Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ingest-stats API #611

Closed
mmguero opened this issue Nov 4, 2024 · 1 comment
Closed

Add ingest-stats API #611

mmguero opened this issue Nov 4, 2024 · 1 comment
Assignees
Labels
enhancement New feature or request
Milestone

Comments

@mmguero
Copy link
Collaborator

mmguero commented Nov 4, 2024

Document Ingest Statistics

GET - /mapi/ingest-stats

Executes an OpenSearch bucket aggregation query for the host.name field and its maximum (i.e., most regent) event.ingested UTC time value for all of Malcolm's indexed network traffic metadata.

This can be used to know the most recent time a log was indexed for each network sensor.

Example output:

{
  "malcolm": "2024-11-04T14:58:57+00:00",
  "sensor_a": "2024-11-04T14:57:41+00:00",
  "sensor_b": "2024-11-04T14:58:59+00:00"
}
@mmguero mmguero added the enhancement New feature or request label Nov 4, 2024
@mmguero mmguero added this to the v24.11.0 milestone Nov 4, 2024
@mmguero mmguero self-assigned this Nov 4, 2024
@mmguero mmguero added this to Malcolm Nov 4, 2024
@mmguero mmguero moved this to Testing in Malcolm Nov 4, 2024
@mmguero
Copy link
Collaborator Author

mmguero commented Nov 4, 2024

Needed for #11

@mmguero mmguero closed this as completed Nov 4, 2024
@github-project-automation github-project-automation bot moved this from Testing to Done in Malcolm Nov 4, 2024
@mmguero mmguero reopened this Nov 5, 2024
@mmguero mmguero closed this as completed Nov 5, 2024
@mmguero mmguero moved this from Done to Migrated in Malcolm Nov 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
Status: Migrated
Development

No branches or pull requests

1 participant