blockedQueries()

The blockedQueries() GraphQL query fetches the list of blocked query patterns.

For more information on blocking queries, see the Blocking Queries documentation page.

Syntax

Below is the syntax for the blockedQueries() query field:

graphql

blockedQueries: [BlockedQuery!]!

After entering blockedQueries, you don't enter BlockedQuery — that's just the returned datatype. Instead, you'll have to specify which values you want returned — at least one value, id. Below is an example with a few values requested:

Raw

graphql

query {
	blockedQueries {
    id, 
    type,
    pattern
  }
}

Mac OS or Linux (curl)

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
	blockedQueries {
    id, 
    type,
    pattern
  }
}"
}
EOF

Mac OS or Linux (curl) One-line

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
	blockedQueries {
    id, 
    type,
    pattern
  }
}"
}
EOF

Windows Cmd and curl

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "query { ^
	blockedQueries { ^
    id,  ^
    type, ^
    pattern ^
  } ^
}" ^
} '

Windows Powershell and curl

powershell

curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "query {
	blockedQueries {
    id, 
    type,
    pattern
  }
}"
}'
"$YOUR_LOGSCALE_URL/graphql"

Perl

perl

#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $json = '{"query" : "query {
	blockedQueries {
    id, 
    type,
    pattern
  }
}"
}';
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";

Python

python

#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "query {
	blockedQueries {
    id, 
    type,
    pattern
  }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)

Node.js

javascript

const https = require('https');

const data = JSON.stringify(
    {"query" : "query {
	blockedQueries {
    id, 
    type,
    pattern
  }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL/graphql',
  path: '/graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();

Example Responses

Success (HTTP Response Code 200 OK)

json

{
  "data": {
    "blockedQueries": [
      {
        "id": "z97vfV6EvCVquFIvHtYfULB2",
        "type": "REGEX",
        "pattern": "#type=humio"
      },
      {
        "id": "zrHTMPHsLgkJnLsUq0nv0TQt",
        "type": "REGEX",
        "pattern": "#type=testerroo"
      }
    ]
  }
}

Notice that the example above requests three values, separated by commas. Since there were two blocked queries, two sets of values were returned, each in square brackets.

Given Datatypes

The given datatype BlockedQuery has its own parameters. Below is a list of them along with their datatypes and a description of each:

Table: BlockedQuery

Parameter	Type	Required^[a]	Description
`id`	string	yes	The unique identifier of the blocked query.
`expiresAt`	datetime		The date and time in which any matching queries will cease to be blocked.
`expiresInMilliseconds`	integer		The amount of milliseconds from now in which any matching queries will cease to be blocked.
`pattern`	string	yes	The exact or regular expression pattern used to match queries to be blocked.
`type`	`BlockedQueryMatcherType`	yes	Whether the pattern should be matched exactly or interpreted as a regular express: EXACT, or REGEX.
`view`	`View`		The related view, if any (see `View` Table).
`organization`	`Organization`		The organization associated with the view, if any (see `Organization` Table).
^[a]Some arguments may be required, as indicated in this column. For some fields, this column indicates that a result will always be returned for it.

LogScale GraphQL Reference

GraphQL Queries

GraphQL Mutation Fields

GraphQL Datatypes

blockedQueries()

Syntax

Given Datatypes

Enter search term