REST API

The Graylog REST API provides programmatic access to Graylog for automating functions or for integrating with other systems. The REST API allows you to perform any actions that you can perform through the Graylog web interface.

The Graylog REST API can be particularly useful for automating operations that you frequently repeat, such as:

  • New user or team creation

  • System or network monitoring tasks

  • Information gathering and report generation

You can also use the API to integrate with other systems, for example:

  • Ticketing or support systems

  • Third-party monitoring or notification platforms

Access and Authentication

You have two primary methods for accessing the Graylog REST API:

  • From the API browser through the Graylog UI. The API browser is an interactive web portal that lets you view the available methods and perform calls against your Graylog environment. See The API Browser for complete details.

  • From the command line, including scripted command lines or through applications or code that support calling remote APIs. Most programmatic or integration uses require this method. See REST API Use Cases for details.

Access to Graylog features through the REST API is controlled by user permissions, just as it is through the web interface. That is, if you can perform an operation in the Graylog web interface, you can perform the same type of function through the API. Each API call is authenticated with the user credentials provided in the call.

If you use the API browser and are logged in to Graylog in the same browser, API calls are automatically authenticated by your same user credentials. If you are not logged in to Graylog in the same browser, the API browser prompts you for credentials when you try a call.

If you use script or command line access for the REST API, authentication credentials must always be sent with the request. However, Graylog provides a method to create a secure access token so that you can avoid sending actual usernames and passwords directly over the command line. See REST API Access Tokens for details.