Modify a Single Data Access Rule¶
POST /api/v1/logging_query_rule/{logging_query_rule_uuid}/modify
Overview¶
Modify a single data access rule, v2 supports cross-site data access configuration.
Route Parameters¶
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| logging_query_rule_uuid | string | Y | The uuid of the rule |
Body Request Parameters¶
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| name | string | Name (added in the 2024-09-04 iteration, default name, creator_creation time) Allow empty: False Allow empty string: False Max length: 64 |
|
| desc | string | Description (added in the 2024-09-04 iteration) Example: Description1 Allow empty: False Allow empty string: True Max length: 256 |
|
| regionCode | string | Y | Site-based data access authorization Allow empty: False Allow empty string: False |
| indexes | array | Y | Index uuid, [""] means all Example: [''] Allow empty: False |
| roleUUIDs | array | Y | List of roles Example: [] Allow empty: False |
| conditions | string | Y | Filter search Example: search Allow empty: False |
| extend | json | Custom Example: xxx Allow empty: False |
|
| logic | string | Logic field Example: or Allow empty: False |
|
| maskFields | string | Masked fields, multiple fields separated by commas Example: message,host Allow empty: False Allow empty string: True |
|
| reExprs | array | Regular expressions Example: [{'name': 'jjj', 'reExpr': 'ss', 'enable': 0}, {'name': 'lll', 'reExpr': 'ss', 'enable': 1}] Allow empty: False |
Parameter Additional Notes¶
Data Description.*
1. Role Authorization Access Notes 1. Specified roles can only query data within the specified query scope. 2. If a user has multiple roles and one of the roles is not included in the rule's roles, this data access rule will not apply to the user, meaning the query scope is not restricted. 3. The logic between multiple log data access rules in a workspace is an OR relationship.
2. Request Parameter Notes
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| name | string | Y | Name |
| desc | String | N | Description |
| indexes | array | Y | Log index information, if it is a non-local workspace index authorization (must be authorized by the workspace), use workspace UUID:index UUID, example: ["wksp_111:lgim_222", "wksp_333:lgim_444"] |
| roleUUIDs | array | Y | List of role UUIDs |
| conditions | string | N | Actual filter conditions for the data scope, example: "device IN ['PC'] and session_has_replay IN ['1']" |
| extend | dict | Y | Extension field, stores the structure of conditions, used for frontend display, example: |
| logic | string | N | Logic field, and/or, used to connect filter conditions |
| maskFields | string | N | Masked fields, multiple fields separated by commas |
| reExprs | array | N | Regular expressions, example: [{"name":"1111","enable":true,"reExpr":"tkn_[\da-z]*"},{"name":"liuyltest","enable":true,"reExpr":"test"}] |
| regionCode | string | Y | Site code (can be obtained through the workspace/website/list interface), site information for data access configuration, default authorization for the current site data |
Request Example¶
curl 'https://openapi.truewatch.com/api/v1/logging_query_rule/lqrl_xxx/modify' \
-H 'Accept: application/json, text/plain, */*' \
-H 'Content-Type: application/json;charset=UTF-8' \
-H 'DF-API-KEY: <DF-API-KEY>' \
--data-raw $'{"name":"temp_test","desc":"test openapi modify","roleUUIDs":["general"],"indexes":["wksp_4b57c7bab38e4a2d9630f675dc20015d:lgim_f2a50518520b467a920103a19133fa8b"],"extend":{"source":["http_dial_testing"]},"maskFields":"host,message","logic":"and","conditions":"`source` IN [\'http_dial_testing\']","reExprs":[{"name":"qq email maxk","enable":true,"reExpr":"[a-zA-Z0-9_][email protected]"}]}' \
--compressed
Response¶
{
"code": 200,
"content": {
"conditions": "`source` IN ['http_dial_testing']",
"createAt": 1730529443,
"creator": "wsak_cd83804176e24ac18a8a683260ab0746",
"declaration": {
"asd": "aa,bb,cc,1,True",
"asdasd": "dawdawd",
"business": "aaa",
"dd": "dd",
"fawf": "afawf",
"organization": "64fe7b4062f74d0007b46676"
},
"deleteAt": -1,
"desc": "test openapi modify",
"extend": {
"source": [
"http_dial_testing"
]
},
"id": 348,
"indexes": [
"wksp_4b57c7bab38e4a2d9630f675dc20015d:lgim_f2a50518520b467a920103a19133fa8b"
],
"logic": "and",
"maskFields": "host,message",
"name": "temp_test",
"reExprs": [
{
"enable": true,
"name": "qq email maxk",
"reExpr": "[a-zA-Z0-9_][email protected]"
}
],
"roleUUIDs": [
"general"
],
"sources": [],
"status": 0,
"type": "logging",
"updateAt": 1730529850.881453,
"updator": "wsak_cd83804176e24ac18a8a683260ab0746",
"uuid": "lqrl_9f1de1d1440f4af5917a534299d0ad09",
"workspaceUUID": "wksp_4b57c7bab38e4a2d9630f675dc20015d"
},
"errorCode": "",
"message": "",
"success": true,
"traceId": "TRACE-BA54F258-15AD-4752-88C9-CA2B96070625"
}