The purpose of this code is to provide a lightweight wrapper to GraylogAPI. It provides standard access to the Graylog 2.0 API endpoints, and it will tell you if you are missing a specific field when calling it.
Install this library, then import the GraylogAPI class.
from pygraylog.graylogapi import GraylogAPI
Then, make an object with your base Graylog URL and username and password for auth
api = pygraylog.GraylogAPI('https://localhost:12900', username='foo', password='foo')
For good security practics, use token based access as following
api = pygraylog.GraylogAPI('https://localhost:12900', api_key='xopqoiwepmd1o23m9awuaspofp')
Then, check out pygraylog/endpoints.py to see which endpoints are implemented/enforced by this library and make your API call.
api.search.universal.absolute.get(fields="src_ip", query="*", from_='1970-01-01 00:00:00', to='1970-01-01 23:59:59')
Notice that each argument here is listed in endpoints.py as required, but you can pass in as many as you want (limit, offset, filter for example) and pygraylog will send it for you.
- Clone this repo
cd /path/to/pygraylogvirtualnenv env. env/bin/activatepip install -r requirements.txt
pip install pygraylogfrom pygraylog.graylogapi import GraylogAPI