Skip to content

Create a Single Data Access Rule


POST /api/v1/logging_query_rule/add

Overview

Create a single data access rule. Version 2 supports cross-workspace data access configuration.

Body Request Parameters

Parameter Name Type Required Description
name string Name (Added in the 2024-09-04 iteration, default name is creator_creation_time)
Allow null: False
Allow empty string: False
Max length: 64
desc string Description (Added in the 2024-09-04 iteration)
Example: Description1
Allow null: False
Allow empty string: True
Max length: 256
regionCode string Y Data access authorization based on the website.
Allow null: False
Allow empty string: False
indexes array Y Index UUIDs, [""] represents all.
Example: ['']
Allow null: False
roleUUIDs array Y List of roles.
Example: []
Allow null: False
conditions string Y Filter search conditions.
Example: search
Allow null: False
extend json Frontend custom extension field.
Example: xxx
Allow null: False
logic string Y Logic field.
Example: or
Allow null: False
maskFields string Desensitization fields, multiple fields separated by commas.
Example: message,host
Allow null: False
Allow empty string: True
reExprs array Regular expressions.
Example: [{'name': 'jjj', 'reExpr': 'ss', 'enable': 0}, {'name': 'lll', 'reExpr': 'ss', 'enable': 1}]
Allow null: False

Parameter Supplementary Explanation

Data Explanation.*

1. Role Authorization Access Explanation 1. Specified roles can only query data within the specified query scope. 2. If a user has multiple roles and one of their roles is not included in the rule's role list, this data access rule will not take effect for that user, meaning the query scope is not restricted. 3. The logical relationship between multiple log data access rules within a workspace is OR.

2. Request Parameter Explanation

Parameter Name type Required Description
name string Y Name
desc String N Description
indexes array Y Log index information. For non-local workspace index authorization (must be authorized by the workspace), use workspace UUID:index UUID, e.g., ["wksp_111:lgim_222", "wksp_333:lgim_444"]
roleUUIDs array Y List of role UUIDs
conditions string N Actual filter conditions for the data scope, e.g., "device IN ['PC'] and session_has_replay IN ['1']"
extend dict Y Extension field, storing the structured content of conditions for frontend page display, e.g.,
logic string N Logic field, and/or, used to connect filter conditions
maskFields string N Desensitization fields, multiple fields separated by commas
reExprs array N Regular expressions, e.g., [{"name":"1111","enable":true,"reExpr":"tkn_[\da-z]*"},{"name":"liuyltest","enable":true,"reExpr":"test"}]
regionCode string Y Website code (can be obtained via the workspace/website/list interface), website information for data access configuration, defaults to authorizing data from the current website

Request Example

curl 'https://openapi.truewatch.com/api/v1/logging_query_rule/add' \
-H 'Accept: application/json, text/plain, */*' \
-H 'Content-Type: application/json;charset=UTF-8' \
-H 'DF-API-KEY: <DF-API-KEY>' \
--data-raw $'{"name":"temp_test","desc":"test openapi","roleUUIDs":["general","role_3ac3042991c046f0b03452771012b268"],"indexes":["wksp_4b57c7bab38e4a2d9630f675dc20015d:lgim_f2a50518520b467a920103a19133fa8b","wksp_eee1a762ed954b7588e30d9bccb717d5:lgim_72143917855c48abae5d4fb1d2fb7a1f"],"extend":{"city":["Tafuna"]},"maskFields":"message","logic":"and","reExprs":[{"name":"qq email maxk","reExpr":"[a-zA-Z0-9_][email protected]","enable":true}],"conditions":"`city` IN [\'Tafuna\']"}' \
--compressed

Response

{
    "code": 200,
    "content": {
        "conditions": "`city` IN ['Tafuna']",
        "createAt": 1730529443,
        "creator": "wsak_cd83804176e24ac18a8a683260ab0746",
        "declaration": {
            "asd": "aa,bb,cc,1,True",
            "asdasd": "dawdawd",
            "business": "aaa",
            "dd": "dd",
            "fawf": "afawf",
            "organization": "64fe7b4062f74d0007b46676"
        },
        "deleteAt": -1,
        "desc": "test openapi",
        "extend": {
            "city": [
                "Tafuna"
            ]
        },
        "id": null,
        "indexes": [
            "wksp_4b57c7bab38e4a2d9630f675dc20015d:lgim_f2a50518520b467a920103a19133fa8b",
            "wksp_eee1a762ed954b7588e30d9bccb717d5:lgim_72143917855c48abae5d4fb1d2fb7a1f"
        ],
        "logic": "and",
        "maskFields": "message",
        "name": "temp_test",
        "reExprs": [
            {
                "enable": true,
                "name": "qq email maxk",
                "reExpr": "[a-zA-Z0-9_][email protected]"
            }
        ],
        "roleUUIDs": [
            "general",
            "role_3ac3042991c046f0b03452771012b268"
        ],
        "sources": [],
        "status": 0,
        "type": "logging",
        "updateAt": null,
        "updator": null,
        "uuid": "lqrl_9f1de1d1440f4af5917a534299d0ad09",
        "workspaceUUID": "wksp_4b57c7bab38e4a2d9630f675dc20015d"
    },
    "errorCode": "",
    "message": "",
    "success": true,
    "traceId": "TRACE-25C229E5-150F-4DF1-8576-DE17259B7A16"
}