Loki Query API#

With Thanos Query access, you will be able to:

  1. Access the Loki logs programmatically using your OpenShift personal token

Steps to follow#

To get the specific permissions needed to query logs directly from the Loki Query API, please follow these steps:

  1. Onboard your project/group to Operate First (guide)

  2. Once your group has been onboarded, add your group to this list in a new line as:

     - kind: Group
       apiGroup: rbac.authorization.k8s.io
       name: MY_GROUP_NAME
    

    and create a PR (Pull Request). You can see an example Pull Request here

  3. After your PR is reviewed/merged, you should have access to the Thanos Query Console and API

Example: Loki Query API#

This is the endpoint that can be used to query logs from Loki.

Example:

MY_BEARER_TOKEN="sha256~1A...DW-id...NE-...lWM"
curl -H "X-Scope-OrgID: cluster-infra-logs" \
  -H "Authorization: Bearer $MY_BEARER_TOKEN" \
  -G -s  "https://loki-frontend-opf-observatorium.apps.smaug.na.operate-first.cloud/loki/api/v1/query_range" \
  --data-urlencode 'query={cluster_log_level="infra-logs"}'

This command queries logs from Loki using {cluster_log_level="infra-logs"} label as the query. Notice that we had to provide the same OrgID “cluster-infra-logs” to be able to query for the logs that we pushed in.

While querying Loki for logs, you will need to have a header 'X-Scope-OrgID' set in your requests. This header is used to identify tenants in a multi tenancy setup. To see which OrgID values are available look into the configured Loki Grafana Datasources

More Info on /query_range

Some documentation about the Loki Query API is available here.

You also need a [BEARER_TOKEN][../thanos/thanos_programmatic_access.md]