Feature #4366
closedImplement API access to event database
100%
Description
It would be useful for many applications that the event database is be accessible via some kind of HTTPS API. For starters just implement the API_TOKEN authentication mechanism and provide the same interface as in the event search page, but this time returning JSON responses.
Related issues
Updated by Jan Mach over 5 years ago
- Related to Feature #4235: Hawat: Improve propagation of view metadata into templates added
Updated by Jan Mach over 5 years ago
- Status changed from In Progress to Feedback
- % Done changed from 30 to 90
Deployed latest version to mentat-alt. Check following examples after login:
API documentation:
https://alchemist.cesnet.cz/mentat/doc/development/html/_doclib/hawat_plugin_events.html
Existing message:
https://mentat-alt.cesnet.cz/mentat/api/events/ddb6c116-9626-4bb6-86b5-497e011df541/show
Invalid message ID:
https://mentat-alt.cesnet.cz/mentat/api/events/ddb6c116-9626-4bb6-86b5-497e011df54/show
Invalid search:
https://mentat-alt.cesnet.cz/mentat/api/events/search?dt_from=2018-10-19&dt_to=&source_addrs=&source_ports=&submit=Search
Event metadata:
https://mentat-alt.cesnet.cz/mentat/api/events/metadata
Updated by Radko Krkoš over 5 years ago
I am probably not the one you are asking, but I like it a lot.
I have just one remark.
Jan Mach wrote:
The sqlquery is returned as:
"b'SELECT * FROM events WHERE \"detecttime\" >= \\'2018-10-19T00:00:00+00:00\\'::timestamptz ORDER BY \"detecttime\" DESC LIMIT 100'"
I would prefer a version without all the horrible escaping, like this:
"SELECT * FROM events WHERE detecttime >= '2018-10-19T00:00:00+00:00'::timestamptz ORDER BY detecttime DESC LIMIT 100"
That version can be used directly for all derived uses I can think of.
Updated by Jan Mach over 5 years ago
Radko Krkoš wrote:
I am probably not the one you are asking, but I like it a lot.
I have just one remark.Jan Mach wrote:
The
sqlqueryis returned as:
[...]I would prefer a version without all the horrible escaping, like this:
[...]
That version can be used directly for all derived uses I can think of.
Thank you for the remark. I have fixed it to the following form:
"SELECT * FROM events WHERE \"detecttime\" >= '2018-10-22T00:00:00+00:00'::timestamptz ORDER BY \"detecttime\" DESC LIMIT 100"
Sadly there is nothing more that can be done with the escaping of " character, because it is a valid SQL syntax for column names as it is printed by psycopg and it being rendered into JSON and then displayed as part of that JSON, so the escaping is necessary. I could of course strip all " characters from that string, but I consider that a bad idea, because it alters the original SQL command. I think, that the main purpose of this feature is to know the exact SQL command that is being executed, not a mangled version.
Updated by Radko Krkoš over 5 years ago
Jan Mach wrote:
Sadly there is nothing more that can be done with the escaping of
"character, because it is a valid SQL syntax for column names as it is printed by psycopg and it being rendered into JSON and then displayed as part of that JSON, so the escaping is necessary. I could of course strip all"characters from that string, but I consider that a bad idea, because it alters the original SQL command. I think, that the main purpose of this feature is to know the exact SQL command that is being executed, not a mangled version.
This is more than enough for me. I was also unsure about the column name escaping and I am happy with the solution.
Updated by Jan Mach over 5 years ago
- Status changed from Feedback to Closed
- % Done changed from 90 to 100
Updated by Rajmund Hruška about 2 years ago
- Related to Feature #7578: Create API for reports/dashboard added