Skip to main content
Create a new search job and retrieve its messages and records. The job is deleted upon successful data retrieval. Important Note: The action returns all the messages and records using pagination, so the returned warning and fields of both the records and messages will be taken from the first request to each corresponding endpoint. For more information about required roles, please visit Sumo Logic’s documentation.
External DocumentationTo learn more, visit the Sumo Logic documentation.

Parameters

ParameterDescription
Auto Parsing ModeThe mode of auto-parsing.

- AutoParse - Sumo Logic will perform field extraction on JSON log messages when you run a search.

- Manual - (Default value) Sumo Logic will not automatically parse JSON logs at search time.

For more information refer to the Dynamic Parsing page in Sumo Logic’s documentation.
FromThe date and time at which to start the search job.
QueryThe actual search expression.

For more information please refer to Sumo Logic’s documentation.
Search By Receipt TimeSelect to search data based on the receipt time.

For more information please refer to Sumo Logic documentation.
Time ZoneThe time zone for the From and To parameters.

For a list of supported time zones, refer to Wikipedia’s Time Zones article under the TZ identifier column.
ToThe date and time at which to end the search job.

Example Output

{
	"messages_warning": "",
	"messages_fields": [
		{
			"name": "_orgid",
			"fieldType": "string",
			"keyField": false
		}
	],
	"messages": [
		{
			"map": {
				"_blockid": "-1925440348082057768",
				"_collector": "ELAD COLLECTOR",
				"_collectorid": "333465271",
				"_format": "t:fail:o:-1:l:0:p:null",
				"_messagecount": "0",
				"_messageid": "-8685697174135252760",
				"_messagetime": "1769089999193",
				"_orgid": "0000000000BDA330",
				"_raw": "{\"marker\":\"ELAD_SEARCHJOB_TEST\",\"message_id\":\"msg-002\",\"tenant_id\":\"t-123\",\"text\":\"hello\"}",
				"_receipttime": "1769089999193",
				"_searchabletime": "1769090124627",
				"_size": "90",
				"_source": "elad logs and metrics",
				"_sourcecategory": "Http Input",
				"_sourcehost": "199.203.9.196",
				"_sourceid": "2074057758",
				"_sourcename": "Http Input",
				"_view": "",
				"elad": "elad"
			}
		}
	],
	"records_warning": "",
	"records_fields": [
		{
			"name": "_sourcecategory",
			"fieldType": "string",
			"keyField": true
		}
	],
	"records": [
		{
			"map": {
				"_count": "10",
				"_sourcecategory": "Http Input"
			}
		}
	]
}

Workflow Library Example

Create and Run Search Job with Sumo Logic and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop