文档首页> 云日志服务 LTS> API参考> API说明> 结构化配置> 创建结构化配置(不推荐)
更新时间:2024-03-01 GMT+08:00

创建结构化配置(不推荐)

功能介绍

该接口用于创建指定日志流下的结构化配置。

调用方法

请参见如何调用API

URI

POST /v2/{project_id}/lts/struct/template

表1 路径参数

参数

是否必选

参数类型

描述

project_id

String

项目ID,获取方式请参见:获取项目ID,获取账号ID,日志组ID、日志流ID

缺省值:None

最小长度:32

最大长度:32

请求参数

表2 请求Header参数

参数

是否必选

参数类型

描述

X-Auth-Token

String

从IAM服务获取的用户Token,获取方式请参见:获取用户Token

缺省值:None

最小长度:1000

最大长度:2000

Content-Type

String

该字段填为:application/json;charset=UTF-8。

缺省值:None

最小长度:30

最大长度:30

表3 请求Body参数

参数

是否必选

参数类型

描述

log_group_id

String

日志组ID

缺省值:None

最小长度:36

最大长度:36

log_stream_id

String

日志流ID

缺省值:None

最小长度:36

最大长度:36

project_id

String

项目ID 缺省值:None

最小长度:32

最大长度:32

content

String

填写一条示例日志。

demo_fields

Array of DemoFields objects

示例字段列表。

说明:

demo_fields中的字段顺序,须和content中的字段顺序保持一致。

最大个数:200

parse_type

String

结构化类型参数(json、split、nginx、built_in、custom_regex)。

regex_rules

String

正则表达式(使用正则结构化规则时候需要)。

最大长度:5000

layers

Integer

最大解析层数(使用JSON方式结构化需要)。

最大值:3

tokenizer

String

分隔符(使用分隔符结构化时需要)。

log_format

String

Nginx配置规则(使用分隔符结构化时需要)。

tag_fields

Array of TagField objects

tag字段列表(使用tag字段解析时需要,其中系统模板不支持使用tag字段)。 最大个数:200

rule

RuleSGQSGQSGQ object

结构化方式

表4 DemoFields

参数

是否必选

参数类型

描述

fieldName

String

字段名称

缺省值:None

最小长度:1

最大长度:50

userDefinedName

String

自定义别名(json,Nginx方式中按需添加)

缺省值:None

最小长度:1

最大长度:64

type

String

字段数据类型。 可选范围:string、long、float

isAnalysis

Boolean

预留字段。

content

String

字段内容。

说明:

在系统模板中,此参数为demoLog。

index

Integer

序号

表5 TagField

参数

是否必选

参数类型

描述

fieldName

String

字段名称

缺省值:None

最小长度:1

最大长度:50

content

String

示例字段。

缺省值:None

最小长度:1

最大长度:64

type

String

字段数据类型。可选范围:string、long、float

isAnalysis

Boolean

预留字段。

表6 RuleSGQSGQSGQ

参数

是否必选

参数类型

描述

type

String

内置系统模板类型

param

String

系统iton模板名称

响应参数

状态码: 400

表7 响应Body参数

参数

参数类型

描述

error_code

String

错误码。

枚举值:

  • SVCSTG.ALS.200201

  • SVCSTG.ALS.200340

  • SVCSTG.ALS.200332

  • SVCSTG.ALS.200209

  • SVCSTG.ALS.200.339

error_msg

String

调用失败响应信息描述。

枚举值:

  • parseType is invalid/ smart extra failed./ The number of demo_fields and rules is not equal

  • {字段名/别名} is repeated with internal fields

  • userDefinedName repeat./ field name repeat

  • check logContent type error

  • nginx log_format is error

状态码: 401

表8 响应Body参数

参数

参数类型

描述

error_code

String

错误码。

枚举值:

  • LTS.0403

error_msg

String

调用失败响应信息描述。

枚举值:

  • Invalid projectId

状态码: 403

表9 响应Body参数

参数

参数类型

描述

error_code

String

错误码。

枚举值:

  • LTS.0403

error_msg

String

调用失败响应信息描述。

枚举值:

  • Invalid projectId

状态码: 500

表10 响应Body参数

参数

参数类型

描述

error_code

String

错误码。

枚举值:

  • LTS.0500

error_msg

String

调用失败响应信息描述。

枚举值:

  • Failed to query lts struct log

请求示例

  • 正则方式:

    POST https://{endpoint}/v2/{project_id}/lts/struct/template
    
    {
      "content" : "2021-09-09/18:15:41 this log is Error NO 6323",
      "parse_type" : "custom_regex",
      "demo_fields" : [ {
        "fieldName" : "a01",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "a02",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "a03",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "a04",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "a05",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "a06",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "a07",
        "type" : "long",
        "isAnalysis" : true
      } ],
      "regex_rules" : "^(?<a01>[^ ]+)(?:[^ ]* ){1}(?<a02>\\w+)(?:[^ ]* ){1}(?<a03>\\w+)(?:[^ ]* ){1}(?<a04>\\w+)(?:[^ ]* ){1}(?<a05>\\w+)(?:[^ ]* ){1}(?<a06>\\w+)(?:[^ ]* ){1}(?<a07>\\d+)",
      "log_group_id" : "ada6ce6b-17ba-43f3-a27f-aa563b4ab14e",
      "log_stream_id" : "ff8bd110-dc44-4692-af74-d3b1f6197887",
      "project_id" : " ",
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "hostName",
        "content" : "ecs-ictest",
        "type" : "string",
        "isAnalysis" : true
      } ]
    }
  • JSON方式:

    {
      "log_group_id" : "ada6ce6b-17ba-43f3-a27f-aa563b4ab14e",
      "log_stream_id" : "ff8bd110-dc44-4692-af74-d3b1f6197887",
      "project_id" : " ",
      "content" : "{'code':38,'tracker_name':'global','record_time':'1597042370464','user':{'name':'testdemo','id':'123456789'}}",
      "parse_type" : "json",
      "layers" : 3,
      "demo_fields" : [ {
        "fieldName" : "code",
        "type" : "long",
        "userDefinedName" : "jl",
        "isAnalysis" : true
      }, {
        "fieldName" : "record_time",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "tracker_name",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "user.id",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "user.name",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "hostName",
        "content" : "ecs-ictest",
        "type" : "string",
        "isAnalysis" : true
      } ]
    }
  • 分隔符:

    {
      "content" : "2021-09-09/18:50:51 this log is Error NO 37",
      "demo_fields" : [ {
        "fieldName" : "b1",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "b2",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "b3",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "b4",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "b5",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "b6",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "b7",
        "type" : "long",
        "isAnalysis" : true
      } ],
      "parse_type" : "split",
      "tokenizer" : " ",
      "log_group_id" : "ada6ce6b-17ba-43f3-a27f-aa563b4ab14e",
      "log_stream_id" : "ff8bd110-dc44-4692-af74-d3b1f6197887",
      "project_id" : "",
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "hostName",
        "content" : "ecs-ictest",
        "type" : "string",
        "isAnalysis" : true
      } ]
    }
  • Nginx:

    {
      "log_group_id" : "d1f4240d-5ee2-4e0b-9e2c-e25c7978c001",
      "log_stream_id" : "60906859-e91e-4d4a-9a21-ae319f544567",
      "project_id" : "2a473356cca5487f8373be891bffc1cf",
      "content" : "192.168.0.0 - sgq [12/Mar/2020:12:24:02 +0800] \"GET / 127/query\" 304 0 \"-\" \"Mozilla/5.0\" \"-\"",
      "parse_type" : "nginx",
      "log_format" : "log_format  main   '$remote_addr - $remote_user [$time_local] \"$request\" '                            '$status $body_bytes_sent \"$http_referer\" '                            '\"$http_user_agent\" \"$http_x_forwarded_for\"';",
      "demo_fields" : [ {
        "fieldName" : "body_bytes_sent",
        "content" : "0",
        "type" : "long",
        "isAnalysis" : false
      }, {
        "fieldName" : "http_referer",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "http_user_agent",
        "content" : "Mozilla/5.0",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "http_x_forwarded_for",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "remote_addr",
        "content" : "192.168.0.0",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "remote_user",
        "content" : "sgq",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "request_method",
        "content" : "GET",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "request_uri",
        "content" : "/",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "status",
        "content" : "304",
        "type" : "long",
        "isAnalysis" : false
      }, {
        "fieldName" : "time_local",
        "content" : "12/Mar/2020:12:24:02",
        "type" : "string",
        "isAnalysis" : false
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "hostName",
        "content" : "ecs-ictest",
        "type" : "string",
        "isAnalysis" : true
      } ]
    }
  • CTS:

    {
      "content" : "{\"code\":\"201\",\"source_ip\":\"10.10.1.10\",\"trace_type\":\"ApiCall\",\"event_type\":\"global\",\"project_id\":\"221123nsada3sda3231das3111ndsab\",\"trace_id\":\"1eesdd-dad6-11dsaea-edaxfeqdf\",\"trace_name\":\"demodemodemo\",\"resource_type\":\"token\",\"trace_rating\":\"normal\",\"service_type\":\"IAM\",\"resource_id\":\"98763hkjhdteoi03861732hjh7983bhd\",\"tracker_name\":\"global\",\"time\":\"1597042369296\",\"resource_name\":\"demodemodemo/demo\",\"record_time\":\"1597042370464\",\"user\":{\"domain\":{\"name\":\"testdemo\",\"id\":\"21185d8818e443e1ryjkh71622f09212b\"},\"name\":\"testdemo/demo\",\"id\":\"6hfakl86faqw87dsasasadf09ajbml\"}}",
      "demo_fields" : [ {
        "fieldName" : "code",
        "content" : "201",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "event_type",
        "content" : "global",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "project_id",
        "content" : "221123nsada3sda3231das3111ndsab",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "record_time",
        "content" : "1597042370464",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "resource_id",
        "content" : "98763hkjhdteoi03861732hjh7983bhd",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "resource_name",
        "content" : "demodemodemo/demo",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "resource_type",
        "content" : "token",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "service_type",
        "content" : "IAM",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "source_ip",
        "content" : "10.10.1.10",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "time",
        "content" : "1597042369296",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "trace_id",
        "content" : "1eesdd-dad6-11dsaea-edaxfeqdf",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "trace_name",
        "content" : "demodemodemo",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "trace_rating",
        "content" : "normal",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "trace_type",
        "content" : "ApiCall",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "tracker_name",
        "content" : "global",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "user.domain.id",
        "content" : "21185d8818e443e1ryjkh71622f09212b",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "user.domain.name",
        "content" : "testdemo",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "user.id",
        "content" : "6hfakl86faqw87dsasasadf09ajbml",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "user.name",
        "content" : "testdemo/demo",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "CTS"
      },
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "hostName",
        "content" : "ecs-ictest",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • ELB:

    {
      "content" : "1594727856.337 e7c37d97-e922-457c-bbf3-dsadeqac 2020-07-14T19:57:36+08:00 elb_01 192.0.0.0:88888 200 \"GET http://prod.sss.ads.sg2.aaa/loc/ation?version=3&ip=100.0.0.0&coordinate=27.7044784,85.3007481&device_id=dsadsadasdsadasd&beyla_id=wqeb123ndadsa233ddada HTTP/1.1\" 233 293 138 0.001 \"200\" \"0.000\" \"0.001\" \"0.001\" \"100.0.0.0:9999\" \"lua-resty-http/0.14 (Lua) ngx_lua/10000\" \"-\" \"-\" loadbalancer_edsaee-4c9c-b467-5b8126b2f7f7dsa listener_6077809b-913f-466d-a96c-376f08882d5d 08cc2b3f68aa4dddd1e6a90dddd1688348a4480 pool_b2f2966c-043d-4674-ad4b-c15f2adb2c6b \"-\" 2fb78dsadadq1213das1121dab146ad3cb0 -:80 \"101.0.0.0:10000\" - - - - 9739",
      "demo_fields" : [ {
        "fieldName" : "msec",
        "content" : "1594727856.337",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "access_log_topic_id",
        "content" : "e7c37d97-e922-457c-bbf3-dsadeqac",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "time_iso8601",
        "content" : "2020-07-14T19:57:36+08:00",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_ver",
        "content" : "elb_01",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "remote_addr",
        "content" : "192.0.0.0",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "remote_port",
        "content" : "88888",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "status",
        "content" : "200",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "request_method",
        "content" : "GET",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "scheme",
        "content" : "http",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "host",
        "content" : "prod.sss.ads.sg2.aaa",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "router_request_uri",
        "content" : "loc/ation?version=3&ip=100.0.0.0&coordinate=27.7044784,85.3007481&device_id=dsadsadasdsadasd&beyla_id=wqeb123ndadsa233ddada",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "server_protocol",
        "content" : "HTTP/1.1",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "request_length",
        "content" : "233",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "bytes_sent",
        "content" : "293",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "body_bytes_sent",
        "content" : "138",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "request_time",
        "content" : "0.001",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "upstream_status",
        "content" : "200",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "upstream_connect_time",
        "content" : "0.000",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "upstream_header_time",
        "content" : "0.001",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "upstream_response_time",
        "content" : "0.001",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "upstream_addr",
        "content" : "100.0.0.0:9999",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "http_user_agent",
        "content" : "lua-resty-http/0.14 (Lua) ngx_lua/10000",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "http_referer",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "http_x_forwarded_for",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "lb_name",
        "content" : "loadbalancer_edsaee-4c9c-b467-5b8126b2f7f7dsa",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "listener_name",
        "content" : "listener_6077809b-913f-466d-a96c-376f08882d5d",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "listener_id",
        "content" : "08cc2b3f68aa4dddd1e6a90dddd1688348a4480",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "pool_name",
        "content" : "pool_b2f2966c-043d-4674-ad4b-c15f2adb2c6b",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "member_name",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "tenant_id",
        "content" : "2fb78dsadadq1213das1121dab146ad3cb0",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "eip_address",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "eip_port",
        "content" : "80",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "upstream_addr_priv",
        "content" : "101.0.0.0:10000",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "certificate_id",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "ssl_protocol",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "ssl_cipher",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "sni_domain_name",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "tcpinfo_rtt",
        "content" : "9739",
        "type" : "long",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "ELB"
      },
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "hostName",
        "content" : "ecs-ictest",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • VPC:

    {
      "content" : "1 5f67944957444bd6bb4fe3b367de8f3d 1d515d18-1b36-47dc-a983-bd6512aed4bd 192.168.0.154 192.168.3.25 38929 53 17 1 96 1548752136 1548752736 ACCEPT OK",
      "demo_fields" : [ {
        "fieldName" : "version",
        "content" : 1,
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "project_id",
        "content" : "5f67944957444bd6bb4fe3b367de8f3d",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "interface_id",
        "content" : "1d515d18-1b36-47dc-a983-bd6512aed4bd",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "srcaddr",
        "content" : "192.168.0.154",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "dstaddr",
        "content" : "192.168.3.25",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "srcport",
        "content" : "38929",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "dstport",
        "content" : "53",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "protocol",
        "content" : "17",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "packets",
        "content" : "1",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "bytes",
        "content" : "96",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "start",
        "content" : "1548752136",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "end",
        "content" : "1548752736",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "action",
        "content" : "ACCEPT",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_status",
        "content" : "OK",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "VPC"
      },
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "hostName",
        "content" : "ecs-ictest",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • APIG:

    {
      "content" : "100.125.7.59 f57f6523b675504a23887d0f5c1c8ef3 f5ea2360a2fa443cac236b76f4052ad6 - - [27/Jan/2022:15:56:44 +0800] 0.113 GET http://c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com /api/echo HTTP/1.1 200 1443 408 \"APIGatewayDebugClient/1.0\" \"-\" \"100.125.2.39:443\" /v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations \"200\" \"0.010\" \"0.083\" \"0.083\" cn-north-4 0.083 0 - - - 0.03000020980835 - - \"-\" 486 HttpEchoDemo - - - \"-\" \"-\" \"-\" \"-\" \"-\" \"-\" \"-\" \"-\" \"-\" \"-\" remote",
      "demo_fields" : [ {
        "fieldName" : "my_remote_addr",
        "content" : "100.125.7.59",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "request_id",
        "content" : "f57f6523b675504a23887d0f5c1c8ef3",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "api_id",
        "content" : "f5ea2360a2fa443cac236b76f4052ad6",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "user_name",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "app_id",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "time_local",
        "content" : "27/Jan/2022:15:56:44",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "request_time",
        "content" : "0.113",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "request_method",
        "content" : "GET",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "scheme",
        "content" : "http",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "host",
        "content" : "c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "router_uri",
        "content" : "/api/echo",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "server_protocol",
        "content" : "HTTP/1.1",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "status",
        "content" : "200",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "bytes_sent",
        "content" : "1443",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "request_length",
        "content" : "408",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "http_user_agent",
        "content" : "APIGatewayDebugClient/1.0",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "http_x_forwarded_for",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "upstream_addr",
        "content" : "100.125.2.39:443",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "upstream_uri",
        "content" : "/v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "upstream_status",
        "content" : "200",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "upstream_connect_time",
        "content" : "0.010",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "upstream_header_time",
        "content" : "0.083",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "upstream_response_time",
        "content" : "0.083",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "region_id",
        "content" : "cn-north-4",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "all_upstream_response_time",
        "content" : "0.083",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "errorType",
        "content" : "0",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "auth_type",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "access_model1",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "access_model2",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "inner_time",
        "content" : "0.03000020980835",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "proxy_protocol_vni",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "proxy_protocol_vpce_id",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "proxy_protocol_addr",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "body_bytes_sent",
        "content" : "486",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "api_name",
        "content" : "HttpEchoDemo",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "app_name",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "provider_app_id",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "provider_app_name",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "custom_data_log1",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "custom_data_log2",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "custom_data_log3",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "custom_data_log4",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "custom_data_log5",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "custom_data_log6",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "custom_data_log7",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "custom_data_log8",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "custom_data_log9",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "custom_data_log10",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "response_source",
        "content" : "remote",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "APIG"
      },
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "hostName",
        "content" : "ecs-ictest",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建DDS审计日志的结构化配置

    {
      "content" : "{\"time\": 1640966500017, \"instance_id\": \"199a1e5a-8a37-40b9-899e-0ab6805c69eb\", \"server_addr\": \"192.168.0.1\", \"role\": \"proxy\", \"client_addr\": \"10.0.0.1\", \"client_type\": \"0\", \"user\": \"default\", \"db\": 1, \"command_name\": \"DEL\", \"command_type\": \"string\", \"command_keys\": [\"key1\", \"key2\", \"key3\"], \"command_param\": \"DEL key1 key2 key3\", \"use_time\": 500, \"extend\": \"\"}",
      "demo_fields" : [ {
        "fieldName" : "time",
        "content" : "1640966500017",
        "type" : "long"
      }, {
        "fieldName" : "instance_id",
        "content" : "199a1e5a-8a37-40b9-899e-0ab6805c69eb",
        "type" : "string"
      }, {
        "fieldName" : "server_addr",
        "content" : "192.168.0.1",
        "type" : "string"
      }, {
        "fieldName" : "role",
        "content" : "proxy",
        "type" : "string"
      }, {
        "fieldName" : "client_addr",
        "content" : "10.0.0.1",
        "type" : "string"
      }, {
        "fieldName" : "client_type",
        "content" : "0",
        "type" : "string"
      }, {
        "fieldName" : "user",
        "content" : "default",
        "type" : "string"
      }, {
        "fieldName" : "db",
        "content" : "1",
        "type" : "long"
      }, {
        "fieldName" : "command_name",
        "content" : "DEL",
        "type" : "string"
      }, {
        "fieldName" : "command_type",
        "content" : "string",
        "type" : "string"
      }, {
        "fieldName" : "command_keys",
        "content" : "[\"key1\",\"key2\",\"key3\"]",
        "type" : "string"
      }, {
        "fieldName" : "command_param",
        "content" : "DEL key1 key2 key3",
        "type" : "string"
      }, {
        "fieldName" : "use_time",
        "content" : "500",
        "type" : "long"
      }, {
        "fieldName" : "extend",
        "content" : "",
        "type" : "string"
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "DCS_AUDIT"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建NGINX方式的结构化配置

    {
      "content" : "192.168.1.101 - [27/Aug/2018:14:20:29 +0800] \"GET http://www.example.com / HTTP/1.0\" 200 8796 6775 \"-\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36\" \"-\" \"0.185\" \"0.010\" 12.129.120.121:8090 200 794",
      "demo_fields" : [ {
        "fieldName" : "remote_addr",
        "content" : "192.168.1.101",
        "type" : "string"
      }, {
        "fieldName" : "remote_user",
        "content" : "-",
        "type" : "string"
      }, {
        "fieldName" : "time_local",
        "content" : "27/Aug/2018:14:20:29",
        "type" : "string"
      }, {
        "fieldName" : "request_method",
        "content" : "GET",
        "type" : "string"
      }, {
        "fieldName" : "scheme",
        "content" : "http",
        "type" : "string"
      }, {
        "fieldName" : "host",
        "content" : "www.example.com",
        "type" : "string"
      }, {
        "fieldName" : "request_uri",
        "content" : "/",
        "type" : "string"
      }, {
        "fieldName" : "server_protocol",
        "content" : "HTTP/1.0",
        "type" : "string"
      }, {
        "fieldName" : "status",
        "content" : "200",
        "type" : "long"
      }, {
        "fieldName" : "bytes_sent",
        "content" : "8796",
        "type" : "long"
      }, {
        "fieldName" : "body_bytes_sent",
        "content" : "6775",
        "type" : "long"
      }, {
        "fieldName" : "http_referer",
        "content" : "-",
        "type" : "string"
      }, {
        "fieldName" : "http_user_agent",
        "content" : "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36",
        "type" : "string"
      }, {
        "fieldName" : "http_x_forwarded_for",
        "content" : "-",
        "type" : "string"
      }, {
        "fieldName" : "request_time",
        "content" : "0.185",
        "type" : "float"
      }, {
        "fieldName" : "upstream_response_time",
        "content" : "0.010",
        "type" : "float"
      }, {
        "fieldName" : "upstream_addr",
        "content" : "12.129.120.121:8090",
        "type" : "string"
      }, {
        "fieldName" : "upstream_status",
        "content" : "200",
        "type" : "long"
      }, {
        "fieldName" : "request_length",
        "content" : "794",
        "type" : "long"
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "NGINX"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建GAUSSDB_OPENGAUSS_AUDIT方式的结构化配置

    {
      "content" : "{\"username\":\"rdsAdmin\",\"client_conninfo\":\"cm_agent@10.254.95.70\",\"instanceId\":\"96e86f462bbc4f2286d7c8274815d0fein14\",\"detail_info\":\"xid=30818, SET statement_timeout = 10000000;n\",\"thread_id\":\"140463114942208@713872403507507\",\"result\":\"ok\",\"database\":\"postgres\",\"local_port\":\"8001\",\"userid\":\"10\",\"nodeId\":\"06c267fad8054a0abcb17cfa3b8f260cno14\",\"node_name\":\"dn_6001_6002_6003\",\"object_name\":\"statement_timeout\",\"time\":\"2022-08-15 17:53:23+08\",\"type\":\"set_parameter\",\"remote_port\":\"50952\"}",
      "demo_fields" : [ {
        "fieldName" : "username",
        "content" : "rdsAdmin",
        "type" : "string"
      }, {
        "fieldName" : "client_conninfo",
        "content" : "cm_agent@10.254.95.70",
        "type" : "string"
      }, {
        "fieldName" : "instanceId",
        "content" : "96e86f462bbc4f2286d7c8274815d0fein14",
        "type" : "string"
      }, {
        "fieldName" : "detail_info",
        "content" : "xid=30818, SET statement_timeout = 10000000;n",
        "type" : "string"
      }, {
        "fieldName" : "thread_id",
        "content" : "140463114942208@713872403507507",
        "type" : "string"
      }, {
        "fieldName" : "result",
        "content" : "ok",
        "type" : "string"
      }, {
        "fieldName" : "database",
        "content" : "postgres",
        "type" : "string"
      }, {
        "fieldName" : "local_port",
        "content" : "8001",
        "type" : "string"
      }, {
        "fieldName" : "userid",
        "content" : "10",
        "type" : "string"
      }, {
        "fieldName" : "nodeId",
        "content" : "06c267fad8054a0abcb17cfa3b8f260cno14",
        "type" : "string"
      }, {
        "fieldName" : "node_name",
        "content" : "dn_6001_6002_6003",
        "type" : "string"
      }, {
        "fieldName" : "object_name",
        "content" : "statement_timeout",
        "type" : "string"
      }, {
        "fieldName" : "time",
        "content" : "2022-08-15 17:53:23+08",
        "type" : "string"
      }, {
        "fieldName" : "type",
        "content" : "set_parameter",
        "type" : "string"
      }, {
        "fieldName" : "remote_port",
        "content" : "50952",
        "type" : "string"
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "GAUSSDB_OPENGAUSS_AUDIT"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建TOMCAT方式的结构化配置

    {
      "content" : "192.168.12.2 - - [07/Mar/2018:09:49:55 +0800] \"GET /logHello/test HTTP/1.1\" 200 1943",
      "demo_fields" : [ {
        "fieldName" : "remote_ip_address",
        "content" : "192.168.12.2",
        "type" : "string"
      }, {
        "fieldName" : "remote_logical_username",
        "content" : "-",
        "type" : "string"
      }, {
        "fieldName" : "remote_user_authenticated",
        "content" : "-",
        "type" : "string"
      }, {
        "fieldName" : "time_local",
        "content" : "07/Mar/2018:09:49:55",
        "type" : "string"
      }, {
        "fieldName" : "scheme",
        "content" : "GET",
        "type" : "string"
      }, {
        "fieldName" : "router_uri",
        "content" : "/logHello/test",
        "type" : "string"
      }, {
        "fieldName" : "server_protocol",
        "content" : "HTTP/1.1",
        "type" : "string"
      }, {
        "fieldName" : "status",
        "content" : "200",
        "type" : "long"
      }, {
        "fieldName" : "bytes_sent",
        "content" : "1943",
        "type" : "long"
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "hostName",
        "content" : "ecs-ictest",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "TOMCAT"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建DCS审计日志的结构化配置

    {
      "content" : "{\"topic\":\"auditLog\",\"instanceid\":\"9fbf813bc27e4a3ab54bddf783a4f774in01\",\"nodeid\":\"bf4cb0413d0b4221be94b08471708586no01\",\"db\":\"test\",\"coll\":\"testCollection\",\"optype\":\"update\",\"time\":\"2022-08-05T08:24:15.536+0000\",\"user_ip\":\"10.4.23.205\",\"user_port\":\"47668\",\"user\":\"rw_testuser\",\"param\":{\"command\":\"update\",\"ns\":\"test.testCollection\",\"op\":[{\"q\":{\"vin\":\"LDP31B965NG036174\"},\"u\":{\"$set\":{\"timestamp\":{\"$numberLong\":\"1659687855535\"},\"deviceTime\":{\"$numberLong\":\"1659687855340\"},\"longitude\":\"119.35516805555555\",\"latitude\":\"26.057936388888891\",\"location\":\"119.35516805555555,26.057936388888891\",\"height\":\"10.097286797128618\",\"direction\":\"12\",\"speed\":14,\"accuracy\":\"0\",\"h3Address7\":\"8741b5300ffffff\"}},\"upsert\":true}],\"args\":{\"update\":\"testCollection\",\"ordered\":true,\"$db\":\"test\",\"$clusterTime\":{\"clusterTime\":{\"$timestamp\":{\"t\":1659687855,\"i\":1685}},\"signature\":{\"hash\":{\"$binary\":\"CP5bfEf+gBJZdAxCKtF9HiSeqQY=\",\"$type\":\"00\"},\"keyId\":{\"$numberLong\":\"7102408879899674942\"}}},\"lsid\":{\"id\":{\"$binary\":\"PXVVrbuvRuGkypCbu/oXXQ==\",\"$type\":\"04\"}}}}}",
      "demo_fields" : [ {
        "fieldName" : "topic",
        "content" : "auditLog",
        "type" : "string"
      }, {
        "fieldName" : "instanceid",
        "content" : "9fbf813bc27e4a3ab54bddf783a4f774in01",
        "type" : "string"
      }, {
        "fieldName" : "nodeid",
        "content" : "bf4cb0413d0b4221be94b08471708586no01",
        "type" : "string"
      }, {
        "fieldName" : "db",
        "content" : "test",
        "type" : "string"
      }, {
        "fieldName" : "coll",
        "content" : "testCollection",
        "type" : "string"
      }, {
        "fieldName" : "optype",
        "content" : "update",
        "type" : "string"
      }, {
        "fieldName" : "time",
        "content" : "2022-08-05T08:24:15.536+0000",
        "type" : "string"
      }, {
        "fieldName" : "user_ip",
        "content" : "10.4.23.205",
        "type" : "string"
      }, {
        "fieldName" : "user_port",
        "content" : "47668",
        "type" : "string"
      }, {
        "fieldName" : "user",
        "content" : "rw_testuser",
        "type" : "string"
      }, {
        "fieldName" : "param",
        "content" : "{\"command\":\"update\",\"ns\":\"test.testCollection\",\"op\":[{\"q\":{\"vin\":\"LDP31B965NG036174\"},\"u\":{\"$set\":{\"timestamp\":{\"$numberLong\":\"1659687855535\"},\"deviceTime\":{\"$numberLong\":\"1659687855340\"},\"longitude\":\"119.35516805555555\",\"latitude\":\"26.057936388888891\",\"location\":\"119.35516805555555,26.057936388888891\",\"height\":\"10.097286797128618\",\"direction\":\"12\",\"speed\":14,\"accuracy\":\"0\",\"h3Address7\":\"8741b5300ffffff\"}},\"upsert\":true}],\"args\":{\"update\":\"testCollection\",\"ordered\":true,\"$db\":\"test\",\"$clusterTime\":{\"clusterTime\":{\"$timestamp\":{\"t\":1659687855,\"i\":1685}},\"signature\":{\"hash\":{\"$binary\":\"CP5bfEf+gBJZdAxCKtF9HiSeqQY=\",\"$type\":\"00\"},\"keyId\":{\"$numberLong\":\"7102408879899674942\"}}},\"lsid\":{\"id\":{\"$binary\":\"PXVVrbuvRuGkypCbu/oXXQ==\",\"$type\":\"04\"}}}}",
        "type" : "string"
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "DDS_AUDIT"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建DDS错误日志的结构化配置

    {
      "content" : "{\"log_type\":\"error_log\",\"severity\":\"Error\",\"log_time\":\"2022-08-22T09:33:15.142+0000\",\"raw_message\":\"E QUERY    [ClusterDisasterBackupChangeJob] Get global setting disasterBackup failed.\",\"instance_id\": \"5b67dc63ba824145aae1f12ff51e58b8in02\",\"node_id\": \"686a791e690e4db3af591ec4b6f72916no02\"}",
      "demo_fields" : [ {
        "fieldName" : "log_type",
        "content" : "error_log",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "severity",
        "content" : "Error",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_time",
        "content" : "2022-08-22T09:33:15.142+0000",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "raw_message",
        "content" : "E QUERY [ClusterDisasterBackupChangeJob] Get global setting disasterBackup failed.",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "instance_id",
        "content" : "5b67dc63ba824145aae1f12ff51e58b8in02",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "node_id",
        "content" : "686a791e690e4db3af591ec4b6f72916no02",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "MONGODB_ERROR"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建DDS慢日志的结构化配置

    {
      "content" : "{\"log_type\":\"slow_log\",\"log_time\":\"2022-08-20T10:04:03.204000Z\",\"namespace\":\"data0820.table\",\"database\":\"data0820\",\"collection\":\"table\",\"operate_type\":\"insert\",\"docs_scanned\":0,\"docs_returned\":0,\"n_deleted\":0,\"n_matched\":0,\"n_modified\":0,\"n_inserted\":10,\"cost_time\":555,\"lock_time\":0,\"whole_message\":\"{\"op\": \"insert\", \"ns\": \"data0820.usrtable\", \"command\": \"{N}\", \"ninserted\": 1, \"keysInserted\": 1, \"numYield\": 0, \"locks\": {\"Global\": {\"acquireCount\": {\"r\": 5, \"w\": 5}}, \"Database\": {\"acquireCount\": {\"w\": 4, \"W\": 1}}, \"Collection\": {\"acquireCount\": {\"w\": 2}}, \"oplog\": {\"acquireCount\": {\"w\": 2}}}, \"responseLength\": 230, \"protocol\": \"op_msg\", \"millis\": 555, \"ts\": {\"$date\": 1660989843204}, \"client\": \"192.168.0.64\", \"appName\": \"MongoDBShell\", \"allUsers\": [{\"user\": \"rwuser\", \"db\": \"admin\"}], \"user\": \"rwuser@admin\"}\",\"instance_id\": \"5b67dc63ba824145aae1f12ff51e58b8in02\",\"node_id\":\"686a791e690e4db3af591ec4b6f72916no02\"}",
      "demo_fields" : [ {
        "fieldName" : "log_type",
        "content" : "slow_log",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_time",
        "content" : "2022-08-20T10:04:03.204000Z",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "namespace",
        "content" : "data0820.table",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "database",
        "content" : "data0820",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "collection",
        "content" : "table",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "operate_type",
        "content" : "insert",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "docs_scanned",
        "content" : "0",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "docs_returned",
        "content" : "0",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "n_deleted",
        "content" : "0",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "n_matched",
        "content" : "0",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "n_modified",
        "content" : "0",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "n_inserted",
        "content" : "10",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "cost_time",
        "content" : "555",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "lock_time",
        "content" : "0",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "whole_message",
        "content" : "{\"op\": \"insert\", \"ns\": \"data0820.usrtable\", \"command\": \"{N}\", \"ninserted\": 1, \"keysInserted\": 1, \"numYield\": 0, \"locks\": {\"Global\": {\"acquireCount\": {\"r\": 5, \"w\": 5}}, \"Database\": {\"acquireCount\": {\"w\": 4, \"W\": 1}}, \"Collection\": {\"acquireCount\": {\"w\": 2}}, \"oplog\": {\"acquireCount\": {\"w\": 2}}}, \"responseLength\": 230, \"protocol\": \"op_msg\", \"millis\": 555, \"ts\": {\"$date\": 1660989843204}, \"client\": \"192.168.0.64\", \"appName\": \"MongoDB Shell\", \"allUsers\": [{\"user\": \"rwuser\", \"db\": \"admin\"}], \"user\": \"rwuser@admin\"}",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "instance_id",
        "content" : "5b67dc63ba824145aae1f12ff51e58b8in02",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "node_id",
        "content" : "686a791e690e4db3af591ec4b6f72916no02",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "MONGODB_SLOW"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建CFW访问控制日志的结构化配置

    {
      "content" : "{\"app\":\"PING\",\"direction\":\"in2out\",\"source-zone\":\"3002\",\"rule_id\":\"56827792-173e-435a-b22b-229f21d78244\",\"protocol\":\"ICMP: ECHO_REQUEST\",\"dst_ip\":\"100.85.222.23\",\"src_ip\":\"100.85.112.49\",\"log_type\":\"eip\",\"hit_time\":1655882537006,\"log-id\":\"44243649\",\"dst_port\":\"45243\",\"destination-zone\":\"3001\",\"index_day\":\"2022.06.22\",\"log_id\":6781,\"src_port\":\"17589\",\"fw_instance_id\":\"58ead9e7-418d-4166-8df8-f24941d4205c\",\"action\":\"permit\",\"vsys\":\"1\"}",
      "demo_fields" : [ {
        "fieldName" : "app",
        "content" : "PING",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "direction",
        "content" : "in2out",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "source-zone",
        "content" : "3002",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "rule_id",
        "content" : "56827792-173e-435a-b22b-229f21d78244",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "protocol",
        "content" : "ICMP: ECHO_REQUEST",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "dst_ip",
        "content" : "100.85.222.23",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "src_ip",
        "content" : "100.85.112.49",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_type",
        "content" : "eip",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "hit_time",
        "content" : "1655882537006",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "log-id",
        "content" : "44243649",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "dst_port",
        "content" : "45243",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "destination-zone",
        "content" : "3001",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "index_day",
        "content" : "2022.06.22",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_id",
        "content" : "6781",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "src_port",
        "content" : "17589",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "fw_instance_id",
        "content" : "58ead9e7-418d-4166-8df8-f24941d4205c",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "action",
        "content" : "permit",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "vsys",
        "content" : "1",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "CFW_ACCESS"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建CFW攻击日志的结构化配置

    {
      "content" : "{\"source\":\"0\",\"app\":\"HTTP\",\"direction\":\"out2in\",\"dst_ip\":\"100.85.222.23\",\"src_ip\":\"10.108.170.229\",\"event_time\":1655974411462,\"log_type\":\"eip\",\"dst_port\":\"80\",\"attack_rule_id\":\"330409\",\"index_day\":\"2022.06.23\",\"log_id\":462688,\"src_port\":\"51002\",\"protocol\":\"TCP\",\"packet\":\"+hZUZMhT+hY/AaHMCABFAADnicBAAHgGgJIKbKrlZFXeF8c6AFAYCIpDV562+VAYBAILMwAAR0VUIC9qb2JtYW5hZ2VyL2xvZ3MvLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmZXRjJTI1MmZwYXNzd2QgSFRUUC8xLjENCkhvc3Q6IDEwMC44NS4yMjIuMjMNClVzZXItQWdlbnQ6IGN1cmwvNy42NS4wDQpBY2NlcHQ6ICovKg0KDQo=\",\"level\":\"HIGH\",\"attack_type\":\"Vulnerability Exploit Attack\",\"fw_instance_id\":\"58ead9e7-418d-4166-8df8-f24941d4205c\",\"action\":\"permit\",\"vsys\":\"1\",\"attack_rule\":\"VMware Spring Cloud Directory Traversal Vulnerability (CVE-2020-5410)\"}",
      "demo_fields" : [ {
        "fieldName" : "source",
        "content" : "0",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "app",
        "content" : "HTTP",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "direction",
        "content" : "out2in",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "dst_ip",
        "content" : "100.85.222.23",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "src_ip",
        "content" : "10.108.170.229",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "event_time",
        "content" : "1655974411462",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_type",
        "content" : "eip",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "dst_port",
        "content" : "80",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "attack_rule_id",
        "content" : "330409",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "index_day",
        "content" : "2022.06.23",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_id",
        "content" : "462688",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "src_port",
        "content" : "51002",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "protocol",
        "content" : "TCP",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "packet",
        "content" : "\"+hZUZMhT+hY/AaHMCABFAADnicBAAHgGgJIKbKrlZFXeF8c6AFAYCIpDV562+VAYBAILMwAAR0VUIC9qb2JtYW5hZ2VyL2xvZ3MvLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmZXRjJTI1MmZwYXNzd2QgSFRUUC8xLjENCkhvc3Q6IDEwMC44NS4yMjIuMjMNClVzZXItQWdlbnQ6IGN1cmwvNy42NS4wDQpBY2NlcHQ6ICovKg0KDQo=\"",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "level",
        "content" : "HIGH",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "attack_type",
        "content" : "Vulnerability Exploit Attack",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "fw_instance_id",
        "content" : "58ead9e7-418d-4166-8df8-f24941d4205c",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "action",
        "content" : "permit",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "vsys",
        "content" : "1",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "attack_rule",
        "content" : "VMware Spring Cloud Directory Traversal Vulnerability (CVE-2020-5410)",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "CFW_ATTACK"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建CFW流量日志的结构化配置

    {
      "content" : "{\"dst_port\":\"80\",\"app\":\"HTTP\",\"to_c_pkts\":0.1,\"dst_ip\":\"100.85.222.23\",\"to_c_bytes\":0.1,\"end_time\":1655436321000,\"src_ip\":\"10.108.170.229\",\"index_day\":\"2022.06.17\",\"bytes\":1232.1,\"log-id\":\"4424364f\",\"vsys\":\"1\",\"suffix\":\"67\",\"packets\":10.1,\"direction\":\"out2in\",\"protocol\":\"TCP\",\"to_s_bytes\":1232.1,\"to_s_pkts\":10.1,\"src_port\":\"63934\",\"start_time\":1655436299000,\"fw_instance_id\":\"efbeb90c-1108-42ce-b099-f7e035a10b67\"}",
      "demo_fields" : [ {
        "fieldName" : "dst_port",
        "content" : "80",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "app",
        "content" : "HTTP",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "to_c_pkts",
        "content" : "0.1",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "dst_ip",
        "content" : "100.85.222.23",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "to_c_bytes",
        "content" : "0.1",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "end_time",
        "content" : "1655436321000",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "src_ip",
        "content" : "10.108.170.229",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "index_day",
        "content" : "2022.06.17",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "bytes",
        "content" : "1232.1",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "log-id",
        "content" : "4424364f",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "vsys",
        "content" : "1",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "suffix",
        "content" : "67",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "packets",
        "content" : "10.1",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "direction",
        "content" : "out2in",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "protocol",
        "content" : "TCP",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "to_s_bytes",
        "content" : "1232.1",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "to_s_pkts",
        "content" : "10.1",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "src_port",
        "content" : "63934",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "start_time",
        "content" : "1655436299000",
        "type" : "long",
        "isAnalysis" : true
      }, {
        "fieldName" : "fw_instance_id",
        "content" : "efbeb90c-1108-42ce-b099-f7e035a10b67",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "CFW_FLOW"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建MYSQL错误日志的结构化配置

    {
      "content" : "{\"log_type\":\"error_log\",\"severity\":\"WARNING\",\"log_time\":\"2022-08-22T06:52:08Z\",\"raw_message\":\"Occur error when reading bytes from a network handler. Client actively closes the connection.\",\"node_id\":\"5d6c61bbd49b4ad3a1572461811e3dacno01\",\"instance_id\":\"207032924c644f429b74f6fc5d8c97f9in01\"}",
      "demo_fields" : [ {
        "fieldName" : "log_type",
        "content" : "error_log",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "severity",
        "content" : "WARNING",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_time",
        "content" : "2022-08-22T06:52:08Z",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "raw_message",
        "content" : "Occur error when reading bytes from a network handler. Client actively closes the connection.",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "node_id",
        "content" : "5d6c61bbd49b4ad3a1572461811e3dacno01",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "instance_id",
        "content" : "207032924c644f429b74f6fc5d8c97f9in01",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "MYSQL_ERROR"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建MYSQL慢日志的结构化配置

    {
      "content" : "{\"start_time\":\"2022-07-27T02:49:19.000\",\"user\":\"commerce\",\"host\":\"100.*.*.222\",\"query_time\":\"1.461583\",\"lock_time\":\"0.000050\",\"rows_sent\":\"500\",\"rows_examined\":\"581000\",\"command_text\":\"SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN =   N)) ORDER BY DN_N.created_date DESC limit N,N;\",\"database\":\"saas_perf\",\"log_type\":\"slow_log\",\"log_time\":\"1658890159\",\"operate_type\":\"SELECT\",\"node_id\":\"5d6c61bbd49b4ad3a1572461811e3dacno01\",\"instance_id\":\"207032924c644f429b74f6fc5d8c97f9in01\"}",
      "demo_fields" : [ {
        "fieldName" : "start_time",
        "content" : "2022-07-27T02:49:19.000",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "user",
        "content" : "commerce",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "host",
        "content" : "100.*.*.222",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "query_time",
        "content" : "1.461583",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "lock_time",
        "content" : "0.000050",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "rows_sent",
        "content" : "500",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "rows_examined",
        "content" : "581000",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "command_text",
        "content" : "SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "database",
        "content" : "saas_perf",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_type",
        "content" : "slow_log",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_time",
        "content" : "1658890159",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "operate_type",
        "content" : "SELECT",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "node_id",
        "content" : "5d6c61bbd49b4ad3a1572461811e3dacno01",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "instance_id",
        "content" : "207032924c644f429b74f6fc5d8c97f9in01",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "MYSQL_SLOW"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建POSTGRESQL慢日志的结构化配置

    {
      "content" : "{\"log_type\":\"slow_log\",\"execute_time\":328.662,\"user\":\"authoring\",\"log_time\":\"2022-07-24T10:06:41.000\",\"database\":\"authoring-test\",\"statement\":\"SELECT * FROM ( SELECT n.user_id,n.id AS resource_id,e.create_at AS begin_time,e.create_at AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id  FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id WHERE e.category = N AND s.resource_ownership=N AND e.create_at BETWEEN $N AND $N UNION ALL SELECT n.user_id,n.id AS resource_id,$N AS begin_time,$N AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id  FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id INNER JOIN (SELECT resource_id,max(create_at) as create_at FROM t_resource_status_event  WHERE create_at < $N AND category = N GROUP BY resource_id) x ON e.resource_id=x.resource_id AND e.create_at=x.create_at  WHERE e.create_at < $N AND e.category = N AND e.status = N AND s.resource_ownership=N) m ORDER BY resource_id,begin_time ASC\",\"host\":\"10.*.*.206\",\"log_timestamp\":\"1658657201\",\"operate_type\":\"SELECT\",\"node_id\":\"d285609201534696bdcd648519fe2b8dno02\",\"instance_id\":\"5b67dc63ba824145aae1f12ff51e58b8in02\"}",
      "demo_fields" : [ {
        "fieldName" : "log_type",
        "content" : "slow_log",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "execute_time",
        "content" : "328.662",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "user",
        "content" : "authoring",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_time",
        "content" : "2022-07-24T10:06:41.000",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "database",
        "content" : "authoring-test",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "statement",
        "content" : "SELECT * FROM ( SELECT n.user_id,n.id AS resource_id,e.create_at AS begin_time,e.create_at AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id WHERE e.category = N AND s.resource_ownership=N AND e.create_at BETWEEN $N AND $N UNION ALL SELECT n.user_id,n.id AS resource_id,$N AS begin_time,$N AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id INNER JOIN (SELECT resource_id,max(create_at) as create_at FROM t_resource_status_event WHERE create_at < $N AND category = N GROUP BY resource_id) x ON e.resource_id=x.resource_id AND e.create_at=x.create_at WHERE e.create_at < $N AND e.category = N AND e.status = N AND s.resource_ownership=N) m ORDER BY resource_id,begin_time ASC",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "host",
        "content" : "10.*.*.206",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_timestamp",
        "content" : "1658657201",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "operate_type",
        "content" : "SELECT",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "node_id",
        "content" : "d285609201534696bdcd648519fe2b8dno02",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "instance_id",
        "content" : "5b67dc63ba824145aae1f12ff51e58b8in02",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "POSTGRESQL_SLOW"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建POSTGRESQL错误日志的结构化配置

    {
      "content" : "{\"log_type\":\"error_log\",\"severity\":\"WARNING\",\"log_time\":\"2022-08-22T06:52:08Z\",\"raw_message\":\"Occur error when reading bytes from a network handler. Client actively closes the connection.\",\"node_id\":\"d285609201534696bdcd648519fe2b8dno02\",\"instance_id\":\"5b67dc63ba824145aae1f12ff51e58b8in02\"}",
      "demo_fields" : [ {
        "fieldName" : "log_type",
        "content" : "error_log",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "severity",
        "content" : "WARNING",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_time",
        "content" : "2022-08-22T06:52:08Z",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "raw_message",
        "content" : "Occur error when reading bytes from a network handler. Client actively closes the connection.",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "node_id",
        "content" : "d285609201534696bdcd648519fe2b8dno02",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "instance_id",
        "content" : "5b67dc63ba824145aae1f12ff51e58b8in02",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "POSTGRESQL_ERROR"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建SQLSERVER错误日志的结构化配置

    {
      "content" : "{\"log_type\":\"error_log\",\"severity\":\"WARNING\",\"log_time\":\"2022-08-22T06:52:08Z\",\"raw_message\":\"Occur error when reading bytes from a network handler. Client actively closes the connection.\",\"node_id\":\"7346b0db609b463e976054928af50e85no01\",\"instance_id\":\"9c589b9d7a4d45dbaf7deb9f8520611cin01\"}",
      "demo_fields" : [ {
        "fieldName" : "log_type",
        "content" : "error_log",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "severity",
        "content" : "WARNING",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_time",
        "content" : "2022-08-22T06:52:08Z",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "raw_message",
        "content" : "Occur error when reading bytes from a network handler. Client actively closes the connection.",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "node_id",
        "content" : "7346b0db609b463e976054928af50e85no01",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "instance_id",
        "content" : "9c589b9d7a4d45dbaf7deb9f8520611cin01",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "SQLSERVER_ERROR"
      },
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建GAUSSDB_REDIS慢日志的结构化配置

    {
      "content" : "{\"instance_id\":\"32eaaf6c5a0142e3a6d80740cd5b3803in12\",\"node_id\":\"597a15b9f2ef4436811c5edcc67c013cno12\",\"database\":\"0\",\"log_type\":\"slow_log\",\"operate_type\":\"sismember\",\"log_time\":\"2022-10-12T07:42:21.253484Z\",\"cost_time\":1277.47,\"whole_message\":\"{\"command_param\":\"dc:set:new:follow:uids:monthly:259008728:202210\",\"database\":0}\"}",
      "demo_fields" : [ {
        "fieldName" : "instance_id",
        "content" : "32eaaf6c5a0142e3a6d80740cd5b3803in12",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "node_id",
        "content" : "597a15b9f2ef4436811c5edcc67c013cno12",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "database",
        "content" : "0",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_type",
        "content" : "slow_log",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "operate_type",
        "content" : "sismember",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_time",
        "content" : "2022-10-12T07:42:21.253484Z",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "cost_time",
        "content" : "1277.47",
        "type" : "float",
        "isAnalysis" : true
      }, {
        "fieldName" : "whole_message",
        "type" : "string",
        "content" : "{\"command_param\":\"dc:set:new:follow:uids:monthly:259008728:202210\",\"database\":\"0\"}",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "GAUSSDB_REDIS_SLOW"
      },
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建GAUSSDB_MYSQL慢日志的结构化配置

    {
      "content" : "{\"start_time\":\"2022-07-27T02:49:19.000\",\"user\":\"commerce\",\"host\":\"100.*.*.222\",\"query_time\":\"1.461583\",\"lock_time\":\"0.000050\",\"rows_sent\":\"500\",\"rows_examined\":\"581000\",\"command_text\":\"SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN =   N)) ORDER BY DN_N.created_date DESC limit N,N;\",\"database\":\"saas_perf\",\"log_type\":\"slow_log\",\"log_time\":\"1658890159\",\"operate_type\":\"SELECT\"}",
      "demo_fields" : [ {
        "fieldName" : "start_time",
        "content" : "2022-07-27T02:49:19.000",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "user",
        "content" : "commerce",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "host",
        "content" : "100.*.*.222",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "query_time",
        "content" : "1.461583",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "lock_time",
        "content" : "0.000050",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "rows_sent",
        "content" : "500",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "rows_examined",
        "content" : "581000",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "command_text",
        "content" : "SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "database",
        "content" : "saas_perf",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "log_type",
        "content" : "slow_log",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "log_time",
        "content" : "1658890159",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "operate_type",
        "content" : "SELECT",
        "type" : "string",
        "isAnalysis" : false
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "GAUSSDB_MYSQL_SLOW"
      },
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      }, {
        "fieldName" : "hostName",
        "content" : "ecs-ictest",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建GAUSSDB_MYSQL错误日志的结构化配置

    {
      "content" : "{\"log_type\":\"error_log\",\"severity\":\"WARNING\",\"log_time\":\"2022-08-22T06:52:08Z\",\"raw_message\":\"Occur error when reading bytes from a network handler. Client actively closes the connection.\"}",
      "demo_fields" : [ {
        "fieldName" : "log_type",
        "content" : "error_log",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "severity",
        "content" : "WARNING",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "log_time",
        "content" : "2022-08-22T06:52:08Z",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "raw_message",
        "content" : "Occur error when reading bytes from a network handler. Client actively closes the connection.",
        "type" : "string",
        "isAnalysis" : false
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "GAUSSDB_MYSQL_ERROR"
      },
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建CDN结构化配置

    {
      "content" : "{\"request_time\":\"1666604392000\",\"domain\":\"findercdn.video.qq.com\",\"method\":\"GET\",\"scheme\":\"http\",\"uri\":\"/BcimRg.txt\",\"uri_param\":\"cdnkey=******&cdntoken=******&tokenidx=1\",\"client_ip\":\"192.168.233.142\",\"client_port\":\"51517\",\"refer_protocol\":\"-\",\"refer_domain\":\"-\",\"refer_uri\":\"-\",\"refer_param\":\"-\",\"request_size\":\"301\",\"response_time\":\"14\",\"response_size\":\"588\",\"http_code\":\"403\",\"response_range\":\"-\",\"request_range\":\"-\",\"request_body_bytes\":\"150\",\"content_type\":\"text/html\",\"hit_info\":\"HIT\",\"user_agent\":\"python-requests/2.21.0\",\"uuid\":\"ce6327e015c1e16f581818b838a6cb0c\",\"via_info\":\"edge-cache01[14]\",\"xforwordfor\":\"-\"}",
      "demo_fields" : [ {
        "fieldName" : "request_time",
        "content" : "1666604392000",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "domain",
        "content" : "findercdn.video.qq.com",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "method",
        "content" : "GET",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "scheme",
        "content" : "http",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "uri",
        "content" : "/BcimRg.txt",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "uri_param",
        "content" : "cdnkey=*****&cdntoken=*****&tokenidx=1",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "client_ip",
        "content" : "192.168.233.142",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "client_port",
        "content" : "51517",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "refer_protocol",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "refer_domain",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "refer_uri",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "refer_param",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "request_size",
        "content" : "301",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "response_time",
        "content" : "14",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "response_size",
        "content" : "588",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "http_code",
        "content" : "403",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "response_range",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "request_range",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "request_body_bytes",
        "content" : "150",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "content_type",
        "content" : "text/html",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "hit_info",
        "content" : "HIT",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "user_agent",
        "content" : "python-requests/2.21.0",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "uuid",
        "content" : "ce6327e015c1e16f581818b838a6cb0c",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "via_info",
        "content" : "edge-cache01[14]",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "xforwordfor",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : false
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "CDN"
      },
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建SMN结构化配置

    {
      "content" : "{\"message_id\":\"1ae49922602a42fc83acb9689a2eb5f4\",\"project_id\":\"5a9f32e4f1ec4bbe9695ff9da51c2925\",\"topic_urn\":\"urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo\",\"subscriber_urn\":\"urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo:b55c3c6fa7cd471b9f24818d530a8740\",\"protocol_name\":\"https\",\"endpoint\":\"https://127.0.0.1:443/https\",\"status\":\"DELIVERED\",\"http_code\":200,\"create_time\":\"2022-11-01T00:00:00Z\",\"send_time\":\"2022-11-01T00:00:10Z\"}",
      "demo_fields" : [ {
        "fieldName" : "message_id",
        "content" : "1ae49922602a42fc83acb9689a2eb5f4",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "project_id",
        "content" : "5a9f32e4f1ec4bbe9695ff9da51c2925",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "topic_urn",
        "content" : "urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "subscriber_urn",
        "content" : "urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo:b55c3c6fa7cd471b9f24818d530a8740",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "protocol_name",
        "content" : "https",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "endpoint",
        "content" : "https://127.0.0.1:443/https",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "status",
        "content" : "DELIVERED",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "http_code",
        "content" : "200",
        "type" : "long",
        "isAnalysis" : false
      }, {
        "fieldName" : "create_time",
        "content" : "2022-11-01T00:00:00Z",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "send_time",
        "content" : "2022-11-01T00:00:10Z",
        "type" : "string",
        "isAnalysis" : false
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "SMN"
      },
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建WAF访问日志的结构化配置

    {
      "content" : "{\"response_code\":\"504\",\"scheme\":\"http\",\"upstream_addr\":\"100.93.2.229:80\",\"body_bytes_sent\":\"163\",\"upstream_header_time\":\"-\",\"connection_requests\":\"1\",\"ssl_cipher\":\"\",\"hostid\":\"1736cc7331b74b198e2ef07555a970ce\",\"pid\":\"2152\",\"tls_version\":\"\",\"http_host\":\"www.testh.com\",\"process_time\":\"0\",\"access_stream_id\":\"88003425-d7bc-46ce-8ae7-77a8aa18a814\",\"time_iso8601\":\"2022-07-29T19:39:10+08:00\",\"intel_crawler\":\"\",\"upstream_status\":\"504\",\"remote_ip\":\"10.63.46.110\",\"request_time\":\"30.008\",\"tenantid\":\"1d26cc8c86a840e28a4f8d0d07852f1d\",\"sip\":\"10.63.46.110\",\"bytes_send\":\"420\",\"projectid\":\"2a473356cca5487f8373be891bffc1cf\",\"user_agent\":\"curl/7.29.0\",\"web_tag\":\"\",\"method\":\"GET\",\"bind_ip\":\"10.63.36.208\",\"region_id\":\"\",\"remote_port\":\"20582\",\"ssl_ciphers_md5\":\"\",\"x_real_ip\":\"\",\"url\":\"/\",\"x_forwarded_for\":\"\",\"sni\":\"\",\"args\":\"public/../style/general.css=true\",\"cdn_src_ip\":\"\",\"enterprise_project_id\":\"0\",\"upstream_connect_time\":\"-\",\"engine_id\":\"\",\"request_length\":\"110\",\"group_id\":\"5d574e6a-87da-42bc-bfd4-ff61a1b336a4\",\"requestid\":\"36f0a9212b14528ffc090f1811cd87d8\",\"ssl_curves\":\"\",\"ssl_session_reused\":\"\",\"waf-time\":\"2022-07-29T11:39:10.000Z\",\"upstream_response_time\":\"30.008\",\"time\":\"29/Jul/2022:19:39:10 +0800\",\"category\":\"access\",\"eng_ip\":\"10.63.36.208\"}",
      "demo_fields" : [ {
        "fieldName" : "response_code",
        "content" : "504",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "scheme",
        "content" : "http",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "upstream_addr",
        "content" : "100.93.2.229:80",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "body_bytes_sent",
        "content" : "163",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "upstream_header_time",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "connection_requests",
        "content" : "1",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "ssl_cipher",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "hostid",
        "content" : "1736cc7331b74b198e2ef07555a970ce",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "pid",
        "content" : "2152",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "tls_version",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "http_host",
        "content" : "www.testh.com",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "process_time",
        "content" : "0",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "access_stream_id",
        "content" : "88003425-d7bc-46ce-8ae7-77a8aa18a814",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "time_iso8601",
        "content" : "2022-07-29T19:39:10+08:00",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "intel_crawler",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "upstream_status",
        "content" : "504",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "remote_ip",
        "content" : "10.63.46.110",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "request_time",
        "content" : "30.008",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "tenantid",
        "content" : "1d26cc8c86a840e28a4f8d0d07852f1d",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "sip",
        "content" : "10.63.46.110",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "bytes_send",
        "content" : "420",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "projectid",
        "content" : "2a473356cca5487f8373be891bffc1cf",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "user_agent",
        "content" : "curl/7.29.0",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "web_tag",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "method",
        "content" : "GET",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "bind_ip",
        "content" : "10.63.36.208",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "region_id",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "remote_port",
        "content" : "20582",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "ssl_ciphers_md5",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "x_real_ip",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "url",
        "content" : "/",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "x_forwarded_for",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "sni",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "args",
        "content" : "public/../style/general.css=true",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "cdn_src_ip",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "enterprise_project_id",
        "content" : "0",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "upstream_connect_time",
        "content" : "-",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "engine_id",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "request_length",
        "content" : "110",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "group_id",
        "content" : "5d574e6a-87da-42bc-bfd4-ff61a1b336a4",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "requestid",
        "content" : "36f0a9212b14528ffc090f1811cd87d8",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "ssl_curves",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "ssl_session_reused",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "waf-time",
        "content" : "2022-07-29T11:39:10.000Z",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "upstream_response_time",
        "content" : "30.009",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "time",
        "content" : "29/Jul/2022:19:39:10 +0800",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "waf_category",
        "content" : "access",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "eng_ip",
        "content" : "10.63.36.208",
        "type" : "string",
        "isAnalysis" : false
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "WAF_ACCESS"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建WAF攻击日志的结构化配置

    {
      "content" : "{\"policy_id\":\"cd081ba3d6674000acc37d7e2a4b9140\",\"hport\":\"80\",\"body_bytes_sent\":\"163\",\"hostid\":\"1736cc7331b74b198e2ef07555a970ce\",\"rule\":\"040002\",\"engine_ip\":\"10.63.36.208\",\"pid\":\"2152\",\"http_host\":\"www.testh.com\",\"process_time\":\"1\",\"reqid\":\"0000-0000-0000-20820220729193940-f34cf25e\",\"time_iso8601\":\"2022-07-29T19:39:40+08:00\",\"upstream_status\":\"504\",\"hit_data\":\"public/../style/general.css\",\"attack_stream_id\":\"98de5d5a-9f54-4d01-9882-eca7bec99d09\",\"remote_ip\":\"10.63.46.110\",\"attack\":\"lfi\",\"tenantid\":\"1d26cc8c86a840e28a4f8d0d07852f1d\",\"host\":\"www.testh.com\",\"action\":\"log\",\"backend\":{\"protocol\":\"HTTP\",\"alive\":true,\"port\":80,\"host\":\"100.93.2.229\",\"weight\":1,\"type\":\"ip\"},\"id\":\"04-0000-0000-0000-20820220729193940-f34cf25e\",\"sip\":\"10.63.46.110\",\"projectid\":\"2a473356cca5487f8373be891bffc1cf\",\"web_tag\":\"\",\"attack-time\":\"2022-07-29T11:39:40.000Z\",\"method\":\"GET\",\"cookie\":\"{\\\"HWWAFSESTIME\\\":\\\"1659094780939\\\",\\\"HWWAFSESID\\\":\\\"e2cd0733b4712e4cc4\\\"}\",\"level\":2,\"params\":\"{\\\"public\\\\/..\\\\/style\\\\/general.css\\\":\\\"true\\\"}\",\"x_real_ip\":\"\",\"uri\":\"/\",\"x_forwarded_for\":\"\",\"cdn_src_ip\":\"\",\"enterprise_project_id\":\"0\",\"req_body\":\"\",\"engine_id\":\"\",\"group_id\":\"5d574e6a-87da-42bc-bfd4-ff61a1b336a4\",\"requestid\":\"f34cf25eb33ed82cd7261a8276a60c39\",\"multipart\":\"null\",\"header\":\"{\\\"host\\\":\\\"www.testh.com\\\",\\\"user-agent\\\":\\\"curl\\\\/7.29.0\\\",\\\"accept\\\":\\\"*\\\\/*\\\"}\",\"location\":\"params\",\"upstream_response_time\":\"30.000\",\"time\":\"2022-07-29 19:39:40\",\"category\":\"attack\",\"sport\":28408,\"status\":\"504\"}",
      "demo_fields" : [ {
        "fieldName" : "policy_id",
        "content" : "cd081ba3d6674000acc37d7e2a4b9140",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "hport",
        "content" : "80",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "body_bytes_sent",
        "content" : "163",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "hostid",
        "content" : "1736cc7331b74b198e2ef07555a970ce",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "rule",
        "content" : "040002",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "engine_ip",
        "content" : "10.63.36.208",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "pid",
        "content" : "2152",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "http_host",
        "content" : "www.testh.com",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "process_time",
        "content" : "1",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "reqid",
        "content" : "0000-0000-0000-20820220729193940-f34cf25e",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "time_iso8601",
        "content" : "2022-07-29T19:39:40+08:00",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "upstream_status",
        "content" : "504",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "hit_data",
        "content" : "public/../style/general.css",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "attack_stream_id",
        "content" : "98de5d5a-9f54-4d01-9882-eca7bec99d09",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "remote_ip",
        "content" : "10.63.46.110",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "attack",
        "content" : "lfi",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "tenantid",
        "content" : "1d26cc8c86a840e28a4f8d0d07852f1d",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "host",
        "content" : "www.testh.com",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "action",
        "content" : "log",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "backend.protocol",
        "content" : "HTTP",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "backend.alive",
        "content" : "true",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "backend.port",
        "content" : "80",
        "type" : "long",
        "isAnalysis" : false
      }, {
        "fieldName" : "backend.host",
        "content" : "100.93.2.229",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "backend.weight",
        "content" : "1",
        "type" : "long",
        "isAnalysis" : false
      }, {
        "fieldName" : "backend.type",
        "content" : "ip",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "id",
        "content" : "04-0000-0000-0000-20820220729193940-f34cf25e",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "sip",
        "content" : "10.63.46.110",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "projectid",
        "content" : "2a473356cca5487f8373be891bffc1cf",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "web_tag",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "attack-time",
        "content" : "2022-07-29T11:39:40.000Z",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "method",
        "content" : "GET",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "cookie",
        "content" : "{\"HWWAFSESTIME\":\"1659094780939\",\"HWWAFSESID\":\"e2cd0733b4712e4cc4\"}",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "level",
        "content" : "2",
        "type" : "long",
        "isAnalysis" : false
      }, {
        "fieldName" : "params",
        "content" : "{\\\"public\\\\/..\\\\/style\\\\/general.css\\\":\\\"true\\\"}",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "x_real_ip",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "url",
        "content" : "/",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "x_forwarded_for",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "cdn_src_ip",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "enterprise_project_id",
        "content" : "0",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "req_body",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "engine_id",
        "content" : "",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "group_id",
        "content" : "5d574e6a-87da-42bc-bfd4-ff61a1b336a4",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "requestid",
        "content" : "f34cf25eb33ed82cd7261a8276a60c39",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "multipart",
        "content" : "null",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "header",
        "content" : "{\\\"host\\\":\\\"www.testh.com\\\",\\\"user-agent\\\":\\\"curl\\\\/7.29.0\\\",\\\"accept\\\":\\\"*\\\\/*\\\"}",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "location",
        "content" : "params",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "upstream_response_time",
        "content" : "30.000",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "time",
        "content" : "2022-07-29 19:39:40",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "waf_category",
        "content" : "attack",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "sport",
        "content" : "28408",
        "type" : "long",
        "isAnalysis" : false
      }, {
        "fieldName" : "status",
        "content" : "504",
        "type" : "string",
        "isAnalysis" : false
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "WAF_ATTACK"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }
  • 创建DMS重平衡日志的结构化配置

    {
      "content" : "{\"level\":\"INFO\",\"timestamp\":\"2023-03-23 17:23:22,906\",\"message\":{\"leaderId\":\"consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635\",\"generationId\":\"1\",\"reason\":\"Assignment received from leader for group KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0 for generation 1\",\"groupId\":\"KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0\",\"coordinatorId\":\"0\",\"type\":\"END_REBALANCE\",\"group\":\"GroupMetadata(groupId=KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0, generation=1, protocolType=Some(consumer), currentState=CompletingRebalance, members=Map(consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635 -> MemberMetadata(memberId=consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635, clientId=consumer-1, clientHost=/172.31.2.168, sessionTimeoutMs=10000, rebalanceTimeoutMs=300000, supportedProtocols=List(range), )))\"}}",
      "demo_fields" : [ {
        "fieldName" : "level",
        "content" : "INFO",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "timestamp",
        "content" : "2023-03-23 17:23:22,906",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "message.leaderId",
        "content" : "consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "message.generationId",
        "content" : "1",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "message.reason",
        "content" : "Assignment received from leader for group KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0 for generation 1",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "message.groupId",
        "content" : "KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "message.coordinatorId",
        "content" : "0",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "message.type",
        "content" : "END_REBALANCE",
        "type" : "string",
        "isAnalysis" : false
      }, {
        "fieldName" : "message.group",
        "content" : "GroupMetadata(groupId=KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0, generation=1, protocolType=Some(consumer), currentState=CompletingRebalance, members=Map(consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635 -> MemberMetadata(memberId=consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635, clientId=consumer-1, clientHost=/172.31.2.168, sessionTimeoutMs=10000, rebalanceTimeoutMs=300000, supportedProtocols=List(range), )))",
        "type" : "string",
        "isAnalysis" : false
      } ],
      "tag_fields" : [ {
        "fieldName" : "hostIP",
        "content" : "192.168.2.134",
        "type" : "string",
        "isAnalysis" : true
      } ],
      "rule" : {
        "type" : "built_in",
        "param" : "DMS_REBALANCED"
      },
      "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx",
      "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx",
      "parse_type" : " ",
      "project_id" : "2a473356cca5487f8373be891bffxxxx"
    }

响应示例

状态码: 200

请求响应成功, 成功创建结构化配置。

{ 
    "2a473356cca5487f8373be891bffc1cf_8a75b77d-7d72-4d7e-8c50-a24562cf8b0b_fd5e1a7c-7412-475d-a013-8891d539574e"
}

状态码: 400

BadRequest。非法请求。 建议根据error_msg直接修改该请求,不要重试该请求。

{
  "errorCode" : "LTS.0612",
  "errorMessage" : "timee fieldType is error"
}

状态码: 401

AuthFailed。鉴权失败, 请确认token后再次请求 。

{
  "error_code" : "LTS.0414",
  "error_msg" : "Invalid token"
}

状态码: 403

Forbidden。请求被拒绝访问。返回该状态码,表明请求能够到达服务端,且服务端能够理解用户请求,但是拒绝做更多的事情,因为该请求被设置为拒绝访问,建议直接修改该请求,不要重试该请求。

{
  "error_code" : "LTS.0001",
  "error_msg" : "Invalid projectId"
}

状态码: 500

InternalServerError。 表明服务端能被请求访问到,但是服务内部出错。

{
  "error_code" : "LTS.0102",
  "error_msg" : "addOrUpdateTableTemplate exception"
}

SDK代码示例

SDK代码示例如下。

  • 正则方式:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostName")
                    .withType("string")
                    .withContent("ecs-ictest")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("a01")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("a02")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("a03")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("a04")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("a05")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("a06")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("a07")
                    .withType("long")
            );
            body.withRegexRules("^(?<a01>[^ ]+)(?:[^ ]* ){1}(?<a02>\w+)(?:[^ ]* ){1}(?<a03>\w+)(?:[^ ]* ){1}(?<a04>\w+)(?:[^ ]* ){1}(?<a05>\w+)(?:[^ ]* ){1}(?<a06>\w+)(?:[^ ]* ){1}(?<a07>\d+)");
            body.withProjectId(" ");
            body.withLogStreamId("ff8bd110-dc44-4692-af74-d3b1f6197887");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue("custom_regex"));
            body.withLogGroupId("ada6ce6b-17ba-43f3-a27f-aa563b4ab14e");
            body.withContent("2021-09-09/18:15:41 this log is Error NO 6323");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • JSON方式:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostName")
                    .withType("string")
                    .withContent("ecs-ictest")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("code")
                    .withType("long")
                    .withUserDefinedName("jl")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("record_time")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("tracker_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("user.id")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("user.name")
                    .withType("string")
            );
            body.withLayers(3);
            body.withProjectId(" ");
            body.withLogStreamId("ff8bd110-dc44-4692-af74-d3b1f6197887");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue("json"));
            body.withLogGroupId("ada6ce6b-17ba-43f3-a27f-aa563b4ab14e");
            body.withContent("{'code':38,'tracker_name':'global','record_time':'1597042370464','user':{'name':'testdemo','id':'123456789'}}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 分隔符:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostName")
                    .withType("string")
                    .withContent("ecs-ictest")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("b1")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("b2")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("b3")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("b4")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("b5")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("b6")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withFieldName("b7")
                    .withType("long")
            );
            body.withTokenizer(" ");
            body.withProjectId("");
            body.withLogStreamId("ff8bd110-dc44-4692-af74-d3b1f6197887");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue("split"));
            body.withLogGroupId("ada6ce6b-17ba-43f3-a27f-aa563b4ab14e");
            body.withContent("2021-09-09/18:50:51 this log is Error NO 37");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • Nginx:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostName")
                    .withType("string")
                    .withContent("ecs-ictest")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("0")
                    .withFieldName("body_bytes_sent")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("-")
                    .withFieldName("http_referer")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("Mozilla/5.0")
                    .withFieldName("http_user_agent")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("-")
                    .withFieldName("http_x_forwarded_for")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("192.168.0.0")
                    .withFieldName("remote_addr")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("sgq")
                    .withFieldName("remote_user")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("GET")
                    .withFieldName("request_method")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("/")
                    .withFieldName("request_uri")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("304")
                    .withFieldName("status")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("12/Mar/2020:12:24:02")
                    .withFieldName("time_local")
                    .withType("string")
            );
            body.withLogFormat("log_format  main   '$remote_addr - $remote_user [$time_local] "$request" '                            '$status $body_bytes_sent "$http_referer" '                            '"$http_user_agent" "$http_x_forwarded_for"';");
            body.withProjectId("2a473356cca5487f8373be891bffc1cf");
            body.withLogStreamId("60906859-e91e-4d4a-9a21-ae319f544567");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue("nginx"));
            body.withLogGroupId("d1f4240d-5ee2-4e0b-9e2c-e25c7978c001");
            body.withContent("192.168.0.0 - sgq [12/Mar/2020:12:24:02 +0800] "GET / 127/query" 304 0 "-" "Mozilla/5.0" "-"");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • CTS:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("CTS");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostName")
                    .withType("string")
                    .withContent("ecs-ictest")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("201")
                    .withFieldName("code")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("global")
                    .withFieldName("event_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("221123nsada3sda3231das3111ndsab")
                    .withFieldName("project_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1597042370464")
                    .withFieldName("record_time")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("98763hkjhdteoi03861732hjh7983bhd")
                    .withFieldName("resource_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("demodemodemo/demo")
                    .withFieldName("resource_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("token")
                    .withFieldName("resource_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("IAM")
                    .withFieldName("service_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("10.10.1.10")
                    .withFieldName("source_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1597042369296")
                    .withFieldName("time")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1eesdd-dad6-11dsaea-edaxfeqdf")
                    .withFieldName("trace_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("demodemodemo")
                    .withFieldName("trace_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("normal")
                    .withFieldName("trace_rating")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("ApiCall")
                    .withFieldName("trace_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("global")
                    .withFieldName("tracker_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("21185d8818e443e1ryjkh71622f09212b")
                    .withFieldName("user.domain.id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("testdemo")
                    .withFieldName("user.domain.name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("6hfakl86faqw87dsasasadf09ajbml")
                    .withFieldName("user.id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("testdemo/demo")
                    .withFieldName("user.name")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"code":"201","source_ip":"10.10.1.10","trace_type":"ApiCall","event_type":"global","project_id":"221123nsada3sda3231das3111ndsab","trace_id":"1eesdd-dad6-11dsaea-edaxfeqdf","trace_name":"demodemodemo","resource_type":"token","trace_rating":"normal","service_type":"IAM","resource_id":"98763hkjhdteoi03861732hjh7983bhd","tracker_name":"global","time":"1597042369296","resource_name":"demodemodemo/demo","record_time":"1597042370464","user":{"domain":{"name":"testdemo","id":"21185d8818e443e1ryjkh71622f09212b"},"name":"testdemo/demo","id":"6hfakl86faqw87dsasasadf09ajbml"}}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • ELB:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    210
    211
    212
    213
    214
    215
    216
    217
    218
    219
    220
    221
    222
    223
    224
    225
    226
    227
    228
    229
    230
    231
    232
    233
    234
    235
    236
    237
    238
    239
    240
    241
    242
    243
    244
    245
    246
    247
    248
    249
    250
    251
    252
    253
    254
    255
    256
    257
    258
    259
    260
    261
    262
    263
    264
    265
    266
    267
    268
    269
    270
    271
    272
    273
    274
    275
    276
    277
    278
    279
    280
    281
    282
    283
    284
    285
    286
    287
    288
    289
    290
    291
    292
    293
    294
    295
    296
    297
    298
    299
    300
    301
    302
    303
    304
    305
    306
    307
    308
    309
    310
    311
    312
    313
    314
    315
    316
    317
    318
    319
    320
    321
    322
    323
    324
    325
    326
    327
    328
    329
    330
    331
    332
    333
    334
    335
    336
    337
    338
    339
    340
    341
    342
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("ELB");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostName")
                    .withType("string")
                    .withContent("ecs-ictest")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1594727856.337")
                    .withFieldName("msec")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("e7c37d97-e922-457c-bbf3-dsadeqac")
                    .withFieldName("access_log_topic_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("2020-07-14T19:57:36+08:00")
                    .withFieldName("time_iso8601")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("elb_01")
                    .withFieldName("log_ver")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("192.0.0.0")
                    .withFieldName("remote_addr")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("88888")
                    .withFieldName("remote_port")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("200")
                    .withFieldName("status")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("GET")
                    .withFieldName("request_method")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("http")
                    .withFieldName("scheme")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("prod.sss.ads.sg2.aaa")
                    .withFieldName("host")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("loc/ation?version=3&ip=100.0.0.0&coordinate=27.7044784,85.3007481&device_id=dsadsadasdsadasd&beyla_id=wqeb123ndadsa233ddada")
                    .withFieldName("router_request_uri")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("HTTP/1.1")
                    .withFieldName("server_protocol")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("233")
                    .withFieldName("request_length")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("293")
                    .withFieldName("bytes_sent")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("138")
                    .withFieldName("body_bytes_sent")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0.001")
                    .withFieldName("request_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("200")
                    .withFieldName("upstream_status")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0.000")
                    .withFieldName("upstream_connect_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0.001")
                    .withFieldName("upstream_header_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0.001")
                    .withFieldName("upstream_response_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("100.0.0.0:9999")
                    .withFieldName("upstream_addr")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("lua-resty-http/0.14 (Lua) ngx_lua/10000")
                    .withFieldName("http_user_agent")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("http_referer")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("http_x_forwarded_for")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("loadbalancer_edsaee-4c9c-b467-5b8126b2f7f7dsa")
                    .withFieldName("lb_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("listener_6077809b-913f-466d-a96c-376f08882d5d")
                    .withFieldName("listener_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("08cc2b3f68aa4dddd1e6a90dddd1688348a4480")
                    .withFieldName("listener_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("pool_b2f2966c-043d-4674-ad4b-c15f2adb2c6b")
                    .withFieldName("pool_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("member_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("2fb78dsadadq1213das1121dab146ad3cb0")
                    .withFieldName("tenant_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("eip_address")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("80")
                    .withFieldName("eip_port")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("101.0.0.0:10000")
                    .withFieldName("upstream_addr_priv")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("certificate_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("ssl_protocol")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("ssl_cipher")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("sni_domain_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("9739")
                    .withFieldName("tcpinfo_rtt")
                    .withType("long")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("1594727856.337 e7c37d97-e922-457c-bbf3-dsadeqac 2020-07-14T19:57:36+08:00 elb_01 192.0.0.0:88888 200 "GET http://prod.sss.ads.sg2.aaa/loc/ation?version=3&ip=100.0.0.0&coordinate=27.7044784,85.3007481&device_id=dsadsadasdsadasd&beyla_id=wqeb123ndadsa233ddada HTTP/1.1" 233 293 138 0.001 "200" "0.000" "0.001" "0.001" "100.0.0.0:9999" "lua-resty-http/0.14 (Lua) ngx_lua/10000" "-" "-" loadbalancer_edsaee-4c9c-b467-5b8126b2f7f7dsa listener_6077809b-913f-466d-a96c-376f08882d5d 08cc2b3f68aa4dddd1e6a90dddd1688348a4480 pool_b2f2966c-043d-4674-ad4b-c15f2adb2c6b "-" 2fb78dsadadq1213das1121dab146ad3cb0 -:80 "101.0.0.0:10000" - - - - 9739");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • VPC:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("VPC");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostName")
                    .withType("string")
                    .withContent("ecs-ictest")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1")
                    .withFieldName("version")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("5f67944957444bd6bb4fe3b367de8f3d")
                    .withFieldName("project_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1d515d18-1b36-47dc-a983-bd6512aed4bd")
                    .withFieldName("interface_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("192.168.0.154")
                    .withFieldName("srcaddr")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("192.168.3.25")
                    .withFieldName("dstaddr")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("38929")
                    .withFieldName("srcport")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("53")
                    .withFieldName("dstport")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("17")
                    .withFieldName("protocol")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1")
                    .withFieldName("packets")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("96")
                    .withFieldName("bytes")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1548752136")
                    .withFieldName("start")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1548752736")
                    .withFieldName("end")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("ACCEPT")
                    .withFieldName("action")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("OK")
                    .withFieldName("log_status")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("1 5f67944957444bd6bb4fe3b367de8f3d 1d515d18-1b36-47dc-a983-bd6512aed4bd 192.168.0.154 192.168.3.25 38929 53 17 1 96 1548752136 1548752736 ACCEPT OK");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • APIG:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    210
    211
    212
    213
    214
    215
    216
    217
    218
    219
    220
    221
    222
    223
    224
    225
    226
    227
    228
    229
    230
    231
    232
    233
    234
    235
    236
    237
    238
    239
    240
    241
    242
    243
    244
    245
    246
    247
    248
    249
    250
    251
    252
    253
    254
    255
    256
    257
    258
    259
    260
    261
    262
    263
    264
    265
    266
    267
    268
    269
    270
    271
    272
    273
    274
    275
    276
    277
    278
    279
    280
    281
    282
    283
    284
    285
    286
    287
    288
    289
    290
    291
    292
    293
    294
    295
    296
    297
    298
    299
    300
    301
    302
    303
    304
    305
    306
    307
    308
    309
    310
    311
    312
    313
    314
    315
    316
    317
    318
    319
    320
    321
    322
    323
    324
    325
    326
    327
    328
    329
    330
    331
    332
    333
    334
    335
    336
    337
    338
    339
    340
    341
    342
    343
    344
    345
    346
    347
    348
    349
    350
    351
    352
    353
    354
    355
    356
    357
    358
    359
    360
    361
    362
    363
    364
    365
    366
    367
    368
    369
    370
    371
    372
    373
    374
    375
    376
    377
    378
    379
    380
    381
    382
    383
    384
    385
    386
    387
    388
    389
    390
    391
    392
    393
    394
    395
    396
    397
    398
    399
    400
    401
    402
    403
    404
    405
    406
    407
    408
    409
    410
    411
    412
    413
    414
    415
    416
    417
    418
    419
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("APIG");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostName")
                    .withType("string")
                    .withContent("ecs-ictest")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("100.125.7.59")
                    .withFieldName("my_remote_addr")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("f57f6523b675504a23887d0f5c1c8ef3")
                    .withFieldName("request_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("f5ea2360a2fa443cac236b76f4052ad6")
                    .withFieldName("api_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("user_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("app_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("27/Jan/2022:15:56:44")
                    .withFieldName("time_local")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0.113")
                    .withFieldName("request_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("GET")
                    .withFieldName("request_method")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("http")
                    .withFieldName("scheme")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com")
                    .withFieldName("host")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("/api/echo")
                    .withFieldName("router_uri")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("HTTP/1.1")
                    .withFieldName("server_protocol")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("200")
                    .withFieldName("status")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1443")
                    .withFieldName("bytes_sent")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("408")
                    .withFieldName("request_length")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("APIGatewayDebugClient/1.0")
                    .withFieldName("http_user_agent")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("http_x_forwarded_for")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("100.125.2.39:443")
                    .withFieldName("upstream_addr")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("/v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations")
                    .withFieldName("upstream_uri")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("200")
                    .withFieldName("upstream_status")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0.010")
                    .withFieldName("upstream_connect_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0.083")
                    .withFieldName("upstream_header_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0.083")
                    .withFieldName("upstream_response_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("cn-north-4")
                    .withFieldName("region_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0.083")
                    .withFieldName("all_upstream_response_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0")
                    .withFieldName("errorType")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("auth_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("access_model1")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("access_model2")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0.03000020980835")
                    .withFieldName("inner_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("proxy_protocol_vni")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("proxy_protocol_vpce_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("proxy_protocol_addr")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("486")
                    .withFieldName("body_bytes_sent")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("HttpEchoDemo")
                    .withFieldName("api_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("app_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("provider_app_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("provider_app_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("custom_data_log1")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("custom_data_log2")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("custom_data_log3")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("custom_data_log4")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("custom_data_log5")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("custom_data_log6")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("custom_data_log7")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("custom_data_log8")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("custom_data_log9")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("-")
                    .withFieldName("custom_data_log10")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("remote")
                    .withFieldName("response_source")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("100.125.7.59 f57f6523b675504a23887d0f5c1c8ef3 f5ea2360a2fa443cac236b76f4052ad6 - - [27/Jan/2022:15:56:44 +0800] 0.113 GET http://c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com /api/echo HTTP/1.1 200 1443 408 "APIGatewayDebugClient/1.0" "-" "100.125.2.39:443" /v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations "200" "0.010" "0.083" "0.083" cn-north-4 0.083 0 - - - 0.03000020980835 - - "-" 486 HttpEchoDemo - - - "-" "-" "-" "-" "-" "-" "-" "-" "-" "-" remote");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建DDS审计日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("DCS_AUDIT");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("1640966500017")
                    .withFieldName("time")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("199a1e5a-8a37-40b9-899e-0ab6805c69eb")
                    .withFieldName("instance_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("192.168.0.1")
                    .withFieldName("server_addr")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("proxy")
                    .withFieldName("role")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("10.0.0.1")
                    .withFieldName("client_addr")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("0")
                    .withFieldName("client_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("default")
                    .withFieldName("user")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("1")
                    .withFieldName("db")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("DEL")
                    .withFieldName("command_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("string")
                    .withFieldName("command_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("["key1","key2","key3"]")
                    .withFieldName("command_keys")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("DEL key1 key2 key3")
                    .withFieldName("command_param")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("500")
                    .withFieldName("use_time")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("")
                    .withFieldName("extend")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"time": 1640966500017, "instance_id": "199a1e5a-8a37-40b9-899e-0ab6805c69eb", "server_addr": "192.168.0.1", "role": "proxy", "client_addr": "10.0.0.1", "client_type": "0", "user": "default", "db": 1, "command_name": "DEL", "command_type": "string", "command_keys": ["key1", "key2", "key3"], "command_param": "DEL key1 key2 key3", "use_time": 500, "extend": ""}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建NGINX方式的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("NGINX");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("192.168.1.101")
                    .withFieldName("remote_addr")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("-")
                    .withFieldName("remote_user")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("27/Aug/2018:14:20:29")
                    .withFieldName("time_local")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("GET")
                    .withFieldName("request_method")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("http")
                    .withFieldName("scheme")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("www.example.com")
                    .withFieldName("host")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("/")
                    .withFieldName("request_uri")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("HTTP/1.0")
                    .withFieldName("server_protocol")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("200")
                    .withFieldName("status")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("8796")
                    .withFieldName("bytes_sent")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("6775")
                    .withFieldName("body_bytes_sent")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("-")
                    .withFieldName("http_referer")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36")
                    .withFieldName("http_user_agent")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("-")
                    .withFieldName("http_x_forwarded_for")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("0.185")
                    .withFieldName("request_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("0.010")
                    .withFieldName("upstream_response_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("12.129.120.121:8090")
                    .withFieldName("upstream_addr")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("200")
                    .withFieldName("upstream_status")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("794")
                    .withFieldName("request_length")
                    .withType("long")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("192.168.1.101 - [27/Aug/2018:14:20:29 +0800] "GET http://www.example.com / HTTP/1.0" 200 8796 6775 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" "-" "0.185" "0.010" 12.129.120.121:8090 200 794");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建GAUSSDB_OPENGAUSS_AUDIT方式的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("GAUSSDB_OPENGAUSS_AUDIT");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("rdsAdmin")
                    .withFieldName("username")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("cm_agent@10.254.95.70")
                    .withFieldName("client_conninfo")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("96e86f462bbc4f2286d7c8274815d0fein14")
                    .withFieldName("instanceId")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("xid=30818, SET statement_timeout = 10000000;n")
                    .withFieldName("detail_info")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("140463114942208@713872403507507")
                    .withFieldName("thread_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("ok")
                    .withFieldName("result")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("postgres")
                    .withFieldName("database")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("8001")
                    .withFieldName("local_port")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("10")
                    .withFieldName("userid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("06c267fad8054a0abcb17cfa3b8f260cno14")
                    .withFieldName("nodeId")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("dn_6001_6002_6003")
                    .withFieldName("node_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("statement_timeout")
                    .withFieldName("object_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("2022-08-15 17:53:23+08")
                    .withFieldName("time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("set_parameter")
                    .withFieldName("type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("50952")
                    .withFieldName("remote_port")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"username":"rdsAdmin","client_conninfo":"cm_agent@10.254.95.70","instanceId":"96e86f462bbc4f2286d7c8274815d0fein14","detail_info":"xid=30818, SET statement_timeout = 10000000;n","thread_id":"140463114942208@713872403507507","result":"ok","database":"postgres","local_port":"8001","userid":"10","nodeId":"06c267fad8054a0abcb17cfa3b8f260cno14","node_name":"dn_6001_6002_6003","object_name":"statement_timeout","time":"2022-08-15 17:53:23+08","type":"set_parameter","remote_port":"50952"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建TOMCAT方式的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("TOMCAT");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostName")
                    .withType("string")
                    .withContent("ecs-ictest")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("192.168.12.2")
                    .withFieldName("remote_ip_address")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("-")
                    .withFieldName("remote_logical_username")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("-")
                    .withFieldName("remote_user_authenticated")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("07/Mar/2018:09:49:55")
                    .withFieldName("time_local")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("GET")
                    .withFieldName("scheme")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("/logHello/test")
                    .withFieldName("router_uri")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("HTTP/1.1")
                    .withFieldName("server_protocol")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("200")
                    .withFieldName("status")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("1943")
                    .withFieldName("bytes_sent")
                    .withType("long")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("192.168.12.2 - - [07/Mar/2018:09:49:55 +0800] "GET /logHello/test HTTP/1.1" 200 1943");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建DCS审计日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("DDS_AUDIT");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("auditLog")
                    .withFieldName("topic")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("9fbf813bc27e4a3ab54bddf783a4f774in01")
                    .withFieldName("instanceid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("bf4cb0413d0b4221be94b08471708586no01")
                    .withFieldName("nodeid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("test")
                    .withFieldName("db")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("testCollection")
                    .withFieldName("coll")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("update")
                    .withFieldName("optype")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("2022-08-05T08:24:15.536+0000")
                    .withFieldName("time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("10.4.23.205")
                    .withFieldName("user_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("47668")
                    .withFieldName("user_port")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("rw_testuser")
                    .withFieldName("user")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withContent("{"command":"update","ns":"test.testCollection","op":[{"q":{"vin":"LDP31B965NG036174"},"u":{"$set":{"timestamp":{"$numberLong":"1659687855535"},"deviceTime":{"$numberLong":"1659687855340"},"longitude":"119.35516805555555","latitude":"26.057936388888891","location":"119.35516805555555,26.057936388888891","height":"10.097286797128618","direction":"12","speed":14,"accuracy":"0","h3Address7":"8741b5300ffffff"}},"upsert":true}],"args":{"update":"testCollection","ordered":true,"$db":"test","$clusterTime":{"clusterTime":{"$timestamp":{"t":1659687855,"i":1685}},"signature":{"hash":{"$binary":"CP5bfEf+gBJZdAxCKtF9HiSeqQY=","$type":"00"},"keyId":{"$numberLong":"7102408879899674942"}}},"lsid":{"id":{"$binary":"PXVVrbuvRuGkypCbu/oXXQ==","$type":"04"}}}}")
                    .withFieldName("param")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"topic":"auditLog","instanceid":"9fbf813bc27e4a3ab54bddf783a4f774in01","nodeid":"bf4cb0413d0b4221be94b08471708586no01","db":"test","coll":"testCollection","optype":"update","time":"2022-08-05T08:24:15.536+0000","user_ip":"10.4.23.205","user_port":"47668","user":"rw_testuser","param":{"command":"update","ns":"test.testCollection","op":[{"q":{"vin":"LDP31B965NG036174"},"u":{"$set":{"timestamp":{"$numberLong":"1659687855535"},"deviceTime":{"$numberLong":"1659687855340"},"longitude":"119.35516805555555","latitude":"26.057936388888891","location":"119.35516805555555,26.057936388888891","height":"10.097286797128618","direction":"12","speed":14,"accuracy":"0","h3Address7":"8741b5300ffffff"}},"upsert":true}],"args":{"update":"testCollection","ordered":true,"$db":"test","$clusterTime":{"clusterTime":{"$timestamp":{"t":1659687855,"i":1685}},"signature":{"hash":{"$binary":"CP5bfEf+gBJZdAxCKtF9HiSeqQY=","$type":"00"},"keyId":{"$numberLong":"7102408879899674942"}}},"lsid":{"id":{"$binary":"PXVVrbuvRuGkypCbu/oXXQ==","$type":"04"}}}}}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建DDS错误日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("MONGODB_ERROR");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("error_log")
                    .withFieldName("log_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("Error")
                    .withFieldName("severity")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("2022-08-22T09:33:15.142+0000")
                    .withFieldName("log_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("E QUERY [ClusterDisasterBackupChangeJob] Get global setting disasterBackup failed.")
                    .withFieldName("raw_message")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("5b67dc63ba824145aae1f12ff51e58b8in02")
                    .withFieldName("instance_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("686a791e690e4db3af591ec4b6f72916no02")
                    .withFieldName("node_id")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"log_type":"error_log","severity":"Error","log_time":"2022-08-22T09:33:15.142+0000","raw_message":"E QUERY    [ClusterDisasterBackupChangeJob] Get global setting disasterBackup failed.","instance_id": "5b67dc63ba824145aae1f12ff51e58b8in02","node_id": "686a791e690e4db3af591ec4b6f72916no02"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建DDS慢日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("MONGODB_SLOW");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("slow_log")
                    .withFieldName("log_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("2022-08-20T10:04:03.204000Z")
                    .withFieldName("log_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("data0820.table")
                    .withFieldName("namespace")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("data0820")
                    .withFieldName("database")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("table")
                    .withFieldName("collection")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("insert")
                    .withFieldName("operate_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0")
                    .withFieldName("docs_scanned")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0")
                    .withFieldName("docs_returned")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0")
                    .withFieldName("n_deleted")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0")
                    .withFieldName("n_matched")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0")
                    .withFieldName("n_modified")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("10")
                    .withFieldName("n_inserted")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("555")
                    .withFieldName("cost_time")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0")
                    .withFieldName("lock_time")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("{"op": "insert", "ns": "data0820.usrtable", "command": "{N}", "ninserted": 1, "keysInserted": 1, "numYield": 0, "locks": {"Global": {"acquireCount": {"r": 5, "w": 5}}, "Database": {"acquireCount": {"w": 4, "W": 1}}, "Collection": {"acquireCount": {"w": 2}}, "oplog": {"acquireCount": {"w": 2}}}, "responseLength": 230, "protocol": "op_msg", "millis": 555, "ts": {"$date": 1660989843204}, "client": "192.168.0.64", "appName": "MongoDB Shell", "allUsers": [{"user": "rwuser", "db": "admin"}], "user": "rwuser@admin"}")
                    .withFieldName("whole_message")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("5b67dc63ba824145aae1f12ff51e58b8in02")
                    .withFieldName("instance_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("686a791e690e4db3af591ec4b6f72916no02")
                    .withFieldName("node_id")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"log_type":"slow_log","log_time":"2022-08-20T10:04:03.204000Z","namespace":"data0820.table","database":"data0820","collection":"table","operate_type":"insert","docs_scanned":0,"docs_returned":0,"n_deleted":0,"n_matched":0,"n_modified":0,"n_inserted":10,"cost_time":555,"lock_time":0,"whole_message":"{"op": "insert", "ns": "data0820.usrtable", "command": "{N}", "ninserted": 1, "keysInserted": 1, "numYield": 0, "locks": {"Global": {"acquireCount": {"r": 5, "w": 5}}, "Database": {"acquireCount": {"w": 4, "W": 1}}, "Collection": {"acquireCount": {"w": 2}}, "oplog": {"acquireCount": {"w": 2}}}, "responseLength": 230, "protocol": "op_msg", "millis": 555, "ts": {"$date": 1660989843204}, "client": "192.168.0.64", "appName": "MongoDBShell", "allUsers": [{"user": "rwuser", "db": "admin"}], "user": "rwuser@admin"}","instance_id": "5b67dc63ba824145aae1f12ff51e58b8in02","node_id":"686a791e690e4db3af591ec4b6f72916no02"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建CFW访问控制日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("CFW_ACCESS");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("PING")
                    .withFieldName("app")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("in2out")
                    .withFieldName("direction")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("3002")
                    .withFieldName("source-zone")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("56827792-173e-435a-b22b-229f21d78244")
                    .withFieldName("rule_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("ICMP: ECHO_REQUEST")
                    .withFieldName("protocol")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("100.85.222.23")
                    .withFieldName("dst_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("100.85.112.49")
                    .withFieldName("src_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("eip")
                    .withFieldName("log_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1655882537006")
                    .withFieldName("hit_time")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("44243649")
                    .withFieldName("log-id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("45243")
                    .withFieldName("dst_port")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("3001")
                    .withFieldName("destination-zone")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("2022.06.22")
                    .withFieldName("index_day")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("6781")
                    .withFieldName("log_id")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("17589")
                    .withFieldName("src_port")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("58ead9e7-418d-4166-8df8-f24941d4205c")
                    .withFieldName("fw_instance_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("permit")
                    .withFieldName("action")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1")
                    .withFieldName("vsys")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"app":"PING","direction":"in2out","source-zone":"3002","rule_id":"56827792-173e-435a-b22b-229f21d78244","protocol":"ICMP: ECHO_REQUEST","dst_ip":"100.85.222.23","src_ip":"100.85.112.49","log_type":"eip","hit_time":1655882537006,"log-id":"44243649","dst_port":"45243","destination-zone":"3001","index_day":"2022.06.22","log_id":6781,"src_port":"17589","fw_instance_id":"58ead9e7-418d-4166-8df8-f24941d4205c","action":"permit","vsys":"1"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建CFW攻击日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("CFW_ATTACK");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0")
                    .withFieldName("source")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("HTTP")
                    .withFieldName("app")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("out2in")
                    .withFieldName("direction")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("100.85.222.23")
                    .withFieldName("dst_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("10.108.170.229")
                    .withFieldName("src_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1655974411462")
                    .withFieldName("event_time")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("eip")
                    .withFieldName("log_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("80")
                    .withFieldName("dst_port")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("330409")
                    .withFieldName("attack_rule_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("2022.06.23")
                    .withFieldName("index_day")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("462688")
                    .withFieldName("log_id")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("51002")
                    .withFieldName("src_port")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("TCP")
                    .withFieldName("protocol")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent()
                    .withFieldName("packet")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("HIGH")
                    .withFieldName("level")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("Vulnerability Exploit Attack")
                    .withFieldName("attack_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("58ead9e7-418d-4166-8df8-f24941d4205c")
                    .withFieldName("fw_instance_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("permit")
                    .withFieldName("action")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1")
                    .withFieldName("vsys")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("VMware Spring Cloud Directory Traversal Vulnerability (CVE-2020-5410)")
                    .withFieldName("attack_rule")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"source":"0","app":"HTTP","direction":"out2in","dst_ip":"100.85.222.23","src_ip":"10.108.170.229","event_time":1655974411462,"log_type":"eip","dst_port":"80","attack_rule_id":"330409","index_day":"2022.06.23","log_id":462688,"src_port":"51002","protocol":"TCP","packet":"+hZUZMhT+hY/AaHMCABFAADnicBAAHgGgJIKbKrlZFXeF8c6AFAYCIpDV562+VAYBAILMwAAR0VUIC9qb2JtYW5hZ2VyL2xvZ3MvLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmZXRjJTI1MmZwYXNzd2QgSFRUUC8xLjENCkhvc3Q6IDEwMC44NS4yMjIuMjMNClVzZXItQWdlbnQ6IGN1cmwvNy42NS4wDQpBY2NlcHQ6ICovKg0KDQo=","level":"HIGH","attack_type":"Vulnerability Exploit Attack","fw_instance_id":"58ead9e7-418d-4166-8df8-f24941d4205c","action":"permit","vsys":"1","attack_rule":"VMware Spring Cloud Directory Traversal Vulnerability (CVE-2020-5410)"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建CFW流量日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("CFW_FLOW");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("80")
                    .withFieldName("dst_port")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("HTTP")
                    .withFieldName("app")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0.1")
                    .withFieldName("to_c_pkts")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("100.85.222.23")
                    .withFieldName("dst_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0.1")
                    .withFieldName("to_c_bytes")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1655436321000")
                    .withFieldName("end_time")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("10.108.170.229")
                    .withFieldName("src_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("2022.06.17")
                    .withFieldName("index_day")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1232.1")
                    .withFieldName("bytes")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("4424364f")
                    .withFieldName("log-id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1")
                    .withFieldName("vsys")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("67")
                    .withFieldName("suffix")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("10.1")
                    .withFieldName("packets")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("out2in")
                    .withFieldName("direction")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("TCP")
                    .withFieldName("protocol")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1232.1")
                    .withFieldName("to_s_bytes")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("10.1")
                    .withFieldName("to_s_pkts")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("63934")
                    .withFieldName("src_port")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1655436299000")
                    .withFieldName("start_time")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("efbeb90c-1108-42ce-b099-f7e035a10b67")
                    .withFieldName("fw_instance_id")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"dst_port":"80","app":"HTTP","to_c_pkts":0.1,"dst_ip":"100.85.222.23","to_c_bytes":0.1,"end_time":1655436321000,"src_ip":"10.108.170.229","index_day":"2022.06.17","bytes":1232.1,"log-id":"4424364f","vsys":"1","suffix":"67","packets":10.1,"direction":"out2in","protocol":"TCP","to_s_bytes":1232.1,"to_s_pkts":10.1,"src_port":"63934","start_time":1655436299000,"fw_instance_id":"efbeb90c-1108-42ce-b099-f7e035a10b67"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建MYSQL错误日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("MYSQL_ERROR");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("error_log")
                    .withFieldName("log_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("WARNING")
                    .withFieldName("severity")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("2022-08-22T06:52:08Z")
                    .withFieldName("log_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("Occur error when reading bytes from a network handler. Client actively closes the connection.")
                    .withFieldName("raw_message")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("5d6c61bbd49b4ad3a1572461811e3dacno01")
                    .withFieldName("node_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("207032924c644f429b74f6fc5d8c97f9in01")
                    .withFieldName("instance_id")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection.","node_id":"5d6c61bbd49b4ad3a1572461811e3dacno01","instance_id":"207032924c644f429b74f6fc5d8c97f9in01"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建MYSQL慢日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("MYSQL_SLOW");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("2022-07-27T02:49:19.000")
                    .withFieldName("start_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("commerce")
                    .withFieldName("user")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("100.*.*.222")
                    .withFieldName("host")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1.461583")
                    .withFieldName("query_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0.000050")
                    .withFieldName("lock_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("500")
                    .withFieldName("rows_sent")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("581000")
                    .withFieldName("rows_examined")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;")
                    .withFieldName("command_text")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("saas_perf")
                    .withFieldName("database")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("slow_log")
                    .withFieldName("log_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1658890159")
                    .withFieldName("log_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("SELECT")
                    .withFieldName("operate_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("5d6c61bbd49b4ad3a1572461811e3dacno01")
                    .withFieldName("node_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("207032924c644f429b74f6fc5d8c97f9in01")
                    .withFieldName("instance_id")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"start_time":"2022-07-27T02:49:19.000","user":"commerce","host":"100.*.*.222","query_time":"1.461583","lock_time":"0.000050","rows_sent":"500","rows_examined":"581000","command_text":"SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN =   N)) ORDER BY DN_N.created_date DESC limit N,N;","database":"saas_perf","log_type":"slow_log","log_time":"1658890159","operate_type":"SELECT","node_id":"5d6c61bbd49b4ad3a1572461811e3dacno01","instance_id":"207032924c644f429b74f6fc5d8c97f9in01"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建POSTGRESQL慢日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("POSTGRESQL_SLOW");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("slow_log")
                    .withFieldName("log_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("328.662")
                    .withFieldName("execute_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("authoring")
                    .withFieldName("user")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("2022-07-24T10:06:41.000")
                    .withFieldName("log_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("authoring-test")
                    .withFieldName("database")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("SELECT * FROM ( SELECT n.user_id,n.id AS resource_id,e.create_at AS begin_time,e.create_at AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id WHERE e.category = N AND s.resource_ownership=N AND e.create_at BETWEEN $N AND $N UNION ALL SELECT n.user_id,n.id AS resource_id,$N AS begin_time,$N AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id INNER JOIN (SELECT resource_id,max(create_at) as create_at FROM t_resource_status_event WHERE create_at < $N AND category = N GROUP BY resource_id) x ON e.resource_id=x.resource_id AND e.create_at=x.create_at WHERE e.create_at < $N AND e.category = N AND e.status = N AND s.resource_ownership=N) m ORDER BY resource_id,begin_time ASC")
                    .withFieldName("statement")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("10.*.*.206")
                    .withFieldName("host")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1658657201")
                    .withFieldName("log_timestamp")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("SELECT")
                    .withFieldName("operate_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("d285609201534696bdcd648519fe2b8dno02")
                    .withFieldName("node_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("5b67dc63ba824145aae1f12ff51e58b8in02")
                    .withFieldName("instance_id")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"log_type":"slow_log","execute_time":328.662,"user":"authoring","log_time":"2022-07-24T10:06:41.000","database":"authoring-test","statement":"SELECT * FROM ( SELECT n.user_id,n.id AS resource_id,e.create_at AS begin_time,e.create_at AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id  FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id WHERE e.category = N AND s.resource_ownership=N AND e.create_at BETWEEN $N AND $N UNION ALL SELECT n.user_id,n.id AS resource_id,$N AS begin_time,$N AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id  FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id INNER JOIN (SELECT resource_id,max(create_at) as create_at FROM t_resource_status_event  WHERE create_at < $N AND category = N GROUP BY resource_id) x ON e.resource_id=x.resource_id AND e.create_at=x.create_at  WHERE e.create_at < $N AND e.category = N AND e.status = N AND s.resource_ownership=N) m ORDER BY resource_id,begin_time ASC","host":"10.*.*.206","log_timestamp":"1658657201","operate_type":"SELECT","node_id":"d285609201534696bdcd648519fe2b8dno02","instance_id":"5b67dc63ba824145aae1f12ff51e58b8in02"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建POSTGRESQL错误日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("POSTGRESQL_ERROR");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("error_log")
                    .withFieldName("log_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("WARNING")
                    .withFieldName("severity")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("2022-08-22T06:52:08Z")
                    .withFieldName("log_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("Occur error when reading bytes from a network handler. Client actively closes the connection.")
                    .withFieldName("raw_message")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("d285609201534696bdcd648519fe2b8dno02")
                    .withFieldName("node_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("5b67dc63ba824145aae1f12ff51e58b8in02")
                    .withFieldName("instance_id")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection.","node_id":"d285609201534696bdcd648519fe2b8dno02","instance_id":"5b67dc63ba824145aae1f12ff51e58b8in02"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建SQLSERVER错误日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("SQLSERVER_ERROR");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("error_log")
                    .withFieldName("log_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("WARNING")
                    .withFieldName("severity")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("2022-08-22T06:52:08Z")
                    .withFieldName("log_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("Occur error when reading bytes from a network handler. Client actively closes the connection.")
                    .withFieldName("raw_message")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("7346b0db609b463e976054928af50e85no01")
                    .withFieldName("node_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("9c589b9d7a4d45dbaf7deb9f8520611cin01")
                    .withFieldName("instance_id")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection.","node_id":"7346b0db609b463e976054928af50e85no01","instance_id":"9c589b9d7a4d45dbaf7deb9f8520611cin01"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建GAUSSDB_REDIS慢日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("GAUSSDB_REDIS_SLOW");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("32eaaf6c5a0142e3a6d80740cd5b3803in12")
                    .withFieldName("instance_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("597a15b9f2ef4436811c5edcc67c013cno12")
                    .withFieldName("node_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("0")
                    .withFieldName("database")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("slow_log")
                    .withFieldName("log_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("sismember")
                    .withFieldName("operate_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("2022-10-12T07:42:21.253484Z")
                    .withFieldName("log_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("1277.47")
                    .withFieldName("cost_time")
                    .withType("float")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("{"command_param":"dc:set:new:follow:uids:monthly:259008728:202210","database":"0"}")
                    .withFieldName("whole_message")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"instance_id":"32eaaf6c5a0142e3a6d80740cd5b3803in12","node_id":"597a15b9f2ef4436811c5edcc67c013cno12","database":"0","log_type":"slow_log","operate_type":"sismember","log_time":"2022-10-12T07:42:21.253484Z","cost_time":1277.47,"whole_message":"{"command_param":"dc:set:new:follow:uids:monthly:259008728:202210","database":0}"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建GAUSSDB_MYSQL慢日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("GAUSSDB_MYSQL_SLOW");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostName")
                    .withType("string")
                    .withContent("ecs-ictest")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2022-07-27T02:49:19.000")
                    .withFieldName("start_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("commerce")
                    .withFieldName("user")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("100.*.*.222")
                    .withFieldName("host")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("1.461583")
                    .withFieldName("query_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("0.000050")
                    .withFieldName("lock_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("500")
                    .withFieldName("rows_sent")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("581000")
                    .withFieldName("rows_examined")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;")
                    .withFieldName("command_text")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(true)
                    .withContent("saas_perf")
                    .withFieldName("database")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("slow_log")
                    .withFieldName("log_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("1658890159")
                    .withFieldName("log_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("SELECT")
                    .withFieldName("operate_type")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"start_time":"2022-07-27T02:49:19.000","user":"commerce","host":"100.*.*.222","query_time":"1.461583","lock_time":"0.000050","rows_sent":"500","rows_examined":"581000","command_text":"SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN =   N)) ORDER BY DN_N.created_date DESC limit N,N;","database":"saas_perf","log_type":"slow_log","log_time":"1658890159","operate_type":"SELECT"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建GAUSSDB_MYSQL错误日志的结构化配置

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("GAUSSDB_MYSQL_ERROR");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("error_log")
                    .withFieldName("log_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("WARNING")
                    .withFieldName("severity")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2022-08-22T06:52:08Z")
                    .withFieldName("log_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("Occur error when reading bytes from a network handler. Client actively closes the connection.")
                    .withFieldName("raw_message")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection."}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建CDN结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    210
    211
    212
    213
    214
    215
    216
    217
    218
    219
    220
    221
    222
    223
    224
    225
    226
    227
    228
    229
    230
    231
    232
    233
    234
    235
    236
    237
    238
    239
    240
    241
    242
    243
    244
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("CDN");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("1666604392000")
                    .withFieldName("request_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("findercdn.video.qq.com")
                    .withFieldName("domain")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("GET")
                    .withFieldName("method")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("http")
                    .withFieldName("scheme")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("/BcimRg.txt")
                    .withFieldName("uri")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("cdnkey=*****&cdntoken=*****&tokenidx=1")
                    .withFieldName("uri_param")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("192.168.233.142")
                    .withFieldName("client_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("51517")
                    .withFieldName("client_port")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("-")
                    .withFieldName("refer_protocol")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("-")
                    .withFieldName("refer_domain")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("-")
                    .withFieldName("refer_uri")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("-")
                    .withFieldName("refer_param")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("301")
                    .withFieldName("request_size")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("14")
                    .withFieldName("response_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("588")
                    .withFieldName("response_size")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("403")
                    .withFieldName("http_code")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("-")
                    .withFieldName("response_range")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("-")
                    .withFieldName("request_range")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("150")
                    .withFieldName("request_body_bytes")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("text/html")
                    .withFieldName("content_type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("HIT")
                    .withFieldName("hit_info")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("python-requests/2.21.0")
                    .withFieldName("user_agent")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("ce6327e015c1e16f581818b838a6cb0c")
                    .withFieldName("uuid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("edge-cache01[14]")
                    .withFieldName("via_info")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("-")
                    .withFieldName("xforwordfor")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"request_time":"1666604392000","domain":"findercdn.video.qq.com","method":"GET","scheme":"http","uri":"/BcimRg.txt","uri_param":"cdnkey=******&cdntoken=******&tokenidx=1","client_ip":"192.168.233.142","client_port":"51517","refer_protocol":"-","refer_domain":"-","refer_uri":"-","refer_param":"-","request_size":"301","response_time":"14","response_size":"588","http_code":"403","response_range":"-","request_range":"-","request_body_bytes":"150","content_type":"text/html","hit_info":"HIT","user_agent":"python-requests/2.21.0","uuid":"ce6327e015c1e16f581818b838a6cb0c","via_info":"edge-cache01[14]","xforwordfor":"-"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建SMN结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("SMN");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("1ae49922602a42fc83acb9689a2eb5f4")
                    .withFieldName("message_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("5a9f32e4f1ec4bbe9695ff9da51c2925")
                    .withFieldName("project_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo")
                    .withFieldName("topic_urn")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo:b55c3c6fa7cd471b9f24818d530a8740")
                    .withFieldName("subscriber_urn")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("https")
                    .withFieldName("protocol_name")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("https://127.0.0.1:443/https")
                    .withFieldName("endpoint")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("DELIVERED")
                    .withFieldName("status")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("200")
                    .withFieldName("http_code")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2022-11-01T00:00:00Z")
                    .withFieldName("create_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2022-11-01T00:00:10Z")
                    .withFieldName("send_time")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"message_id":"1ae49922602a42fc83acb9689a2eb5f4","project_id":"5a9f32e4f1ec4bbe9695ff9da51c2925","topic_urn":"urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo","subscriber_urn":"urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo:b55c3c6fa7cd471b9f24818d530a8740","protocol_name":"https","endpoint":"https://127.0.0.1:443/https","status":"DELIVERED","http_code":200,"create_time":"2022-11-01T00:00:00Z","send_time":"2022-11-01T00:00:10Z"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建WAF访问日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    210
    211
    212
    213
    214
    215
    216
    217
    218
    219
    220
    221
    222
    223
    224
    225
    226
    227
    228
    229
    230
    231
    232
    233
    234
    235
    236
    237
    238
    239
    240
    241
    242
    243
    244
    245
    246
    247
    248
    249
    250
    251
    252
    253
    254
    255
    256
    257
    258
    259
    260
    261
    262
    263
    264
    265
    266
    267
    268
    269
    270
    271
    272
    273
    274
    275
    276
    277
    278
    279
    280
    281
    282
    283
    284
    285
    286
    287
    288
    289
    290
    291
    292
    293
    294
    295
    296
    297
    298
    299
    300
    301
    302
    303
    304
    305
    306
    307
    308
    309
    310
    311
    312
    313
    314
    315
    316
    317
    318
    319
    320
    321
    322
    323
    324
    325
    326
    327
    328
    329
    330
    331
    332
    333
    334
    335
    336
    337
    338
    339
    340
    341
    342
    343
    344
    345
    346
    347
    348
    349
    350
    351
    352
    353
    354
    355
    356
    357
    358
    359
    360
    361
    362
    363
    364
    365
    366
    367
    368
    369
    370
    371
    372
    373
    374
    375
    376
    377
    378
    379
    380
    381
    382
    383
    384
    385
    386
    387
    388
    389
    390
    391
    392
    393
    394
    395
    396
    397
    398
    399
    400
    401
    402
    403
    404
    405
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("WAF_ACCESS");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("504")
                    .withFieldName("response_code")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("http")
                    .withFieldName("scheme")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("100.93.2.229:80")
                    .withFieldName("upstream_addr")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("163")
                    .withFieldName("body_bytes_sent")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("-")
                    .withFieldName("upstream_header_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("1")
                    .withFieldName("connection_requests")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("ssl_cipher")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("1736cc7331b74b198e2ef07555a970ce")
                    .withFieldName("hostid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2152")
                    .withFieldName("pid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("tls_version")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("www.testh.com")
                    .withFieldName("http_host")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("0")
                    .withFieldName("process_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("88003425-d7bc-46ce-8ae7-77a8aa18a814")
                    .withFieldName("access_stream_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2022-07-29T19:39:10+08:00")
                    .withFieldName("time_iso8601")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("intel_crawler")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("504")
                    .withFieldName("upstream_status")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("10.63.46.110")
                    .withFieldName("remote_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("30.008")
                    .withFieldName("request_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("1d26cc8c86a840e28a4f8d0d07852f1d")
                    .withFieldName("tenantid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("10.63.46.110")
                    .withFieldName("sip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("420")
                    .withFieldName("bytes_send")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2a473356cca5487f8373be891bffc1cf")
                    .withFieldName("projectid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("curl/7.29.0")
                    .withFieldName("user_agent")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("web_tag")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("GET")
                    .withFieldName("method")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("10.63.36.208")
                    .withFieldName("bind_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("region_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("20582")
                    .withFieldName("remote_port")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("ssl_ciphers_md5")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("x_real_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("/")
                    .withFieldName("url")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("x_forwarded_for")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("sni")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("public/../style/general.css=true")
                    .withFieldName("args")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("cdn_src_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("0")
                    .withFieldName("enterprise_project_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("-")
                    .withFieldName("upstream_connect_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("engine_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("110")
                    .withFieldName("request_length")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("5d574e6a-87da-42bc-bfd4-ff61a1b336a4")
                    .withFieldName("group_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("36f0a9212b14528ffc090f1811cd87d8")
                    .withFieldName("requestid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("ssl_curves")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("ssl_session_reused")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2022-07-29T11:39:10.000Z")
                    .withFieldName("waf-time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("30.009")
                    .withFieldName("upstream_response_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("29/Jul/2022:19:39:10 +0800")
                    .withFieldName("time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("access")
                    .withFieldName("waf_category")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("10.63.36.208")
                    .withFieldName("eng_ip")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"response_code":"504","scheme":"http","upstream_addr":"100.93.2.229:80","body_bytes_sent":"163","upstream_header_time":"-","connection_requests":"1","ssl_cipher":"","hostid":"1736cc7331b74b198e2ef07555a970ce","pid":"2152","tls_version":"","http_host":"www.testh.com","process_time":"0","access_stream_id":"88003425-d7bc-46ce-8ae7-77a8aa18a814","time_iso8601":"2022-07-29T19:39:10+08:00","intel_crawler":"","upstream_status":"504","remote_ip":"10.63.46.110","request_time":"30.008","tenantid":"1d26cc8c86a840e28a4f8d0d07852f1d","sip":"10.63.46.110","bytes_send":"420","projectid":"2a473356cca5487f8373be891bffc1cf","user_agent":"curl/7.29.0","web_tag":"","method":"GET","bind_ip":"10.63.36.208","region_id":"","remote_port":"20582","ssl_ciphers_md5":"","x_real_ip":"","url":"/","x_forwarded_for":"","sni":"","args":"public/../style/general.css=true","cdn_src_ip":"","enterprise_project_id":"0","upstream_connect_time":"-","engine_id":"","request_length":"110","group_id":"5d574e6a-87da-42bc-bfd4-ff61a1b336a4","requestid":"36f0a9212b14528ffc090f1811cd87d8","ssl_curves":"","ssl_session_reused":"","waf-time":"2022-07-29T11:39:10.000Z","upstream_response_time":"30.008","time":"29/Jul/2022:19:39:10 +0800","category":"access","eng_ip":"10.63.36.208"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建WAF攻击日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    210
    211
    212
    213
    214
    215
    216
    217
    218
    219
    220
    221
    222
    223
    224
    225
    226
    227
    228
    229
    230
    231
    232
    233
    234
    235
    236
    237
    238
    239
    240
    241
    242
    243
    244
    245
    246
    247
    248
    249
    250
    251
    252
    253
    254
    255
    256
    257
    258
    259
    260
    261
    262
    263
    264
    265
    266
    267
    268
    269
    270
    271
    272
    273
    274
    275
    276
    277
    278
    279
    280
    281
    282
    283
    284
    285
    286
    287
    288
    289
    290
    291
    292
    293
    294
    295
    296
    297
    298
    299
    300
    301
    302
    303
    304
    305
    306
    307
    308
    309
    310
    311
    312
    313
    314
    315
    316
    317
    318
    319
    320
    321
    322
    323
    324
    325
    326
    327
    328
    329
    330
    331
    332
    333
    334
    335
    336
    337
    338
    339
    340
    341
    342
    343
    344
    345
    346
    347
    348
    349
    350
    351
    352
    353
    354
    355
    356
    357
    358
    359
    360
    361
    362
    363
    364
    365
    366
    367
    368
    369
    370
    371
    372
    373
    374
    375
    376
    377
    378
    379
    380
    381
    382
    383
    384
    385
    386
    387
    388
    389
    390
    391
    392
    393
    394
    395
    396
    397
    398
    399
    400
    401
    402
    403
    404
    405
    406
    407
    408
    409
    410
    411
    412
    413
    414
    415
    416
    417
    418
    419
    420
    421
    422
    423
    424
    425
    426
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("WAF_ATTACK");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("cd081ba3d6674000acc37d7e2a4b9140")
                    .withFieldName("policy_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("80")
                    .withFieldName("hport")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("163")
                    .withFieldName("body_bytes_sent")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("1736cc7331b74b198e2ef07555a970ce")
                    .withFieldName("hostid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("040002")
                    .withFieldName("rule")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("10.63.36.208")
                    .withFieldName("engine_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2152")
                    .withFieldName("pid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("www.testh.com")
                    .withFieldName("http_host")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("1")
                    .withFieldName("process_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("0000-0000-0000-20820220729193940-f34cf25e")
                    .withFieldName("reqid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2022-07-29T19:39:40+08:00")
                    .withFieldName("time_iso8601")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("504")
                    .withFieldName("upstream_status")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("public/../style/general.css")
                    .withFieldName("hit_data")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("98de5d5a-9f54-4d01-9882-eca7bec99d09")
                    .withFieldName("attack_stream_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("10.63.46.110")
                    .withFieldName("remote_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("lfi")
                    .withFieldName("attack")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("1d26cc8c86a840e28a4f8d0d07852f1d")
                    .withFieldName("tenantid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("www.testh.com")
                    .withFieldName("host")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("log")
                    .withFieldName("action")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("HTTP")
                    .withFieldName("backend.protocol")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("true")
                    .withFieldName("backend.alive")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("80")
                    .withFieldName("backend.port")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("100.93.2.229")
                    .withFieldName("backend.host")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("1")
                    .withFieldName("backend.weight")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("ip")
                    .withFieldName("backend.type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("04-0000-0000-0000-20820220729193940-f34cf25e")
                    .withFieldName("id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("10.63.46.110")
                    .withFieldName("sip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2a473356cca5487f8373be891bffc1cf")
                    .withFieldName("projectid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("web_tag")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2022-07-29T11:39:40.000Z")
                    .withFieldName("attack-time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("GET")
                    .withFieldName("method")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("{"HWWAFSESTIME":"1659094780939","HWWAFSESID":"e2cd0733b4712e4cc4"}")
                    .withFieldName("cookie")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2")
                    .withFieldName("level")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("{\"public\\/..\\/style\\/general.css\":\"true\"}")
                    .withFieldName("params")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("x_real_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("/")
                    .withFieldName("url")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("x_forwarded_for")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("cdn_src_ip")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("0")
                    .withFieldName("enterprise_project_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("req_body")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("")
                    .withFieldName("engine_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("5d574e6a-87da-42bc-bfd4-ff61a1b336a4")
                    .withFieldName("group_id")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("f34cf25eb33ed82cd7261a8276a60c39")
                    .withFieldName("requestid")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("null")
                    .withFieldName("multipart")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("{\"host\":\"www.testh.com\",\"user-agent\":\"curl\\/7.29.0\",\"accept\":\"*\\/*\"}")
                    .withFieldName("header")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("params")
                    .withFieldName("location")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("30.000")
                    .withFieldName("upstream_response_time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2022-07-29 19:39:40")
                    .withFieldName("time")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("attack")
                    .withFieldName("waf_category")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("28408")
                    .withFieldName("sport")
                    .withType("long")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("504")
                    .withFieldName("status")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"policy_id":"cd081ba3d6674000acc37d7e2a4b9140","hport":"80","body_bytes_sent":"163","hostid":"1736cc7331b74b198e2ef07555a970ce","rule":"040002","engine_ip":"10.63.36.208","pid":"2152","http_host":"www.testh.com","process_time":"1","reqid":"0000-0000-0000-20820220729193940-f34cf25e","time_iso8601":"2022-07-29T19:39:40+08:00","upstream_status":"504","hit_data":"public/../style/general.css","attack_stream_id":"98de5d5a-9f54-4d01-9882-eca7bec99d09","remote_ip":"10.63.46.110","attack":"lfi","tenantid":"1d26cc8c86a840e28a4f8d0d07852f1d","host":"www.testh.com","action":"log","backend":{"protocol":"HTTP","alive":true,"port":80,"host":"100.93.2.229","weight":1,"type":"ip"},"id":"04-0000-0000-0000-20820220729193940-f34cf25e","sip":"10.63.46.110","projectid":"2a473356cca5487f8373be891bffc1cf","web_tag":"","attack-time":"2022-07-29T11:39:40.000Z","method":"GET","cookie":"{\"HWWAFSESTIME\":\"1659094780939\",\"HWWAFSESID\":\"e2cd0733b4712e4cc4\"}","level":2,"params":"{\"public\\/..\\/style\\/general.css\":\"true\"}","x_real_ip":"","uri":"/","x_forwarded_for":"","cdn_src_ip":"","enterprise_project_id":"0","req_body":"","engine_id":"","group_id":"5d574e6a-87da-42bc-bfd4-ff61a1b336a4","requestid":"f34cf25eb33ed82cd7261a8276a60c39","multipart":"null","header":"{\"host\":\"www.testh.com\",\"user-agent\":\"curl\\/7.29.0\",\"accept\":\"*\\/*\"}","location":"params","upstream_response_time":"30.000","time":"2022-07-29 19:39:40","category":"attack","sport":28408,"status":"504"}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 创建DMS重平衡日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.lts.v2.region.LtsRegion;
    import com.huaweicloud.sdk.lts.v2.*;
    import com.huaweicloud.sdk.lts.v2.model.*;
    
    import java.util.List;
    import java.util.ArrayList;
    
    public class CreateStructTemplateSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
    
            ICredential auth = new BasicCredentials()
                    .withAk(ak)
                    .withSk(sk);
    
            LtsClient client = LtsClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(LtsRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateStructTemplateRequest request = new CreateStructTemplateRequest();
            LtsStructTemplateInfo body = new LtsStructTemplateInfo();
            Rule rulebody = new Rule();
            rulebody.withType("built_in")
                .withParam("DMS_REBALANCED");
            List<TagField> listbodyTagFields = new ArrayList<>();
            listbodyTagFields.add(
                new TagField()
                    .withFieldName("hostIP")
                    .withType("string")
                    .withContent("192.168.2.134")
                    .withIsAnalysis(true)
            );
            List<StructFieldInfo> listbodyDemoFields = new ArrayList<>();
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("INFO")
                    .withFieldName("level")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("2023-03-23 17:23:22,906")
                    .withFieldName("timestamp")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635")
                    .withFieldName("message.leaderId")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("1")
                    .withFieldName("message.generationId")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("Assignment received from leader for group KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0 for generation 1")
                    .withFieldName("message.reason")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0")
                    .withFieldName("message.groupId")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("0")
                    .withFieldName("message.coordinatorId")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("END_REBALANCE")
                    .withFieldName("message.type")
                    .withType("string")
            );
            listbodyDemoFields.add(
                new StructFieldInfo()
                    .withIsAnalysis(false)
                    .withContent("GroupMetadata(groupId=KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0, generation=1, protocolType=Some(consumer), currentState=CompletingRebalance, members=Map(consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635 -> MemberMetadata(memberId=consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635, clientId=consumer-1, clientHost=/172.31.2.168, sessionTimeoutMs=10000, rebalanceTimeoutMs=300000, supportedProtocols=List(range), )))")
                    .withFieldName("message.group")
                    .withType("string")
            );
            body.withRule(rulebody);
            body.withProjectId("2a473356cca5487f8373be891bffxxxx");
            body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx");
            body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" "));
            body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx");
            body.withContent("{"level":"INFO","timestamp":"2023-03-23 17:23:22,906","message":{"leaderId":"consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635","generationId":"1","reason":"Assignment received from leader for group KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0 for generation 1","groupId":"KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0","coordinatorId":"0","type":"END_REBALANCE","group":"GroupMetadata(groupId=KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0, generation=1, protocolType=Some(consumer), currentState=CompletingRebalance, members=Map(consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635 -> MemberMetadata(memberId=consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635, clientId=consumer-1, clientHost=/172.31.2.168, sessionTimeoutMs=10000, rebalanceTimeoutMs=300000, supportedProtocols=List(range), )))"}}");
            body.withTagFields(listbodyTagFields);
            body.withDemoFields(listbodyDemoFields);
            request.withBody(body);
            try {
                CreateStructTemplateResponse response = client.createStructTemplate(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • 正则方式:

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                ),
                TagField(
                    field_name="hostName",
                    type="string",
                    content="ecs-ictest",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    field_name="a01",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="a02",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="a03",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="a04",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="a05",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="a06",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="a07",
                    type="long"
                )
            ]
            request.body = LtsStructTemplateInfo(
                regex_rules="^(?<a01>[^ ]+)(?:[^ ]* ){1}(?<a02>\w+)(?:[^ ]* ){1}(?<a03>\w+)(?:[^ ]* ){1}(?<a04>\w+)(?:[^ ]* ){1}(?<a05>\w+)(?:[^ ]* ){1}(?<a06>\w+)(?:[^ ]* ){1}(?<a07>\d+)",
                project_id=" ",
                log_stream_id="ff8bd110-dc44-4692-af74-d3b1f6197887",
                parse_type="custom_regex",
                log_group_id="ada6ce6b-17ba-43f3-a27f-aa563b4ab14e",
                content="2021-09-09/18:15:41 this log is Error NO 6323",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • JSON方式:

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                ),
                TagField(
                    field_name="hostName",
                    type="string",
                    content="ecs-ictest",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    field_name="code",
                    type="long",
                    user_defined_name="jl"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="record_time",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="tracker_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="user.id",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="user.name",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                layers=3,
                project_id=" ",
                log_stream_id="ff8bd110-dc44-4692-af74-d3b1f6197887",
                parse_type="json",
                log_group_id="ada6ce6b-17ba-43f3-a27f-aa563b4ab14e",
                content="{'code':38,'tracker_name':'global','record_time':'1597042370464','user':{'name':'testdemo','id':'123456789'}}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 分隔符:

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                ),
                TagField(
                    field_name="hostName",
                    type="string",
                    content="ecs-ictest",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    field_name="b1",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="b2",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="b3",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="b4",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="b5",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="b6",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="b7",
                    type="long"
                )
            ]
            request.body = LtsStructTemplateInfo(
                tokenizer=" ",
                project_id="",
                log_stream_id="ff8bd110-dc44-4692-af74-d3b1f6197887",
                parse_type="split",
                log_group_id="ada6ce6b-17ba-43f3-a27f-aa563b4ab14e",
                content="2021-09-09/18:50:51 this log is Error NO 37",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • Nginx:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                ),
                TagField(
                    field_name="hostName",
                    type="string",
                    content="ecs-ictest",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=False,
                    content="0",
                    field_name="body_bytes_sent",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="-",
                    field_name="http_referer",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="Mozilla/5.0",
                    field_name="http_user_agent",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="-",
                    field_name="http_x_forwarded_for",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="192.168.0.0",
                    field_name="remote_addr",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="sgq",
                    field_name="remote_user",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="GET",
                    field_name="request_method",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="/",
                    field_name="request_uri",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="304",
                    field_name="status",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="12/Mar/2020:12:24:02",
                    field_name="time_local",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                log_format="log_format  main   '$remote_addr - $remote_user [$time_local] "$request" '                            '$status $body_bytes_sent "$http_referer" '                            '"$http_user_agent" "$http_x_forwarded_for"';",
                project_id="2a473356cca5487f8373be891bffc1cf",
                log_stream_id="60906859-e91e-4d4a-9a21-ae319f544567",
                parse_type="nginx",
                log_group_id="d1f4240d-5ee2-4e0b-9e2c-e25c7978c001",
                content="192.168.0.0 - sgq [12/Mar/2020:12:24:02 +0800] "GET / 127/query" 304 0 "-" "Mozilla/5.0" "-"",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • CTS:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="CTS"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                ),
                TagField(
                    field_name="hostName",
                    type="string",
                    content="ecs-ictest",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="201",
                    field_name="code",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="global",
                    field_name="event_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="221123nsada3sda3231das3111ndsab",
                    field_name="project_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1597042370464",
                    field_name="record_time",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="98763hkjhdteoi03861732hjh7983bhd",
                    field_name="resource_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="demodemodemo/demo",
                    field_name="resource_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="token",
                    field_name="resource_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="IAM",
                    field_name="service_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="10.10.1.10",
                    field_name="source_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1597042369296",
                    field_name="time",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1eesdd-dad6-11dsaea-edaxfeqdf",
                    field_name="trace_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="demodemodemo",
                    field_name="trace_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="normal",
                    field_name="trace_rating",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="ApiCall",
                    field_name="trace_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="global",
                    field_name="tracker_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="21185d8818e443e1ryjkh71622f09212b",
                    field_name="user.domain.id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="testdemo",
                    field_name="user.domain.name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="6hfakl86faqw87dsasasadf09ajbml",
                    field_name="user.id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="testdemo/demo",
                    field_name="user.name",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"code":"201","source_ip":"10.10.1.10","trace_type":"ApiCall","event_type":"global","project_id":"221123nsada3sda3231das3111ndsab","trace_id":"1eesdd-dad6-11dsaea-edaxfeqdf","trace_name":"demodemodemo","resource_type":"token","trace_rating":"normal","service_type":"IAM","resource_id":"98763hkjhdteoi03861732hjh7983bhd","tracker_name":"global","time":"1597042369296","resource_name":"demodemodemo/demo","record_time":"1597042370464","user":{"domain":{"name":"testdemo","id":"21185d8818e443e1ryjkh71622f09212b"},"name":"testdemo/demo","id":"6hfakl86faqw87dsasasadf09ajbml"}}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • ELB:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    210
    211
    212
    213
    214
    215
    216
    217
    218
    219
    220
    221
    222
    223
    224
    225
    226
    227
    228
    229
    230
    231
    232
    233
    234
    235
    236
    237
    238
    239
    240
    241
    242
    243
    244
    245
    246
    247
    248
    249
    250
    251
    252
    253
    254
    255
    256
    257
    258
    259
    260
    261
    262
    263
    264
    265
    266
    267
    268
    269
    270
    271
    272
    273
    274
    275
    276
    277
    278
    279
    280
    281
    282
    283
    284
    285
    286
    287
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="ELB"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                ),
                TagField(
                    field_name="hostName",
                    type="string",
                    content="ecs-ictest",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="1594727856.337",
                    field_name="msec",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="e7c37d97-e922-457c-bbf3-dsadeqac",
                    field_name="access_log_topic_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="2020-07-14T19:57:36+08:00",
                    field_name="time_iso8601",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="elb_01",
                    field_name="log_ver",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="192.0.0.0",
                    field_name="remote_addr",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="88888",
                    field_name="remote_port",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="200",
                    field_name="status",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="GET",
                    field_name="request_method",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="http",
                    field_name="scheme",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="prod.sss.ads.sg2.aaa",
                    field_name="host",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="loc/ation?version=3&ip=100.0.0.0&coordinate=27.7044784,85.3007481&device_id=dsadsadasdsadasd&beyla_id=wqeb123ndadsa233ddada",
                    field_name="router_request_uri",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="HTTP/1.1",
                    field_name="server_protocol",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="233",
                    field_name="request_length",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="293",
                    field_name="bytes_sent",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="138",
                    field_name="body_bytes_sent",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0.001",
                    field_name="request_time",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="200",
                    field_name="upstream_status",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0.000",
                    field_name="upstream_connect_time",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0.001",
                    field_name="upstream_header_time",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0.001",
                    field_name="upstream_response_time",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="100.0.0.0:9999",
                    field_name="upstream_addr",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="lua-resty-http/0.14 (Lua) ngx_lua/10000",
                    field_name="http_user_agent",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="http_referer",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="http_x_forwarded_for",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="loadbalancer_edsaee-4c9c-b467-5b8126b2f7f7dsa",
                    field_name="lb_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="listener_6077809b-913f-466d-a96c-376f08882d5d",
                    field_name="listener_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="08cc2b3f68aa4dddd1e6a90dddd1688348a4480",
                    field_name="listener_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="pool_b2f2966c-043d-4674-ad4b-c15f2adb2c6b",
                    field_name="pool_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="member_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="2fb78dsadadq1213das1121dab146ad3cb0",
                    field_name="tenant_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="eip_address",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="80",
                    field_name="eip_port",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="101.0.0.0:10000",
                    field_name="upstream_addr_priv",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="certificate_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="ssl_protocol",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="ssl_cipher",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="sni_domain_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="9739",
                    field_name="tcpinfo_rtt",
                    type="long"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="1594727856.337 e7c37d97-e922-457c-bbf3-dsadeqac 2020-07-14T19:57:36+08:00 elb_01 192.0.0.0:88888 200 "GET http://prod.sss.ads.sg2.aaa/loc/ation?version=3&ip=100.0.0.0&coordinate=27.7044784,85.3007481&device_id=dsadsadasdsadasd&beyla_id=wqeb123ndadsa233ddada HTTP/1.1" 233 293 138 0.001 "200" "0.000" "0.001" "0.001" "100.0.0.0:9999" "lua-resty-http/0.14 (Lua) ngx_lua/10000" "-" "-" loadbalancer_edsaee-4c9c-b467-5b8126b2f7f7dsa listener_6077809b-913f-466d-a96c-376f08882d5d 08cc2b3f68aa4dddd1e6a90dddd1688348a4480 pool_b2f2966c-043d-4674-ad4b-c15f2adb2c6b "-" 2fb78dsadadq1213das1121dab146ad3cb0 -:80 "101.0.0.0:10000" - - - - 9739",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • VPC:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="VPC"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                ),
                TagField(
                    field_name="hostName",
                    type="string",
                    content="ecs-ictest",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="1",
                    field_name="version",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="5f67944957444bd6bb4fe3b367de8f3d",
                    field_name="project_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1d515d18-1b36-47dc-a983-bd6512aed4bd",
                    field_name="interface_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="192.168.0.154",
                    field_name="srcaddr",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="192.168.3.25",
                    field_name="dstaddr",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="38929",
                    field_name="srcport",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="53",
                    field_name="dstport",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="17",
                    field_name="protocol",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1",
                    field_name="packets",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="96",
                    field_name="bytes",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1548752136",
                    field_name="start",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1548752736",
                    field_name="end",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="ACCEPT",
                    field_name="action",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="OK",
                    field_name="log_status",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="1 5f67944957444bd6bb4fe3b367de8f3d 1d515d18-1b36-47dc-a983-bd6512aed4bd 192.168.0.154 192.168.3.25 38929 53 17 1 96 1548752136 1548752736 ACCEPT OK",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • APIG:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    210
    211
    212
    213
    214
    215
    216
    217
    218
    219
    220
    221
    222
    223
    224
    225
    226
    227
    228
    229
    230
    231
    232
    233
    234
    235
    236
    237
    238
    239
    240
    241
    242
    243
    244
    245
    246
    247
    248
    249
    250
    251
    252
    253
    254
    255
    256
    257
    258
    259
    260
    261
    262
    263
    264
    265
    266
    267
    268
    269
    270
    271
    272
    273
    274
    275
    276
    277
    278
    279
    280
    281
    282
    283
    284
    285
    286
    287
    288
    289
    290
    291
    292
    293
    294
    295
    296
    297
    298
    299
    300
    301
    302
    303
    304
    305
    306
    307
    308
    309
    310
    311
    312
    313
    314
    315
    316
    317
    318
    319
    320
    321
    322
    323
    324
    325
    326
    327
    328
    329
    330
    331
    332
    333
    334
    335
    336
    337
    338
    339
    340
    341
    342
    343
    344
    345
    346
    347
    348
    349
    350
    351
    352
    353
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="APIG"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                ),
                TagField(
                    field_name="hostName",
                    type="string",
                    content="ecs-ictest",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="100.125.7.59",
                    field_name="my_remote_addr",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="f57f6523b675504a23887d0f5c1c8ef3",
                    field_name="request_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="f5ea2360a2fa443cac236b76f4052ad6",
                    field_name="api_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="user_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="app_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="27/Jan/2022:15:56:44",
                    field_name="time_local",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0.113",
                    field_name="request_time",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="GET",
                    field_name="request_method",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="http",
                    field_name="scheme",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com",
                    field_name="host",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="/api/echo",
                    field_name="router_uri",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="HTTP/1.1",
                    field_name="server_protocol",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="200",
                    field_name="status",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1443",
                    field_name="bytes_sent",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="408",
                    field_name="request_length",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="APIGatewayDebugClient/1.0",
                    field_name="http_user_agent",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="http_x_forwarded_for",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="100.125.2.39:443",
                    field_name="upstream_addr",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="/v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations",
                    field_name="upstream_uri",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="200",
                    field_name="upstream_status",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0.010",
                    field_name="upstream_connect_time",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0.083",
                    field_name="upstream_header_time",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0.083",
                    field_name="upstream_response_time",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="cn-north-4",
                    field_name="region_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0.083",
                    field_name="all_upstream_response_time",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0",
                    field_name="errorType",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="auth_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="access_model1",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="access_model2",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0.03000020980835",
                    field_name="inner_time",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="proxy_protocol_vni",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="proxy_protocol_vpce_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="proxy_protocol_addr",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="486",
                    field_name="body_bytes_sent",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="HttpEchoDemo",
                    field_name="api_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="app_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="provider_app_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="provider_app_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="custom_data_log1",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="custom_data_log2",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="custom_data_log3",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="custom_data_log4",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="custom_data_log5",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="custom_data_log6",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="custom_data_log7",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="custom_data_log8",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="custom_data_log9",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="-",
                    field_name="custom_data_log10",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="remote",
                    field_name="response_source",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="100.125.7.59 f57f6523b675504a23887d0f5c1c8ef3 f5ea2360a2fa443cac236b76f4052ad6 - - [27/Jan/2022:15:56:44 +0800] 0.113 GET http://c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com /api/echo HTTP/1.1 200 1443 408 "APIGatewayDebugClient/1.0" "-" "100.125.2.39:443" /v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations "200" "0.010" "0.083" "0.083" cn-north-4 0.083 0 - - - 0.03000020980835 - - "-" 486 HttpEchoDemo - - - "-" "-" "-" "-" "-" "-" "-" "-" "-" "-" remote",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建DDS审计日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="DCS_AUDIT"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    content="1640966500017",
                    field_name="time",
                    type="long"
                ),
                StructFieldInfo(
                    content="199a1e5a-8a37-40b9-899e-0ab6805c69eb",
                    field_name="instance_id",
                    type="string"
                ),
                StructFieldInfo(
                    content="192.168.0.1",
                    field_name="server_addr",
                    type="string"
                ),
                StructFieldInfo(
                    content="proxy",
                    field_name="role",
                    type="string"
                ),
                StructFieldInfo(
                    content="10.0.0.1",
                    field_name="client_addr",
                    type="string"
                ),
                StructFieldInfo(
                    content="0",
                    field_name="client_type",
                    type="string"
                ),
                StructFieldInfo(
                    content="default",
                    field_name="user",
                    type="string"
                ),
                StructFieldInfo(
                    content="1",
                    field_name="db",
                    type="long"
                ),
                StructFieldInfo(
                    content="DEL",
                    field_name="command_name",
                    type="string"
                ),
                StructFieldInfo(
                    content="string",
                    field_name="command_type",
                    type="string"
                ),
                StructFieldInfo(
                    content="["key1","key2","key3"]",
                    field_name="command_keys",
                    type="string"
                ),
                StructFieldInfo(
                    content="DEL key1 key2 key3",
                    field_name="command_param",
                    type="string"
                ),
                StructFieldInfo(
                    content="500",
                    field_name="use_time",
                    type="long"
                ),
                StructFieldInfo(
                    content="",
                    field_name="extend",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"time": 1640966500017, "instance_id": "199a1e5a-8a37-40b9-899e-0ab6805c69eb", "server_addr": "192.168.0.1", "role": "proxy", "client_addr": "10.0.0.1", "client_type": "0", "user": "default", "db": 1, "command_name": "DEL", "command_type": "string", "command_keys": ["key1", "key2", "key3"], "command_param": "DEL key1 key2 key3", "use_time": 500, "extend": ""}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建NGINX方式的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="NGINX"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    content="192.168.1.101",
                    field_name="remote_addr",
                    type="string"
                ),
                StructFieldInfo(
                    content="-",
                    field_name="remote_user",
                    type="string"
                ),
                StructFieldInfo(
                    content="27/Aug/2018:14:20:29",
                    field_name="time_local",
                    type="string"
                ),
                StructFieldInfo(
                    content="GET",
                    field_name="request_method",
                    type="string"
                ),
                StructFieldInfo(
                    content="http",
                    field_name="scheme",
                    type="string"
                ),
                StructFieldInfo(
                    content="www.example.com",
                    field_name="host",
                    type="string"
                ),
                StructFieldInfo(
                    content="/",
                    field_name="request_uri",
                    type="string"
                ),
                StructFieldInfo(
                    content="HTTP/1.0",
                    field_name="server_protocol",
                    type="string"
                ),
                StructFieldInfo(
                    content="200",
                    field_name="status",
                    type="long"
                ),
                StructFieldInfo(
                    content="8796",
                    field_name="bytes_sent",
                    type="long"
                ),
                StructFieldInfo(
                    content="6775",
                    field_name="body_bytes_sent",
                    type="long"
                ),
                StructFieldInfo(
                    content="-",
                    field_name="http_referer",
                    type="string"
                ),
                StructFieldInfo(
                    content="Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36",
                    field_name="http_user_agent",
                    type="string"
                ),
                StructFieldInfo(
                    content="-",
                    field_name="http_x_forwarded_for",
                    type="string"
                ),
                StructFieldInfo(
                    content="0.185",
                    field_name="request_time",
                    type="float"
                ),
                StructFieldInfo(
                    content="0.010",
                    field_name="upstream_response_time",
                    type="float"
                ),
                StructFieldInfo(
                    content="12.129.120.121:8090",
                    field_name="upstream_addr",
                    type="string"
                ),
                StructFieldInfo(
                    content="200",
                    field_name="upstream_status",
                    type="long"
                ),
                StructFieldInfo(
                    content="794",
                    field_name="request_length",
                    type="long"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="192.168.1.101 - [27/Aug/2018:14:20:29 +0800] "GET http://www.example.com / HTTP/1.0" 200 8796 6775 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" "-" "0.185" "0.010" 12.129.120.121:8090 200 794",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建GAUSSDB_OPENGAUSS_AUDIT方式的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="GAUSSDB_OPENGAUSS_AUDIT"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    content="rdsAdmin",
                    field_name="username",
                    type="string"
                ),
                StructFieldInfo(
                    content="cm_agent@10.254.95.70",
                    field_name="client_conninfo",
                    type="string"
                ),
                StructFieldInfo(
                    content="96e86f462bbc4f2286d7c8274815d0fein14",
                    field_name="instanceId",
                    type="string"
                ),
                StructFieldInfo(
                    content="xid=30818, SET statement_timeout = 10000000;n",
                    field_name="detail_info",
                    type="string"
                ),
                StructFieldInfo(
                    content="140463114942208@713872403507507",
                    field_name="thread_id",
                    type="string"
                ),
                StructFieldInfo(
                    content="ok",
                    field_name="result",
                    type="string"
                ),
                StructFieldInfo(
                    content="postgres",
                    field_name="database",
                    type="string"
                ),
                StructFieldInfo(
                    content="8001",
                    field_name="local_port",
                    type="string"
                ),
                StructFieldInfo(
                    content="10",
                    field_name="userid",
                    type="string"
                ),
                StructFieldInfo(
                    content="06c267fad8054a0abcb17cfa3b8f260cno14",
                    field_name="nodeId",
                    type="string"
                ),
                StructFieldInfo(
                    content="dn_6001_6002_6003",
                    field_name="node_name",
                    type="string"
                ),
                StructFieldInfo(
                    content="statement_timeout",
                    field_name="object_name",
                    type="string"
                ),
                StructFieldInfo(
                    content="2022-08-15 17:53:23+08",
                    field_name="time",
                    type="string"
                ),
                StructFieldInfo(
                    content="set_parameter",
                    field_name="type",
                    type="string"
                ),
                StructFieldInfo(
                    content="50952",
                    field_name="remote_port",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"username":"rdsAdmin","client_conninfo":"cm_agent@10.254.95.70","instanceId":"96e86f462bbc4f2286d7c8274815d0fein14","detail_info":"xid=30818, SET statement_timeout = 10000000;n","thread_id":"140463114942208@713872403507507","result":"ok","database":"postgres","local_port":"8001","userid":"10","nodeId":"06c267fad8054a0abcb17cfa3b8f260cno14","node_name":"dn_6001_6002_6003","object_name":"statement_timeout","time":"2022-08-15 17:53:23+08","type":"set_parameter","remote_port":"50952"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建TOMCAT方式的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="TOMCAT"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                ),
                TagField(
                    field_name="hostName",
                    type="string",
                    content="ecs-ictest",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    content="192.168.12.2",
                    field_name="remote_ip_address",
                    type="string"
                ),
                StructFieldInfo(
                    content="-",
                    field_name="remote_logical_username",
                    type="string"
                ),
                StructFieldInfo(
                    content="-",
                    field_name="remote_user_authenticated",
                    type="string"
                ),
                StructFieldInfo(
                    content="07/Mar/2018:09:49:55",
                    field_name="time_local",
                    type="string"
                ),
                StructFieldInfo(
                    content="GET",
                    field_name="scheme",
                    type="string"
                ),
                StructFieldInfo(
                    content="/logHello/test",
                    field_name="router_uri",
                    type="string"
                ),
                StructFieldInfo(
                    content="HTTP/1.1",
                    field_name="server_protocol",
                    type="string"
                ),
                StructFieldInfo(
                    content="200",
                    field_name="status",
                    type="long"
                ),
                StructFieldInfo(
                    content="1943",
                    field_name="bytes_sent",
                    type="long"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="192.168.12.2 - - [07/Mar/2018:09:49:55 +0800] "GET /logHello/test HTTP/1.1" 200 1943",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建DCS审计日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="DDS_AUDIT"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    content="auditLog",
                    field_name="topic",
                    type="string"
                ),
                StructFieldInfo(
                    content="9fbf813bc27e4a3ab54bddf783a4f774in01",
                    field_name="instanceid",
                    type="string"
                ),
                StructFieldInfo(
                    content="bf4cb0413d0b4221be94b08471708586no01",
                    field_name="nodeid",
                    type="string"
                ),
                StructFieldInfo(
                    content="test",
                    field_name="db",
                    type="string"
                ),
                StructFieldInfo(
                    content="testCollection",
                    field_name="coll",
                    type="string"
                ),
                StructFieldInfo(
                    content="update",
                    field_name="optype",
                    type="string"
                ),
                StructFieldInfo(
                    content="2022-08-05T08:24:15.536+0000",
                    field_name="time",
                    type="string"
                ),
                StructFieldInfo(
                    content="10.4.23.205",
                    field_name="user_ip",
                    type="string"
                ),
                StructFieldInfo(
                    content="47668",
                    field_name="user_port",
                    type="string"
                ),
                StructFieldInfo(
                    content="rw_testuser",
                    field_name="user",
                    type="string"
                ),
                StructFieldInfo(
                    content="{"command":"update","ns":"test.testCollection","op":[{"q":{"vin":"LDP31B965NG036174"},"u":{"$set":{"timestamp":{"$numberLong":"1659687855535"},"deviceTime":{"$numberLong":"1659687855340"},"longitude":"119.35516805555555","latitude":"26.057936388888891","location":"119.35516805555555,26.057936388888891","height":"10.097286797128618","direction":"12","speed":14,"accuracy":"0","h3Address7":"8741b5300ffffff"}},"upsert":true}],"args":{"update":"testCollection","ordered":true,"$db":"test","$clusterTime":{"clusterTime":{"$timestamp":{"t":1659687855,"i":1685}},"signature":{"hash":{"$binary":"CP5bfEf+gBJZdAxCKtF9HiSeqQY=","$type":"00"},"keyId":{"$numberLong":"7102408879899674942"}}},"lsid":{"id":{"$binary":"PXVVrbuvRuGkypCbu/oXXQ==","$type":"04"}}}}",
                    field_name="param",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"topic":"auditLog","instanceid":"9fbf813bc27e4a3ab54bddf783a4f774in01","nodeid":"bf4cb0413d0b4221be94b08471708586no01","db":"test","coll":"testCollection","optype":"update","time":"2022-08-05T08:24:15.536+0000","user_ip":"10.4.23.205","user_port":"47668","user":"rw_testuser","param":{"command":"update","ns":"test.testCollection","op":[{"q":{"vin":"LDP31B965NG036174"},"u":{"$set":{"timestamp":{"$numberLong":"1659687855535"},"deviceTime":{"$numberLong":"1659687855340"},"longitude":"119.35516805555555","latitude":"26.057936388888891","location":"119.35516805555555,26.057936388888891","height":"10.097286797128618","direction":"12","speed":14,"accuracy":"0","h3Address7":"8741b5300ffffff"}},"upsert":true}],"args":{"update":"testCollection","ordered":true,"$db":"test","$clusterTime":{"clusterTime":{"$timestamp":{"t":1659687855,"i":1685}},"signature":{"hash":{"$binary":"CP5bfEf+gBJZdAxCKtF9HiSeqQY=","$type":"00"},"keyId":{"$numberLong":"7102408879899674942"}}},"lsid":{"id":{"$binary":"PXVVrbuvRuGkypCbu/oXXQ==","$type":"04"}}}}}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建DDS错误日志的结构化配置

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="MONGODB_ERROR"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="error_log",
                    field_name="log_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="Error",
                    field_name="severity",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="2022-08-22T09:33:15.142+0000",
                    field_name="log_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="E QUERY [ClusterDisasterBackupChangeJob] Get global setting disasterBackup failed.",
                    field_name="raw_message",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="5b67dc63ba824145aae1f12ff51e58b8in02",
                    field_name="instance_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="686a791e690e4db3af591ec4b6f72916no02",
                    field_name="node_id",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"log_type":"error_log","severity":"Error","log_time":"2022-08-22T09:33:15.142+0000","raw_message":"E QUERY    [ClusterDisasterBackupChangeJob] Get global setting disasterBackup failed.","instance_id": "5b67dc63ba824145aae1f12ff51e58b8in02","node_id": "686a791e690e4db3af591ec4b6f72916no02"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建DDS慢日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="MONGODB_SLOW"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="slow_log",
                    field_name="log_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="2022-08-20T10:04:03.204000Z",
                    field_name="log_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="data0820.table",
                    field_name="namespace",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="data0820",
                    field_name="database",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="table",
                    field_name="collection",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="insert",
                    field_name="operate_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0",
                    field_name="docs_scanned",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0",
                    field_name="docs_returned",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0",
                    field_name="n_deleted",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0",
                    field_name="n_matched",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0",
                    field_name="n_modified",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="10",
                    field_name="n_inserted",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="555",
                    field_name="cost_time",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0",
                    field_name="lock_time",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="{"op": "insert", "ns": "data0820.usrtable", "command": "{N}", "ninserted": 1, "keysInserted": 1, "numYield": 0, "locks": {"Global": {"acquireCount": {"r": 5, "w": 5}}, "Database": {"acquireCount": {"w": 4, "W": 1}}, "Collection": {"acquireCount": {"w": 2}}, "oplog": {"acquireCount": {"w": 2}}}, "responseLength": 230, "protocol": "op_msg", "millis": 555, "ts": {"$date": 1660989843204}, "client": "192.168.0.64", "appName": "MongoDB Shell", "allUsers": [{"user": "rwuser", "db": "admin"}], "user": "rwuser@admin"}",
                    field_name="whole_message",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="5b67dc63ba824145aae1f12ff51e58b8in02",
                    field_name="instance_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="686a791e690e4db3af591ec4b6f72916no02",
                    field_name="node_id",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"log_type":"slow_log","log_time":"2022-08-20T10:04:03.204000Z","namespace":"data0820.table","database":"data0820","collection":"table","operate_type":"insert","docs_scanned":0,"docs_returned":0,"n_deleted":0,"n_matched":0,"n_modified":0,"n_inserted":10,"cost_time":555,"lock_time":0,"whole_message":"{"op": "insert", "ns": "data0820.usrtable", "command": "{N}", "ninserted": 1, "keysInserted": 1, "numYield": 0, "locks": {"Global": {"acquireCount": {"r": 5, "w": 5}}, "Database": {"acquireCount": {"w": 4, "W": 1}}, "Collection": {"acquireCount": {"w": 2}}, "oplog": {"acquireCount": {"w": 2}}}, "responseLength": 230, "protocol": "op_msg", "millis": 555, "ts": {"$date": 1660989843204}, "client": "192.168.0.64", "appName": "MongoDBShell", "allUsers": [{"user": "rwuser", "db": "admin"}], "user": "rwuser@admin"}","instance_id": "5b67dc63ba824145aae1f12ff51e58b8in02","node_id":"686a791e690e4db3af591ec4b6f72916no02"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建CFW访问控制日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="CFW_ACCESS"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="PING",
                    field_name="app",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="in2out",
                    field_name="direction",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="3002",
                    field_name="source-zone",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="56827792-173e-435a-b22b-229f21d78244",
                    field_name="rule_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="ICMP: ECHO_REQUEST",
                    field_name="protocol",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="100.85.222.23",
                    field_name="dst_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="100.85.112.49",
                    field_name="src_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="eip",
                    field_name="log_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1655882537006",
                    field_name="hit_time",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="44243649",
                    field_name="log-id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="45243",
                    field_name="dst_port",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="3001",
                    field_name="destination-zone",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="2022.06.22",
                    field_name="index_day",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="6781",
                    field_name="log_id",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="17589",
                    field_name="src_port",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="58ead9e7-418d-4166-8df8-f24941d4205c",
                    field_name="fw_instance_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="permit",
                    field_name="action",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1",
                    field_name="vsys",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"app":"PING","direction":"in2out","source-zone":"3002","rule_id":"56827792-173e-435a-b22b-229f21d78244","protocol":"ICMP: ECHO_REQUEST","dst_ip":"100.85.222.23","src_ip":"100.85.112.49","log_type":"eip","hit_time":1655882537006,"log-id":"44243649","dst_port":"45243","destination-zone":"3001","index_day":"2022.06.22","log_id":6781,"src_port":"17589","fw_instance_id":"58ead9e7-418d-4166-8df8-f24941d4205c","action":"permit","vsys":"1"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建CFW攻击日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="CFW_ATTACK"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="0",
                    field_name="source",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="HTTP",
                    field_name="app",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="out2in",
                    field_name="direction",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="100.85.222.23",
                    field_name="dst_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="10.108.170.229",
                    field_name="src_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1655974411462",
                    field_name="event_time",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="eip",
                    field_name="log_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="80",
                    field_name="dst_port",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="330409",
                    field_name="attack_rule_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="2022.06.23",
                    field_name="index_day",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="462688",
                    field_name="log_id",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="51002",
                    field_name="src_port",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="TCP",
                    field_name="protocol",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    field_name="packet",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="HIGH",
                    field_name="level",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="Vulnerability Exploit Attack",
                    field_name="attack_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="58ead9e7-418d-4166-8df8-f24941d4205c",
                    field_name="fw_instance_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="permit",
                    field_name="action",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1",
                    field_name="vsys",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="VMware Spring Cloud Directory Traversal Vulnerability (CVE-2020-5410)",
                    field_name="attack_rule",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"source":"0","app":"HTTP","direction":"out2in","dst_ip":"100.85.222.23","src_ip":"10.108.170.229","event_time":1655974411462,"log_type":"eip","dst_port":"80","attack_rule_id":"330409","index_day":"2022.06.23","log_id":462688,"src_port":"51002","protocol":"TCP","packet":"+hZUZMhT+hY/AaHMCABFAADnicBAAHgGgJIKbKrlZFXeF8c6AFAYCIpDV562+VAYBAILMwAAR0VUIC9qb2JtYW5hZ2VyL2xvZ3MvLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmZXRjJTI1MmZwYXNzd2QgSFRUUC8xLjENCkhvc3Q6IDEwMC44NS4yMjIuMjMNClVzZXItQWdlbnQ6IGN1cmwvNy42NS4wDQpBY2NlcHQ6ICovKg0KDQo=","level":"HIGH","attack_type":"Vulnerability Exploit Attack","fw_instance_id":"58ead9e7-418d-4166-8df8-f24941d4205c","action":"permit","vsys":"1","attack_rule":"VMware Spring Cloud Directory Traversal Vulnerability (CVE-2020-5410)"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建CFW流量日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="CFW_FLOW"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="80",
                    field_name="dst_port",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="HTTP",
                    field_name="app",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0.1",
                    field_name="to_c_pkts",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="100.85.222.23",
                    field_name="dst_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0.1",
                    field_name="to_c_bytes",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1655436321000",
                    field_name="end_time",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="10.108.170.229",
                    field_name="src_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="2022.06.17",
                    field_name="index_day",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1232.1",
                    field_name="bytes",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="4424364f",
                    field_name="log-id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1",
                    field_name="vsys",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="67",
                    field_name="suffix",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="10.1",
                    field_name="packets",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="out2in",
                    field_name="direction",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="TCP",
                    field_name="protocol",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1232.1",
                    field_name="to_s_bytes",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="10.1",
                    field_name="to_s_pkts",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="63934",
                    field_name="src_port",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1655436299000",
                    field_name="start_time",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="efbeb90c-1108-42ce-b099-f7e035a10b67",
                    field_name="fw_instance_id",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"dst_port":"80","app":"HTTP","to_c_pkts":0.1,"dst_ip":"100.85.222.23","to_c_bytes":0.1,"end_time":1655436321000,"src_ip":"10.108.170.229","index_day":"2022.06.17","bytes":1232.1,"log-id":"4424364f","vsys":"1","suffix":"67","packets":10.1,"direction":"out2in","protocol":"TCP","to_s_bytes":1232.1,"to_s_pkts":10.1,"src_port":"63934","start_time":1655436299000,"fw_instance_id":"efbeb90c-1108-42ce-b099-f7e035a10b67"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建MYSQL错误日志的结构化配置

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="MYSQL_ERROR"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="error_log",
                    field_name="log_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="WARNING",
                    field_name="severity",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="2022-08-22T06:52:08Z",
                    field_name="log_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="Occur error when reading bytes from a network handler. Client actively closes the connection.",
                    field_name="raw_message",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="5d6c61bbd49b4ad3a1572461811e3dacno01",
                    field_name="node_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="207032924c644f429b74f6fc5d8c97f9in01",
                    field_name="instance_id",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection.","node_id":"5d6c61bbd49b4ad3a1572461811e3dacno01","instance_id":"207032924c644f429b74f6fc5d8c97f9in01"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建MYSQL慢日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="MYSQL_SLOW"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="2022-07-27T02:49:19.000",
                    field_name="start_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="commerce",
                    field_name="user",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="100.*.*.222",
                    field_name="host",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1.461583",
                    field_name="query_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0.000050",
                    field_name="lock_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="500",
                    field_name="rows_sent",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="581000",
                    field_name="rows_examined",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;",
                    field_name="command_text",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="saas_perf",
                    field_name="database",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="slow_log",
                    field_name="log_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1658890159",
                    field_name="log_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="SELECT",
                    field_name="operate_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="5d6c61bbd49b4ad3a1572461811e3dacno01",
                    field_name="node_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="207032924c644f429b74f6fc5d8c97f9in01",
                    field_name="instance_id",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"start_time":"2022-07-27T02:49:19.000","user":"commerce","host":"100.*.*.222","query_time":"1.461583","lock_time":"0.000050","rows_sent":"500","rows_examined":"581000","command_text":"SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN =   N)) ORDER BY DN_N.created_date DESC limit N,N;","database":"saas_perf","log_type":"slow_log","log_time":"1658890159","operate_type":"SELECT","node_id":"5d6c61bbd49b4ad3a1572461811e3dacno01","instance_id":"207032924c644f429b74f6fc5d8c97f9in01"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建POSTGRESQL慢日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="POSTGRESQL_SLOW"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="slow_log",
                    field_name="log_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="328.662",
                    field_name="execute_time",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="authoring",
                    field_name="user",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="2022-07-24T10:06:41.000",
                    field_name="log_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="authoring-test",
                    field_name="database",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="SELECT * FROM ( SELECT n.user_id,n.id AS resource_id,e.create_at AS begin_time,e.create_at AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id WHERE e.category = N AND s.resource_ownership=N AND e.create_at BETWEEN $N AND $N UNION ALL SELECT n.user_id,n.id AS resource_id,$N AS begin_time,$N AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id INNER JOIN (SELECT resource_id,max(create_at) as create_at FROM t_resource_status_event WHERE create_at < $N AND category = N GROUP BY resource_id) x ON e.resource_id=x.resource_id AND e.create_at=x.create_at WHERE e.create_at < $N AND e.category = N AND e.status = N AND s.resource_ownership=N) m ORDER BY resource_id,begin_time ASC",
                    field_name="statement",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="10.*.*.206",
                    field_name="host",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1658657201",
                    field_name="log_timestamp",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="SELECT",
                    field_name="operate_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="d285609201534696bdcd648519fe2b8dno02",
                    field_name="node_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="5b67dc63ba824145aae1f12ff51e58b8in02",
                    field_name="instance_id",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"log_type":"slow_log","execute_time":328.662,"user":"authoring","log_time":"2022-07-24T10:06:41.000","database":"authoring-test","statement":"SELECT * FROM ( SELECT n.user_id,n.id AS resource_id,e.create_at AS begin_time,e.create_at AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id  FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id WHERE e.category = N AND s.resource_ownership=N AND e.create_at BETWEEN $N AND $N UNION ALL SELECT n.user_id,n.id AS resource_id,$N AS begin_time,$N AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id  FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id INNER JOIN (SELECT resource_id,max(create_at) as create_at FROM t_resource_status_event  WHERE create_at < $N AND category = N GROUP BY resource_id) x ON e.resource_id=x.resource_id AND e.create_at=x.create_at  WHERE e.create_at < $N AND e.category = N AND e.status = N AND s.resource_ownership=N) m ORDER BY resource_id,begin_time ASC","host":"10.*.*.206","log_timestamp":"1658657201","operate_type":"SELECT","node_id":"d285609201534696bdcd648519fe2b8dno02","instance_id":"5b67dc63ba824145aae1f12ff51e58b8in02"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建POSTGRESQL错误日志的结构化配置

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="POSTGRESQL_ERROR"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="error_log",
                    field_name="log_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="WARNING",
                    field_name="severity",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="2022-08-22T06:52:08Z",
                    field_name="log_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="Occur error when reading bytes from a network handler. Client actively closes the connection.",
                    field_name="raw_message",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="d285609201534696bdcd648519fe2b8dno02",
                    field_name="node_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="5b67dc63ba824145aae1f12ff51e58b8in02",
                    field_name="instance_id",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection.","node_id":"d285609201534696bdcd648519fe2b8dno02","instance_id":"5b67dc63ba824145aae1f12ff51e58b8in02"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建SQLSERVER错误日志的结构化配置

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="SQLSERVER_ERROR"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="error_log",
                    field_name="log_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="WARNING",
                    field_name="severity",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="2022-08-22T06:52:08Z",
                    field_name="log_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="Occur error when reading bytes from a network handler. Client actively closes the connection.",
                    field_name="raw_message",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="7346b0db609b463e976054928af50e85no01",
                    field_name="node_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="9c589b9d7a4d45dbaf7deb9f8520611cin01",
                    field_name="instance_id",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection.","node_id":"7346b0db609b463e976054928af50e85no01","instance_id":"9c589b9d7a4d45dbaf7deb9f8520611cin01"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建GAUSSDB_REDIS慢日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="GAUSSDB_REDIS_SLOW"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=True,
                    content="32eaaf6c5a0142e3a6d80740cd5b3803in12",
                    field_name="instance_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="597a15b9f2ef4436811c5edcc67c013cno12",
                    field_name="node_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="0",
                    field_name="database",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="slow_log",
                    field_name="log_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="sismember",
                    field_name="operate_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="2022-10-12T07:42:21.253484Z",
                    field_name="log_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="1277.47",
                    field_name="cost_time",
                    type="float"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="{"command_param":"dc:set:new:follow:uids:monthly:259008728:202210","database":"0"}",
                    field_name="whole_message",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"instance_id":"32eaaf6c5a0142e3a6d80740cd5b3803in12","node_id":"597a15b9f2ef4436811c5edcc67c013cno12","database":"0","log_type":"slow_log","operate_type":"sismember","log_time":"2022-10-12T07:42:21.253484Z","cost_time":1277.47,"whole_message":"{"command_param":"dc:set:new:follow:uids:monthly:259008728:202210","database":0}"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建GAUSSDB_MYSQL慢日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="GAUSSDB_MYSQL_SLOW"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                ),
                TagField(
                    field_name="hostName",
                    type="string",
                    content="ecs-ictest",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=False,
                    content="2022-07-27T02:49:19.000",
                    field_name="start_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="commerce",
                    field_name="user",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="100.*.*.222",
                    field_name="host",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="1.461583",
                    field_name="query_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="0.000050",
                    field_name="lock_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="500",
                    field_name="rows_sent",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="581000",
                    field_name="rows_examined",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;",
                    field_name="command_text",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=True,
                    content="saas_perf",
                    field_name="database",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="slow_log",
                    field_name="log_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="1658890159",
                    field_name="log_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="SELECT",
                    field_name="operate_type",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"start_time":"2022-07-27T02:49:19.000","user":"commerce","host":"100.*.*.222","query_time":"1.461583","lock_time":"0.000050","rows_sent":"500","rows_examined":"581000","command_text":"SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN =   N)) ORDER BY DN_N.created_date DESC limit N,N;","database":"saas_perf","log_type":"slow_log","log_time":"1658890159","operate_type":"SELECT"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建GAUSSDB_MYSQL错误日志的结构化配置

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="GAUSSDB_MYSQL_ERROR"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=False,
                    content="error_log",
                    field_name="log_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="WARNING",
                    field_name="severity",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2022-08-22T06:52:08Z",
                    field_name="log_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="Occur error when reading bytes from a network handler. Client actively closes the connection.",
                    field_name="raw_message",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection."}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建CDN结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="CDN"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=False,
                    content="1666604392000",
                    field_name="request_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="findercdn.video.qq.com",
                    field_name="domain",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="GET",
                    field_name="method",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="http",
                    field_name="scheme",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="/BcimRg.txt",
                    field_name="uri",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="cdnkey=*****&cdntoken=*****&tokenidx=1",
                    field_name="uri_param",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="192.168.233.142",
                    field_name="client_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="51517",
                    field_name="client_port",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="-",
                    field_name="refer_protocol",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="-",
                    field_name="refer_domain",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="-",
                    field_name="refer_uri",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="-",
                    field_name="refer_param",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="301",
                    field_name="request_size",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="14",
                    field_name="response_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="588",
                    field_name="response_size",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="403",
                    field_name="http_code",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="-",
                    field_name="response_range",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="-",
                    field_name="request_range",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="150",
                    field_name="request_body_bytes",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="text/html",
                    field_name="content_type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="HIT",
                    field_name="hit_info",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="python-requests/2.21.0",
                    field_name="user_agent",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="ce6327e015c1e16f581818b838a6cb0c",
                    field_name="uuid",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="edge-cache01[14]",
                    field_name="via_info",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="-",
                    field_name="xforwordfor",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"request_time":"1666604392000","domain":"findercdn.video.qq.com","method":"GET","scheme":"http","uri":"/BcimRg.txt","uri_param":"cdnkey=******&cdntoken=******&tokenidx=1","client_ip":"192.168.233.142","client_port":"51517","refer_protocol":"-","refer_domain":"-","refer_uri":"-","refer_param":"-","request_size":"301","response_time":"14","response_size":"588","http_code":"403","response_range":"-","request_range":"-","request_body_bytes":"150","content_type":"text/html","hit_info":"HIT","user_agent":"python-requests/2.21.0","uuid":"ce6327e015c1e16f581818b838a6cb0c","via_info":"edge-cache01[14]","xforwordfor":"-"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建SMN结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="SMN"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=False,
                    content="1ae49922602a42fc83acb9689a2eb5f4",
                    field_name="message_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="5a9f32e4f1ec4bbe9695ff9da51c2925",
                    field_name="project_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo",
                    field_name="topic_urn",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo:b55c3c6fa7cd471b9f24818d530a8740",
                    field_name="subscriber_urn",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="https",
                    field_name="protocol_name",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="https://127.0.0.1:443/https",
                    field_name="endpoint",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="DELIVERED",
                    field_name="status",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="200",
                    field_name="http_code",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2022-11-01T00:00:00Z",
                    field_name="create_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2022-11-01T00:00:10Z",
                    field_name="send_time",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"message_id":"1ae49922602a42fc83acb9689a2eb5f4","project_id":"5a9f32e4f1ec4bbe9695ff9da51c2925","topic_urn":"urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo","subscriber_urn":"urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo:b55c3c6fa7cd471b9f24818d530a8740","protocol_name":"https","endpoint":"https://127.0.0.1:443/https","status":"DELIVERED","http_code":200,"create_time":"2022-11-01T00:00:00Z","send_time":"2022-11-01T00:00:10Z"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建WAF访问日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    210
    211
    212
    213
    214
    215
    216
    217
    218
    219
    220
    221
    222
    223
    224
    225
    226
    227
    228
    229
    230
    231
    232
    233
    234
    235
    236
    237
    238
    239
    240
    241
    242
    243
    244
    245
    246
    247
    248
    249
    250
    251
    252
    253
    254
    255
    256
    257
    258
    259
    260
    261
    262
    263
    264
    265
    266
    267
    268
    269
    270
    271
    272
    273
    274
    275
    276
    277
    278
    279
    280
    281
    282
    283
    284
    285
    286
    287
    288
    289
    290
    291
    292
    293
    294
    295
    296
    297
    298
    299
    300
    301
    302
    303
    304
    305
    306
    307
    308
    309
    310
    311
    312
    313
    314
    315
    316
    317
    318
    319
    320
    321
    322
    323
    324
    325
    326
    327
    328
    329
    330
    331
    332
    333
    334
    335
    336
    337
    338
    339
    340
    341
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="WAF_ACCESS"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=False,
                    content="504",
                    field_name="response_code",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="http",
                    field_name="scheme",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="100.93.2.229:80",
                    field_name="upstream_addr",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="163",
                    field_name="body_bytes_sent",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="-",
                    field_name="upstream_header_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="1",
                    field_name="connection_requests",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="ssl_cipher",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="1736cc7331b74b198e2ef07555a970ce",
                    field_name="hostid",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2152",
                    field_name="pid",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="tls_version",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="www.testh.com",
                    field_name="http_host",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="0",
                    field_name="process_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="88003425-d7bc-46ce-8ae7-77a8aa18a814",
                    field_name="access_stream_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2022-07-29T19:39:10+08:00",
                    field_name="time_iso8601",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="intel_crawler",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="504",
                    field_name="upstream_status",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="10.63.46.110",
                    field_name="remote_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="30.008",
                    field_name="request_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="1d26cc8c86a840e28a4f8d0d07852f1d",
                    field_name="tenantid",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="10.63.46.110",
                    field_name="sip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="420",
                    field_name="bytes_send",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2a473356cca5487f8373be891bffc1cf",
                    field_name="projectid",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="curl/7.29.0",
                    field_name="user_agent",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="web_tag",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="GET",
                    field_name="method",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="10.63.36.208",
                    field_name="bind_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="region_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="20582",
                    field_name="remote_port",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="ssl_ciphers_md5",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="x_real_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="/",
                    field_name="url",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="x_forwarded_for",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="sni",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="public/../style/general.css=true",
                    field_name="args",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="cdn_src_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="0",
                    field_name="enterprise_project_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="-",
                    field_name="upstream_connect_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="engine_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="110",
                    field_name="request_length",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="5d574e6a-87da-42bc-bfd4-ff61a1b336a4",
                    field_name="group_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="36f0a9212b14528ffc090f1811cd87d8",
                    field_name="requestid",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="ssl_curves",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="ssl_session_reused",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2022-07-29T11:39:10.000Z",
                    field_name="waf-time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="30.009",
                    field_name="upstream_response_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="29/Jul/2022:19:39:10 +0800",
                    field_name="time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="access",
                    field_name="waf_category",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="10.63.36.208",
                    field_name="eng_ip",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"response_code":"504","scheme":"http","upstream_addr":"100.93.2.229:80","body_bytes_sent":"163","upstream_header_time":"-","connection_requests":"1","ssl_cipher":"","hostid":"1736cc7331b74b198e2ef07555a970ce","pid":"2152","tls_version":"","http_host":"www.testh.com","process_time":"0","access_stream_id":"88003425-d7bc-46ce-8ae7-77a8aa18a814","time_iso8601":"2022-07-29T19:39:10+08:00","intel_crawler":"","upstream_status":"504","remote_ip":"10.63.46.110","request_time":"30.008","tenantid":"1d26cc8c86a840e28a4f8d0d07852f1d","sip":"10.63.46.110","bytes_send":"420","projectid":"2a473356cca5487f8373be891bffc1cf","user_agent":"curl/7.29.0","web_tag":"","method":"GET","bind_ip":"10.63.36.208","region_id":"","remote_port":"20582","ssl_ciphers_md5":"","x_real_ip":"","url":"/","x_forwarded_for":"","sni":"","args":"public/../style/general.css=true","cdn_src_ip":"","enterprise_project_id":"0","upstream_connect_time":"-","engine_id":"","request_length":"110","group_id":"5d574e6a-87da-42bc-bfd4-ff61a1b336a4","requestid":"36f0a9212b14528ffc090f1811cd87d8","ssl_curves":"","ssl_session_reused":"","waf-time":"2022-07-29T11:39:10.000Z","upstream_response_time":"30.008","time":"29/Jul/2022:19:39:10 +0800","category":"access","eng_ip":"10.63.36.208"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建WAF攻击日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    210
    211
    212
    213
    214
    215
    216
    217
    218
    219
    220
    221
    222
    223
    224
    225
    226
    227
    228
    229
    230
    231
    232
    233
    234
    235
    236
    237
    238
    239
    240
    241
    242
    243
    244
    245
    246
    247
    248
    249
    250
    251
    252
    253
    254
    255
    256
    257
    258
    259
    260
    261
    262
    263
    264
    265
    266
    267
    268
    269
    270
    271
    272
    273
    274
    275
    276
    277
    278
    279
    280
    281
    282
    283
    284
    285
    286
    287
    288
    289
    290
    291
    292
    293
    294
    295
    296
    297
    298
    299
    300
    301
    302
    303
    304
    305
    306
    307
    308
    309
    310
    311
    312
    313
    314
    315
    316
    317
    318
    319
    320
    321
    322
    323
    324
    325
    326
    327
    328
    329
    330
    331
    332
    333
    334
    335
    336
    337
    338
    339
    340
    341
    342
    343
    344
    345
    346
    347
    348
    349
    350
    351
    352
    353
    354
    355
    356
    357
    358
    359
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="WAF_ATTACK"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=False,
                    content="cd081ba3d6674000acc37d7e2a4b9140",
                    field_name="policy_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="80",
                    field_name="hport",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="163",
                    field_name="body_bytes_sent",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="1736cc7331b74b198e2ef07555a970ce",
                    field_name="hostid",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="040002",
                    field_name="rule",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="10.63.36.208",
                    field_name="engine_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2152",
                    field_name="pid",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="www.testh.com",
                    field_name="http_host",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="1",
                    field_name="process_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="0000-0000-0000-20820220729193940-f34cf25e",
                    field_name="reqid",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2022-07-29T19:39:40+08:00",
                    field_name="time_iso8601",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="504",
                    field_name="upstream_status",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="public/../style/general.css",
                    field_name="hit_data",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="98de5d5a-9f54-4d01-9882-eca7bec99d09",
                    field_name="attack_stream_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="10.63.46.110",
                    field_name="remote_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="lfi",
                    field_name="attack",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="1d26cc8c86a840e28a4f8d0d07852f1d",
                    field_name="tenantid",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="www.testh.com",
                    field_name="host",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="log",
                    field_name="action",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="HTTP",
                    field_name="backend.protocol",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="true",
                    field_name="backend.alive",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="80",
                    field_name="backend.port",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="100.93.2.229",
                    field_name="backend.host",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="1",
                    field_name="backend.weight",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="ip",
                    field_name="backend.type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="04-0000-0000-0000-20820220729193940-f34cf25e",
                    field_name="id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="10.63.46.110",
                    field_name="sip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2a473356cca5487f8373be891bffc1cf",
                    field_name="projectid",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="web_tag",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2022-07-29T11:39:40.000Z",
                    field_name="attack-time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="GET",
                    field_name="method",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="{"HWWAFSESTIME":"1659094780939","HWWAFSESID":"e2cd0733b4712e4cc4"}",
                    field_name="cookie",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2",
                    field_name="level",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="{\"public\\/..\\/style\\/general.css\":\"true\"}",
                    field_name="params",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="x_real_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="/",
                    field_name="url",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="x_forwarded_for",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="cdn_src_ip",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="0",
                    field_name="enterprise_project_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="req_body",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="",
                    field_name="engine_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="5d574e6a-87da-42bc-bfd4-ff61a1b336a4",
                    field_name="group_id",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="f34cf25eb33ed82cd7261a8276a60c39",
                    field_name="requestid",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="null",
                    field_name="multipart",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="{\"host\":\"www.testh.com\",\"user-agent\":\"curl\\/7.29.0\",\"accept\":\"*\\/*\"}",
                    field_name="header",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="params",
                    field_name="location",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="30.000",
                    field_name="upstream_response_time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2022-07-29 19:39:40",
                    field_name="time",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="attack",
                    field_name="waf_category",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="28408",
                    field_name="sport",
                    type="long"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="504",
                    field_name="status",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"policy_id":"cd081ba3d6674000acc37d7e2a4b9140","hport":"80","body_bytes_sent":"163","hostid":"1736cc7331b74b198e2ef07555a970ce","rule":"040002","engine_ip":"10.63.36.208","pid":"2152","http_host":"www.testh.com","process_time":"1","reqid":"0000-0000-0000-20820220729193940-f34cf25e","time_iso8601":"2022-07-29T19:39:40+08:00","upstream_status":"504","hit_data":"public/../style/general.css","attack_stream_id":"98de5d5a-9f54-4d01-9882-eca7bec99d09","remote_ip":"10.63.46.110","attack":"lfi","tenantid":"1d26cc8c86a840e28a4f8d0d07852f1d","host":"www.testh.com","action":"log","backend":{"protocol":"HTTP","alive":true,"port":80,"host":"100.93.2.229","weight":1,"type":"ip"},"id":"04-0000-0000-0000-20820220729193940-f34cf25e","sip":"10.63.46.110","projectid":"2a473356cca5487f8373be891bffc1cf","web_tag":"","attack-time":"2022-07-29T11:39:40.000Z","method":"GET","cookie":"{\"HWWAFSESTIME\":\"1659094780939\",\"HWWAFSESID\":\"e2cd0733b4712e4cc4\"}","level":2,"params":"{\"public\\/..\\/style\\/general.css\":\"true\"}","x_real_ip":"","uri":"/","x_forwarded_for":"","cdn_src_ip":"","enterprise_project_id":"0","req_body":"","engine_id":"","group_id":"5d574e6a-87da-42bc-bfd4-ff61a1b336a4","requestid":"f34cf25eb33ed82cd7261a8276a60c39","multipart":"null","header":"{\"host\":\"www.testh.com\",\"user-agent\":\"curl\\/7.29.0\",\"accept\":\"*\\/*\"}","location":"params","upstream_response_time":"30.000","time":"2022-07-29 19:39:40","category":"attack","sport":28408,"status":"504"}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 创建DMS重平衡日志的结构化配置

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    # coding: utf-8
    
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdklts.v2.region.lts_region import LtsRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdklts.v2 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = __import__('os').getenv("CLOUD_SDK_AK")
        sk = __import__('os').getenv("CLOUD_SDK_SK")
    
        credentials = BasicCredentials(ak, sk) \
    
        client = LtsClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(LtsRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateStructTemplateRequest()
            rulebody = Rule(
                type="built_in",
                param="DMS_REBALANCED"
            )
            listTagFieldsbody = [
                TagField(
                    field_name="hostIP",
                    type="string",
                    content="192.168.2.134",
                    is_analysis=True
                )
            ]
            listDemoFieldsbody = [
                StructFieldInfo(
                    is_analysis=False,
                    content="INFO",
                    field_name="level",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="2023-03-23 17:23:22,906",
                    field_name="timestamp",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635",
                    field_name="message.leaderId",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="1",
                    field_name="message.generationId",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="Assignment received from leader for group KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0 for generation 1",
                    field_name="message.reason",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0",
                    field_name="message.groupId",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="0",
                    field_name="message.coordinatorId",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="END_REBALANCE",
                    field_name="message.type",
                    type="string"
                ),
                StructFieldInfo(
                    is_analysis=False,
                    content="GroupMetadata(groupId=KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0, generation=1, protocolType=Some(consumer), currentState=CompletingRebalance, members=Map(consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635 -> MemberMetadata(memberId=consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635, clientId=consumer-1, clientHost=/172.31.2.168, sessionTimeoutMs=10000, rebalanceTimeoutMs=300000, supportedProtocols=List(range), )))",
                    field_name="message.group",
                    type="string"
                )
            ]
            request.body = LtsStructTemplateInfo(
                rule=rulebody,
                project_id="2a473356cca5487f8373be891bffxxxx",
                log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx",
                parse_type=" ",
                log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx",
                content="{"level":"INFO","timestamp":"2023-03-23 17:23:22,906","message":{"leaderId":"consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635","generationId":"1","reason":"Assignment received from leader for group KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0 for generation 1","groupId":"KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0","coordinatorId":"0","type":"END_REBALANCE","group":"GroupMetadata(groupId=KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0, generation=1, protocolType=Some(consumer), currentState=CompletingRebalance, members=Map(consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635 -> MemberMetadata(memberId=consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635, clientId=consumer-1, clientHost=/172.31.2.168, sessionTimeoutMs=10000, rebalanceTimeoutMs=300000, supportedProtocols=List(range), )))"}}",
                tag_fields=listTagFieldsbody,
                demo_fields=listDemoFieldsbody
            )
            response = client.create_struct_template(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • 正则方式:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    package main
    
    import (
    	"fmt"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
        lts "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/model"
        region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/region"
    )
    
    func main() {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak := os.Getenv("CLOUD_SDK_AK")
        sk := os.Getenv("CLOUD_SDK_SK")
    
        auth := basic.NewCredentialsBuilder().
            WithAk(ak).
            WithSk(sk).
            Build()
    
        client := lts.NewLtsClient(
            lts.LtsClientBuilder().
                WithRegion(region.ValueOf("<YOUR REGION>")).
                WithCredential(auth).
                Build())
    
        request := &model.CreateStructTemplateRequest{}
    	contentTagFields:= "192.168.2.134"
    	isAnalysisTagFields:= true
    	contentTagFields1:= "ecs-ictest"
    	isAnalysisTagFields1:= true
    	var listTagFieldsbody = []model.TagField{
            {
                FieldName: "hostIP",
                Type: "string",
                Content: &contentTagFields,
                IsAnalysis: &isAnalysisTagFields,
            },
            {
                FieldName: "hostName",
                Type: "string",
                Content: &contentTagFields1,
                IsAnalysis: &isAnalysisTagFields1,
            },
        }
    	isAnalysisDemoFields:= true
    	fieldNameDemoFields:= "a01"
    	isAnalysisDemoFields1:= true
    	fieldNameDemoFields1:= "a02"
    	isAnalysisDemoFields2:= true
    	fieldNameDemoFields2:= "a03"
    	isAnalysisDemoFields3:= true
    	fieldNameDemoFields3:= "a04"
    	isAnalysisDemoFields4:= true
    	fieldNameDemoFields4:= "a05"
    	isAnalysisDemoFields5:= true
    	fieldNameDemoFields5:= "a06"
    	isAnalysisDemoFields6:= true
    	fieldNameDemoFields6:= "a07"
    	var listDemoFieldsbody = []model.StructFieldInfo{
            {
                IsAnalysis: &isAnalysisDemoFields,
                FieldName: &fieldNameDemoFields,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields1,
                FieldName: &fieldNameDemoFields1,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields2,
                FieldName: &fieldNameDemoFields2,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields3,
                FieldName: &fieldNameDemoFields3,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields4,
                FieldName: &fieldNameDemoFields4,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields5,
                FieldName: &fieldNameDemoFields5,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields6,
                FieldName: &fieldNameDemoFields6,
                Type: "long",
            },
        }
    	regexRulesLtsStructTemplateInfo:= "^(?<a01>[^ ]+)(?:[^ ]* ){1}(?<a02>\w+)(?:[^ ]* ){1}(?<a03>\w+)(?:[^ ]* ){1}(?<a04>\w+)(?:[^ ]* ){1}(?<a05>\w+)(?:[^ ]* ){1}(?<a06>\w+)(?:[^ ]* ){1}(?<a07>\d+)"
    	request.Body = &model.LtsStructTemplateInfo{
    		RegexRules: &regexRulesLtsStructTemplateInfo,
    		ProjectId: " ",
    		LogStreamId: "ff8bd110-dc44-4692-af74-d3b1f6197887",
    		ParseType: model.GetLtsStructTemplateInfoParseTypeEnum().CUSTOM_REGEX,
    		LogGroupId: "ada6ce6b-17ba-43f3-a27f-aa563b4ab14e",
    		Content: "2021-09-09/18:15:41 this log is Error NO 6323",
    		TagFields: listTagFieldsbody,
    		DemoFields: listDemoFieldsbody,
    	}
    	response, err := client.CreateStructTemplate(request)
    	if err == nil {
            fmt.Printf("%+v\n", response)
        } else {
            fmt.Println(err)
        }
    }
    
  • JSON方式:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    package main
    
    import (
    	"fmt"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
        lts "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/model"
        region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/region"
    )
    
    func main() {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak := os.Getenv("CLOUD_SDK_AK")
        sk := os.Getenv("CLOUD_SDK_SK")
    
        auth := basic.NewCredentialsBuilder().
            WithAk(ak).
            WithSk(sk).
            Build()
    
        client := lts.NewLtsClient(
            lts.LtsClientBuilder().
                WithRegion(region.ValueOf("<YOUR REGION>")).
                WithCredential(auth).
                Build())
    
        request := &model.CreateStructTemplateRequest{}
    	contentTagFields:= "192.168.2.134"
    	isAnalysisTagFields:= true
    	contentTagFields1:= "ecs-ictest"
    	isAnalysisTagFields1:= true
    	var listTagFieldsbody = []model.TagField{
            {
                FieldName: "hostIP",
                Type: "string",
                Content: &contentTagFields,
                IsAnalysis: &isAnalysisTagFields,
            },
            {
                FieldName: "hostName",
                Type: "string",
                Content: &contentTagFields1,
                IsAnalysis: &isAnalysisTagFields1,
            },
        }
    	isAnalysisDemoFields:= true
    	fieldNameDemoFields:= "code"
    	userDefinedNameDemoFields:= "jl"
    	isAnalysisDemoFields1:= true
    	fieldNameDemoFields1:= "record_time"
    	isAnalysisDemoFields2:= true
    	fieldNameDemoFields2:= "tracker_name"
    	isAnalysisDemoFields3:= true
    	fieldNameDemoFields3:= "user.id"
    	isAnalysisDemoFields4:= true
    	fieldNameDemoFields4:= "user.name"
    	var listDemoFieldsbody = []model.StructFieldInfo{
            {
                IsAnalysis: &isAnalysisDemoFields,
                FieldName: &fieldNameDemoFields,
                Type: "long",
                UserDefinedName: &userDefinedNameDemoFields,
            },
            {
                IsAnalysis: &isAnalysisDemoFields1,
                FieldName: &fieldNameDemoFields1,
                Type: "long",
            },
            {
                IsAnalysis: &isAnalysisDemoFields2,
                FieldName: &fieldNameDemoFields2,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields3,
                FieldName: &fieldNameDemoFields3,
                Type: "long",
            },
            {
                IsAnalysis: &isAnalysisDemoFields4,
                FieldName: &fieldNameDemoFields4,
                Type: "string",
            },
        }
    	layersLtsStructTemplateInfo:= int32(3)
    	request.Body = &model.LtsStructTemplateInfo{
    		Layers: &layersLtsStructTemplateInfo,
    		ProjectId: " ",
    		LogStreamId: "ff8bd110-dc44-4692-af74-d3b1f6197887",
    		ParseType: model.GetLtsStructTemplateInfoParseTypeEnum().JSON,
    		LogGroupId: "ada6ce6b-17ba-43f3-a27f-aa563b4ab14e",
    		Content: "{'code':38,'tracker_name':'global','record_time':'1597042370464','user':{'name':'testdemo','id':'123456789'}}",
    		TagFields: listTagFieldsbody,
    		DemoFields: listDemoFieldsbody,
    	}
    	response, err := client.CreateStructTemplate(request)
    	if err == nil {
            fmt.Printf("%+v\n", response)
        } else {
            fmt.Println(err)
        }
    }
    
  • 分隔符:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    package main
    
    import (
    	"fmt"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
        lts "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/model"
        region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/region"
    )
    
    func main() {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak := os.Getenv("CLOUD_SDK_AK")
        sk := os.Getenv("CLOUD_SDK_SK")
    
        auth := basic.NewCredentialsBuilder().
            WithAk(ak).
            WithSk(sk).
            Build()
    
        client := lts.NewLtsClient(
            lts.LtsClientBuilder().
                WithRegion(region.ValueOf("<YOUR REGION>")).
                WithCredential(auth).
                Build())
    
        request := &model.CreateStructTemplateRequest{}
    	contentTagFields:= "192.168.2.134"
    	isAnalysisTagFields:= true
    	contentTagFields1:= "ecs-ictest"
    	isAnalysisTagFields1:= true
    	var listTagFieldsbody = []model.TagField{
            {
                FieldName: "hostIP",
                Type: "string",
                Content: &contentTagFields,
                IsAnalysis: &isAnalysisTagFields,
            },
            {
                FieldName: "hostName",
                Type: "string",
                Content: &contentTagFields1,
                IsAnalysis: &isAnalysisTagFields1,
            },
        }
    	isAnalysisDemoFields:= true
    	fieldNameDemoFields:= "b1"
    	isAnalysisDemoFields1:= true
    	fieldNameDemoFields1:= "b2"
    	isAnalysisDemoFields2:= true
    	fieldNameDemoFields2:= "b3"
    	isAnalysisDemoFields3:= true
    	fieldNameDemoFields3:= "b4"
    	isAnalysisDemoFields4:= true
    	fieldNameDemoFields4:= "b5"
    	isAnalysisDemoFields5:= true
    	fieldNameDemoFields5:= "b6"
    	isAnalysisDemoFields6:= true
    	fieldNameDemoFields6:= "b7"
    	var listDemoFieldsbody = []model.StructFieldInfo{
            {
                IsAnalysis: &isAnalysisDemoFields,
                FieldName: &fieldNameDemoFields,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields1,
                FieldName: &fieldNameDemoFields1,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields2,
                FieldName: &fieldNameDemoFields2,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields3,
                FieldName: &fieldNameDemoFields3,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields4,
                FieldName: &fieldNameDemoFields4,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields5,
                FieldName: &fieldNameDemoFields5,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields6,
                FieldName: &fieldNameDemoFields6,
                Type: "long",
            },
        }
    	tokenizerLtsStructTemplateInfo:= " "
    	request.Body = &model.LtsStructTemplateInfo{
    		Tokenizer: &tokenizerLtsStructTemplateInfo,
    		ProjectId: "",
    		LogStreamId: "ff8bd110-dc44-4692-af74-d3b1f6197887",
    		ParseType: model.GetLtsStructTemplateInfoParseTypeEnum().SPLIT,
    		LogGroupId: "ada6ce6b-17ba-43f3-a27f-aa563b4ab14e",
    		Content: "2021-09-09/18:50:51 this log is Error NO 37",
    		TagFields: listTagFieldsbody,
    		DemoFields: listDemoFieldsbody,
    	}
    	response, err := client.CreateStructTemplate(request)
    	if err == nil {
            fmt.Printf("%+v\n", response)
        } else {
            fmt.Println(err)
        }
    }
    
  • Nginx:

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52
     53
     54
     55
     56
     57
     58
     59
     60
     61
     62
     63
     64
     65
     66
     67
     68
     69
     70
     71
     72
     73
     74
     75
     76
     77
     78
     79
     80
     81
     82
     83
     84
     85
     86
     87
     88
     89
     90
     91
     92
     93
     94
     95
     96
     97
     98
     99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    package main
    
    import (
    	"fmt"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
        lts "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/model"
        region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/region"
    )
    
    func main() {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak := os.Getenv("CLOUD_SDK_AK")
        sk := os.Getenv("CLOUD_SDK_SK")
    
        auth := basic.NewCredentialsBuilder().
            WithAk(ak).
            WithSk(sk).
            Build()
    
        client := lts.NewLtsClient(
            lts.LtsClientBuilder().
                WithRegion(region.ValueOf("<YOUR REGION>")).
                WithCredential(auth).
                Build())
    
        request := &model.CreateStructTemplateRequest{}
    	contentTagFields:= "192.168.2.134"
    	isAnalysisTagFields:= true
    	contentTagFields1:= "ecs-ictest"
    	isAnalysisTagFields1:= true
    	var listTagFieldsbody = []model.TagField{
            {
                FieldName: "hostIP",
                Type: "string",
                Content: &contentTagFields,
                IsAnalysis: &isAnalysisTagFields,
            },
            {
                FieldName: "hostName",
                Type: "string",
                Content: &contentTagFields1,
                IsAnalysis: &isAnalysisTagFields1,
            },
        }
    	isAnalysisDemoFields:= false
    	contentDemoFields:= "0"
    	fieldNameDemoFields:= "body_bytes_sent"
    	isAnalysisDemoFields1:= false
    	contentDemoFields1:= "-"
    	fieldNameDemoFields1:= "http_referer"
    	isAnalysisDemoFields2:= false
    	contentDemoFields2:= "Mozilla/5.0"
    	fieldNameDemoFields2:= "http_user_agent"
    	isAnalysisDemoFields3:= false
    	contentDemoFields3:= "-"
    	fieldNameDemoFields3:= "http_x_forwarded_for"
    	isAnalysisDemoFields4:= false
    	contentDemoFields4:= "192.168.0.0"
    	fieldNameDemoFields4:= "remote_addr"
    	isAnalysisDemoFields5:= false
    	contentDemoFields5:= "sgq"
    	fieldNameDemoFields5:= "remote_user"
    	isAnalysisDemoFields6:= false
    	contentDemoFields6:= "GET"
    	fieldNameDemoFields6:= "request_method"
    	isAnalysisDemoFields7:= false
    	contentDemoFields7:= "/"
    	fieldNameDemoFields7:= "request_uri"
    	isAnalysisDemoFields8:= false
    	contentDemoFields8:= "304"
    	fieldNameDemoFields8:= "status"
    	isAnalysisDemoFields9:= false
    	contentDemoFields9:= "12/Mar/2020:12:24:02"
    	fieldNameDemoFields9:= "time_local"
    	var listDemoFieldsbody = []model.StructFieldInfo{
            {
                IsAnalysis: &isAnalysisDemoFields,
                Content: &contentDemoFields,
                FieldName: &fieldNameDemoFields,
                Type: "long",
            },
            {
                IsAnalysis: &isAnalysisDemoFields1,
                Content: &contentDemoFields1,
                FieldName: &fieldNameDemoFields1,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields2,
                Content: &contentDemoFields2,
                FieldName: &fieldNameDemoFields2,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields3,
                Content: &contentDemoFields3,
                FieldName: &fieldNameDemoFields3,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields4,
                Content: &contentDemoFields4,
                FieldName: &fieldNameDemoFields4,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields5,
                Content: &contentDemoFields5,
                FieldName: &fieldNameDemoFields5,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields6,
                Content: &contentDemoFields6,
                FieldName: &fieldNameDemoFields6,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields7,
                Content: &contentDemoFields7,
                FieldName: &fieldNameDemoFields7,
                Type: "string",
            },
            {
                IsAnalysis: &isAnalysisDemoFields8,
                Content: &contentDemoFields8,
                FieldName: &fieldNameDemoFields8,
                Type: "long",
            },
            {
                IsAnalysis: &isAnalysisDemoFields9,
                Content: &contentDemoFields9,
                FieldName: &fieldNameDemoFields9,
                Type: "string",
            },
        }
    	logFormatLtsStructTemplateInfo:= "log_format  main   '$remote_addr - $remote_user [$time_local] "$request" '                            '$status $body_bytes_sent "$http_referer" '                            '"$http_user_agent" "$http_x_forwarded_for"';"
    	request.Body = &model.LtsStructTemplateInfo{
    		LogFormat: &logFormatLtsStructTemplateInfo,
    		ProjectId: "2a473356cca5487f8373be891bffc1cf",
    		LogStreamId: "60906859-e91e-4d4a-9a21-ae319f544567",
    		ParseType: model.GetLtsStructTemplateInfoParseTypeEnum().NGINX,
    		LogGroupId: "d1f4240d-5ee2-4e0b-9e2c-e25c7978c001",
    		Content: "192.168.0.0 - sgq [12/Mar/2020:12:24:02 +0800] "GET / 127/query" 304 0 "-" "Mozilla/5.0" "-"",
    		TagFields: listTagFieldsbody,
    		DemoFields: listDemoFieldsbody,
    	}
    	response, err := client.CreateStructTemplate(request)
    	if err == nil {
            fmt.Printf("%+v\n", response)
        } else {
            fmt.Println(err)
        }
    }
    
  • CTS:

  • ELB:

  • VPC:

  • APIG:

  • 创建DDS审计日志的结构化配置

  • 创建NGINX方式的结构化配置

  • 创建GAUSSDB_OPENGAUSS_AUDIT方式的结构化配置

  • 创建TOMCAT方式的结构化配置

  • 创建DCS审计日志的结构化配置

  • 创建DDS错误日志的结构化配置

  • 创建DDS慢日志的结构化配置

  • 创建CFW访问控制日志的结构化配置

  • 创建CFW攻击日志的结构化配置

  • 创建CFW流量日志的结构化配置

  • 创建MYSQL错误日志的结构化配置

  • 创建MYSQL慢日志的结构化配置

  • 创建POSTGRESQL慢日志的结构化配置

  • 创建POSTGRESQL错误日志的结构化配置

  • 创建SQLSERVER错误日志的结构化配置

  • 创建GAUSSDB_REDIS慢日志的结构化配置

  • 创建GAUSSDB_MYSQL慢日志的结构化配置

  • 创建GAUSSDB_MYSQL错误日志的结构化配置

  • 创建CDN结构化配置

  • 创建SMN结构化配置

  • 创建WAF访问日志的结构化配置

  • 创建WAF攻击日志的结构化配置

  • 创建DMS重平衡日志的结构化配置

更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。

状态码

状态码

描述

200

请求响应成功, 成功创建结构化配置。

400

BadRequest。非法请求。 建议根据error_msg直接修改该请求,不要重试该请求。

401

AuthFailed。鉴权失败, 请确认token后再次请求 。

403

Forbidden。请求被拒绝访问。返回该状态码,表明请求能够到达服务端,且服务端能够理解用户请求,但是拒绝做更多的事情,因为该请求被设置为拒绝访问,建议直接修改该请求,不要重试该请求。

500

InternalServerError。 表明服务端能被请求访问到,但是服务内部出错。

503

ServiceUnavailable。 被请求的服务无效,服务不可用。

错误码

请参见错误码