Full text search API
Query Syntax
A query is broken up into terms and operators. A term is case insensitive and can be a single word such as
"Hello" or " World " or a phrase surrounded by double quotes such as "Hello World", which would search for
the exact phrase.
Field Names
By default, all the fields will be searched for the search term specified. Specific fields to be searched
on can be provided via the field name followed by a colon ":" and then the search term.
To search for all the entities where display_name field is "App-VM-1", use
display_name:App-VM-1
Use the dot notation to search on nested fields
tags.scope:prod
Wildcards
Wildcard searches can be run using ? to substitute a single character or *
to substitute zero or more characters
*vm* will match all the entities that contains
the term "vm" in any of its fields
display_name:App-VM-? will match App-VM-1, App-VM-2, App-VM-A etc..
display_name:App* will match everything where display_name begins with App
Warning: Be aware that using wildcards especially at the beginning of a word i.e. *vm can use a large amount of
memory and may perform badly.
Boolean Operators
Search terms can be combined using boolean operators AND, OR and NOT.
(Note: Boolean operators must be ALL CAPS).
AND
The AND ( && ) operator matches entities where both terms exist in any of the fields of an entity.
To search for Firewall rule with display_name containing block, use
display_name:*block* AND resource_type:FirewallRule
OR
The OR ( || ) operator links two terms and finds matching entities if either of the terms exists in an entity.
To search for Firewall rule with display_name containing either block or allow, use
display_name:*block* OR display_name:*allow* AND resource_type:FirewallRule
display_name:(*block* OR *allow*) AND resource_type:FirewallRule
NOT
The NOT ( ! ) operator excludes entities that contain the term after NOT.
To search for Firewall rule with display_name does not contain the term block
NOT display_name:*block* AND resource_type:FirewallRule
!display_name:*block* AND resource_type:FirewallRule
Ranges
Ranges can be specified for numeric or string fields and use the following syntax
vni:>50001
vni:>=50001
vni:<90000
vni:<=90000
To combine an upper and lower bound, you would need to join two clauses with AND operator:
vni:(>=50001 AND <90000)
Reserved Characters
If characters which function as operators are to be used in the query (not as operators), then they should be
escaped with a leading backslash.
To search for (a+b)=c
\(a\+b\)\=c.
The reserved characters are: + - = && || > < ! ( ) { } [ ] ^ " ~ * ? : \ /
Failing to escape these reserved characters correctly would lead to syntax errors and prevent the query from running.
Searchable types+
| ALGTypeServiceEntry |
|
ALGTypeServiceEntry
|
| BfdConfiguration |
| BgpNeighborConfig |
| BgpRoutingConfig |
| BridgeEndpointProfile |
|
certificate_ca
|
| certificate_self_signed |
|
certificate_signed
|
| ClusterNodeConfig |
| CommunityList |
| ComputeManager |
|
crl
|
| DfwFirewallConfiguration |
| DhcpServerConfig |
|
DnsSecurityProfile
|
| DOMAIN |
| EdgeCluster |
| EdgeHighAvailabilityProfile |
| EdgeNode |
|
EndpointPolicy
|
|
EndpointRule
|
| EnforcementPoint |
|
EtherTypeServiceEntry
|
|
FloodProtectionProfileBindingMap
|
| ForwardingPolicy |
| ForwardingRule |
|
GatewayFloodProtectionProfile
|
| GatewayPolicy |
| GatewayQosProfile |
| GenericPolicyRealizedResource |
| GlobalConfig |
| Group |
| HostNode |
| ICMPTypeServiceEntry |
| IdsConfig |
| IdsProfile |
|
IdsRule
|
|
IdsSecurityPolicy
|
| IdsSettings |
| IdsSignature |
| IdsSignatureVersion |
| IGMPTypeServiceEntry |
| IpAddressBlock |
| IpAddressPool |
| IpAddressPoolBlockSubnet |
| IpAddressPoolStaticSubnet |
| IPDiscoveryProfile |
| IPFIXDFWCollectorProfile |
| IPFIXDFWProfile |
| IPProtocolServiceEntry |
| IPSecVpnDpdProfile |
| IPSecVpnIkeProfile |
| IPSecVpnLocalEndpoint |
| IPSecVpnRule |
| IPSecVpnService |
| IPSecVpnTunnelInterface |
| IPSecVpnTunnelProfile |
| Ipv6DadProfile |
| Ipv6NdraProfile |
| L2BridgeEndpointProfile |
| L2VPNService |
| L2VPNSession |
| L4PortSetServiceEntry |
| LBClientSslProfile |
| LBCookiePersistenceProfile |
| LBFastTcpProfile |
| LBFastUdpProfile |
| LBGenericPersistenceProfile |
| LBHttpMonitorProfile |
| LBHttpProfile |
| LBHttpsMonitorProfile |
| LBIcmpMonitorProfile |
| LBPassiveMonitorProfile |
| LBPool |
| LBServerSslProfile |
| LBService |
| LBSourceIpPersistenceProfile |
| LBTcpMonitorProfile |
|
LBUdpMonitorProfile
|
| LBVirtualServer |
| LocaleServices |
| MacDiscoveryProfile |
| MetadataProxyConfig |
| PolicyBasedIPSecVpnSession |
| PolicyContextProfile |
| PolicyDnsForwarder |
| PolicyDnsForwarderZone |
| PolicyDraft |
| PolicyEdgeCluster |
| PolicyEdgeNode |
| PolicyExcludeList |
|
PolicyFirewallSessionTimerProfile
|
| PolicyIgmpConfig |
| PolicyMulticastConfig |
| PolicyNat |
| PolicyNatRule |
| PolicyPimConfig |
|
PolicyServiceChain
|
|
PolicyServiceProfile
|
| PolicyTransportZone |
| PrefixList |
|
RealizedVirtualMachine
|
| RedirectionPolicy |
| RedirectionRule |
| RouteBasedIPSecVpnSession |
| Rule |
| SecurityPolicy |
| Segment |
| SegmentPort |
| SegmentSecurityProfile |
| Service |
|
ServiceReference
|
|
ServiceSegment
|
|
SessionTimerProfileBindingMap
|
| Site |
| SpoofGuardProfile |
| StandaloneHostIdfwConfiguration |
| StaticRouteBfdPeer |
| StaticRoutes |
| Tier0 |
| Tier0Interface |
| Tier0RouteMap |
| Tier1 |
| Tier1Interface |
|
TlsCertificate
|
|
TlsCrl
|
|
TraceflowConfig
|
| TransportNode |
| TransportZone |
| UplinkHostSwitchProfile |
| VniPoolConfig |
| AdvertisementConfig |
| AdvertiseRuleList |
| BGPCommunityList |
| BgpConfig |
| BgpNeighbor |
| BridgeEndpointProfile |
| BridgeHighAvailabilityClusterProfile |
|
certificate_ca
|
| certificate_self_signed |
|
certificate_signed
|
| ClusterNodeConfig |
| ComputeCollection |
| ComputeManager |
|
crl
|
| DhcpIpPool |
| DhcpProfile |
| DhcpRelayProfile |
| DhcpRelayService |
|
DirectoryAdDomain
|
|
DirectoryGroup
|
|
DirectoryLdapServer
|
| DiscoveredNode |
| DnsForwarder |
| EdgeCluster |
| EdgeHighAvailabilityProfile |
| EdgeNode |
| ExcludeList |
| ExtraConfigHostSwitchProfile |
| FirewallRule |
| FirewallSection |
| GiConfigDashboardInfo |
|
GiServiceProfile
|
| HostHealthAggregateStatus |
| HostNode |
| IDSSignatureDetail |
| IpBlock |
| IpDiscoverySwitchingProfile |
| IpfixCollectorConfig |
| IpfixDfwConfig |
| IpfixObsPointConfig |
| IpPool |
| IPPrefixList |
| IPSecVPNLocalEndpoint |
| IPSecVPNPeerEndpoint |
| IPSecVPNService |
| IPSecVPNTunnelProfile |
| IPSet |
| L2VpnService |
| L2VpnSession |
| LbClientSslProfile |
| LbCookiePersistenceProfile |
| LbFastTcpProfile |
| LbFastUdpProfile |
| LbGenericPersistenceProfile |
| LbHttpMonitor |
| LbHttpProfile |
| LbHttpsMonitor |
| LbIcmpMonitor |
| LbPassiveMonitor |
| LbPool |
| LbServerSslProfile |
| LbService |
| LbSourceIpPersistenceProfile |
| LbTcpMonitor |
|
LbUdpMonitor
|
| LbVirtualServer |
| LldpHostSwitchProfile |
| LogicalDhcpServer |
| LogicalPort |
| LogicalRouter |
| LogicalRouterCentralizedServicePort |
| LogicalRouterDownLinkPort |
| LogicalRouterIPTunnelPort |
| LogicalRouterLinkPortOnTIER0 |
| LogicalRouterLinkPortOnTIER1 |
| LogicalRouterUpLinkPort |
| LogicalSwitch |
| MacManagementSwitchingProfile |
| MACSet |
| MetadataProxy |
| NatRule |
| NiocProfile |
| NSGroup |
| NSProfile |
| NSService |
| NSServiceGroup |
| PolicyBasedIPSecVPNSession |
| PortMirroringSwitchingProfile |
| PrincipalIdentity |
| QosSwitchingProfile |
| RedistributionConfig |
| RedistributionRuleList |
| RouteBasedIPSecVPNSession |
| RouteMap |
| RoutingConfig |
|
ServiceDefinition
|
| ServiceInsertionRule |
| ServiceInsertionSection |
|
ServiceInsertionServiceProfile
|
|
ServiceProfileNSGroups
|
| SIExcludeList |
| SpoofGuardSwitchingProfile |
| StaticHopBfdPeer |
| StaticRoute |
| SwitchSecuritySwitchingProfile |
| TransportNode |
| TransportZone |
| UplinkHostSwitchProfile |
|
VendorTemplate
|
| VirtualMachine |
| VirtualNetworkInterface |
| VmHealthAggregateStatus |
| VniPool |
Request:
URI Path(s):
/api/v1/search/query
Query Parameters:
SearchQueryRequest+
| cursor |
Opaque cursor to be used for getting next page of records (supplied by current result page) |
string |
|
| included_fields |
Comma separated list of fields that should be included in query result |
string |
|
| page_size |
Maximum number of results to return in this page (server may return fewer) |
integer |
Minimum: 0
Maximum: 1000
Default: "1000" |
| query |
Search query
The syntax of query is described in Search API documentation. |
string |
Required |
| sort_ascending |
|
boolean |
|
| sort_by |
Field by which records are sorted |
string |
|
Example Request:
GET https://<nsx-mgr>/api/v1/search/query?query=resource_type:group&page_size=2
GET https://<nsx-mgr>/policy/api/v1/search/query?query=resource_type:group&page_size=2
GET https://<nsx-mgr>/global-manager/api/v1/search/query?query=resource_type:group&page_size=2
Successful Response:
Response Headers:
Content-type: application/json
Response Body:
SearchResponse+
| _links |
References related to this resource
The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink |
Readonly |
| _schema |
Schema for this resource |
string |
Readonly |
| _self |
Link to this resource |
SelfResourceLink |
Readonly |
| cursor |
Opaque cursor to be used for getting next page of records (supplied by current result page) |
string |
Readonly |
| result_count |
Count of results found (across all pages), set only on first page |
integer |
Readonly |
| results |
Search results
List of records matching the search query. |
array of object |
Readonly |
| sort_ascending |
If true, results are sorted in ascending order |
boolean |
Readonly |
| sort_by |
Field by which records are sorted |
string |
Readonly |
Example Response:
{
"results": [
{
"_last_modified_user": "admin",
"_revision": 4,
"_system_owned": false,
"resource_type": "Group",
"description": "Prod Env Group",
"_protection": "NOT_PROTECTED",
"_last_modified_time": 1561700732921,
"display_name": "ProdEnvGroup",
"_create_user": "admin",
"tags": [
{
"scope": "Prod",
"tag": "Group"
}
],
"_create_time": 1561614698915,
"path": "/infra/domains/default/groups/4fc8c310-989f-11e9-baf3-930b233a84c6",
"marked_for_delete": false,
"parent_path": "/infra/domains/default",
"id": "4fc8c310-989f-11e9-baf3-930b233a84c6",
"relative_path": "4fc8c310-989f-11e9-baf3-930b233a84c6",
"status": {
"consolidated_status_per_enforcement_point": [
{
"consolidated_status": {
"consolidated_status": "SUCCESS"
},
"enforcement_point_id": "default"
}
],
"consolidated_status": {
"consolidated_status": "SUCCESS"
},
"intent_path": "/infra/domains/default/groups/4fc8c310-989f-11e9-baf3-930b233a84c6"
}
},
{
"_last_modified_user": "admin",
"_revision": 0,
"_system_owned": false,
"resource_type": "Group",
"description": "DevOps Environment Group",
"_protection": "NOT_PROTECTED",
"_last_modified_time": 1561707088516,
"display_name": "DevOpsEnvGroup",
"_create_user": "admin",
"tags": [
{
"scope": "DevOps",
"tag": "Group"
}
],
"_create_time": 1561707088516,
"path": "/infra/domains/default/groups/DevOpsEnvGroup",
"marked_for_delete": false,
"parent_path": "/infra/domains/default",
"id": "DevOpsEnvGroup",
"relative_path": "DevOpsEnvGroup",
"status": {
"consolidated_status_per_enforcement_point": [
{
"consolidated_status": {
"consolidated_status": "SUCCESS"
},
"enforcement_point_id": "default"
}
],
"consolidated_status": {
"consolidated_status": "SUCCESS"
},
"intent_path": "/infra/domains/default/groups/DevOpsEnvGroup"
}
}
],
"result_count": 3,
"cursor": "2"
}
Required Permissions:
read
Feature:
search
Additional Errors: