REST API

Last updated: March 31, 2026 · 1 min read

The siftlogd REST API exposes signal history, the live event stream, and per-source health status over HTTP. It is the foundation for the SiftLog Android companion app and any custom integrations.

Enabling the API

The API is disabled by default. Users who never enable it have zero additional network surface. To enable:

api:
  enabled: true
  port: 8080
  bind: 127.0.0.1      # change to 0.0.0.0 for remote access
  api_key: YOUR_KEY    # required -- siftlogd will not start without this

Authentication

All requests require the API key in the header:

Authorization: Bearer YOUR_KEY

Endpoints

GET /api/v1/signals

Recent signals. Supports ?since= (ISO 8601 timestamp), ?type=cascade|anomaly|silence, ?limit=.

{
  "signals": [
    {
      "id": 42,
      "created_at": "2026-03-30T03:14:22Z",
      "signal_type": "cascade",
      "service": "api-gateway",
      "cascade_from": "auth-service",
      "trace_id": "f8a21c",
      "message": "auth-service -> api-gateway -> user-service"
    }
  ]
}

GET /api/v1/sources

Per-source health status, last event time, and event rate.

{
  "sources": [
    {
      "name": "auth-service",
      "status": "green",
      "last_event": "2026-03-30T03:14:22Z",
      "rate_per_min": 847.0,
      "baseline_per_min": 840.0
    }
  ]
}

GET /api/v1/events

Windowed slice of the merged time-ordered event stream. Supports ?since=, ?limit=, ?signals_only=true.

GET /api/v1/status

Daemon version, uptime, total event count, active source count.

Privacy note

The API exposes signal metadata and event summaries — not raw log content. Raw log data never leaves siftlogd’s local processing pipeline regardless of API configuration.

Next: Troubleshooting

SiftLog Platform

Always-on log correlation daemon. Cascade, anomaly, and silence detection across every log source in your infrastructure.

Quick Links

// real.developer.js
const approach = {
investors: false,
buzzwords: false,
actualUse: true,
problems: ['real', 'solved']
};
// Ship it.

Built by People Who Actually Use the Software

M Media software isn't venture-funded, trend-chasing, or built to look good in pitch decks. It's built by developers who run their own servers, ship their own products, and rely on these tools every day.

That means fewer abstractions, fewer dependencies, and fewer "coming soon" promises. Our software exists because we needed it to exist — to automate real work, solve real problems, and keep systems running without babysitting.

We build software the way it used to be built: practical, durable, and accountable. If a feature doesn't save time, reduce friction, or make something more reliable, it doesn't ship.

Every feature solves a problem we actually had
No investor timelines forcing half-baked releases
Updates add value, not just version numbers
Documentation written by people who got stuck first

This is software designed to stay installed — not be replaced next quarter.

Tracking Scripts
Telemetry Services
Anonymous Statistics
Your Privacy

No Bloat. No Spyware. No Nonsense.

Modern software has become surveillance dressed as convenience. Every click tracked, every behavior analyzed, every action monetized. M Media software doesn't play that game.

Our apps don't phone home, don't collect telemetry, and don't require accounts for features that should work offline. No analytics dashboards measuring your "engagement." No A/B tests optimizing how long you stay trapped in the interface.

We build tools, not attention traps.

The code does what it says on the tin — nothing more, nothing less. No hidden services running in the background. No dependencies on third-party APIs that might disappear tomorrow. No frameworks that require 500MB of node_modules to display a button.

Your data stays on your device
No "anonymous" usage statistics
Minimal dependencies, fewer risks
Respects CPU, RAM, and battery