I have the following query, but I am not sure how to get the payload that was sent to the request_url.
index=fastly sourcetype=fastly_syslog_json fastly_service_name=www.mysite.com request_type=POST request_url="/api/v1/myPostEndpoint" | fields {what to put here?}
I am hoping there is a way I can inspect the payloads that have been POSTed to that endpoint over a range of time, in order to create a report on a particular field within those payloads.
↧