The Loki server has the following API endpoints (Note: Authentication is out of scope for this project):
-
POST /api/prom/pushFor sending log entries, expects a snappy compressed proto in the HTTP Body:
Also accepts JSON formatted requests when the header
Content-Type: application/jsonis sent. Example of the JSON format:{ "streams": [ { "labels": "{foo=\"bar\"}", "entries": [{ "ts": "2018-12-18T08:28:06.801064-04:00", "line": "baz" }] } ] } -
GET /api/prom/queryFor doing queries, accepts the following parameters in the query-string:
query: a logQL querylimit: max number of entries to returnstart: the start time for the query, as a nanosecond Unix epoch (nanoseconds since 1970). Default is always one hour ago.end: the end time for the query, as a nanosecond Unix epoch (nanoseconds since 1970). Default is current time.direction:forwardorbackward, useful when specifying a limit. Default is backward.regexp: a regex to filter the returned results, will eventually be rolled into the query language
Loki needs to query the index store in order to find log streams for particular labels and the store is spread out by time, so you need to specify the start and end labels accordingly. Querying a long time into the history will cause additional load to the index server and make the query slower.
Responses looks like this:
{ "streams": [ { "labels": "{instance=\"...\", job=\"...\", namespace=\"...\"}", "entries": [ { "ts": "2018-06-27T05:20:28.699492635Z", "line": "..." }, ... ] }, ... ] } -
GET /api/prom/labelFor retrieving the names of the labels one can query on.
Responses looks like this:
{ "values": [ "instance", "job", ... ] } -
GET /api/prom/label/<name>/valuesFor retrieving the label values one can query on.Responses looks like this:
{ "values": [ "default", "cortex-ops", ... ] }