Queries logs. This command is suitable for scenarios in which you need to query a large number of logs.

Request syntax

aliyunlog log get_log_all --project=<value> --logstore=<value> --from_time=<value> --to_time=<value> [--topic=<value>] [--query=<value>] [--reverse=<value>] [--offset=<value>] [--access-id=<value>] [--access-key=<value>] [--sts-token=<value>] [--region-endpoint=<value>] [--client-name=<value>] [--jmes-filter=<value>] [--format-output=<value>] [--decode-output=<value>]

Request parameters

The following table describes the required and unique parameters of this command.
Parameter Type Required Example Description
--project String Yes aliyun-test-project The name of the project.
--logstore String Yes logstore-a The name of the Logstore.
--from_time String Yes 2021-05-28 15:33:00+8:00 The beginning of the time range to query. Specify the value as a UNIX timestamp or in the "%Y-%m-%d %H:%M:%S<time_zone>" format. Example: “2018-01-02 12:12:10+8:00“.
--to_time String Yes 2021-05-28 15:40:00+8:00 The end of the time range to query. Specify the value as a UNIX timestamp or in the "%Y-%m-%d %H:%M:%S<time_zone>" format. Example: “2018-01-02 12:12:10+8:00“.
--topic String No None The topic of the logs to query. For more information, see Topic.
--query String No level:Information|select event_id as Key1,COUNT(*) as Key2 group by Key1 The query statement. For more information, see Log search overview and Log analysis overview.
Note If you specify an analytic statement in the value of the query parameter, you must set the line and offset parameters to 0 and use the LIMIT clause to perform a paged query. An analytic statement is an SQL statement. For more information, see Paging of analysis results.
--reverse Boolean No true Specifies whether to return logs in descending order of log timestamp. The log timestamps are accurate to minutes.
  • true: Logs are returned in descending order of log timestamp. The latest log is returned first.
  • false: Logs are returned in ascending order of log timestamp. This is the default value.
--offset Integer No None The row from which the query starts. Default value: 0.
For more information about the global parameters of this command, see Global parameters.

Examples

  • Sample requests
    Use the default account to query the event logs whose level is Information and determine the number of returned logs. Command example:
    aliyunlog log get_log_all --project="aliyun-test-project" --logstore="logstore-a" --from_time="2021-05-28 15:33:00+8:00" --to_time="2021-05-28 15:40:00+8:00" --query="level:Information|select event_id as Key1,COUNT(*) as Key2 group by Key1" --reverse=true
  • Sample responses
    [
      {
        "Key1": "16394",
        "Key2": "1",
        "__source__": "",
        "__time__": "1622186400"
      },
      {
        "Key1": "44",
        "Key2": "1",
        "__source__": "",
        "__time__": "1622186400"
      },
      {
        "Key1": "7036",
        "Key2": "7",
        "__source__": "",
        "__time__": "1622186400"
      },
      {
        "Key1": "16384",
        "Key2": "1",
        "__source__": "",
        "__time__": "1622186400"
      },
      {
        "Key1": "43",
        "Key2": "1",
        "__source__": "",
        "__time__": "1622186400"
      },
      {
        "Key1": "19",
        "Key2": "1",
        "__source__": "",
        "__time__": "1622186400"
      }
    ]

Related commands

Command Description
get_logs Queries logs in exact match mode by using a JSON configuration file.
get_log Queries a specified number of logs.