/", "requestMethod": "GET", "requestIsp": "Orange", "requestCountry": "FR", "requestAsn": "3215", "requestConnectionType": "Cable/DSL", "requestIsAnonymousProxy": false, "responseContentType": "text/html" }, { "timestamp": "2023-04-25T17:59:59.924999952Z", "status": "200", "remoteAddr": "5.182.213.105", "upstream": "", "scheme": "https", "requestFateAction": "challengejs_displayed", "bodyBytesSent": "2263", "botCategory": "unknown", "triggeredRuleId": "", "triggeredRuleTrackingId": "", "httpHost": "www.cdiscount.com", "httpUserAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0", "remoteUser": "", "requestTime": "0.000", "clientIp": "91.175.111.26", "httpXForwardedFor": "91.175.111.26", "httpReferrer": "", "upstreamResponseTime": "", "requestFate": "challengejs", "requestJa3": "579ccef312d18482fc42e2b822ca2430", "sslProtocol": "TLSv1.3", "serverProtocol": "HTTP/1.1", "requestUri": "/", "requestMethod": "GET", "requestIsp": "Free SAS", "requestCountry": "FR", "requestAsn": "12322", "requestConnectionType": "Cable/DSL", "requestIsAnonymousProxy": false, "responseContentType": "text/html" } ... ]