Create a Single Data Access Rule¶
POST /api/v1/data_query_rule/add_v2
Overview¶
Create a single data access rule. v2 supports cross-workspace data access configuration.
Body Request Parameters¶
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| name | string | Y | Name Allow Null: False Allow Empty String: False Max Length: 64 |
| desc | string | Description Example: Description1 Allow Null: False Allow Empty String: True Max Length: 256 |
|
| type | string | Y | Type Allow Null: True Allowed Values: ['logging', 'rum', 'tracing', 'metric'] |
| regionCode | string | Y | Data access authorization based on workspace Allow Null: False Allow Empty String: False |
| indexes | array | Log type, this field is mandatory, index UUID, [""] means all Example: [''] Allow Null: False |
|
| sources | array | Resource UUID, ["*"] means all Example: ['appid_96357a78f84041d28b5d7aaa6201a424'] Allow Null: False |
|
| roleUUIDs | array | Y | List of roles Example: [] Allow Null: False |
| conditions | string | Filter search Example: search Allow Null: False Allow Empty String: True |
|
| extend | json | Extended field Example: xxx Allow Null: False |
|
| logic | string | Logic field Example: or Allow Null: False |
|
| maskFields | string | Masking fields, multiple fields separated by commas Example: message,host Allow Null: False Allow Empty String: True |
|
| reExprs | array | Regular expressions Example: [{'name': 'jjj', 'reExpr': '', 'enable': 0}, {'name': 'lll', 'reExpr': '', 'enable': 1}] Allow Null: False |
Parameter Supplementary Explanation¶
Data Description.*
1. Role Authorization Access Explanation 1. Specified roles can only query data within the specified query scope. 2. If a user has multiple roles, and one of the user's roles is not included in the rule's role list, this data access rule will not take effect for that user, meaning the query scope is not restricted. 3. The logical relationship between multiple log data access rules within a workspace is OR.
2. Request Parameter Explanation
| Parameter Name | type | Required | Description |
|---|---|---|---|
| name | string | Y | Name |
| desc | String | N | Description |
| type | String | Y | Type (logging, rum, tracing, metric) |
| indexes | array | Y | Mandatory when type is logging. For index authorization from a non-local workspace (must be authorized by the workspace), use Workspace UUID:Index UUID, e.g., ["wksp_111:lgim_222", "wksp_333:lgim_444"] |
| sources | array | Y | Mandatory when type is not logging. When type is rum, it's a list of application appIds. When type is tracing, it's a list of service names. When type is metric, it's a list of Measurements. |
| roleUUIDs | array | Y | List of role UUIDs |
| conditions | string | N | Actual filter conditions for the data scope, e.g., "device IN ['PC'] and session_has_replay IN ['1']" |
| extend | dict | Y | Extended field, stores the structured content of conditions for frontend display, e.g., |
| logic | string | N | Logic field, and/or, used to connect filter conditions |
| maskFields | string | N | Masking fields, multiple fields separated by commas |
| reExprs | array | N | Regular expressions, e.g., [{"name":"1111","enable":true,"reExpr":"tkn_[\da-z]*"},{"name":"liuyltest","enable":true,"reExpr":"test"}] |
| regionCode | string | Y | Workspace code (can be obtained via the workspace/website/list API) |
Request Example¶
curl 'https://openapi.guance.com/api/v1/data_query_rule/add' \
-H 'Accept: application/json, text/plain, */*' \
-H 'Content-Type: application/json;charset=UTF-8' \
-H 'DF-API-KEY: <DF-API-KEY>' \
--data-raw $'{"name":"rum test","desc":"","roleUUIDs":["role_a1e8215c25474f0bb3809f2d56749ed9"],"indexes":[],"sources":["*"],"extend":{"env":["front"]},"maskFields":"*","logic":"and","type":"rum","reExprs":[{"name":"IPv4 Address Scanning","reExpr":"\\\\b((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\\\\.){3}(25[0-5]|(2[0-4]|1?[0-9])?[0-9])\\\\b","enable":true}],"conditions":"`env` IN [\'front\']"}' \
--compressed
Response¶
{
"code": 200,
"content": {
"conditions": "`env` IN ['front']",
"createAt": 1730532068,
"creator": "wsak_cd83804176e24ac18a8a683260ab0746",
"declaration": {
"asd": "aa,bb,cc,1,True",
"asdasd": "dawdawd",
"business": "aaa",
"dd": "dd",
"fawf": "afawf",
"organization": "64fe7b4062f74d0007b46676"
},
"deleteAt": -1,
"desc": "",
"extend": {
"env": [
"front"
]
},
"id": null,
"indexes": [],
"logic": "and",
"maskFields": "*",
"name": "rum test",
"reExprs": [
{
"enable": true,
"name": "IPv4 Address Scanning",
"reExpr": "\\b((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\\.){3}(25[0-5]|(2[0-4]|1?[0-9])?[0-9])\\b"
}
],
"roleUUIDs": [
"role_a1e8215c25474f0bb3809f2d56749ed9"
],
"sources": [
"*"
],
"status": 0,
"type": "rum",
"updateAt": null,
"updator": null,
"uuid": "lqrl_dfe6330883ef4311afae5d380e2294a1",
"workspaceUUID": "wksp_4b57c7bab38e4a2d9630f675dc20015d"
},
"errorCode": "",
"message": "",
"success": true,
"traceId": "TRACE-EF351570-B1E0-4263-87DC-85EE7E9345C5"
}