Modify a Single Data Access Rule¶
POST /api/v1/logging_query_rule/{logging_query_rule_uuid}/modify
Overview¶
Modify a single data access rule, v2 supports cross-site data access configuration
Route Parameters¶
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| logging_query_rule_uuid | string | Y | The UUID of the rule |
Body Request Parameters¶
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| name | string | Name (added in 2024-09-04 iteration, default name, creator_creation time) Allow empty: False Allow empty string: False Max length: 64 |
|
| desc | string | Description (added in 2024-09-04 iteration) Example: Description1 Allow empty: False Allow empty string: True Max length: 256 |
|
| regionCode | string | Y | Data access authorization based on site Allow empty: False Allow empty string: False |
| indexes | array | Y | Index UUIDs, [""] means all Example: [''] Allow empty: False |
| roleUUIDs | array | Y | List of roles Example: [] Allow empty: False |
| conditions | string | Y | Search filter Example: search Allow empty: False |
| extend | json | Custom Example: xxx Allow empty: False |
|
| logic | string | Logic field Example: or Allow empty: False |
|
| maskFields | string | Masked fields, multiple fields separated by commas Example: message,host Allow empty: False Allow empty string: True |
|
| reExprs | array | Regular expressions Example: [{'name': 'jjj', 'reExpr': 'ss', 'enable': 0}, {'name': 'lll', 'reExpr': 'ss', 'enable': 1}] Allow empty: False |
Parameter Additional Description¶
Data Description.*
1. Role Access Description 1. Specified roles can only query data within the specified query range 2. If a user has multiple roles and one of the roles is not in the rule's role list, this data access rule will not apply to the user, i.e., the query range is not restricted 3. The logic between multiple log data access rules in a workspace is OR
2. Request Parameter Description
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| name | string | Y | Name |
| desc | String | N | Description |
| indexes | array | Y | Log index information, if it is a non-local workspace index authorization (must be authorized by the workspace), use workspaceUUID:indexUUID, example: ["wksp_111:lgim_222", "wksp_333:lgim_444"] |
| roleUUIDs | array | Y | List of role UUIDs |
| conditions | string | N | Actual data range filter condition, example: "device IN ['PC'] and session_has_replay IN ['1']" |
| extend | dict | Y | Extended field, stores the structure content of conditions, used for front-end page display, example: |
| logic | string | N | Logic field, and/or, used to connect filter conditions |
| maskFields | string | N | Masked fields, multiple fields separated by commas |
| reExprs | array | N | Regular expressions, example: [{"name":"1111","enable":true,"reExpr":"tkn_[\da-z]*"},{"name":"liuyltest","enable":true,"reExpr":"test"}] |
| regionCode | string | Y | Site code (can be obtained through workspace/website/list interface), site information for data access configuration, default authorization for current site data |
Request Example¶
curl 'https://openapi.guance.com/api/v1/logging_query_rule/lqrl_xxx/modify' \
-H 'Accept: application/json, text/plain, */*' \
-H 'Content-Type: application/json;charset=UTF-8' \
-H 'DF-API-KEY: <DF-API-KEY>' \
--data-raw $'{"name":"temp_test","desc":"test openapi modify","roleUUIDs":["general"],"indexes":["wksp_4b57c7bab38e4a2d9630f675dc20015d:lgim_f2a50518520b467a920103a19133fa8b"],"extend":{"source":["http_dial_testing"]},"maskFields":"host,message","logic":"and","conditions":"`source` IN [\'http_dial_testing\']","reExprs":[{"name":"qq email maxk","enable":true,"reExpr":"[a-zA-Z0-9_]+@guance.com"}]}' \
--compressed
Response¶
{
"code": 200,
"content": {
"conditions": "`source` IN ['http_dial_testing']",
"createAt": 1730529443,
"creator": "wsak_cd83804176e24ac18a8a683260ab0746",
"declaration": {
"asd": "aa,bb,cc,1,True",
"asdasd": "dawdawd",
"business": "aaa",
"dd": "dd",
"fawf": "afawf",
"organization": "64fe7b4062f74d0007b46676"
},
"deleteAt": -1,
"desc": "test openapi modify",
"extend": {
"source": [
"http_dial_testing"
]
},
"id": 348,
"indexes": [
"wksp_4b57c7bab38e4a2d9630f675dc20015d:lgim_f2a50518520b467a920103a19133fa8b"
],
"logic": "and",
"maskFields": "host,message",
"name": "temp_test",
"reExprs": [
{
"enable": true,
"name": "qq email maxk",
"reExpr": "[a-zA-Z0-9_]+@guance.com"
}
],
"roleUUIDs": [
"general"
],
"sources": [],
"status": 0,
"type": "logging",
"updateAt": 1730529850.881453,
"updator": "wsak_cd83804176e24ac18a8a683260ab0746",
"uuid": "lqrl_9f1de1d1440f4af5917a534299d0ad09",
"workspaceUUID": "wksp_4b57c7bab38e4a2d9630f675dc20015d"
},
"errorCode": "",
"message": "",
"success": true,
"traceId": "TRACE-BA54F258-15AD-4752-88C9-CA2B96070625"
}