cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 7

Searching Kiwi Syslog Server by the REST API

I want programmatically search and fetch the logs that arrive to a Kiwi Syslog Server. Unfortunately I don't have an access to a server itself, so I cannot create forward rules. I also don't have an access to a logs database. If the REST API is not available the link to some open-source JavaScript Kiwi Log Viewer will also be fine, so I could see how it is implemented.

For example, the Loggly allows to do it by the HTTP request:
https://documentation.solarwinds.com/en/Success_Center/loggly/Content/admin/api-retrieving-data.htm?...

and the Elasticsearch has the Search API:
https://www.elastic.co/guide/en/elasticsearch/reference/current/search-search.html

 

 

0 Kudos
4 Replies

Kiwis is a tool from a much older era, they dont expose a searchable api like that. Depending how you install it you might not even have a real database underneath it, the default is just an MS Access table. Assuming yours is installed with a legit DB like sql server or postgres I'd suspect querying those with your tool would be the best plan to get what you are asking.

- Marc Netterfield, Github
0 Kudos

Thank you for the reply. I think, I'll export logs by creating the remote host forward action to Elasticsearch and search data already from ES.
I see I can configure it in the UI. Is it everything that should be set on the Kiwi side?

Screen Shot 2020-09-06 at 19.26.27.png

0 Kudos

Yep that'll work. Kind of raises the question of why even run the kiwi if you have an ES setup in place already?
- Marc Netterfield, Github
0 Kudos

Kiwi is a customer logs storage. I have to search them if possible, or pull them to ES and search already on ES.

0 Kudos