The ingestion API allows users to send logs to Unomaly through HTTP requests.

How to use the ingestion API

Call the batch endpoint to send multiple logs at the same time. You can also compress contents with gzip and set the Content-Encoding header to 'gzip'.


The API call expects a JSON payload of this type:

JSON format
Property Required? Description
Message Yes The log message that Unomaly will analyze.
Source Yes Where the log originates, shown as "system" in Unomaly.
Metadata No Any JSON payload that will be displayed in the Situations view.
Timestamp No Timestamp of the original log. If there is no timestamp, Unomaly will use the current time. Should be formatted as specified in RFC3339.

The batch endpoint expects an array of events such as:

cat <<EOF | curl -i -k -H "Content-Type: application/json" -X POST -d @- https://{unomaly}/v1/batch
[ {
"message": "app[123] error: failed to parse object",
"timestamp": "2018-09-26T12:49:35+00:00",
"source": "systemx",
"metadata": {
"tag": "test"
} ]

Response codes

API Response Code
Status Description
200 The ingestion was successful.
400 There were errors receiving and decoding the payload.

A response from Unomaly may be:

HTTP/1.1 200 OK
Date: Wed, 26 Sep 2018 12:49:34 GMT
Server: fasthttp
Content-Length: 0