> ## Documentation Index
> Fetch the complete documentation index at: https://docs.bronto.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Poll a live tail job



## OpenAPI

````yaml https://s3.eu-west-1.amazonaws.com/docs.brontobytes.io/redocusaurus/brontobytes.yaml get /live-tail
openapi: 3.0.2
info:
  title: Bronto API
  license:
    name: Commercial
  version: 1.0.0
servers:
  - url: https://api.eu.bronto.io
  - url: https://api.us.bronto.io
security:
  - ApiKeyAuth: []
  - BearerAuth: []
tags:
  - name: api-keys
    description: >
      An Application Programming Interface (API) key is a unique identifier. 

      The API Key must be provided as X-BRONTO-API-KEY in headers for the
      request to be authenticated 

      and authorized by the API server according to the API Key's role. For
      further information about 

      roles visit [our API Key docs] 
      https://docs.bronto.io/manage/manage-api-keys
  - name: context
    description: >
      Context is a REST API resource that allows the retrieval of a specified
      number of log events (default of 100) around 

      a log event of interest, e.g. when a number of log events were returned by
      a previous query and you then decide you 

      want to see the 50 log events before one of those returned log events. Log
      events can be retrieved either before, 

      after, or both before and after the specified log event.
  - name: exports
    description: >
      The Bronto Export API allows you to efficiently download large volumes of
      log data for further analysis.

      The data to be exported can be filtered by entering the search parameters
      \"from\", \"where\" and \"time_range\" as

      per a normal query in the \"search_details\" object.


      To export data the following steps are required:

      1. Create an export using a POST request, which will return an
      \"export_id\", \"status\" and \"progress\".

      2. Use the export id to get the status of the export task by sending a GET
      request,

      which will return \"status\" and \"progress\" with a value of percentage
      completed. When the export is

      completed, the \"status\" will be \"COMPLETE\"

      3. Once the export task has completed you can download your data using
      curl (or similar)

      from the \"location\" URL returned in the GET response.
  - name: collections
    description: >
      Collections group datasets together. Each collection contains one or more
      datasets.
  - name: datasets
    description: >
      Datasets are a sequence of timestamped log events. Datasets can be
      searched to view events matching a filter

      or to perform statistical functions on matching events.
  - name: logs
    description: >
      Logs are a sequence of timestamped log events. Logs can be searched to
      view events matching a filter

      or to perform statistical functions on matching events.
  - name: search
    description: >
      The REST API for searching data uses queries based on a subset of SQL,
      with

      the syntax as per https://docs.bronto.io/query-syntax/overview
  - name: top-keys
    description: >
      Top-Keys is a REST API resource that allows you to easily retrieve the top
      keys for a specific log.
  - name: usage
    description: >
      Usage is a REST API resource that allows you to easily track your Bronto
      usage by retrieving usage data relating 

      to data ingestion and amount of data searched, and allowing you to drill
      down for a specific dataset over a defined timeframe.
  - name: users
    description: >
      Users are given specific roles, where each role determines the user's
      permissions within the application. Those roles are as follows:

      - "Admin" role has permission for all actions on all entities in the
      application.

      - "Standard" role allows Read/Write and Delete actions on entities in
      non-sensitive areas of the application.

      - "ReadOnly" role allows only read actions and only on entities in
      non-sensitive areas of the application.
  - name: config_assistant
    description: >
      The Config Assistant APIs provide endpoints for creating or modifying
      observability agent configurations.
  - name: patterns
    description: >
      Patterns return the Pattern IDs, templates, and source log ID for all logs
      matching the

      given search criteria.
paths:
  /live-tail:
    get:
      tags:
        - live-tail
      summary: Poll a live tail job
      operationId: pollLiveTail
      parameters:
        - name: job_id
          in: query
          description: ID of live tail job to poll
          required: true
          schema:
            type: string
          example: 61882bed-8bad-41e3-9d26-295d4143c70e
        - name: limit
          in: query
          description: Maximum number of log entries to return
          required: false
          schema:
            maximum: 1000
            minimum: 1
            type: integer
          example: 100
        - name: most_recent_first
          in: query
          description: >-
            Order response events chronologically, ascending (false) or
            descending (true)
          required: false
          schema:
            type: boolean
            default: true
          example: true
      responses:
        '200':
          description: A list of log entries
          headers:
            RateLimit-Limit:
              $ref: '#/components/headers/RateLimitLimit'
            RateLimit-Remaining:
              $ref: '#/components/headers/RateLimitRemaining'
            RateLimit-Reset:
              $ref: '#/components/headers/RateLimitReset'
          content:
            application/json:
              schema:
                type: object
                properties:
                  logs:
                    type: array
                    items:
                      $ref: '#/components/schemas/PollLiveTailResponse'
        '429':
          description: Too Many Request - Fair usage limits exceeded
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '500':
          description: Internal Server Error - An error occurred on the server side.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        default:
          description: Unexpected Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
components:
  headers:
    RateLimitLimit:
      description: The request limit per time window.
      schema:
        type: integer
      example: 20
    RateLimitRemaining:
      description: The number of requests left in the current time window.
      schema:
        type: integer
      example: 12
    RateLimitReset:
      description: The number of seconds left in the current time window.
      schema:
        type: integer
      example: 13
  schemas:
    PollLiveTailResponse:
      type: object
      properties:
        events:
          type: array
          items:
            $ref: '#/components/schemas/Event'
    ErrorResponse:
      required:
        - code
        - correlation_id
        - details
        - type
      type: object
      properties:
        code:
          maximum: 599
          minimum: 400
          type: integer
          description: HTTP status code for the error response.
          format: int32
        type:
          type: string
          description: >-
            HTTP reason phrase associated with the status code (e.g. "Not Found"
            for 404)
          example: Not Found
        correlation_id:
          type: string
          description: Unique identifier for the request, used for tracing and debugging.
        details:
          type: string
          description: Human-readable description of the error.
          example: Resource not found.
      description: Standard error response returned by the API when a request fails.
      example:
        bad_request_validation:
          summary: Bad Request - Validation Error
          description: Example error when request validation fails
          value:
            code: 400
            type: Bad Request
            correlation_id: 95c6a974e3ab01209b6b0dfedb1b16c5
            details: 'Validation failed: ''name'' field is required and cannot be empty'
        bad_request_invalid_type:
          summary: Bad Request - Invalid Metric Type
          description: Example error when an invalid metric type is provided
          value:
            code: 400
            type: Bad Request
            correlation_id: 00d8a51bb2874f2583670317a4fb8db7
            details: >-
              Invalid metric_type 'INVALID'. Must be one of: COUNTER, GAUGE,
              HISTOGRAM
        forbidden:
          summary: Forbidden Access
          description: Example error when user lacks required permissions
          value:
            code: 403
            type: Forbidden
            correlation_id: 40276639de0f49d586e32edd8c4f6b34
            details: >-
              Access denied. User does not have permission to create metric
              definition templates
        not_found:
          summary: Resource Not Found
          description: Example error when requested resource doesn't exist
          value:
            code: 404
            type: Not Found
            correlation_id: 605f832bcfe44a1081441691c8d42253
            details: >-
              Metric definition template with id
              '550e8400-e29b-41d4-a716-446655440000' not found
        rate_limit:
          summary: Rate Limit Exceeded
          description: Example error when API rate limit is exceeded
          value:
            code: 429
            type: Too Many Requests
            correlation_id: 53909ed43c544531b7a555e295960437
            details: >-
              Rate limit exceeded. Maximum 100 requests are allowed within a
              5-minute window
        internal_server_error:
          summary: Internal Server Error
          description: Example error for unexpected server-side failures
          value:
            code: 500
            type: Internal Server Error
            correlation_id: b129b8e0e66c41aa9541a30f67e38ce2
            details: An unexpected error occurred while processing your request
    Event:
      type: object
      properties:
        '@raw':
          type: string
          description: The log message as received
          example: >-
            10.0.108.203 - - [27/May/2024:23:47:27 +0000] "GET / HTTP/1.1" 200
            675 "-" "ELB-HealthChecker/2.0"
        '@time':
          type: string
          description: >
            Human readable time of when this event was ingested into Bronto. The
            time is in UTC and in the format "YYYY-MM-DD HH:MM:SS.MMM UTC"
          example: 2024-05-27 23:26:34.331 UTC
        '@status':
          type: string
          description: >
            Indicates the severity of the event. Possible values are:

            - **info**: Denotes standard events or successful operations, such
            as HTTP 200 responses.

            - **warn**: Highlights potentially problematic situations that are
            not critical but may require attention, 
              such as HTTP 4xx client errors.
            - **error**: Represents critical issues or failures, such as HTTP
            5xx server errors or detected 
              exceptions like stack traces.
          example: info
        message_kvs:
          type: object
          description: Key-value pairs extracted from the log message
          example:
            method: GET
            status_code: '200'
            path: /
        attributes:
          type: object
          description: >
            Additional details attached to the log event, such as resource
            attributes, environment settings, or custom attributes defined by
            the user.
          example:
            $private_ip: 10.0.22.230
            $environment: production
        metadata:
          type: object
          properties:
            service_id:
              type: string
              description: The unique identifier of the service this event came from.
              format: uuid
              example: 23746675-7022-4985-bd74-4af9eba58d72
            timestamp:
              type: integer
              description: Unix timestamp in milliseconds of when this event was ingested.
              example: 1716853347801
            sequence:
              type: integer
              description: >-
                The sequence number of this log event. Note sequence numbers are
                only unique within a millisecond timestamp.
              example: 111721913
            context:
              type: string
              description: >-
                A url that can be used to get the events before and after this
                event.
              format: uri
              example: >
                "https://api.eu.bronto.io/context?sequence=213&from=37bdf479-7c95-4e81-982a-25d0680fb602&timestamp=1716853354331&direction=both"
          description: The metadata of the event
        links:
          type: array
          items:
            anyOf:
              - type: object
                properties:
                  rel:
                    type: string
                    description: next
                    example: context
                  href:
                    type: string
                    description: >-
                      A url that can be used to get the log events before and
                      after this log event.
                    format: uri
                    example: >-
                      https://api.bronto.io/context?sequence=111721913&limit=1&from=23746675-7022-4985-bd74-4af9eba58d72&timestamp=1711535140632&direction=both
  securitySchemes:
    ApiKeyAuth:
      type: apiKey
      name: X-BRONTO-API-KEY
      in: header
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT

````