Create¶
POST /api/v1/blacklist/add
Overview¶
Create a blacklist
Route Parameters¶
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| name | string | Y | Name (Added in iteration on 2024-11-27) Allow null: False Allow empty string: False Maximum length: 50 |
| desc | string | Y | Description (Added in iteration on 2024-11-27) Example: Description1 Allow null: False Allow empty string: True Maximum length: 256 |
| type | string | Y | Blacklist type, enumerated types include ('object', 'custom_object', 'logging', 'keyevent', 'tracing', 'rum', 'network', 'security', 'profiling', 'metric') Allow null: False |
| source | string | Y | Data source, when all sources are used, source is re(.*)Allow null: True Allow empty string: False $maxCharacterLength: 128 |
| sources | array | Y | Data source, use this field for multiple sources, when not all sources are used (all sources use the source field re(.*))Allow null: True |
| filters | array | Y | Filtering conditions Allow null: True |
Additional Parameter Notes¶
1. Request Body Field Notes
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| name | string | Y | Name (Added in iteration on 2024-11-27) |
| desc | string | N | Description (Added in iteration on 2024-11-27) |
| type | string | Y | Enumerated types ('object', 'custom_object', 'logging', 'keyevent', 'tracing', 'rum', 'network', 'security', 'profiling', 'metric') |
| source | string | N | Data source, all sources, at this time source is re(.*) |
| sources | array | N | Data source, field added in iteration on 2024-10-16, supports multiple source selections, when sources are not all sources, this field can be used, sources take precedence over the source field |
| filter | array | N | Filtering conditions |
2. Source Field Notes
When generating filtering conditions for blacklists, the key of the source parameter will be replaced according to the type. | Type | Key corresponding to the source field when generating filtering conditions | |---------------|----------| | object | class | | logging | source | | custom_object | class | | keyevent | source | | tracing | service | | rum | app_id | | network | source | | security | category | | profiling | service | | metric | measurement |
3. Filters Array Element Field Notes
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| name | string | N | Filter condition name |
| operation | string | N | Operation such as in, not_in, match, not_match |
| condition | string | N | dql formatted filter condition |
| values | array | N | Specific values for query conditions |
4. Operation Notes Refer to Line Protocol Filters
| Key | Description |
|---|---|
| in | Specified field is in the list |
| not_in | Specified field is not in the list |
| match | Regular expression match |
| not_match | Does not match regular expression |
**Filters Example as Follows
filters:[
{
"name":"host",
"value":[
"host1", "host2"
],
"operation":"in",
"condition":"and"
},
{
"name":"status",
"value":[
"a*"
],
"operation":"match",
"condition":"and"
}
]
Request Example¶
curl 'https://openapi.guance.com/api/v1/blacklist/add' \
-H 'DF-API-KEY: <DF-API-KEY>' \
-H 'Content-Type: application/json;charset=UTF-8' \
--data-raw '{"name":"Rule1","desc":"","type":"logging","source":"kodo-log","filters":[{"name":"host","value":["127.0.0.1"],"operation":"in","condition":"and"}]}' \
--compressed
Response¶
{
"code": 200,
"content": {
"conditions": "{ source = 'kodo-log' and ( host in [ '127.0.0.1' ] )}",
"createAt": 1678029404,
"creator": "xxxx",
"deleteAt": -1,
"desc": "",
"filters": [
{
"condition": "and",
"name": "host",
"operation": "in",
"value": [
"127.0.0.1"
]
}
],
"id": null,
"name": "Rule1",
"source": "kodo-log",
"status": 0,
"type": "logging",
"updateAt": 1678029404,
"updator": "xxxx",
"uuid": "blist_xxxx32",
"workspaceUUID": "wksp_xxxx32"
},
"errorCode": "",
"message": "",
"success": true,
"traceId": "TRACE-1C3DFE84-E7AD-4956-B363-8BB7EB3CD5A4"
}