Modify¶
POST /api/v1/logging_query_rule/{logging_query_rule_uuid}/modify
Overview¶
Modify a single data access rule
Route Parameters¶
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| logging_query_rule_uuid | string | Y | The UUID of the rule |
Body Request Parameters¶
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| name | string | Name (Added in iteration on 2024-09-04, default name, creator_creation time) Allow null: False Allow empty string: False Maximum length: 64 |
|
| desc | string | Description (Added in iteration on 2024-09-04) Example: Description1 Allow null: False Allow empty string: True Maximum length: 256 |
|
| indexes | array | Y | Index UUIDs, [""] means all Example: [''] Allow null: False |
| roleUUIDs | array | Y | List of roles Example: [] Allow null: False |
| conditions | string | Y | Filtering search Example: search Allow null: False |
| extend | json | Custom fields Example: xxx Allow null: False |
|
| logic | string | Logical field Example: or Allow null: False |
|
| maskFields | string | Sensitive fields, multiple fields separated by commas Example: message,host Allow null: False Allow empty string: True |
|
| reExprs | array | Regular expressions Example: [{'name': 'jjj', 'reExpr': 'ss', 'enable': 0}, {'name': 'lll', 'reExpr': 'ss', 'enable': 1}] Allow null: False |
Additional Parameter Notes¶
Data notes.*
1. Role authorization access notes 1. Specified roles can only query data within the specified query scope. 2. If a user has multiple roles and some of these roles are not included in the rule's roles, then this data access rule will not apply to the user, meaning it does not restrict the query scope. 3. The logical relationship between multiple log data access rules in a workspace is "or".
2. Request parameter notes
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| name | string | Y | Name |
| desc | String | N | Description |
| indexes | array | Y | Log index information. For index authorizations outside the current workspace (which must be authorized by workspace), use WorkspaceUUID:IndexUUID, e.g., ["wksp_111:lgim_222", "wksp_333:lgim_444"] |
| roleUUIDs | array | Y | List of role UUIDs |
| conditions | string | N | Actual filtering conditions for the data range, e.g., "device IN ['PC'] and session_has_replay IN ['1']" |
| extend | dict | Y | Extended fields, storing the structured content of conditions for display on the frontend page, e.g., |
| logic | string | N | Logical field, and/or, used to connect filtering conditions |
| maskFields | string | N | Sensitive fields, multiple fields separated by commas |
| reExprs | array | N | Regular expressions, e.g., [{"name":"1111","enable":true,"reExpr":"tkn_[\da-z]*"},{"name":"liuyltest","enable":true,"reExpr":"test"}] |
Request Example¶
curl 'https://openapi.guance.com/api/v1/logging_query_rule/lqrl_xxx/modify' \
-H 'Accept: application/json, text/plain, */*' \
-H 'Content-Type: application/json;charset=UTF-8' \
-H 'DF-API-KEY: <DF-API-KEY>' \
--data-raw $'{"name":"temp_test","desc":"test openapi modify","roleUUIDs":["general"],"indexes":["wksp_4b57c7bab38e4a2d9630f675dc20015d:lgim_f2a50518520b467a920103a19133fa8b"],"extend":{"source":["http_dial_testing"]},"maskFields":"host,message","logic":"and","conditions":"`source` IN [\'http_dial_testing\']","reExprs":[{"name":"对qq邮箱进行脱敏","enable":true,"reExpr":"[a-zA-Z0-9_]+@guance.com"}]}' \
--compressed
Response¶
{
"code": 200,
"content": {
"conditions": "`source` IN ['http_dial_testing']",
"createAt": 1730529443,
"creator": "wsak_cd83804176e24ac18a8a683260ab0746",
"declaration": {
"asd": "aa,bb,cc,1,True",
"asdasd": "dawdawd",
"business": "aaa",
"dd": "dd",
"fawf": "afawf",
"organization": "64fe7b4062f74d0007b46676"
},
"deleteAt": -1,
"desc": "test openapi modify",
"extend": {
"source": [
"http_dial_testing"
]
},
"id": 348,
"indexes": [
"wksp_4b57c7bab38e4a2d9630f675dc20015d:lgim_f2a50518520b467a920103a19133fa8b"
],
"logic": "and",
"maskFields": "host,message",
"name": "temp_test",
"reExprs": [
{
"enable": true,
"name": "对qq邮箱进行脱敏",
"reExpr": "[a-zA-Z0-9_]+@guance.com"
}
],
"roleUUIDs": [
"general"
],
"sources": [],
"status": 0,
"type": "logging",
"updateAt": 1730529850.881453,
"updator": "wsak_cd83804176e24ac18a8a683260ab0746",
"uuid": "lqrl_9f1de1d1440f4af5917a534299d0ad09",
"workspaceUUID": "wksp_4b57c7bab38e4a2d9630f675dc20015d"
},
"errorCode": "",
"message": "",
"success": true,
"traceId": "TRACE-BA54F258-15AD-4752-88C9-CA2B96070625"
}