Modifying a Log Ingestion Configuration
Function
This API is used to modify a log ingestion configuration.
Calling Method
For details, see Calling APIs.
URI
PUT /v3/{project_id}/lts/access-config
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
project_id |
Yes |
String |
Project ID. For details about how to obtain a project ID, see Obtaining the Account Tenant ID, Project Resource Set ID, Log Group ID, and Log Stream ID. Minimum: 32 Maximum: 32 |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
Definition User token obtained from IAM. For details about how to obtain it, see Obtaining a User Token. Constraints N/A Range N/A Default Value N/A |
Content-Type |
Yes |
String |
Definition Message body format. Set this parameter to application/json;charset=utf8. Constraints N/A Range N/A Default Value N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
access_config_id |
Yes |
String |
Ingestion configuration ID. Minimum: 36 Maximum: 36 |
access_config_name |
No |
String |
Ingestion configuration name. Use only letters, digits, hyphens (-), underscores (_), and periods (.). Do not start with a period or underscore or end with a period. Each name contains a maximum of 64 characters. |
access_config_detail |
No |
AccessConfigDeatilUpdate object |
Ingestion configuration details. |
host_group_info |
No |
AccessConfigHostGroupIdList object |
Host group ID list. |
access_config_tag |
No |
Array of accessConfigTag objects |
Tag information. A tag key must be unique. Up to 20 tags are supported. |
log_split |
No |
Boolean |
Log splitting. |
binary_collect |
No |
Boolean |
Binary collection. |
cluster_id |
No |
String |
CCE cluster ID. This parameter is mandatory for the CCE type. |
incremental_collect |
No |
Boolean |
Whether to perform incremental collection. true indicates incremental collection and false indicates full collection. |
encoding_format |
No |
String |
Encoding format. The default format is UTF-8. |
processor_type |
No |
String |
IC structuring parsing type. |
demo_log |
No |
String |
Example log. |
demo_fields |
No |
Array of DemoFieldAccess objects |
Example log parsing field. |
processors |
No |
Array of Processor objects |
IC structuring parser. |
application_id |
No |
String |
ServiceStage application ID. |
environment_id |
No |
String |
ServiceStage environment ID. |
component_id |
No |
Array of strings |
ServiceStage component ID. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
paths |
No |
Array of strings |
Minimum: 1 Maximum: 128 |
black_paths |
No |
Array of strings |
Minimum: 1 Maximum: 128 |
format |
No |
AccessConfigFormatUpdate object |
Log format. Set it to either single or multi. |
windows_log_info |
No |
Windows event logs. To stop collecting Windows event logs, leave this parameter to empty. |
|
stdout |
No |
Boolean |
Standard output switch. This parameter is used only for CCE log ingestion. |
stderr |
No |
Boolean |
Standard output error switch. This parameter is used only for CCE log ingestion. |
pathType |
No |
String |
CCE log ingestion type. This parameter is used only for CCE log ingestion. Enumeration values:
|
namespaceRegex |
No |
String |
Regular expression matching of Kubernetes namespaces. This parameter is used only for CCE log ingestion. |
podNameRegex |
No |
String |
Regular expression matching of the Kubernetes container name. This parameter is used only for CCE log ingestion. |
containerNameRegex |
No |
String |
Regular expression matching of the Kubernetes container name. This parameter is used only for CCE log ingestion. |
includeLabels |
No |
Map<String,String> |
Container label whitelist. A maximum of 30 container labels can be created. The key names must be unique. This parameter is used only for CCE log ingestion. |
excludeLabels |
No |
Map<String,String> |
Container label blacklist. A maximum of 30 container labels can be created. The key names must be unique. This parameter is used only for CCE log ingestion. |
includeEnvs |
No |
Map<String,String> |
Environment variable whitelist. A maximum of 30 environment variable whitelists can be created. Key names must be unique. This parameter is used only for CCE log ingestion. |
excludeEnvs |
No |
Map<String,String> |
Environment variable blacklist. A maximum of 30 environment variables can be created. The key names must be unique. This parameter is used only for CCE log ingestion. |
logLabels |
No |
Map<String,String> |
Environment variable log tag. A maximum of 30 tags can be created. The key name must be unique. This parameter is used only for CCE log ingestion. |
logEnvs |
No |
Map<String,String> |
Environment variable log tag. A maximum of 30 tags can be created. The key name must be unique. This parameter is used only for CCE log ingestion. |
includeK8sLabels |
No |
Map<String,String> |
Kubernetes label whitelist. A maximum of 30 Kubernetes label whitelists can be created. The key names must be unique. This parameter is used only for CCE log ingestion. |
excludeK8sLabels |
No |
Map<String,String> |
Kubernetes label blacklist. A maximum of 30 Kubernetes label blacklists can be created. The key names must be unique. This parameter is used only for CCE log ingestion. |
logK8s |
No |
Map<String,String> |
Kubernetes label. A maximum of 30 Kubernetes labels can be created. The key names must be unique. This parameter is used only for CCE log ingestion. |
system_fields |
No |
Array of strings |
System built-in fields. When configuring a log ingestion rule, you can specify system fields to include in the tag data of each log reported. The system fields for host log files are hostName, hostId, hostIP, pathFile, hostIPv6, category, collectTime, and __host_group__. The system fields for Kubernetes cluster container log files are hostName, hostId, hostIP, pathFile, hostIPv6, clusterId, podName, appName, containerName, nameSpace, category, collectTime, __host_group__, serviceID, podIp, clusterName, workloadType, and __image_name__. If this parameter is transferred during modification, the original configuration will be overwritten. When you configure metadata for the first time, this parameter is mandatory. In this case, ["pathFile"] must be entered and other fields are optional. |
custom_key_value |
No |
Map<String,String> |
Custom key-value pairs. When configuring a log ingestion rule, you can configure up to 20 custom key-value pairs to include in the tag data of each log reported. A key can contain up to 128 characters, including letters, digits, hyphens (-), and underscores (_). A value can contain up to 1,024 characters. If this parameter is transferred during modification, the original configuration will be overwritten. |
includeLabelsLogical |
No |
String |
Logic for the container label whitelist to take effect. The value can be AND or OR (default). When there are multiple conditions for the container label whitelist, AND indicates that the whitelist takes effect only when all the conditions are met, and OR indicates that the whitelist takes effect when one of the conditions is met. |
excludeLabelsLogical |
No |
String |
Logic for the container label blacklist to take effect. The value can be AND or OR (default). When there are multiple conditions for the container label blacklist, AND indicates that the blacklist takes effect only when all the conditions are met, and OR indicates that the blacklist takes effect when one of the conditions is met. |
includeK8sLabelsLogical |
No |
String |
Logic for the Kubernetes label whitelist to take effect. The value can be AND or OR (default). When there are multiple conditions for the Kubernetes label whitelist, AND indicates that the whitelist takes effect only when all the conditions are met, and OR indicates that the whitelist takes effect when one of the conditions is met. |
excludeK8sLabelsLogical |
No |
String |
Logic for the Kubernetes label blacklist to take effect. The value can be AND or OR (default). When there are multiple conditions for the Kubernetes label blacklist, AND indicates that the blacklist takes effect only when all the conditions are met, and OR indicates that the blacklist takes effect when one of the conditions is met. |
includeEnvsLogical |
No |
String |
Logic for the environment variable whitelist to take effect. The value can be AND or OR (default). When there are multiple conditions for the environment variable whitelist, AND indicates that the whitelist takes effect only when all the conditions are met, and OR indicates that the whitelist takes effect when one of the conditions is met. |
excludeEnvsLogical |
No |
String |
Logic for the environment variable blacklist to take effect. The value can be AND or OR (default). When there are multiple conditions for the environment variable blacklist, AND indicates that the blacklist takes effect only when all the conditions are met, and OR indicates that the blacklist takes effect when one of the conditions is met. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
single |
No |
AccessConfigFormatSingle object |
Single-line logs. |
multi |
No |
AccessConfigFormatMutil object |
Multi-line logs. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
mode |
Yes |
String |
Single-line logs. system indicates the system time, whereas wildcard indicates the time wildcard. Enumeration values:
|
value |
Yes |
String |
Log time.If mode is system, the value is the current timestamp.If mode is wildcard, the value is a time wildcard, which is used to match the log printing time displayed at the beginning of a log event. If the time format in a log event is 2019-01-01 23:59:59, the time wildcard is YYYY-MM-DD hh:mm:ss. If the time format in a log event is 19-1-1 23:59:59, the time wildcard is YY-M-D hh:mm:ss. Minimum: 1 Maximum: 64 |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
mode |
Yes |
String |
Single-line logs. time indicates a time wildcard is used to detect log boundaries, whereas regular indicates that a regular expression is used. Enumeration values:
|
value |
Yes |
String |
Log time.If mode is regular, the value is a regular expression.If mode is time, the value is a time wildcard, which is used to match the log printing time displayed at the beginning of a log event. If the time format in a log event is 2019-01-01 23:59:59, the time wildcard is YYYY-MM-DD hh:mm:ss. If the time format in a log event is 19-1-1 23:59:59, the time wildcard is YY-M-D hh:mm:ss. Minimum: 1 Maximum: 64 |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
categorys |
No |
Array of strings |
The type of Windows event logs to be collected. Application: application system; System: system; Security: security; Setup: startup Enumeration values:
|
time_offset |
No |
AccessConfigTimeOffset object |
Time offset. |
event_level |
No |
Array of strings |
Event level. information, warning, error, critical, verbose. Enumeration values:
|
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
offset |
Yes |
Long |
Definition Time offset.
Range N/A |
unit |
Yes |
String |
Definition Unit of the offset time.
Range N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
host_group_id_list |
Yes |
Array of strings |
Definition Host group ID list. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
key |
No |
String |
Definition Tag key. Constraints
Range
Default Value N/A |
value |
No |
String |
Definition Tag value. Constraints A tag is a key-value pair. Each key is paired with its corresponding value. Range
Default Value N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
field_name |
No |
String |
Definition Parsing fields of the sample log event. Range N/A |
field_value |
No |
String |
Definition Value of a field in a sample log. Range N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
type |
No |
String |
Definition Structuring parsing type. The values are as follows:
Range N/A |
detail |
No |
Detail object |
Definition Structuring parsing configuration information. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
source_key |
No |
String |
Definition Original field for storing log content before log structuring parsing. The default value is content. Range N/A |
regex |
No |
String |
Definition Regular expression. Regular expression used to match logs. Range N/A |
keys |
No |
Array of strings |
Definition Name of an extracted field. Set a corresponding field name for the extracted log content. |
multi_line_regex |
No |
String |
Definition First line regular expression. Range N/A |
keep_source |
No |
Boolean |
Definition Whether to upload raw logs. Range true: retains raw logs. false: does not retain raw logs. |
keep_source_if_parse_error |
No |
Boolean |
Definition Whether to upload logs that fail to be parsed. Range true: uploads logs that fail to be parsed. false: does not upload logs that fail to be parsed. |
split_sep |
No |
String |
Definition Delimiters. Set delimiters based on the log content, for example, vertical bar (|). Range N/A |
split_type |
No |
String |
Definition Delimiter type. The value can be char (single character), special_char (invisible characters), or string. Range N/A |
fields |
No |
Map<String,String> |
Definition Field name and value to be added, in the key-value pair format. You can add multiple key-value pairs. |
drop_keys |
No |
Array of strings |
Definition List of discarded fields. |
source_keys |
No |
Array of strings |
Definition Original field to be renamed. |
dest_keys |
No |
Array of strings |
Definition Renamed field. |
expand_depth |
No |
Integer |
Definition Depth of JSON expansion. The default value is 0, indicating that there is no limit. 1 indicates the one level, and so on. Range N/A |
expand_connector |
No |
String |
Definition Connector for JSON expansion. The default value is a period (.). Range N/A |
source_format |
No |
String |
Definition Format of the original time. Range N/A |
source_value |
No |
String |
Definition Field value of the original time. Range N/A |
set_time |
No |
Boolean |
Definition Whether to set the parsed time as the log time. Range N/A |
include |
No |
Map<String,String> |
Definition Log filtering whitelist rule, in the format of key-value pairs. Each key indicates a log field and must be unique, with a maximum of 256 characters. The corresponding value is a regular expression that specifies the filtering criteria. |
exclude |
No |
Map<String,String> |
Definition Log filtering blacklist rule, in the format of key-value pairs. Each key indicates a log field and must be unique, with a maximum of 256 characters. The corresponding value is a regular expression that specifies the filtering criteria. |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
---|---|---|
access_config_id |
String |
Definition Log ingestion configuration ID. Range N/A |
access_config_name |
String |
Definition Log ingestion configuration name. Range N/A |
access_config_type |
String |
Definition Log ingestion configuration type. Range
|
create_time |
Long |
Definition Time when the log ingestion configuration was created. Range N/A |
access_config_detail |
AccessConfigDeatilCreate object |
Definition Log ingestion configuration details. |
log_info |
AccessConfigQueryLogInfo object |
Definition Log stream details of the log ingestion configuration. |
host_group_info |
AccessConfigHostGroupIdList object |
Definition Host group ID list of the log ingestion configuration. |
access_config_tag |
Array of accessConfigTagResp objects |
Definition Label information of the log ingestion configuration. |
log_split |
Boolean |
Definition Whether to split logs. Range
|
binary_collect |
Boolean |
Definition Whether to collect binary data. Range
|
cluster_id |
String |
Definition CCE cluster ID. Range N/A |
encoding_format |
String |
Definition Encoding format. The default format is UTF-8. Range N/A |
incremental_collect |
Boolean |
Definition Whether to enable incremental collection. Range
|
processor_type |
String |
Definition ICAgent structuring parsing type. Range
|
demo_log |
String |
Definition Sample log event. Range N/A |
demo_fields |
Array of DemoFieldAccess objects |
Definition Parsing fields of the sample log event. |
processors |
Array of Processor objects |
Definition ICAgent structuring parser. |
log_split_size |
Integer |
Definition Size at which to split a log file. Range N/A |
application_id |
String |
Definition ServiceStage application ID. Range N/A |
environment_id |
String |
Definition ServiceStage environment ID. Range N/A |
component_id |
Array of strings |
Definition ServiceStage component ID list. |
recursive_depth |
Integer |
Definition Maximum recursion depth of a collection path. Range N/A |
access_config_type_source |
String |
Definition Self-built software source of log ingestion. Range
|
Parameter |
Type |
Description |
---|---|---|
paths |
Array of strings |
Definition Collection paths.
|
black_paths |
Array of strings |
Definition Collection blacklist paths.
|
format |
AccessConfigFormatCreate object |
Definition Log format information. |
windows_log_info |
Definition Windows event log information in a log ingestion configuration. |
|
stdout |
Boolean |
Definition Whether to enable container standard output collection in a CCE application log ingestion configuration. Range
|
stderr |
Boolean |
Definition Whether to enable container standard error collection in a CCE application log ingestion configuration. Range
|
pathType |
String |
Definition Data source type. This parameter is available only for CCE application log ingestion. Range
|
namespaceRegex |
String |
Definition Regular expression used to match Kubernetes namespaces by name. LTS will collect logs from containers within those matched namespaces. To collect logs of all namespaces, leave this parameter empty. This parameter is available only for CCE application log ingestion. Range N/A |
podNameRegex |
String |
Definition Regular expression used to match Kubernetes pods by name. LTS will collect logs from containers within those matched pods. To collect logs of all pods, leave this parameter empty. This parameter is available only for CCE application log ingestion. Range N/A |
containerNameRegex |
String |
Definition Regular expression used to match Kubernetes containers by name. Kubernetes container names are defined in spec.containers. LTS will collect logs from those matched containers. To collect logs of all containers, leave this parameter empty. This parameter is available only for CCE application log ingestion. Range N/A |
includeLabels |
Map<String,String> |
Definition Container label whitelist. When configuring CCE application log ingestion, you can specify containers whose logs are to be collected by adding container label whitelists in the format of LabelKey:LabelValue. You can add up to 30 LabelKey:LabelValue pairs.
If LabelValue is empty, all containers with the specified LabelKey in their container labels are matched. If LabelValue is not empty, only containers with LabelKey=LabelValue in their container labels are matched. LabelKey must be exactly matched, while LabelValue supports regular expression matching. |
excludeLabels |
Map<String,String> |
Definition Container label blacklist. When configuring CCE application log ingestion, you can specify containers whose logs are not to be collected by adding container label blacklists in the format of LabelKey:LabelValue. You can add up to 30 LabelKey:LabelValue pairs.
If LabelValue is empty, all containers with the specified LabelKey in their container labels are excluded. If LabelValue is not empty, only containers with LabelKey=LabelValue in their container labels are excluded. LabelKey must be exactly matched, while LabelValue supports regular expression matching. |
includeEnvs |
Map<String,String> |
Definition Environment variable whitelist. When configuring CCE application log ingestion, you can specify containers whose logs are to be collected by adding environment variable whitelists in the format of LabelKey:LabelValue. You can add up to 30 LabelKey:LabelValue pairs.
If LabelValue is empty, all containers with the specified LabelKey in their environment variables are matched. If LabelValue is not empty, only containers with LabelKey=LabelValue in their environment variables are matched. LabelKey must be exactly matched, while LabelValue supports regular expression matching. |
excludeEnvs |
Map<String,String> |
Definition Environment variable blacklist. When configuring CCE application log ingestion, you can specify containers whose logs are not to be collected by adding environment variable blacklists in the format of LabelKey:LabelValue. You can add up to 30 LabelKey:LabelValue pairs.
If LabelValue is empty, all containers with the specified LabelKey in their environment variables are excluded. If LabelValue is not empty, only containers with LabelKey=LabelValue in their environment variables are excluded. LabelKey must be exactly matched, while LabelValue supports regular expression matching. |
logLabels |
Map<String,String> |
Definition Container label. When configuring CCE application log ingestion, you can use this parameter to add container label fields to logs. For example, if you set app as the LabelKey and app_alias as the LabelValue, when a container's labels contain app=lts, the field {app_alias:lts} will be added to the logs of that container. |
logEnvs |
Map<String,String> |
Definition Environment variable. When configuring CCE application log ingestion, you can use this parameter to add environment variable fields to logs. For example, if you set app as the environment variable key and app_alias as the value, when the Kubernetes environment variables contain app=lts, {app_alias:lts} will be added to the Kubernetes logs. |
includeK8sLabels |
Map<String,String> |
Definition Kubernetes label whitelist. When configuring CCE application log ingestion, you can specify containers whose logs are to be collected by adding Kubernetes label whitelists in the format of LabelKey:LabelValue. You can add up to 30 LabelKey:LabelValue pairs.
If LabelValue is empty, all containers with the specified LabelKey in their Kubernetes labels are matched. If LabelValue is not empty, only containers with LabelKey=LabelValue in their Kubernetes labels are matched. LabelKey must be exactly matched, while LabelValue supports regular expression matching. |
excludeK8sLabels |
Map<String,String> |
Definition Kubernetes label blacklist. When configuring CCE application log ingestion, you can specify containers whose logs are not to be collected by adding Kubernetes label blacklists in the format of LabelKey:LabelValue. You can add up to 30 LabelKey:LabelValue pairs.
If LabelValue is empty, all containers with the specified LabelKey in their Kubernetes labels are excluded. If LabelValue is not empty, only containers with LabelKey=LabelValue in their Kubernetes labels are excluded. LabelKey must be exactly matched, while LabelValue supports regular expression matching. |
logK8s |
Map<String,String> |
Definition Kubernetes label. When configuring CCE application log ingestion, you can use this parameter to add Kubernetes label fields to logs. For example, if you set app as the LabelKey and app_alias as the LabelValue, when a container's labels contain app=lts, the field {app_alias:lts} will be added to the logs of that container. |
repeat_collect |
Boolean |
Definition Whether repeated file collection is allowed. Range
|
system_fields |
Array of strings |
Definition System built-in fields. When configuring a log ingestion rule, you can specify system fields to include in the tag data of each log reported. If this parameter is modified, the original configuration will be overwritten.
|
custom_key_value |
Map<String,String> |
Definition Custom key-value pairs. When configuring log ingestion, you can configure up to 20 custom key-value pairs to be included as fields in the tag data of each log reported. If this parameter is modified, the original configuration will be overwritten.
|
includeLabelsLogical |
String |
Definition Logic for multiple container label whitelists, which determines how the whitelists are applied. The value can be AND (all whitelists must be met) or OR (default value; any whitelist is met). Range
|
excludeLabelsLogical |
String |
Definition Logic for multiple container label blacklists, which determines how the blacklists are applied. The value can be AND (all blacklists must be met) or OR (default value; any blacklist is met). Range
|
includeK8sLabelsLogical |
String |
Definition Logic for multiple Kubernetes label whitelists, which determines how the whitelists are applied. The value can be AND (all whitelists must be met) or OR (default value; any whitelist is met). Range
|
excludeK8sLabelsLogical |
String |
Definition Logic for multiple Kubernetes label blacklists, which determines how the blacklists are applied. The value can be AND (all blacklists must be met) or OR (default value; any blacklist is met). Range
|
includeEnvsLogical |
String |
Definition Logic for multiple environment variable whitelists, which determines how the whitelists are applied. The value can be AND (all whitelists must be met) or OR (default value; any whitelist is met). Range
|
excludeEnvsLogical |
String |
Definition Logic for multiple environment variable blacklists, which determines how the blacklists are applied. The value can be AND (all blacklists must be met) or OR (default value; any blacklist is met). Range
|
Parameter |
Type |
Description |
---|---|---|
single |
Definition Single-line log. Each log line is displayed as a separate log event on the LTS console. |
|
multi |
Definition Multi-line log. Multiple consecutive log lines are displayed as one log event on the LTS console. |
Parameter |
Type |
Description |
---|---|---|
mode |
String |
Definition Single-line log collection mode. Range
|
value |
String |
Definition Log time.
Range N/A |
Parameter |
Type |
Description |
---|---|---|
mode |
String |
Definition Multi-line log collection mode. Range
|
value |
String |
Definition Log time.
Range N/A |
Parameter |
Type |
Description |
---|---|---|
categorys |
Array of strings |
Definition Type of Windows event logs to be collected. There are four types:
|
time_offset |
AccessConfigTimeOffset object |
Definition Offset of the first collection time. This parameter is used to correct the time deviation or calculate the relative time. If you set this parameter to 7, logs generated within the seven days before the collection start time are collected. This offset takes effect only for the first collection to ensure that the logs are not repeatedly collected. |
event_level |
Array of strings |
Definition Event level. You can filter Windows events based on their levels. This function is available only to Windows Vista or later. There are five levels:
|
Parameter |
Type |
Description |
---|---|---|
offset |
Long |
Definition Time offset.
Range N/A |
unit |
String |
Definition Unit of the offset time.
Range N/A |
Parameter |
Type |
Description |
---|---|---|
log_group_id |
String |
Definition Log group ID. Range N/A |
log_stream_id |
String |
Definition Log stream ID. Range N/A |
log_group_name |
String |
Definition Log group name. Range N/A |
log_stream_name |
String |
Definition Log stream name. Range N/A |
Parameter |
Type |
Description |
---|---|---|
host_group_id_list |
Array of strings |
Definition Host group ID list. |
Parameter |
Type |
Description |
---|---|---|
key |
String |
Definition Tag key. Range
|
value |
String |
Definition Tag value. Range
|
Parameter |
Type |
Description |
---|---|---|
field_name |
String |
Definition Parsing fields of the sample log event. Range N/A |
field_value |
String |
Definition Value of a field in a sample log. Range N/A |
Parameter |
Type |
Description |
---|---|---|
type |
String |
Definition Structuring parsing type. The values are as follows:
Range N/A |
detail |
Detail object |
Definition Structuring parsing configuration information. |
Parameter |
Type |
Description |
---|---|---|
source_key |
String |
Definition Original field for storing log content before log structuring parsing. The default value is content. Range N/A |
regex |
String |
Definition Regular expression. Regular expression used to match logs. Range N/A |
keys |
Array of strings |
Definition Name of an extracted field. Set a corresponding field name for the extracted log content. |
multi_line_regex |
String |
Definition First line regular expression. Range N/A |
keep_source |
Boolean |
Definition Whether to upload raw logs. Range true: retains raw logs. false: does not retain raw logs. |
keep_source_if_parse_error |
Boolean |
Definition Whether to upload logs that fail to be parsed. Range true: uploads logs that fail to be parsed. false: does not upload logs that fail to be parsed. |
split_sep |
String |
Definition Delimiters. Set delimiters based on the log content, for example, vertical bar (|). Range N/A |
split_type |
String |
Definition Delimiter type. The value can be char (single character), special_char (invisible characters), or string. Range N/A |
fields |
Map<String,String> |
Definition Field name and value to be added, in the key-value pair format. You can add multiple key-value pairs. |
drop_keys |
Array of strings |
Definition List of discarded fields. |
source_keys |
Array of strings |
Definition Original field to be renamed. |
dest_keys |
Array of strings |
Definition Renamed field. |
expand_depth |
Integer |
Definition Depth of JSON expansion. The default value is 0, indicating that there is no limit. 1 indicates the one level, and so on. Range N/A |
expand_connector |
String |
Definition Connector for JSON expansion. The default value is a period (.). Range N/A |
source_format |
String |
Definition Format of the original time. Range N/A |
source_value |
String |
Definition Field value of the original time. Range N/A |
set_time |
Boolean |
Definition Whether to set the parsed time as the log time. Range N/A |
include |
Map<String,String> |
Definition Log filtering whitelist rule, in the format of key-value pairs. Each key indicates a log field and must be unique, with a maximum of 256 characters. The corresponding value is a regular expression that specifies the filtering criteria. |
exclude |
Map<String,String> |
Definition Log filtering blacklist rule, in the format of key-value pairs. Each key indicates a log field and must be unique, with a maximum of 256 characters. The corresponding value is a regular expression that specifies the filtering criteria. |
Status code: 400
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Definition Error code. For details, see Error Codes. Range N/A |
error_msg |
String |
Definition Error message. Range N/A |
Status code: 500
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Definition Error code. For details, see Error Codes. Range N/A |
error_msg |
String |
Definition Error message. Range N/A |
Example Requests
Modifying a Log Ingestion Configuration (for ECS)
PUT https://{endpoint}/v3/{project_id}/lts/access-config { "access_config_id" : "ed90802a-8475-4702-955e-e3ee16a5dde9", "access_config_detail" : { "paths" : [ "/test/222", "/test/111" ], "black_paths" : [ ], "format" : { "multi" : { "mode" : "regular", "value" : "aaaa" } }, "windows_log_info" : { "categorys" : [ "Application", "System" ], "time_offset" : { "offset" : 7, "unit" : "day" }, "event_level" : [ "information", "warning", "error", "critical", "verbose" ] } }, "host_group_info" : { "host_group_id_list" : [ "de4dbed4-a3bc-4877-a7ee-096a2a63e036" ] }, "access_config_tag" : [ { "key" : "xxx", "value" : "xxx" }, { "key" : "xxx1", "value" : "xxx1" } ] }
Example Responses
Status code: 200
Ingestion configuration modified.
{ "access_config_detail" : { "black_paths" : [ "/wjy/hei/tesxxx", "/wjy/hei/tesxxx" ], "format" : { "single" : { "mode" : "wildcard", "value" : "1111" } }, "paths" : [ "/wjy/tesxxx" ], "windows_log_info" : { "categorys" : [ "System", "Application", "Security", "Setup" ], "event_level" : [ "information", "warning", "error", "critical", "verbose" ], "time_offset" : { "offset" : 168, "unit" : "hour" } } }, "access_config_id" : "aa58d29e-21a9-4761-ba16-8cxxxxd", "access_config_name" : "CollectionWjy_xxxxt2", "access_config_tag" : [ { "key" : "xxx", "value" : "xxx" }, { "key" : "xxx1", "value" : "xxx1" } ], "access_config_type" : "AGENT", "create_time" : 163504332654, "host_group_info" : { "host_group_id_list" : [ "de4dbed4-a3bc-4877-a7ee-09xxxxxx" ] }, "log_info" : { "log_group_id" : "9a7e2183-2d6d-4732-9axxxxx49e0", "log_group_name" : "lts-groupxxxa", "log_stream_id" : "c4de0538-53e6-41fd-b951-xxxx8d7", "log_stream_name" : "lts-topixxx" } }
Status code: 400
Invalid request. Modify the request based on the description in error_msg before a retry.
{ "error_code" : "LTS.1807", "error_msg" : "Invalid access config id" }
Status code: 500
The server has received the request but encountered an internal error.
{ "error_code" : "LTS.0010", "error_msg" : "The system encountered an internal error" }
SDK Sample Code
The SDK sample code is as follows.
Modifying a Log Ingestion Configuration (for ECS)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateAccessConfigSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateAccessConfigRequest request = new UpdateAccessConfigRequest(); UpdateAccessConfigRequestBody body = new UpdateAccessConfigRequestBody(); List<AccessConfigTag> listbodyAccessConfigTag = new ArrayList<>(); listbodyAccessConfigTag.add( new AccessConfigTag() .withKey("xxx") .withValue("xxx") ); listbodyAccessConfigTag.add( new AccessConfigTag() .withKey("xxx1") .withValue("xxx1") ); List<String> listHostGroupInfoHostGroupIdList = new ArrayList<>(); listHostGroupInfoHostGroupIdList.add("de4dbed4-a3bc-4877-a7ee-096a2a63e036"); AccessConfigHostGroupIdList hostGroupInfobody = new AccessConfigHostGroupIdList(); hostGroupInfobody.withHostGroupIdList(listHostGroupInfoHostGroupIdList); List<AccessConfigWindowsLogInfoUpdate.EventLevelEnum> listWindowsLogInfoEventLevel = new ArrayList<>(); listWindowsLogInfoEventLevel.add(AccessConfigWindowsLogInfoUpdate.EventLevelEnum.fromValue("information")); listWindowsLogInfoEventLevel.add(AccessConfigWindowsLogInfoUpdate.EventLevelEnum.fromValue("warning")); listWindowsLogInfoEventLevel.add(AccessConfigWindowsLogInfoUpdate.EventLevelEnum.fromValue("error")); listWindowsLogInfoEventLevel.add(AccessConfigWindowsLogInfoUpdate.EventLevelEnum.fromValue("critical")); listWindowsLogInfoEventLevel.add(AccessConfigWindowsLogInfoUpdate.EventLevelEnum.fromValue("verbose")); AccessConfigTimeOffsetCreate timeOffsetWindowsLogInfo = new AccessConfigTimeOffsetCreate(); timeOffsetWindowsLogInfo.withOffset(7L) .withUnit(AccessConfigTimeOffsetCreate.UnitEnum.fromValue("day")); List<AccessConfigWindowsLogInfoUpdate.CategorysEnum> listWindowsLogInfoCategorys = new ArrayList<>(); listWindowsLogInfoCategorys.add(AccessConfigWindowsLogInfoUpdate.CategorysEnum.fromValue("Application")); listWindowsLogInfoCategorys.add(AccessConfigWindowsLogInfoUpdate.CategorysEnum.fromValue("System")); AccessConfigWindowsLogInfoUpdate windowsLogInfoAccessConfigDetail = new AccessConfigWindowsLogInfoUpdate(); windowsLogInfoAccessConfigDetail.withCategorys(listWindowsLogInfoCategorys) .withTimeOffset(timeOffsetWindowsLogInfo) .withEventLevel(listWindowsLogInfoEventLevel); AccessConfigFormatMutil multiFormat = new AccessConfigFormatMutil(); multiFormat.withMode(AccessConfigFormatMutil.ModeEnum.fromValue("regular")) .withValue("aaaa"); AccessConfigFormatUpdate formatAccessConfigDetail = new AccessConfigFormatUpdate(); formatAccessConfigDetail.withMulti(multiFormat); List<String> listAccessConfigDetailPaths = new ArrayList<>(); listAccessConfigDetailPaths.add("/test/222"); listAccessConfigDetailPaths.add("/test/111"); AccessConfigDeatilUpdate accessConfigDetailbody = new AccessConfigDeatilUpdate(); accessConfigDetailbody.withPaths(listAccessConfigDetailPaths) .withFormat(formatAccessConfigDetail) .withWindowsLogInfo(windowsLogInfoAccessConfigDetail); body.withAccessConfigTag(listbodyAccessConfigTag); body.withHostGroupInfo(hostGroupInfobody); body.withAccessConfigDetail(accessConfigDetailbody); body.withAccessConfigId("ed90802a-8475-4702-955e-e3ee16a5dde9"); request.withBody(body); try { UpdateAccessConfigResponse response = client.updateAccessConfig(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
Modifying a Log Ingestion Configuration (for ECS)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateAccessConfigRequest() listAccessConfigTagbody = [ AccessConfigTag( key="xxx", value="xxx" ), AccessConfigTag( key="xxx1", value="xxx1" ) ] listHostGroupIdListHostGroupInfo = [ "de4dbed4-a3bc-4877-a7ee-096a2a63e036" ] hostGroupInfobody = AccessConfigHostGroupIdList( host_group_id_list=listHostGroupIdListHostGroupInfo ) listEventLevelWindowsLogInfo = [ "information", "warning", "error", "critical", "verbose" ] timeOffsetWindowsLogInfo = AccessConfigTimeOffsetCreate( offset=7, unit="day" ) listCategorysWindowsLogInfo = [ "Application", "System" ] windowsLogInfoAccessConfigDetail = AccessConfigWindowsLogInfoUpdate( categorys=listCategorysWindowsLogInfo, time_offset=timeOffsetWindowsLogInfo, event_level=listEventLevelWindowsLogInfo ) multiFormat = AccessConfigFormatMutil( mode="regular", value="aaaa" ) formatAccessConfigDetail = AccessConfigFormatUpdate( multi=multiFormat ) listPathsAccessConfigDetail = [ "/test/222", "/test/111" ] accessConfigDetailbody = AccessConfigDeatilUpdate( paths=listPathsAccessConfigDetail, format=formatAccessConfigDetail, windows_log_info=windowsLogInfoAccessConfigDetail ) request.body = UpdateAccessConfigRequestBody( access_config_tag=listAccessConfigTagbody, host_group_info=hostGroupInfobody, access_config_detail=accessConfigDetailbody, access_config_id="ed90802a-8475-4702-955e-e3ee16a5dde9" ) response = client.update_access_config(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
Modifying a Log Ingestion Configuration (for ECS)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" lts "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := lts.NewLtsClient( lts.LtsClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.UpdateAccessConfigRequest{} keyAccessConfigTag:= "xxx" valueAccessConfigTag:= "xxx" keyAccessConfigTag1:= "xxx1" valueAccessConfigTag1:= "xxx1" var listAccessConfigTagbody = []model.AccessConfigTag{ { Key: &keyAccessConfigTag, Value: &valueAccessConfigTag, }, { Key: &keyAccessConfigTag1, Value: &valueAccessConfigTag1, }, } var listHostGroupIdListHostGroupInfo = []string{ "de4dbed4-a3bc-4877-a7ee-096a2a63e036", } hostGroupInfobody := &model.AccessConfigHostGroupIdList{ HostGroupIdList: listHostGroupIdListHostGroupInfo, } var listEventLevelWindowsLogInfo = []model.AccessConfigWindowsLogInfoUpdateEventLevel{ model.GetAccessConfigWindowsLogInfoUpdateEventLevelEnum().INFORMATION, model.GetAccessConfigWindowsLogInfoUpdateEventLevelEnum().WARNING, model.GetAccessConfigWindowsLogInfoUpdateEventLevelEnum().ERROR, model.GetAccessConfigWindowsLogInfoUpdateEventLevelEnum().CRITICAL, model.GetAccessConfigWindowsLogInfoUpdateEventLevelEnum().VERBOSE, } timeOffsetWindowsLogInfo := &model.AccessConfigTimeOffsetCreate{ Offset: int64(7), Unit: model.GetAccessConfigTimeOffsetCreateUnitEnum().DAY, } var listCategorysWindowsLogInfo = []model.AccessConfigWindowsLogInfoUpdateCategorys{ model.GetAccessConfigWindowsLogInfoUpdateCategorysEnum().APPLICATION, model.GetAccessConfigWindowsLogInfoUpdateCategorysEnum().SYSTEM, } windowsLogInfoAccessConfigDetail := &model.AccessConfigWindowsLogInfoUpdate{ Categorys: &listCategorysWindowsLogInfo, TimeOffset: timeOffsetWindowsLogInfo, EventLevel: &listEventLevelWindowsLogInfo, } multiFormat := &model.AccessConfigFormatMutil{ Mode: model.GetAccessConfigFormatMutilModeEnum().REGULAR, Value: "aaaa", } formatAccessConfigDetail := &model.AccessConfigFormatUpdate{ Multi: multiFormat, } var listPathsAccessConfigDetail = []string{ "/test/222", "/test/111", } accessConfigDetailbody := &model.AccessConfigDeatilUpdate{ Paths: &listPathsAccessConfigDetail, Format: formatAccessConfigDetail, WindowsLogInfo: windowsLogInfoAccessConfigDetail, } request.Body = &model.UpdateAccessConfigRequestBody{ AccessConfigTag: &listAccessConfigTagbody, HostGroupInfo: hostGroupInfobody, AccessConfigDetail: accessConfigDetailbody, AccessConfigId: "ed90802a-8475-4702-955e-e3ee16a5dde9", } response, err := client.UpdateAccessConfig(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
Status Code |
Description |
---|---|
200 |
Ingestion configuration modified. |
400 |
Invalid request. Modify the request based on the description in error_msg before a retry. |
500 |
The server has received the request but encountered an internal error. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot