Skip to main content

Overview

Terminal log endpoints provide access to command execution history, including stdin, stdout, and stderr streams from Docker containers used during penetration testing.

Get All Terminal Logs

Retrieve a list of terminal logs with optional filtering. 
GET /api/v1/termlogs

Query Parameters

page
integer
default:"1"
Page number for pagination
limit
integer
default:"50"
Number of logs per page (max: 1000)
sort
string
default:"created_at"
Sort field: id, type, created_at
order
string
default:"asc"
Sort order: asc or desc
filter
string
Search filter applied to log text and type

Request Example

curl "https://your-server/api/v1/termlogs?page=1&limit=100&sort=created_at&order=desc" \
  -H "Cookie: auth=your-session-cookie" \
  -H "Content-Type: application/json"

Response

termlogs
array
required
Array of terminal log entries
total
integer
required
Total number of logs matching the query
{
  "success": true,
  "data": {
    "termlogs": [
      {
        "id": 1001,
        "type": "stdin",
        "text": "nmap -sV -p 80,443 target.example.com",
        "container_id": 42,
        "flow_id": 1,
        "task_id": 5,
        "subtask_id": 12,
        "created_at": "2024-02-20T10:31:00Z"
      },
      {
        "id": 1002,
        "type": "stdout",
        "text": "Starting Nmap 7.94 ( https://nmap.org ) at 2024-02-20 10:31 UTC\nNmap scan report for target.example.com (192.168.1.100)",
        "container_id": 42,
        "flow_id": 1,
        "task_id": 5,
        "subtask_id": 12,
        "created_at": "2024-02-20T10:31:01Z"
      },
      {
        "id": 1003,
        "type": "stdout",
        "text": "Host is up (0.0012s latency).\nPORT    STATE SERVICE  VERSION\n80/tcp  open  http     Apache httpd 2.4.41\n443/tcp open  ssl/http Apache httpd 2.4.41",
        "container_id": 42,
        "flow_id": 1,
        "task_id": 5,
        "subtask_id": 12,
        "created_at": "2024-02-20T10:31:15Z"
      }
    ],
    "total": 847
  }
}

Get Terminal Logs by Flow

Retrieve terminal logs for a specific flow. 
GET /api/v1/flows/:flowID/termlogs

Path Parameters

flowID
integer
required
Unique identifier of the flow

Query Parameters

Same as “Get All Terminal Logs” endpoint.

Request Example

curl "https://your-server/api/v1/flows/1/termlogs?limit=50" \
  -H "Cookie: auth=your-session-cookie"

Response

Same structure as “Get All Terminal Logs” response, filtered to the specified flow.

Terminal Log Object

id
integer
required
Unique identifier for the log entry
type
string
required
Stream type: stdin, stdout, or stderr
text
string
required
Log content (command or output)
container_id
integer
required
ID of the container where the command was executed
flow_id
integer
required
ID of the parent flow
task_id
integer
ID of the associated task (if any)
subtask_id
integer
ID of the associated subtask (if any)
created_at
string
required
ISO 8601 timestamp when the log was created

Log Types

stdin

Commands sent to the terminal for execution. 
{
  "type": "stdin",
  "text": "sqlmap -u 'http://target.com/page?id=1' --batch --dbs"
}

stdout

Standard output from command execution. 
{
  "type": "stdout",
  "text": "[10:35:42] [INFO] testing connection to the target URL\n[10:35:43] [INFO] testing if the target URL is stable"
}

stderr

Error output from command execution. 
{
  "type": "stderr",
  "text": "[ERROR] connection timeout to the target URL"
}

Filtering Examples

Filter by Command Type

Show only commands (stdin): 
curl "https://your-server/api/v1/flows/1/termlogs?filter=type:stdin" \
  -H "Cookie: auth=your-session-cookie"

Search Log Content

Search for specific text in logs: 
curl "https://your-server/api/v1/flows/1/termlogs?filter=nmap" \
  -H "Cookie: auth=your-session-cookie"

Filter by Task

Get logs for a specific task: 
curl "https://your-server/api/v1/flows/1/termlogs?filter=task_id:5" \
  -H "Cookie: auth=your-session-cookie"

Error Responses

400 Bad Request

{
  "error": "invalid_request",
  "message": "Invalid query parameters"
}

403 Forbidden

{
  "error": "not_permitted",
  "message": "User does not have permission to view these logs"
}

404 Not Found

{
  "error": "not_found",
  "message": "Flow not found"
}

Permissions

To access terminal logs, users must have:
  • termlogs.view - View logs for flows owned by the user
  • termlogs.admin - View all logs (admin only)

Best Practices

Use the filter parameter to search for specific commands or output patterns instead of retrieving all logs.
Terminal logs can be verbose. Use appropriate limit and pagination to manage large result sets.
Logs may contain sensitive information like passwords or API keys. Ensure proper access control and secure storage.

Containers API

View container information and statusGET /api/v1/flows/:flowID/containers

GraphQL Terminal Logs

Access terminal logs via GraphQL with real-time subscriptions

Build docs developers (and LLMs) love

Get started for freeTalk to us