Examples

ibmcloud cloud-logs config set service-url \
    'https://ibm.cloud.com/my-api'

Examples

ibmcloud cloud-logs config get service-url

Examples

ibmcloud cloud-logs config unset service-url

Examples

ibmcloud cloud-logs config list

Command options

--id (strfmt.UUID)

Alert ID. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

Example

ibmcloud cloud-logs alert \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f

Command options

--id (strfmt.UUID)

Alert ID. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

--name (string)

Alert name. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--is-active (bool)

Alert is active. Required.

--severity (string)

Alert severity. Required.

Allowable values are: info_or_unspecified, warning, critical, error.

--condition (AlertsV2AlertCondition)

Alert condition. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition=@path/to/file.json.

--notification-groups (AlertsV2AlertNotificationGroups[])

Alert notification groups. Required.

The maximum length is 10 items. The minimum length is 1 item.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --notification-groups=@path/to/file.json.

--filters (AlertsV1AlertFilters)

Alert filters. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --filters=@path/to/file.json.

--description (string)

Alert description.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\-\\s]+$/.

--expiration (AlertsV1Date)

Alert expiration date. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --expiration=@path/to/file.json.

--active-when (AlertsV1AlertActiveWhen)

When should the alert be active. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --active-when=@path/to/file.json.

--notification-payload-filters ([]string)

JSON keys to include in the alert notification, if left empty get the full log text in the alert notification.

The list items must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/. The maximum length is 100 items. The minimum length is 0 items.

--meta-labels (AlertsV1MetaLabel[])

The Meta labels to add to the alert.

The maximum length is 200 items. The minimum length is 0 items.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --meta-labels=@path/to/file.json.

--meta-labels-strings ([]string)

The Meta labels to add to the alert as string with ':' separator.

The list items must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/. The maximum length is 4096 items. The minimum length is 0 items.

--incident-settings (AlertsV2AlertIncidentSettings)

Incident settings, will create the incident based on this configuration. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --incident-settings=@path/to/file.json.

--condition-immediate (AlertsV2ImmediateConditionEmpty)

Condition for immediate standard alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-immediate=@path/to/file.json.

--condition-less-than (AlertsV2LessThanCondition)

Condition for less than alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-less-than=@path/to/file.json.

--condition-more-than (AlertsV2MoreThanCondition)

Condition for more than alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-more-than=@path/to/file.json.

--condition-more-than-usual (AlertsV2MoreThanUsualCondition)

Condition for more than usual alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-more-than-usual=@path/to/file.json.

--condition-new-value (AlertsV2NewValueCondition)

Condition for new value alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-new-value=@path/to/file.json.

--condition-flow (AlertsV2FlowCondition)

Condition for flow alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-flow=@path/to/file.json.

--condition-unique-count (AlertsV2UniqueCountCondition)

Condition for unique count alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-unique-count=@path/to/file.json.

--condition-less-than-usual (AlertsV2LessThanUsualCondition)

Condition for less than usual alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-less-than-usual=@path/to/file.json.

--filters-severities ([]string)

The severity of the logs to filter. This option provides a value for a sub-field of the JSON option 'filters'. It is mutually exclusive with that option.

Allowable list items are: debug_or_unspecified, verbose, info, warning, error, critical. The maximum length is 4096 items. The minimum length is 0 items.

--filters-metadata (AlertsV1AlertFiltersMetadataFilters)

The metadata filters. This option provides a value for a sub-field of the JSON option 'filters'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --filters-metadata=@path/to/file.json.

--filters-alias (string)

The alias of the filter. This option provides a value for a sub-field of the JSON option 'filters'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--filters-text (string)

The text to filter. This option provides a value for a sub-field of the JSON option 'filters'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--filters-ratio-alerts (AlertsV1AlertFiltersRatioAlert[])

The ratio alerts. This option provides a value for a sub-field of the JSON option 'filters'. It is mutually exclusive with that option.

The maximum length is 4096 items. The minimum length is 0 items.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --filters-ratio-alerts=@path/to/file.json.

--filters-filter-type (string)

The type of the filter. This option provides a value for a sub-field of the JSON option 'filters'. It is mutually exclusive with that option.

Allowable values are: text_or_unspecified, template, ratio, unique_count, time_relative, metric, flow.

--expiration-year (int64)

Year. This option provides a value for a sub-field of the JSON option 'expiration'. It is mutually exclusive with that option.

--expiration-month (int64)

Month of the year. This option provides a value for a sub-field of the JSON option 'expiration'. It is mutually exclusive with that option.

--expiration-day (int64)

Day of the month. This option provides a value for a sub-field of the JSON option 'expiration'. It is mutually exclusive with that option.

--active-when-timeframes (AlertsV1AlertActiveTimeframe[])

Activity timeframes of the alert. This option provides a value for a sub-field of the JSON option 'active-when'. It is mutually exclusive with that option.

The maximum length is 30 items. The minimum length is 1 item.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --active-when-timeframes=@path/to/file.json.

--incident-settings-retriggering-period-seconds (int64)

The retriggering period of the alert in seconds. This option provides a value for a sub-field of the JSON option 'incident-settings'. It is mutually exclusive with that option.

The maximum value is 4294967295. The minimum value is 0.

--incident-settings-notify-on (string)

Notify on setting. This option provides a value for a sub-field of the JSON option 'incident-settings'. It is mutually exclusive with that option.

Allowable values are: triggered_only, triggered_and_resolved.

--incident-settings-use-as-notification-settings (bool)

Use these settings for all notificaion webhook. This option provides a value for a sub-field of the JSON option 'incident-settings'. It is mutually exclusive with that option.

Examples

ibmcloud cloud-logs alert-update \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f \
    --name 'Test alert' \
    --is-active true \
    --severity info_or_unspecified \
    --condition '{"more_than": {"parameters": {"threshold": 1, "timeframe": "timeframe_10_min", "group_by": ["coralogix.metadata.applicationName"], "metric_alert_parameters": {"metric_field": "cpu_usage", "metric_source": "prometheus", "arithmetic_operator": "percentile", "arithmetic_operator_modifier": 1, "sample_threshold_percentage": 100, "non_null_percentage": 100, "swap_null_values": true}, "metric_alert_promql_parameters": {"promql_text": "sum(rate(container_cpu_usage_seconds_total{container_name=\"my-container\"}[5m])) by (pod_name)", "arithmetic_operator_modifier": 1, "sample_threshold_percentage": 100, "non_null_percentage": 100, "swap_null_values": true}, "ignore_infinity": true, "relative_timeframe": "hour_or_unspecified", "cardinality_fields": [], "related_extended_data": {"cleanup_deadman_duration": "cleanup_deadman_duration_24h", "should_trigger_deadman": true}}, "evaluation_window": "rolling_or_unspecified"}}' \
    --notification-groups '[{"group_by_fields": ["coralogix.metadata.applicationName"], "notifications": [{"retriggering_period_seconds": 60, "notify_on": "triggered_and_resolved", "integration_id": 123}]}]' \
    --filters '{"severities": ["debug_or_unspecified","verbose","info","warning","error","critical"], "metadata": {"applications": ["CpuMonitoring","WebApi"], "subsystems": ["SnapshotGenerator","PermissionControl"]}, "alias": "monitorQuery", "text": "initiator.id.keyword:iam-ServiceId-10820fd6-c3fe-414e-8fd5-44ce95f7d34d AND action.keyword:cloud-object-storage.object.create", "ratio_alerts": [{"alias": "TopLevelAlert", "text": "_exists_:\"container_name\"", "severities": ["debug_or_unspecified","verbose","info","warning","error","critical"], "applications": ["CpuMonitoring","WebApi"], "subsystems": ["SnapshotGenerator","PermissionControl"], "group_by": ["Host","Thread"]}], "filter_type": "text_or_unspecified"}' \
    --description 'Alert if the number of logs reaches a threshold' \
    --expiration '{"year": 2012, "month": 12, "day": 24}' \
    --active-when '{"timeframes": [{"days_of_week": ["monday_or_unspecified","tuesday","wednesday","thursday","friday","saturday","sunday"], "range": {"start": {"hours": 18, "minutes": 30, "seconds": 0}, "end": {"hours": 18, "minutes": 30, "seconds": 0}}}]}' \
    --notification-payload-filters exampleString,anotherTestString \
    --meta-labels '[{"key": "env", "value": "dev"}]' \
    --meta-labels-strings '[]' \
    --incident-settings '{"retriggering_period_seconds": 300, "notify_on": "triggered_only", "use_as_notification_settings": true}'

Alternatively, granular options are available for the sub-fields of JSON string options:

ibmcloud cloud-logs alert-update \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f \
    --name 'Test alert' \
    --is-active true \
    --severity info_or_unspecified \
    --notification-groups '[alertsV2AlertNotificationGroups]' \
    --description 'Alert if the number of logs reaches a threshold' \
    --notification-payload-filters exampleString,anotherTestString \
    --meta-labels '[alertsV1MetaLabel]' \
    --meta-labels-strings '[]' \
    --condition-more-than alertsV2MoreThanCondition \
    --filters-severities debug_or_unspecified,verbose,info,warning,error,critical \
    --filters-metadata alertsV1AlertFiltersMetadataFilters \
    --filters-alias monitorQuery \
    --filters-text _exists_:"container_name" \
    --filters-ratio-alerts '[alertsV1AlertFiltersRatioAlert]' \
    --filters-filter-type flow \
    --expiration-year 2012 \
    --expiration-month 12 \
    --expiration-day 24 \
    --active-when-timeframes '[alertsV1AlertActiveTimeframe]' \
    --incident-settings-retriggering-period-seconds 60 \
    --incident-settings-notify-on triggered_and_resolved \
    --incident-settings-use-as-notification-settings true

Command options

--id (strfmt.UUID)

Alert ID. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

Example

ibmcloud cloud-logs alert-delete \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f

Example

ibmcloud cloud-logs alerts

Command options

--name (string)

Alert name. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--is-active (bool)

Alert is active. Required.

--severity (string)

Alert severity. Required.

Allowable values are: info_or_unspecified, warning, critical, error.

--condition (AlertsV2AlertCondition)

Alert condition. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition=@path/to/file.json.

--notification-groups (AlertsV2AlertNotificationGroups[])

Alert notification groups. Required.

The maximum length is 10 items. The minimum length is 1 item.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --notification-groups=@path/to/file.json.

--filters (AlertsV1AlertFilters)

Alert filters. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --filters=@path/to/file.json.

--description (string)

Alert description.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\-\\s]+$/.

--expiration (AlertsV1Date)

Alert expiration date. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --expiration=@path/to/file.json.

--active-when (AlertsV1AlertActiveWhen)

When should the alert be active. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --active-when=@path/to/file.json.

--notification-payload-filters ([]string)

JSON keys to include in the alert notification, if left empty get the full log text in the alert notification.

The list items must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/. The maximum length is 100 items. The minimum length is 0 items.

--meta-labels (AlertsV1MetaLabel[])

The Meta labels to add to the alert.

The maximum length is 200 items. The minimum length is 0 items.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --meta-labels=@path/to/file.json.

--meta-labels-strings ([]string)

The Meta labels to add to the alert as string with ':' separator.

The list items must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/. The maximum length is 4096 items. The minimum length is 0 items.

--incident-settings (AlertsV2AlertIncidentSettings)

Incident settings, will create the incident based on this configuration. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --incident-settings=@path/to/file.json.

--condition-immediate (AlertsV2ImmediateConditionEmpty)

Condition for immediate standard alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-immediate=@path/to/file.json.

--condition-less-than (AlertsV2LessThanCondition)

Condition for less than alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-less-than=@path/to/file.json.

--condition-more-than (AlertsV2MoreThanCondition)

Condition for more than alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-more-than=@path/to/file.json.

--condition-more-than-usual (AlertsV2MoreThanUsualCondition)

Condition for more than usual alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-more-than-usual=@path/to/file.json.

--condition-new-value (AlertsV2NewValueCondition)

Condition for new value alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-new-value=@path/to/file.json.

--condition-flow (AlertsV2FlowCondition)

Condition for flow alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-flow=@path/to/file.json.

--condition-unique-count (AlertsV2UniqueCountCondition)

Condition for unique count alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-unique-count=@path/to/file.json.

--condition-less-than-usual (AlertsV2LessThanUsualCondition)

Condition for less than usual alert. This option provides a value for a sub-field of the JSON option 'condition'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --condition-less-than-usual=@path/to/file.json.

--filters-severities ([]string)

The severity of the logs to filter. This option provides a value for a sub-field of the JSON option 'filters'. It is mutually exclusive with that option.

Allowable list items are: debug_or_unspecified, verbose, info, warning, error, critical. The maximum length is 4096 items. The minimum length is 0 items.

--filters-metadata (AlertsV1AlertFiltersMetadataFilters)

The metadata filters. This option provides a value for a sub-field of the JSON option 'filters'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --filters-metadata=@path/to/file.json.

--filters-alias (string)

The alias of the filter. This option provides a value for a sub-field of the JSON option 'filters'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--filters-text (string)

The text to filter. This option provides a value for a sub-field of the JSON option 'filters'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--filters-ratio-alerts (AlertsV1AlertFiltersRatioAlert[])

The ratio alerts. This option provides a value for a sub-field of the JSON option 'filters'. It is mutually exclusive with that option.

The maximum length is 4096 items. The minimum length is 0 items.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --filters-ratio-alerts=@path/to/file.json.

--filters-filter-type (string)

The type of the filter. This option provides a value for a sub-field of the JSON option 'filters'. It is mutually exclusive with that option.

Allowable values are: text_or_unspecified, template, ratio, unique_count, time_relative, metric, flow.

--expiration-year (int64)

Year. This option provides a value for a sub-field of the JSON option 'expiration'. It is mutually exclusive with that option.

--expiration-month (int64)

Month of the year. This option provides a value for a sub-field of the JSON option 'expiration'. It is mutually exclusive with that option.

--expiration-day (int64)

Day of the month. This option provides a value for a sub-field of the JSON option 'expiration'. It is mutually exclusive with that option.

--active-when-timeframes (AlertsV1AlertActiveTimeframe[])

Activity timeframes of the alert. This option provides a value for a sub-field of the JSON option 'active-when'. It is mutually exclusive with that option.

The maximum length is 30 items. The minimum length is 1 item.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --active-when-timeframes=@path/to/file.json.

--incident-settings-retriggering-period-seconds (int64)

The retriggering period of the alert in seconds. This option provides a value for a sub-field of the JSON option 'incident-settings'. It is mutually exclusive with that option.

The maximum value is 4294967295. The minimum value is 0.

--incident-settings-notify-on (string)

Notify on setting. This option provides a value for a sub-field of the JSON option 'incident-settings'. It is mutually exclusive with that option.

Allowable values are: triggered_only, triggered_and_resolved.

--incident-settings-use-as-notification-settings (bool)

Use these settings for all notificaion webhook. This option provides a value for a sub-field of the JSON option 'incident-settings'. It is mutually exclusive with that option.

Examples

ibmcloud cloud-logs alert-create \
    --name 'Test alert' \
    --is-active true \
    --severity info_or_unspecified \
    --condition '{"more_than": {"parameters": {"threshold": 1, "timeframe": "timeframe_10_min", "group_by": ["coralogix.metadata.applicationName"], "metric_alert_parameters": {"metric_field": "cpu_usage", "metric_source": "prometheus", "arithmetic_operator": "percentile", "arithmetic_operator_modifier": 1, "sample_threshold_percentage": 100, "non_null_percentage": 100, "swap_null_values": true}, "metric_alert_promql_parameters": {"promql_text": "sum(rate(container_cpu_usage_seconds_total{container_name=\"my-container\"}[5m])) by (pod_name)", "arithmetic_operator_modifier": 1, "sample_threshold_percentage": 100, "non_null_percentage": 100, "swap_null_values": true}, "ignore_infinity": true, "relative_timeframe": "hour_or_unspecified", "cardinality_fields": [], "related_extended_data": {"cleanup_deadman_duration": "cleanup_deadman_duration_24h", "should_trigger_deadman": true}}, "evaluation_window": "rolling_or_unspecified"}}' \
    --notification-groups '[{"group_by_fields": ["coralogix.metadata.applicationName"], "notifications": [{"retriggering_period_seconds": 60, "notify_on": "triggered_and_resolved", "integration_id": 123}]}]' \
    --filters '{"severities": ["debug_or_unspecified","verbose","info","warning","error","critical"], "metadata": {"applications": ["CpuMonitoring","WebApi"], "subsystems": ["SnapshotGenerator","PermissionControl"]}, "alias": "monitorQuery", "text": "initiator.id.keyword:iam-ServiceId-10820fd6-c3fe-414e-8fd5-44ce95f7d34d AND action.keyword:cloud-object-storage.object.create", "ratio_alerts": [{"alias": "TopLevelAlert", "text": "_exists_:\"container_name\"", "severities": ["debug_or_unspecified","verbose","info","warning","error","critical"], "applications": ["CpuMonitoring","WebApi"], "subsystems": ["SnapshotGenerator","PermissionControl"], "group_by": ["Host","Thread"]}], "filter_type": "text_or_unspecified"}' \
    --description 'Alert if the number of logs reaches a threshold' \
    --expiration '{"year": 2012, "month": 12, "day": 24}' \
    --active-when '{"timeframes": [{"days_of_week": ["monday_or_unspecified","tuesday","wednesday","thursday","friday","saturday","sunday"], "range": {"start": {"hours": 18, "minutes": 30, "seconds": 0}, "end": {"hours": 18, "minutes": 30, "seconds": 0}}}]}' \
    --notification-payload-filters exampleString,anotherTestString \
    --meta-labels '[{"key": "env", "value": "dev"}]' \
    --meta-labels-strings '[]' \
    --incident-settings '{"retriggering_period_seconds": 300, "notify_on": "triggered_only", "use_as_notification_settings": true}'

Alternatively, granular options are available for the sub-fields of JSON string options:

ibmcloud cloud-logs alert-create \
    --name 'Test alert' \
    --is-active true \
    --severity info_or_unspecified \
    --notification-groups '[alertsV2AlertNotificationGroups]' \
    --description 'Alert if the number of logs reaches a threshold' \
    --notification-payload-filters exampleString,anotherTestString \
    --meta-labels '[alertsV1MetaLabel]' \
    --meta-labels-strings '[]' \
    --condition-more-than alertsV2MoreThanCondition \
    --filters-severities debug_or_unspecified,verbose,info,warning,error,critical \
    --filters-metadata alertsV1AlertFiltersMetadataFilters \
    --filters-alias monitorQuery \
    --filters-text _exists_:"container_name" \
    --filters-ratio-alerts '[alertsV1AlertFiltersRatioAlert]' \
    --filters-filter-type flow \
    --expiration-year 2012 \
    --expiration-month 12 \
    --expiration-day 24 \
    --active-when-timeframes '[alertsV1AlertActiveTimeframe]' \
    --incident-settings-retriggering-period-seconds 60 \
    --incident-settings-notify-on triggered_and_resolved \
    --incident-settings-use-as-notification-settings true

Command options

--id (strfmt.UUID)

The group ID. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

Example

ibmcloud cloud-logs rule-group \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f

Command options

--id (strfmt.UUID)

The group ID. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

--name (string)

The name of the rule group. Required.

The maximum length is 255 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--rule-subgroups (RulesV1CreateRuleGroupRequestCreateRuleSubgroup[])

Rule subgroups. Will try to execute the first rule subgroup, and if not matched will try to match the next one in order. Required.

The maximum length is 4096 items. The minimum length is 1 item.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --rule-subgroups=@path/to/file.json.

--description (string)

A description for the rule group, should express what is the rule group purpose.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\-\\s]+$/.

--enabled (bool)

Whether or not the rule is enabled.

--rule-matchers (RulesV1RuleMatcher[])

Optional rule matchers which if matched will make the rule go through the rule group.

The maximum length is 4096 items. The minimum length is 0 items.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --rule-matchers=@path/to/file.json.

--order (int64)

The order in which the rule group will be evaluated. The lower the order, the more priority the group will have. Not providing the order will by default create a group with the last order.

The maximum value is 4294967295. The minimum value is 0.

Example

ibmcloud cloud-logs rule-group-update \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f \
    --name mysql-extractrule \
    --rule-subgroups '[{"rules": [{"name": "mysql-parse", "description": "mysql-parse", "source_field": "text", "parameters": {"parse_parameters": {"destination_field": "text", "rule": "(?P<timestamp>[^,]+),(?P<hostname>[^,]+),(?P<username>[^,]+),(?P<ip>[^,]+),(?P<connectionId>[0-9]+),(?P<queryId>[0-9]+),(?P<operation>[^,]+),(?P<database>[^,]+),\'?(?P<object>.*)\'?,(?P<returnCode>[0-9]+)"}}, "enabled": true, "order": 1}], "enabled": true, "order": 1}]' \
    --description 'mysql audit logs parser' \
    --enabled true \
    --rule-matchers '[{"subsystem_name": {"value": "mysql"}}]' \
    --order 39

Command options

--id (strfmt.UUID)

The group ID. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

Example

ibmcloud cloud-logs rule-group-delete \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f

Example

ibmcloud cloud-logs rule-groups

Command options

--name (string)

The name of the rule group. Required.

The maximum length is 255 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--rule-subgroups (RulesV1CreateRuleGroupRequestCreateRuleSubgroup[])

Rule subgroups. Will try to execute the first rule subgroup, and if not matched will try to match the next one in order. Required.

The maximum length is 4096 items. The minimum length is 1 item.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --rule-subgroups=@path/to/file.json.

--description (string)

A description for the rule group, should express what is the rule group purpose.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\-\\s]+$/.

--enabled (bool)

Whether or not the rule is enabled.

--rule-matchers (RulesV1RuleMatcher[])

Optional rule matchers which if matched will make the rule go through the rule group.

The maximum length is 4096 items. The minimum length is 0 items.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --rule-matchers=@path/to/file.json.

--order (int64)

The order in which the rule group will be evaluated. The lower the order, the more priority the group will have. Not providing the order will by default create a group with the last order.

The maximum value is 4294967295. The minimum value is 0.

Example

ibmcloud cloud-logs rule-group-create \
    --name mysql-extractrule \
    --rule-subgroups '[{"rules": [{"name": "mysql-parse", "description": "mysql-parse", "source_field": "text", "parameters": {"parse_parameters": {"destination_field": "text", "rule": "(?P<timestamp>[^,]+),(?P<hostname>[^,]+),(?P<username>[^,]+),(?P<ip>[^,]+),(?P<connectionId>[0-9]+),(?P<queryId>[0-9]+),(?P<operation>[^,]+),(?P<database>[^,]+),\'?(?P<object>.*)\'?,(?P<returnCode>[0-9]+)"}}, "enabled": true, "order": 1}], "enabled": true, "order": 1}]' \
    --description 'mysql audit logs  parser' \
    --enabled true \
    --rule-matchers '[{"subsystem_name": {"value": "mysql"}}]' \
    --order 39

Command options

--type (string)

The type of the deployed Outbound Integrations to list.

Allowable values are: ibm_event_notifications.

Example

ibmcloud cloud-logs outgoing-webhooks \
    --type ibm_event_notifications

Command options

--prototype (OutgoingWebhookPrototype)

The input data of the Outbound Integration. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --prototype=@path/to/file.json.

--type (string)

The type of the deployed Outbound Integrations to list. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Allowable values are: ibm_event_notifications.

--name (string)

The name of the Outbound Integration. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--url (string)

The URL of the Outbound Integration. Null for IBM Event Notifications integration. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--ibm-event-notifications (OutgoingWebhooksV1IbmEventNotificationsConfig)

The configuration of the IBM Event Notifications Outbound Integration. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --ibm-event-notifications=@path/to/file.json.

Examples

ibmcloud cloud-logs outgoing-webhook-create \
    --prototype '{"type": "ibm_event_notifications", "name": "Event Notifications Integration", "url": "https://example.com", "ibm_event_notifications": {"event_notifications_instance_id": "9fab83da-98cb-4f18-a7ba-b6f0435c9673", "region_id": "eu-es", "source_id": "crn:v1:staging:public:logs:eu-gb:a/223af6f4260f42ebe23e95fcddd33cb7:63a3e4be-cb73-4f52-898e-8e93484a70a5::", "source_name": "IBM Cloud Event Notifications"}}'

Alternatively, granular options are available for the sub-fields of JSON string options:

ibmcloud cloud-logs outgoing-webhook-create \
    --type ibm_event_notifications \
    --name 'Event Notifications Integration' \
    --url https://example.com \
    --ibm-event-notifications outgoingWebhooksV1IbmEventNotificationsConfig

Command options

--id (strfmt.UUID)

The ID of the Outbound Integration to delete. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

Example

ibmcloud cloud-logs outgoing-webhook \
    --id 585bea36-bdd1-4bfb-9a26-51f1f8a12660

Command options

--id (strfmt.UUID)

The ID of the Outbound Integration to delete. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

--prototype (OutgoingWebhookPrototype)

The input data of the Outbound Integration. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --prototype=@path/to/file.json.

--type (string)

The type of the deployed Outbound Integrations to list. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Allowable values are: ibm_event_notifications.

--name (string)

The name of the Outbound Integration. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--url (string)

The URL of the Outbound Integration. Null for IBM Event Notifications integration. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--ibm-event-notifications (OutgoingWebhooksV1IbmEventNotificationsConfig)

The configuration of the IBM Event Notifications Outbound Integration. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --ibm-event-notifications=@path/to/file.json.

Examples

ibmcloud cloud-logs outgoing-webhook-update \
    --id 585bea36-bdd1-4bfb-9a26-51f1f8a12660 \
    --prototype '{"type": "ibm_event_notifications", "name": "Event Notifications Integration", "url": "https://example.com", "ibm_event_notifications": {"event_notifications_instance_id": "9fab83da-98cb-4f18-a7ba-b6f0435c9673", "region_id": "eu-es", "source_id": "crn:v1:staging:public:logs:eu-gb:a/223af6f4260f42ebe23e95fcddd33cb7:63a3e4be-cb73-4f52-898e-8e93484a70a5::", "source_name": "IBM Cloud Event Notifications"}}'

Alternatively, granular options are available for the sub-fields of JSON string options:

ibmcloud cloud-logs outgoing-webhook-update \
    --id 585bea36-bdd1-4bfb-9a26-51f1f8a12660 \
    --type ibm_event_notifications \
    --name 'Event Notifications Integration' \
    --url https://example.com \
    --ibm-event-notifications outgoingWebhooksV1IbmEventNotificationsConfig

Command options

--id (strfmt.UUID)

The ID of the Outbound Integration to delete. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

Example

ibmcloud cloud-logs outgoing-webhook-delete \
    --id 585bea36-bdd1-4bfb-9a26-51f1f8a12660

Command options

--id (strfmt.UUID)

ID of policy. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

Example

ibmcloud cloud-logs policy \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f

Command options

--id (strfmt.UUID)

ID of policy. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

--prototype (PolicyPrototype)

Create policy request. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --prototype=@path/to/file.json.

--name (string)

Policy name. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--description (string)

Policy description. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\-\\s]+$/.

--priority (string)

The data pipeline sources that match the policy rules will go through. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Allowable values are: type_unspecified, type_block, type_low, type_medium, type_high.

--application-rule (QuotaV1Rule)

Rule for matching with application. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --application-rule=@path/to/file.json.

--subsystem-rule (QuotaV1Rule)

Rule for matching with application. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --subsystem-rule=@path/to/file.json.

--archive-retention (QuotaV1ArchiveRetention)

Archive retention definition. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --archive-retention=@path/to/file.json.

--log-rules (QuotaV1LogRules)

Log rules. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --log-rules=@path/to/file.json.

Examples

ibmcloud cloud-logs policy-update \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f \
    --prototype '{"name": "Med_policy", "description": "Medium policy", "priority": "type_high", "application_rule": {"rule_type_id": "is", "name": "test"}, "subsystem_rule": {"rule_type_id": "is", "name": "test"}, "archive_retention": {"id": "9fab83da-98cb-4f18-a7ba-b6f0435c9673"}, "log_rules": {"severities": ["unspecified","debug","verbose","info","warning","error","critical"]}}'

Alternatively, granular options are available for the sub-fields of JSON string options:

ibmcloud cloud-logs policy-update \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f \
    --name 'My Policy' \
    --description 'My Policy Description' \
    --priority type_high \
    --application-rule quotaV1Rule \
    --subsystem-rule quotaV1Rule \
    --archive-retention quotaV1ArchiveRetention \
    --log-rules quotaV1LogRules

Command options

--id (strfmt.UUID)

ID of policy. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

Example

ibmcloud cloud-logs policy-delete \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f

Command options

--enabled-only (bool)

Optionally filter only enabled policies.

--source-type (string)

Source type to filter policies by.

Allowable values are: unspecified, logs.

Example

ibmcloud cloud-logs policies \
    --enabled-only true \
    --source-type logs

Command options

--prototype (PolicyPrototype)

Create policy request. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --prototype=@path/to/file.json.

--name (string)

Policy name. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--description (string)

Policy description. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\-\\s]+$/.

--priority (string)

The data pipeline sources that match the policy rules will go through. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Allowable values are: type_unspecified, type_block, type_low, type_medium, type_high.

--application-rule (QuotaV1Rule)

Rule for matching with application. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --application-rule=@path/to/file.json.

--subsystem-rule (QuotaV1Rule)

Rule for matching with application. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --subsystem-rule=@path/to/file.json.

--archive-retention (QuotaV1ArchiveRetention)

Archive retention definition. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --archive-retention=@path/to/file.json.

--log-rules (QuotaV1LogRules)

Log rules. This option provides a value for a sub-field of the JSON option 'prototype'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --log-rules=@path/to/file.json.

Examples

ibmcloud cloud-logs policy-create \
    --prototype '{"name": "Med_policy", "description": "Medium Policy", "priority": "type_high", "application_rule": {"rule_type_id": "is", "name": "test"}, "subsystem_rule": {"rule_type_id": "is", "name": "test"}, "archive_retention": {"id": "9fab83da-98cb-4f18-a7ba-b6f0435c9673"}, "log_rules": {"severities": ["unspecified","debug","verbose","info","warning","error","critical"]}}'

Alternatively, granular options are available for the sub-fields of JSON string options:

ibmcloud cloud-logs policy-create \
    --name 'My Policy' \
    --description 'My Policy Description' \
    --priority type_high \
    --application-rule quotaV1Rule \
    --subsystem-rule quotaV1Rule \
    --archive-retention quotaV1ArchiveRetention \
    --log-rules quotaV1LogRules

Aliases

events2metrics-list, e2m-list

Example

ibmcloud cloud-logs events2metrics-list

Aliases

events2metrics-create, e2m-create

Command options

--event2-metric-prototype (Event2MetricPrototype)

E2M Create message. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --event2-metric-prototype=@path/to/file.json.

--event2-metric-name (string)

Name of E2M to create. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--event2-metric-description (string)

Description of E2M to create. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\-\\s]+$/.

--event2-metric-permutations-limit (int64)

The permutation limit of the E2M. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

--event2-metric-metric-labels (ApisEvents2metricsV2MetricLabel[])

E2M metric labels. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

The maximum length is 4096 items. The minimum length is 0 items.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --event2-metric-metric-labels=@path/to/file.json.

--event2-metric-metric-fields (ApisEvents2metricsV2MetricField[])

E2M metric fields. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

The maximum length is 4096 items. The minimum length is 0 items.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --event2-metric-metric-fields=@path/to/file.json.

--event2-metric-type (string)

E2M type. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

Allowable values are: unspecified, logs2metrics.

--event2-metric-logs-query (ApisLogs2metricsV2LogsQuery)

E2M logs query. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --event2-metric-logs-query=@path/to/file.json.

Examples

ibmcloud cloud-logs events2metrics-create \
    --event2-metric-prototype '{"name": "test em2", "description": "Test e2m", "permutations_limit": 1, "metric_labels": [{"target_label": "alias_label_name", "source_field": "log_obj.string_value"}], "metric_fields": [{"target_base_metric_name": "alias_field_name", "source_field": "log_obj.numeric_field", "aggregations": [{"enabled": true, "agg_type": "samples", "target_metric_name": "alias_field_name_agg_func", "samples": {"sample_type": "max"}}]}], "type": "logs2metrics", "logs_query": {"lucene": "logs", "alias": "new_query", "applicationname_filters": ["app_name"], "subsystemname_filters": ["sub_name"], "severity_filters": ["unspecified","debug","verbose","info","warning","error","critical"]}}'

Alternatively, granular options are available for the sub-fields of JSON string options:

ibmcloud cloud-logs events2metrics-create \
    --event2-metric-name 'Service catalog latency' \
    --event2-metric-description 'avg and max the latency of catalog service' \
    --event2-metric-permutations-limit 30000 \
    --event2-metric-metric-labels '[apisEvents2metricsV2MetricLabel]' \
    --event2-metric-metric-fields '[apisEvents2metricsV2MetricField]' \
    --event2-metric-type logs2metrics \
    --event2-metric-logs-query apisLogs2metricsV2LogsQuery

Aliases

events2metrics, e2m

Command options

--id (string)

ID of e2m to be deleted. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

Example

ibmcloud cloud-logs events2metrics \
    --id d6a3658e-78d2-47d0-9b81-b2c551f01b09

Aliases

events2metrics-update, e2m-update

Command options

--id (string)

ID of e2m to be deleted. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--event2-metric-prototype (Event2MetricPrototype)

E2M Create message. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --event2-metric-prototype=@path/to/file.json.

--event2-metric-name (string)

Name of E2M to create. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--event2-metric-description (string)

Description of E2M to create. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\-\\s]+$/.

--event2-metric-permutations-limit (int64)

The permutation limit of the E2M. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

--event2-metric-metric-labels (ApisEvents2metricsV2MetricLabel[])

E2M metric labels. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

The maximum length is 4096 items. The minimum length is 0 items.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --event2-metric-metric-labels=@path/to/file.json.

--event2-metric-metric-fields (ApisEvents2metricsV2MetricField[])

E2M metric fields. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

The maximum length is 4096 items. The minimum length is 0 items.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --event2-metric-metric-fields=@path/to/file.json.

--event2-metric-type (string)

E2M type. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

Allowable values are: unspecified, logs2metrics.

--event2-metric-logs-query (ApisLogs2metricsV2LogsQuery)

E2M logs query. This option provides a value for a sub-field of the JSON option 'event2-metric-prototype'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --event2-metric-logs-query=@path/to/file.json.

Examples

ibmcloud cloud-logs events2metrics-update \
    --id d6a3658e-78d2-47d0-9b81-b2c551f01b09 \
    --event2-metric-prototype '{"name": "test em2", "description": "Test e2m updated", "permutations_limit": 1, "metric_labels": [{"target_label": "alias_label_name", "source_field": "log_obj.string_value"}], "metric_fields": [{"target_base_metric_name": "alias_field_name", "source_field": "log_obj.numeric_field", "aggregations": [{"enabled": true, "agg_type": "samples", "target_metric_name": "alias_field_name_agg_func", "samples": {"sample_type": "max"}}]}], "type": "logs2metrics", "logs_query": {"lucene": "logs", "alias": "new_query", "applicationname_filters": ["app_name"], "subsystemname_filters": ["sub_name"], "severity_filters": ["unspecified","debug","verbose","info","warning","error","critical"]}}'

Alternatively, granular options are available for the sub-fields of JSON string options:

ibmcloud cloud-logs events2metrics-update \
    --id d6a3658e-78d2-47d0-9b81-b2c551f01b09 \
    --event2-metric-name 'Service catalog latency' \
    --event2-metric-description 'avg and max the latency of catalog service' \
    --event2-metric-permutations-limit 30000 \
    --event2-metric-metric-labels '[apisEvents2metricsV2MetricLabel]' \
    --event2-metric-metric-fields '[apisEvents2metricsV2MetricField]' \
    --event2-metric-type logs2metrics \
    --event2-metric-logs-query apisLogs2metricsV2LogsQuery

Aliases

events2metrics-delete, e2m-delete

Command options

--id (string)

ID of e2m to be deleted. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

Example

ibmcloud cloud-logs events2metrics-delete \
    --id d6a3658e-78d2-47d0-9b81-b2c551f01b09

Example

ibmcloud cloud-logs views

Command options

--name (string)

View name. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--time-selection (ApisViewsV1TimeSelection)

View time selection. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --time-selection=@path/to/file.json.

--search-query (ApisViewsV1SearchQuery)

View search query. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --search-query=@path/to/file.json.

--filters (ApisViewsV1SelectedFilters)

View selected filters. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --filters=@path/to/file.json.

--folder-id (strfmt.UUID)

View folder ID.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

--time-selection-quick-selection (ApisViewsV1QuickTimeSelection)

Quick time selection. This option provides a value for a sub-field of the JSON option 'time-selection'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --time-selection-quick-selection=@path/to/file.json.

--time-selection-custom-selection (ApisViewsV1CustomTimeSelection)

Custom time selection. This option provides a value for a sub-field of the JSON option 'time-selection'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --time-selection-custom-selection=@path/to/file.json.

Examples

ibmcloud cloud-logs view-create \
    --name 'Logs view' \
    --time-selection '{"custom_selection": {"from_time": "2024-01-25T11:31:43.152Z", "to_time": "2024-01-25T11:37:13.238Z"}}' \
    --search-query '{"query": "logs"}' \
    --filters '{"filters": [{"name": "applicationName", "selected_values": {}}]}' \
    --folder-id 9fab83da-98cb-4f18-a7ba-b6f0435c9673

Alternatively, granular options are available for the sub-fields of JSON string options:

ibmcloud cloud-logs view-create \
    --name 'Logs view' \
    --folder-id 9fab83da-98cb-4f18-a7ba-b6f0435c9673 \
    --time-selection-custom-selection apisViewsV1CustomTimeSelection \
    --search-query-query error \
    --filters-filters '[apisViewsV1Filter]'

Command options

--id (int64)

View ID. Required.

Example

ibmcloud cloud-logs view \
    --id 52

Command options

--id (int64)

View ID. Required.

--name (string)

View name. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--time-selection (ApisViewsV1TimeSelection)

View time selection. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --time-selection=@path/to/file.json.

--search-query (ApisViewsV1SearchQuery)

View search query. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --search-query=@path/to/file.json.

--filters (ApisViewsV1SelectedFilters)

View selected filters. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --filters=@path/to/file.json.

--folder-id (strfmt.UUID)

View folder ID.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

--time-selection-quick-selection (ApisViewsV1QuickTimeSelection)

Quick time selection. This option provides a value for a sub-field of the JSON option 'time-selection'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --time-selection-quick-selection=@path/to/file.json.

--time-selection-custom-selection (ApisViewsV1CustomTimeSelection)

Custom time selection. This option provides a value for a sub-field of the JSON option 'time-selection'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --time-selection-custom-selection=@path/to/file.json.

Examples

ibmcloud cloud-logs view-update \
    --id 52 \
    --name 'Logs view' \
    --time-selection '{"custom_selection": {"from_time": "2024-01-25T11:31:43.152Z", "to_time": "2024-01-25T11:37:13.238Z"}}' \
    --search-query '{"query": "logs new"}' \
    --filters '{"filters": [{"name": "applicationName", "selected_values": {}}]}' \
    --folder-id 9fab83da-98cb-4f18-a7ba-b6f0435c9673

Alternatively, granular options are available for the sub-fields of JSON string options:

ibmcloud cloud-logs view-update \
    --id 52 \
    --name 'Logs view' \
    --folder-id 9fab83da-98cb-4f18-a7ba-b6f0435c9673 \
    --time-selection-custom-selection apisViewsV1CustomTimeSelection \
    --search-query-query error \
    --filters-filters '[apisViewsV1Filter]'

Command options

--id (int64)

View ID. Required.

Example

ibmcloud cloud-logs view-delete \
    --id 52

Example

ibmcloud cloud-logs view-folders

Command options

--name (string)

View folder name. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

Example

ibmcloud cloud-logs view-folder-create \
    --name 'My Folder'

Command options

--id (strfmt.UUID)

Folder ID. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

Example

ibmcloud cloud-logs view-folder \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f

Command options

--id (strfmt.UUID)

Folder ID. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

--name (string)

View folder name. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

Example

ibmcloud cloud-logs view-folder-update \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f \
    --name 'My Folder'

Command options

--id (strfmt.UUID)

Folder ID. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

Example

ibmcloud cloud-logs view-folder-delete \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f

Command options

--id ([]strfmt.UUID)

Array of data access rule IDs.

The list items must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/. The maximum length is 4096 items. The minimum length is 0 items.

Example

ibmcloud cloud-logs data-access-rules \
    --id 4f966911-4bda-407e-b069-477394effa59

Command options

--display-name (string)

Display Name for new Data Access Rule. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--filters (DataAccessRuleFilter[])

Filters for new Data Access Rule. Required.

The maximum length is 4096 items. The minimum length is 0 items.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --filters=@path/to/file.json.

--default-expression (string)

Default Expression for new Data Access Rule. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|'<> ]+$/.

--description (string)

Description for new Data Access Rule.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\-\\s]+$/.

Example

ibmcloud cloud-logs data-access-rule-create \
    --display-name 'Test Data Access Rule' \
    --filters '[{"entity_type": "logs", "expression": "<v1> foo == \'bar\'"}]' \
    --default-expression '<v1>true' \
    --description 'Data Access Rule intended for testing'

Command options

--id (strfmt.UUID)

ID of Data Access Rule to be deleted. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

--display-name (string)

Display Name for new Data Access Rule. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--filters (DataAccessRuleFilter[])

Filters for new Data Access Rule. Required.

The maximum length is 4096 items. The minimum length is 0 items.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --filters=@path/to/file.json.

--default-expression (string)

Default Expression for new Data Access Rule. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|'<> ]+$/.

--description (string)

Description for new Data Access Rule.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\-\\s]+$/.

Example

ibmcloud cloud-logs data-access-rule-update \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f \
    --display-name 'Test Data Access Rule' \
    --filters '[{"entity_type": "logs", "expression": "<v1> foo == \'bar\'"}]' \
    --default-expression '<v1>true' \
    --description 'Data Access Rule intended for testing'

Command options

--id (strfmt.UUID)

ID of Data Access Rule to be deleted. Required.

The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/.

Example

ibmcloud cloud-logs data-access-rule-delete \
    --id 3dc02998-0b50-4ea8-b68a-4779d716fa1f

Example

ibmcloud cloud-logs enrichments

Command options

--field-name (string)

The name of the field to enrich. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--enrichment-type (EnrichmentV1EnrichmentType)

The enrichment type. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --enrichment-type=@path/to/file.json.

--enrichment-type-geo-ip (EnrichmentV1GeoIpTypeEmpty)

The geo ip enrichment. This option provides a value for a sub-field of the JSON option 'enrichment-type'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --enrichment-type-geo-ip=@path/to/file.json.

--enrichment-type-suspicious-ip (EnrichmentV1SuspiciousIpTypeEmpty)

The suspicious ip enrichment. This option provides a value for a sub-field of the JSON option 'enrichment-type'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --enrichment-type-suspicious-ip=@path/to/file.json.

--enrichment-type-custom-enrichment (EnrichmentV1CustomEnrichmentType)

The custom enrichment. This option provides a value for a sub-field of the JSON option 'enrichment-type'. It is mutually exclusive with that option.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --enrichment-type-custom-enrichment=@path/to/file.json.

Examples

ibmcloud cloud-logs enrichment-create \
    --field-name ip \
    --enrichment-type '{"geo_ip": {}}'

Alternatively, granular options are available for the sub-fields of JSON string options:

ibmcloud cloud-logs enrichment-create \
    --field-name ip \
    --enrichment-type-geo-ip enrichmentV1GeoIpTypeEmpty

Command options

--id (int64)

The enrichment ID. Required.

The maximum value is 4294967295. The minimum value is 0.

Example

ibmcloud cloud-logs enrichment-delete \
    --id 1

Example

ibmcloud cloud-logs data-usage-metrics-export-status

Command options

--enabled (bool)

The "enabled" parameter for metrics export. Required.

Example

ibmcloud cloud-logs data-usage-metrics-export-status-update \
    --enabled true

Command options

--query (string)

The query for which you are seeking results. Required.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--metadata (ApisDataprimeV1Metadata)

Configuration for query execution. This JSON option can instead be provided by setting individual fields with other options. It is mutually exclusive with those options.

Provide a JSON string option or specify a JSON file to read from by providing a filepath option that begins with a @, e.g. --metadata=@path/to/file.json.

--start-date (strfmt.DateTime)

Beginning of the time range for the query. Default: end - 15 min or current time - 15 min if end is not defined. This option provides a value for a sub-field of the JSON option 'metadata'. It is mutually exclusive with that option.

--end-date (strfmt.DateTime)

End of the time range for the query. Default: start + 15 min or current time if start is not defined. This option provides a value for a sub-field of the JSON option 'metadata'. It is mutually exclusive with that option.

--default-source (string)

Default value for the source to be used when the source is omitted in a query. This option provides a value for a sub-field of the JSON option 'metadata'. It is mutually exclusive with that option.

The maximum length is 4096 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9_\\.,\\-"{}()\\[\\]=!:#\/$|' ]+$/.

--tier (string)

Tier on which the query runs. This option provides a value for a sub-field of the JSON option 'metadata'. It is mutually exclusive with that option.

Allowable values are: unspecified, archive, frequent_search.

--syntax (string)

The syntax in which the query is written. This option provides a value for a sub-field of the JSON option 'metadata'. It is mutually exclusive with that option.

Allowable values are: unspecified, lucene, dataprime.

--limit (int64)

Limit the number of results. Default: 2000; max for TIER_FREQUENT_SEARCH: 12000; max for TIER_ARCHIVE: 50000. This option provides a value for a sub-field of the JSON option 'metadata'. It is mutually exclusive with that option.

--strict-fields-validation (bool)

Prohibit the use of unknown fields, i.e., those not detected in the ingested data. Default: false. This option provides a value for a sub-field of the JSON option 'metadata'. It is mutually exclusive with that option.

--since (duration)

Query lookback window. Default 1h. Using this flag overrides metadata-start-date and metadata-end-date.

--local-time (bool)

Converts the timestamp of the logs to local time.

Examples

ibmcloud cloud-logs query \
    --query 'source logs | filter $d.apiVersion == 42' \
    --metadata '{"start_date": "2021-01-01T00:00:00.000Z", "end_date": "2021-01-01T00:00:00.000Z", "default_source": "logs", "tier": "frequent_search", "syntax": "dataprime", "limit": 2000, "strict_fields_validation": true}'

Alternatively, granular options are available for the sub-fields of JSON string options:

ibmcloud cloud-logs query \
    --query 'source logs | filter $d.apiVersion == 42' \
    --start-date 2021-01-01T00:00:00.000Z \
    --end-date 2021-01-01T00:00:00.000Z \
    --default-source logs \
    --tier frequent_search \
    --syntax dataprime \
    --limit 2000 \
    --strict-fields-validation true