Create¶
POST /api/v1/blacklist/add
Overview¶
Create a blacklist
Route Parameters¶
Parameter Name | Type | Required | Description |
---|---|---|---|
name | string | Y | Name (2024-11-27 iteration added) Allow empty: False Allow empty string: False Max length: 50 |
desc | string | Y | Description (2024-11-27 iteration added) Example: Description1 Allow empty: False Allow empty string: True Max length: 256 |
type | string | Y | Blacklist type, enum values ('object', 'custom_object', 'logging', 'keyevent', 'tracing', 'rum', 'network', 'security', 'profiling', 'metric') Allow empty: False |
source | string | Y | Data source, when all sources are included, source is re(.* )Allow empty: True Allow empty string: False $maxCharacterLength: 128 |
sources | array | Y | Data sources, used when multiple sources are included (use source field re(.* ) for all sources)Allow empty: True |
filters | array | Y | Filter conditions Allow empty: True |
Parameter Additional Explanation¶
1.Request Body Field Explanation
Parameter Name | type | Required | Description |
---|---|---|---|
name | string | Y | Name (2024-11-27 iteration added) |
desc | string | N | Description (2024-11-27 iteration added) |
type | string | Y | Enum values ('object', 'custom_object', 'logging', 'keyevent', 'tracing', 'rum', 'network', 'security', 'profiling', 'metric') |
source | string | N | Data source, when all sources are included, source is re(.* ) |
sources | array | N | Data sources, 2024-10-16 iteration added field, supports multiple sources selection, use this field when not all sources are included, sources takes precedence over source field |
filter | array | N | Filter conditions |
2.source Field Explanation
When generating filter conditions for the blacklist, the key corresponding to the source field will be replaced based on the type.
type | Key corresponding to source field when generating filter conditions |
---|---|
object | class |
logging | source |
custom_object | class |
keyevent | source |
tracing | service |
rum | app_id |
network | source |
security | category |
profiling | service |
metric | measurement |
3.filters Array Element Field Explanation
Parameter Name | type | Required | Description |
---|---|---|---|
name | string | N | Filter condition name |
operation | string | N | Operations such as in, not_in, match, not_match |
condition | string | N | DQL format filter condition |
values | array | N | Specific values for query conditions |
4. operation Explanation Refer to Line Protocol Filter
key | Description |
---|---|
in | Specified field is in the list |
not_in | Specified field is not in the list |
match | Regex match |
not_match | Regex does not match |
**filters Example
filters:[
{
"name":"host",
"value":[
"host1", "host2"
],
"operation":"in",
"condition":"and"
},
{
"name":"status",
"value":[
"a*"
],
"operation":"match",
"condition":"and"
}
]
Request Example¶
curl 'https://openapi.guance.com/api/v1/blacklist/add' \
-H 'DF-API-KEY: <DF-API-KEY>' \
-H 'Content-Type: application/json;charset=UTF-8' \
--data-raw '{"name":"Rule1","desc":"","type":"logging","source":"kodo-log","filters":[{"name":"host","value":["127.0.0.1"],"operation":"in","condition":"and"}]}' \
--compressed
Response¶
{
"code": 200,
"content": {
"conditions": "{ source = 'kodo-log' and ( host in [ '127.0.0.1' ] )}",
"createAt": 1678029404,
"creator": "xxxx",
"deleteAt": -1,
"desc": "",
"filters": [
{
"condition": "and",
"name": "host",
"operation": "in",
"value": [
"127.0.0.1"
]
}
],
"id": null,
"name": "Rule1",
"source": "kodo-log",
"status": 0,
"type": "logging",
"updateAt": 1678029404,
"updator": "xxxx",
"uuid": "blist_xxxx32",
"workspaceUUID": "wksp_xxxx32"
},
"errorCode": "",
"message": "",
"success": true,
"traceId": "TRACE-1C3DFE84-E7AD-4956-B363-8BB7EB3CD5A4"
}