修改结构化配置(不推荐)
功能介绍
该接口用于修改指定日志流下的结构化配置,由于参数较多且构建复杂,建议您使用8.9.2-修改结构化配置(推荐)。
调用方法
请参见如何调用API。
URI
PUT /v2/{project_id}/lts/struct/template
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
project_id |
是 |
String |
项目ID,获取方式请参见:获取项目ID,获取账号ID,日志组ID、日志流ID 缺省值:None 最小长度:32 最大长度:32 |
请求参数
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
X-Auth-Token |
是 |
String |
从IAM服务获取的用户Token,获取方式请参见:获取用户Token 缺省值:None 最小长度:1000 最大长度:2000 |
Content-Type |
是 |
String |
该字段填为:application/json;charset=UTF-8。 缺省值:None 最小长度:30 最大长度:30 |
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
log_group_id |
是 |
String |
日志组ID 缺省值:None 最小长度:36 最大长度:36 |
log_stream_id |
是 |
String |
日志流ID 缺省值:None 最小长度:36 最大长度:36 |
project_id |
是 |
String |
项目ID 缺省值:None 最小长度:32 最大长度:32 |
content |
是 |
String |
填写一条示例日志。 |
demo_fields |
是 |
Array of DemoFields objects |
示例字段列表。 说明:
demo_fields中的字段顺序,须和content中的字段顺序保持一致。 最大个数:200 |
parse_type |
是 |
String |
结构化类型参数(json、split、nginx、built_in、custom_regex)。 |
regex_rules |
否 |
String |
正则表达式(使用正则结构化规则时候需要)。 最大长度:5000 |
layers |
否 |
Integer |
最大解析层数(使用JSON方式结构化需要)。 最大值:3 |
tokenizer |
否 |
String |
分隔符(使用分隔符结构化时需要)。 |
log_format |
否 |
String |
Nginx配置规则(使用分隔符结构化时需要)。 |
tag_fields |
是 |
Array of TagField objects |
tag字段列表(使用tag字段解析时需要,其中系统模板不支持使用tag字段)。 最大个数:200 |
rule |
否 |
RuleSGQSGQSGQ object |
结构化方式 |
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
fieldName |
否 |
String |
字段名称 缺省值:None 最小长度:1 最大长度:50 |
userDefinedName |
否 |
String |
自定义别名(json,Nginx方式中按需添加) 缺省值:None 最小长度:1 最大长度:64 |
type |
是 |
String |
字段数据类型。 可选范围:string、long、float |
isAnalysis |
否 |
Boolean |
预留字段。 |
content |
否 |
String |
字段内容。 说明:
在系统模板中,此参数为demoLog。 |
index |
否 |
Integer |
序号 |
响应参数
状态码: 400
参数 |
参数类型 |
描述 |
---|---|---|
error_code |
String |
错误码。 枚举值:
|
error_msg |
String |
调用失败响应信息描述。 枚举值:
|
状态码: 401
参数 |
参数类型 |
描述 |
---|---|---|
error_code |
String |
错误码。 枚举值:
|
error_msg |
String |
调用失败响应信息描述。 枚举值:
|
状态码: 403
参数 |
参数类型 |
描述 |
---|---|---|
error_code |
String |
错误码。 枚举值:
|
error_msg |
String |
调用失败响应信息描述。 枚举值:
|
状态码: 500
参数 |
参数类型 |
描述 |
---|---|---|
error_code |
String |
错误码。 枚举值:
|
error_msg |
String |
调用失败响应信息描述。 枚举值:
|
请求示例
修改正则方式的结构化配置
PUT https://{endpoint}/v2/{project_id}/lts/struct/template { "content" : "2021-09-09/18:15:41 this log is Error NO 6323", "parse_type" : "custom_regex", "demo_fields" : [ { "fieldName" : "a01", "type" : "string" }, { "fieldName" : "a02", "type" : "string" }, { "fieldName" : "a03", "type" : "string" }, { "fieldName" : "a04", "type" : "string" }, { "fieldName" : "a05", "type" : "string" }, { "fieldName" : "a06", "type" : "string" }, { "fieldName" : "a07", "type" : "long" } ], "regex_rules" : "^(?<a01>[^ ]+)(?:[^ ]* ){1}(?<a02>\\w+)(?:[^ ]* ){1}(?<a03>\\w+)(?:[^ ]* ){1}(?<a04>\\w+)(?:[^ ]* ){1}(?<a05>\\w+)(?:[^ ]* ){1}(?<a06>\\w+)(?:[^ ]* ){1}(?<a07>\\d+)", "log_group_id" : "ada6ce6b-17ba-43f3-a27f-aa563b4ab14e", "log_stream_id" : "ff8bd110-dc44-4692-af74-d3b1f6197887", "project_id" : " ", "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true }, { "fieldName" : "hostName", "content" : "ecs-ictest", "type" : "string", "isAnalysis" : true } ] }
修改分隔符方式的结构化配置
{ "content" : "2021-09-09/18:50:51 this log is Error NO 37", "demo_fields" : [ { "fieldName" : "b1", "type" : "string" }, { "fieldName" : "b2", "type" : "string" }, { "fieldName" : "b3", "type" : "string" }, { "fieldName" : "b4", "type" : "string" }, { "fieldName" : "b5", "type" : "string" }, { "fieldName" : "b6", "type" : "string" }, { "fieldName" : "b7", "type" : "long" } ], "parse_type" : "split", "tokenizer" : " ", "log_group_id" : "ada6ce6b-17ba-43f3-a27f-aa563b4ab14e", "log_stream_id" : "ff8bd110-dc44-4692-af74-d3b1f6197887", "project_id" : "", "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true }, { "fieldName" : "hostName", "content" : "ecs-ictest", "type" : "string", "isAnalysis" : true } ] }
修改NGINX方式的结构化配置。
{ "log_group_id" : "ada6ce6b-17ba-43f3-a27f-aa563b4ab14e", "log_stream_id" : "ff8bd110-dc44-4692-af74-d3b1f6197887", "project_id" : "", "content" : "2021-09-09/18:54:55 this log is Error NO 281", "parse_type" : "nginx", "log_format" : "log_format main '$his1 : $his2 /'", "demo_fields" : [ { "fieldName" : "his1", "type" : "string" }, { "fieldName" : "his2", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true }, { "fieldName" : "hostName", "content" : "ecs-ictest", "type" : "string", "isAnalysis" : true } ] }
修改CTS方式的结构化配置。
{ "content" : "{\"code\":\"201\",\"source_ip\":\"10.10.1.10\",\"trace_type\":\"ApiCall\",\"event_type\":\"global\",\"project_id\":\"221123nsada3sda3231das3111ndsab\",\"trace_id\":\"1eesdd-dad6-11dsaea-edaxfeqdf\",\"trace_name\":\"demodemodemo\",\"resource_type\":\"token\",\"trace_rating\":\"normal\",\"service_type\":\"IAM\",\"resource_id\":\"98763hkjhdteoi03861732hjh7983bhd\",\"tracker_name\":\"global\",\"time\":\"1597042369296\",\"resource_name\":\"demodemodemo/demo\",\"record_time\":\"1597042370464\",\"user\":{\"domain\":{\"name\":\"testdemo\",\"id\":\"21185d8818e443e1ryjkh71622f09212b\"},\"name\":\"testdemo/demo\",\"id\":\"6hfakl86faqw87dsasasadf09ajbml\"}}", "demo_fields" : [ { "fieldName" : "code", "content" : "201", "type" : "long" }, { "fieldName" : "event_type", "content" : "global", "type" : "string" }, { "fieldName" : "project_id", "content" : "221123nsada3sda3231das3111ndsab", "type" : "string" }, { "fieldName" : "record_time", "content" : "1597042370464", "type" : "long" }, { "fieldName" : "resource_id", "content" : "98763hkjhdteoi03861732hjh7983bhd", "type" : "string" }, { "fieldName" : "resource_name", "content" : "demodemodemo/demo", "type" : "string" }, { "fieldName" : "resource_type", "content" : "token", "type" : "string" }, { "fieldName" : "service_type", "content" : "IAM", "type" : "string" }, { "fieldName" : "source_ip", "content" : "10.10.1.10", "type" : "string" }, { "fieldName" : "time", "content" : "1597042369296", "type" : "long" }, { "fieldName" : "trace_id", "content" : "1eesdd-dad6-11dsaea-edaxfeqdf", "type" : "string" }, { "fieldName" : "trace_name", "content" : "demodemodemo", "type" : "string" }, { "fieldName" : "trace_rating", "content" : "normal", "type" : "string" }, { "fieldName" : "trace_type", "content" : "ApiCall", "type" : "string" }, { "fieldName" : "tracker_name", "content" : "global", "type" : "string" }, { "fieldName" : "user.domain.id", "content" : "21185d8818e443e1ryjkh71622f09212b", "type" : "string" }, { "fieldName" : "user.domain.name", "content" : "testdemo", "type" : "string" }, { "fieldName" : "user.id", "content" : "6hfakl86faqw87dsasasadf09ajbml", "type" : "string" }, { "fieldName" : "user.name", "content" : "testdemo/demo", "type" : "string" } ], "rule" : { "type" : "built_in", "param" : "CTS" }, "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "log_group_id" : " ", "log_stream_id" : " ", "project_id" : " ", "parse_type" : " " }
修改ELB方式的结构化配置。
{ "content" : "1594727856.337 e7c37d97-e922-457c-bbf3-dsadeqac 2020-07-14T19:57:36+08:00 elb_01 192.0.0.0:88888 200 \"GET http://prod.sss.ads.sg2.aaa/loc/ation?version=3&ip=100.0.0.0&coordinate=27.7044784,85.3007481&device_id=dsadsadasdsadasd&beyla_id=wqeb123ndadsa233ddada HTTP/1.1\" 233 293 138 0.001 \"200\" \"0.000\" \"0.001\" \"0.001\" \"100.0.0.0:9999\" \"lua-resty-http/0.14 (Lua) ngx_lua/10000\" \"-\" \"-\" loadbalancer_edsaee-4c9c-b467-5b8126b2f7f7dsa listener_6077809b-913f-466d-a96c-376f08882d5d 08cc2b3f68aa4dddd1e6a90dddd1688348a4480 pool_b2f2966c-043d-4674-ad4b-c15f2adb2c6b \"-\" 2fb78dsadadq1213das1121dab146ad3cb0 -:80 \"101.0.0.0:10000\" - - - - 9739", "demo_fields" : [ { "fieldName" : "msec", "content" : "1594727856.337", "type" : "float" }, { "fieldName" : "access_log_topic_id", "content" : "e7c37d97-e922-457c-bbf3-dsadeqac", "type" : "string" }, { "fieldName" : "time_iso8601", "content" : "2020-07-14T19:57:36+08:00", "type" : "string" }, { "fieldName" : "log_ver", "content" : "elb_01", "type" : "string" }, { "fieldName" : "remote_addr", "content" : "192.0.0.0", "type" : "string" }, { "fieldName" : "remote_port", "content" : "88888", "type" : "long" }, { "fieldName" : "status", "content" : "200", "type" : "long" }, { "fieldName" : "request_method", "content" : "GET", "type" : "string" }, { "fieldName" : "scheme", "content" : "http", "type" : "string" }, { "fieldName" : "host", "content" : "prod.sss.ads.sg2.aaa", "type" : "string" }, { "fieldName" : "router_request_uri", "content" : "loc/ation?version=3&ip=100.0.0.0&coordinate=27.7044784,85.3007481&device_id=dsadsadasdsadasd&beyla_id=wqeb123ndadsa233ddada", "type" : "string" }, { "fieldName" : "server_protocol", "content" : "HTTP/1.1", "type" : "string" }, { "fieldName" : "request_length", "content" : "233", "type" : "long" }, { "fieldName" : "bytes_sent", "content" : "293", "type" : "long" }, { "fieldName" : "body_bytes_sent", "content" : "138", "type" : "long" }, { "fieldName" : "request_time", "content" : "0.001", "type" : "float" }, { "fieldName" : "upstream_status", "content" : "200", "type" : "long" }, { "fieldName" : "upstream_connect_time", "content" : "0.000", "type" : "float" }, { "fieldName" : "upstream_header_time", "content" : "0.001", "type" : "float" }, { "fieldName" : "upstream_response_time", "content" : "0.001", "type" : "float" }, { "fieldName" : "upstream_addr", "content" : "100.0.0.0:9999", "type" : "string" }, { "fieldName" : "http_user_agent", "content" : "lua-resty-http/0.14 (Lua) ngx_lua/10000", "type" : "string" }, { "fieldName" : "http_referer", "content" : "-", "type" : "string" }, { "fieldName" : "http_x_forwarded_for", "content" : "-", "type" : "string" }, { "fieldName" : "lb_name", "content" : "loadbalancer_edsaee-4c9c-b467-5b8126b2f7f7dsa", "type" : "string" }, { "fieldName" : "listener_name", "content" : "listener_6077809b-913f-466d-a96c-376f08882d5d", "type" : "string" }, { "fieldName" : "listener_id", "content" : "08cc2b3f68aa4dddd1e6a90dddd1688348a4480", "type" : "string" }, { "fieldName" : "pool_name", "content" : "pool_b2f2966c-043d-4674-ad4b-c15f2adb2c6b", "type" : "string" }, { "fieldName" : "member_name", "content" : "-", "type" : "string" }, { "fieldName" : "tenant_id", "content" : "2fb78dsadadq1213das1121dab146ad3cb0", "type" : "string" }, { "fieldName" : "eip_address", "content" : "-", "type" : "string" }, { "fieldName" : "eip_port", "content" : "80", "type" : "long" }, { "fieldName" : "upstream_addr_priv", "content" : "101.0.0.0:10000", "type" : "string" }, { "fieldName" : "certificate_id", "content" : "-", "type" : "string" }, { "fieldName" : "ssl_protocol", "content" : "-", "type" : "string" }, { "fieldName" : "ssl_cipher", "content" : "-", "type" : "string" }, { "fieldName" : "sni_domain_name", "content" : "-", "type" : "string" }, { "fieldName" : "tcpinfo_rtt", "content" : "9739", "type" : "long" } ], "rule" : { "type" : "built_in", "param" : "ELB" }, "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "log_group_id" : " ", "log_stream_id" : " ", "project_id" : " ", "parse_type" : " " }
修改VPC方式的结构化配置。
{ "content" : "1 5f67944957444bd6bb4fe3b367de8f3d 1d515d18-1b36-47dc-a983-bd6512aed4bd 192.168.0.154 192.168.3.25 38929 53 17 1 96 1548752136 1548752736 ACCEPT OK", "demo_fields" : [ { "fieldName" : "version", "content" : 1, "type" : "long" }, { "fieldName" : "project_id", "content" : "5f67944957444bd6bb4fe3b367de8f3d", "type" : "string" }, { "fieldName" : "interface_id", "content" : "1d515d18-1b36-47dc-a983-bd6512aed4bd", "type" : "string" }, { "fieldName" : "srcaddr", "content" : "192.168.0.154", "type" : "string" }, { "fieldName" : "dstaddr", "content" : "192.168.3.25", "type" : "string" }, { "fieldName" : "srcport", "content" : "38929", "type" : "long" }, { "fieldName" : "dstport", "content" : "53", "type" : "long" }, { "fieldName" : "protocol", "content" : "17", "type" : "long" }, { "fieldName" : "packets", "content" : "1", "type" : "long" }, { "fieldName" : "bytes", "content" : "96", "type" : "long" }, { "fieldName" : "start", "content" : "1548752136", "type" : "long" }, { "fieldName" : "end", "content" : "1548752736", "type" : "long" }, { "fieldName" : "action", "content" : "ACCEPT", "type" : "string" }, { "fieldName" : "log_status", "content" : "OK", "type" : "string" } ], "rule" : { "type" : "built_in", "param" : "VPC" }, "log_group_id" : " ", "log_stream_id" : " ", "project_id" : " ", "parse_type" : " ", "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ] }
修改DCS审计日志方式的结构化配置。
{ "content" : "{\"time\": 1640966500017, \"instance_id\": \"199a1e5a-8a37-40b9-899e-0ab6805c69eb\", \"server_addr\": \"192.168.0.1\", \"role\": \"proxy\", \"client_addr\": \"10.0.0.1\", \"client_type\": \"0\", \"user\": \"default\", \"db\": 1, \"command_name\": \"DEL\", \"command_type\": \"string\", \"command_keys\": [\"key1\", \"key2\", \"key3\"], \"command_param\": \"DEL key1 key2 key3\", \"use_time\": 500, \"extend\": \"\"}", "demo_fields" : [ { "fieldName" : "time", "content" : "1640966500017", "type" : "long" }, { "fieldName" : "instance_id", "content" : "199a1e5a-8a37-40b9-899e-0ab6805c69eb", "type" : "string" }, { "fieldName" : "server_addr", "content" : "192.168.0.1", "type" : "string" }, { "fieldName" : "role", "content" : "proxy", "type" : "string" }, { "fieldName" : "client_addr", "content" : "10.0.0.1", "type" : "string" }, { "fieldName" : "client_type", "content" : "0", "type" : "string" }, { "fieldName" : "user", "content" : "default", "type" : "string" }, { "fieldName" : "db", "content" : "1", "type" : "long" }, { "fieldName" : "command_name", "content" : "DEL", "type" : "string" }, { "fieldName" : "command_type", "content" : "string", "type" : "string" }, { "fieldName" : "command_keys", "content" : "[\"key1\",\"key2\",\"key3\"]", "type" : "string" }, { "fieldName" : "command_param", "content" : "DEL key1 key2 key3", "type" : "string" }, { "fieldName" : "use_time", "content" : "500", "type" : "long" }, { "fieldName" : "extend", "content" : "", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "DCS_AUDIT" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改DDS审计日志方式的结构化配置。
{ "content" : "{\"topic\":\"auditLog\",\"instanceid\":\"9fbf813bc27e4a3ab54bddf783a4f774in01\",\"nodeid\":\"bf4cb0413d0b4221be94b08471708586no01\",\"db\":\"test\",\"coll\":\"testCollection\",\"optype\":\"update\",\"time\":\"2022-08-05T08:24:15.536+0000\",\"user_ip\":\"10.4.23.205\",\"user_port\":\"47668\",\"user\":\"rw_testuser\",\"param\":{\"command\":\"update\",\"ns\":\"test.testCollection\",\"op\":[{\"q\":{\"vin\":\"LDP31B965NG036174\"},\"u\":{\"$set\":{\"timestamp\":{\"$numberLong\":\"1659687855535\"},\"deviceTime\":{\"$numberLong\":\"1659687855340\"},\"longitude\":\"119.35516805555555\",\"latitude\":\"26.057936388888891\",\"location\":\"119.35516805555555,26.057936388888891\",\"height\":\"10.097286797128618\",\"direction\":\"12\",\"speed\":14,\"accuracy\":\"0\",\"h3Address7\":\"8741b5300ffffff\"}},\"upsert\":true}],\"args\":{\"update\":\"testCollection\",\"ordered\":true,\"$db\":\"test\",\"$clusterTime\":{\"clusterTime\":{\"$timestamp\":{\"t\":1659687855,\"i\":1685}},\"signature\":{\"hash\":{\"$binary\":\"CP5bfEf+gBJZdAxCKtF9HiSeqQY=\",\"$type\":\"00\"},\"keyId\":{\"$numberLong\":\"7102408879899674942\"}}},\"lsid\":{\"id\":{\"$binary\":\"PXVVrbuvRuGkypCbu/oXXQ==\",\"$type\":\"04\"}}}}}", "demo_fields" : [ { "fieldName" : "topic", "content" : "auditLog", "type" : "string" }, { "fieldName" : "instanceid", "content" : "9fbf813bc27e4a3ab54bddf783a4f774in01", "type" : "string" }, { "fieldName" : "nodeid", "content" : "bf4cb0413d0b4221be94b08471708586no01", "type" : "string" }, { "fieldName" : "db", "content" : "test", "type" : "string" }, { "fieldName" : "coll", "content" : "testCollection", "type" : "string" }, { "fieldName" : "optype", "content" : "update", "type" : "string" }, { "fieldName" : "time", "content" : "2022-08-05T08:24:15.536+0000", "type" : "string" }, { "fieldName" : "user_ip", "content" : "10.4.23.205", "type" : "string" }, { "fieldName" : "user_port", "content" : "47668", "type" : "string" }, { "fieldName" : "user", "content" : "rw_testuser", "type" : "string" }, { "fieldName" : "param", "content" : "{\"command\":\"update\",\"ns\":\"test.testCollection\",\"op\":[{\"q\":{\"vin\":\"LDP31B965NG036174\"},\"u\":{\"$set\":{\"timestamp\":{\"$numberLong\":\"1659687855535\"},\"deviceTime\":{\"$numberLong\":\"1659687855340\"},\"longitude\":\"119.35516805555555\",\"latitude\":\"26.057936388888891\",\"location\":\"119.35516805555555,26.057936388888891\",\"height\":\"10.097286797128618\",\"direction\":\"12\",\"speed\":14,\"accuracy\":\"0\",\"h3Address7\":\"8741b5300ffffff\"}},\"upsert\":true}],\"args\":{\"update\":\"testCollection\",\"ordered\":true,\"$db\":\"test\",\"$clusterTime\":{\"clusterTime\":{\"$timestamp\":{\"t\":1659687855,\"i\":1685}},\"signature\":{\"hash\":{\"$binary\":\"CP5bfEf+gBJZdAxCKtF9HiSeqQY=\",\"$type\":\"00\"},\"keyId\":{\"$numberLong\":\"7102408879899674942\"}}},\"lsid\":{\"id\":{\"$binary\":\"PXVVrbuvRuGkypCbu/oXXQ==\",\"$type\":\"04\"}}}}", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "DDS_AUDIT" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改TOMCAT方式的结构化配置
{ "content" : "192.168.12.2 - - [07/Mar/2018:09:49:55 +0800] \"GET /logHello/test HTTP/1.1\" 200 1943", "demo_fields" : [ { "fieldName" : "remote_ip_address", "content" : "192.168.12.2", "type" : "string" }, { "fieldName" : "remote_logical_username", "content" : "-", "type" : "string" }, { "fieldName" : "remote_user_authenticated", "content" : "-", "type" : "string" }, { "fieldName" : "time_local", "content" : "07/Mar/2018:09:49:55", "type" : "string" }, { "fieldName" : "scheme", "content" : "GET", "type" : "string" }, { "fieldName" : "router_uri", "content" : "/logHello/test", "type" : "string" }, { "fieldName" : "server_protocol", "content" : "HTTP/1.1", "type" : "string" }, { "fieldName" : "status", "content" : "200", "type" : "long" }, { "fieldName" : "bytes_sent", "content" : "1943", "type" : "long" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "TOMCAT" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改GAUSSDB_OPENGAUSS_AUDIT方式的结构化配置。
{ "content" : "{\"username\":\"rdsAdmin\",\"client_conninfo\":\"cm_agent@10.254.95.70\",\"instanceId\":\"96e86f462bbc4f2286d7c8274815d0fein14\",\"detail_info\":\"xid=30818, SET statement_timeout = 10000000;n\",\"thread_id\":\"140463114942208@713872403507507\",\"result\":\"ok\",\"database\":\"postgres\",\"local_port\":\"8001\",\"userid\":\"10\",\"nodeId\":\"06c267fad8054a0abcb17cfa3b8f260cno14\",\"node_name\":\"dn_6001_6002_6003\",\"object_name\":\"statement_timeout\",\"time\":\"2022-08-15 17:53:23+08\",\"type\":\"set_parameter\",\"remote_port\":\"50952\"}", "demo_fields" : [ { "fieldName" : "username", "content" : "rdsAdmin", "type" : "string" }, { "fieldName" : "client_conninfo", "content" : "cm_agent@10.254.95.70", "type" : "string" }, { "fieldName" : "instanceId", "content" : "96e86f462bbc4f2286d7c8274815d0fein14", "type" : "string" }, { "fieldName" : "detail_info", "content" : "xid=30818, SET statement_timeout = 10000000;n", "type" : "string" }, { "fieldName" : "thread_id", "content" : "140463114942208@713872403507507", "type" : "string" }, { "fieldName" : "result", "content" : "ok", "type" : "string" }, { "fieldName" : "database", "content" : "postgres", "type" : "string" }, { "fieldName" : "local_port", "content" : "8001", "type" : "string" }, { "fieldName" : "userid", "content" : "10", "type" : "string" }, { "fieldName" : "nodeId", "content" : "06c267fad8054a0abcb17cfa3b8f260cno14", "type" : "string" }, { "fieldName" : "node_name", "content" : "dn_6001_6002_6003", "type" : "string" }, { "fieldName" : "object_name", "content" : "statement_timeout", "type" : "string" }, { "fieldName" : "time", "content" : "2022-08-15 17:53:23+08", "type" : "string" }, { "fieldName" : "type", "content" : "set_parameter", "type" : "string" }, { "fieldName" : "remote_port", "content" : "50952", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "GAUSSDB_OPENGAUSS_AUDIT" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改MYSQL慢日志方式的结构化配置。
{ "content" : "{\"start_time\":\"2022-07-27T02:49:19.000\",\"user\":\"commerce\",\"host\":\"100.*.*.222\",\"query_time\":\"1.461583\",\"lock_time\":\"0.000050\",\"rows_sent\":\"500\",\"rows_examined\":\"581000\",\"command_text\":\"SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;\",\"database\":\"saas_perf\",\"log_type\":\"slow_log\",\"log_time\":\"1658890159\",\"operate_type\":\"SELECT\",\"node_id\":\"5d6c61bbd49b4ad3a1572461811e3dacno01\",\"instance_id\":\"207032924c644f429b74f6fc5d8c97f9in01\"}", "demo_fields" : [ { "fieldName" : "start_time", "content" : "2022-07-27T02:49:19.000", "type" : "string" }, { "fieldName" : "user", "content" : "commerce", "type" : "string" }, { "fieldName" : "host", "content" : "100.*.*.222", "type" : "string" }, { "fieldName" : "query_time", "content" : "1.461583", "type" : "string" }, { "fieldName" : "lock_time", "content" : "0.000050", "type" : "string" }, { "fieldName" : "rows_sent", "content" : "500", "type" : "string" }, { "fieldName" : "rows_examined", "content" : "581000", "type" : "string" }, { "fieldName" : "command_text", "content" : "SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;", "type" : "string" }, { "fieldName" : "database", "content" : "saas_perf", "type" : "string" }, { "fieldName" : "log_type", "content" : "slow_log", "type" : "string" }, { "fieldName" : "log_time", "content" : "1658890159", "type" : "string" }, { "fieldName" : "operate_type", "content" : "SELECT", "type" : "string" }, { "fieldName" : "node_id", "content" : "5d6c61bbd49b4ad3a1572461811e3dacno01", "type" : "string" }, { "fieldName" : "instance_id", "content" : "207032924c644f429b74f6fc5d8c97f9in01", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "MYSQL_SLOW" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改MYSQL错误日志方式的结构化配置。
{ "content" : "{\"log_type\":\"error_log\",\"severity\":\"WARNING\",\"log_time\":\"2022-08-22T06:52:08Z\",\"raw_message\":\"Occur error when reading bytes from a network handler. Client actively closes the connection.\",\"node_id\":\"5d6c61bbd49b4ad3a1572461811e3dacno01\",\"instance_id\":\"207032924c644f429b74f6fc5d8c97f9in01\"}", "demo_fields" : [ { "fieldName" : "log_type", "content" : "error_log", "type" : "string" }, { "fieldName" : "severity", "content" : "WARNING", "type" : "string" }, { "fieldName" : "log_time", "content" : "2022-08-22T06:52:08Z", "type" : "string" }, { "fieldName" : "raw_message", "content" : "Occur error when reading bytes from a network handler. Client actively closes the connection.", "type" : "string" }, { "fieldName" : "node_id", "content" : "5d6c61bbd49b4ad3a1572461811e3dacno01", "type" : "string" }, { "fieldName" : "instance_id", "content" : "207032924c644f429b74f6fc5d8c97f9in01", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "MYSQL_ERROR" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改DDS错误日志方式的结构化配置。
{ "content" : "{\"log_type\":\"error_log\",\"severity\":\"Error\",\"log_time\":\"2022-08-22T09:33:15.142+0000\",\"raw_message\":\"E QUERY [ClusterDisasterBackupChangeJob] Get global setting disasterBackup failed.\",\"instance_id\": \"5b67dc63ba824145aae1f12ff51e58b8in02\",\"node_id\": \"686a791e690e4db3af591ec4b6f72916no02\"}", "demo_fields" : [ { "fieldName" : "log_type", "content" : "error_log", "type" : "string" }, { "fieldName" : "severity", "content" : "Error", "type" : "string" }, { "fieldName" : "log_time", "content" : "2022-08-22T09:33:15.142+0000", "type" : "string" }, { "fieldName" : "raw_message", "content" : "E QUERY [ClusterDisasterBackupChangeJob] Get global setting disasterBackup failed.", "type" : "string" }, { "fieldName" : "instance_id", "content" : "5b67dc63ba824145aae1f12ff51e58b8in02", "type" : "string" }, { "fieldName" : "node_id", "content" : "686a791e690e4db3af591ec4b6f72916no02", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "MONGODB_ERROR" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改DDS慢日志方式的结构化配置。
{ "content" : "{\"log_type\":\"slow_log\",\"log_time\":\"2022-08-20T10:04:03.204000Z\",\"namespace\":\"data0820.table\",\"database\":\"data0820\",\"collection\":\"table\",\"operate_type\":\"insert\",\"docs_scanned\":0,\"docs_returned\":0,\"n_deleted\":0,\"n_matched\":0,\"n_modified\":0,\"n_inserted\":10,\"cost_time\":555,\"lock_time\":0,\"whole_message\":\"{\"op\": \"insert\", \"ns\": \"data0820.usrtable\", \"command\": \"{N}\", \"ninserted\": 1, \"keysInserted\": 1, \"numYield\": 0, \"locks\": {\"Global\": {\"acquireCount\": {\"r\": 5, \"w\": 5}}, \"Database\": {\"acquireCount\": {\"w\": 4, \"W\": 1}}, \"Collection\": {\"acquireCount\": {\"w\": 2}}, \"oplog\": {\"acquireCount\": {\"w\": 2}}}, \"responseLength\": 230, \"protocol\": \"op_msg\", \"millis\": 555, \"ts\": {\"$date\": 1660989843204}, \"client\": \"192.168.0.64\", \"appName\": \"MongoDBShell\", \"allUsers\": [{\"user\": \"rwuser\", \"db\": \"admin\"}], \"user\": \"rwuser@admin\"}\",\"instance_id\": \"5b67dc63ba824145aae1f12ff51e58b8in02\",\"node_id\":\"686a791e690e4db3af591ec4b6f72916no02\"}", "demo_fields" : [ { "fieldName" : "log_type", "content" : "slow_log", "type" : "string" }, { "fieldName" : "log_time", "content" : "2022-08-20T10:04:03.204000Z", "type" : "string" }, { "fieldName" : "namespace", "content" : "data0820.table", "type" : "string" }, { "fieldName" : "database", "content" : "data0820", "type" : "string" }, { "fieldName" : "collection", "content" : "table", "type" : "string" }, { "fieldName" : "operate_type", "content" : "insert", "type" : "string" }, { "fieldName" : "docs_scanned", "content" : "0", "type" : "long" }, { "fieldName" : "docs_returned", "content" : "0", "type" : "long" }, { "fieldName" : "n_deleted", "content" : "0", "type" : "long" }, { "fieldName" : "n_matched", "content" : "0", "type" : "long" }, { "fieldName" : "n_modified", "content" : "0", "type" : "long" }, { "fieldName" : "n_inserted", "content" : "10", "type" : "long" }, { "fieldName" : "cost_time", "content" : "555", "type" : "long" }, { "fieldName" : "lock_time", "content" : "0", "type" : "long" }, { "fieldName" : "whole_message", "content" : "{\"op\": \"insert\", \"ns\": \"data0820.usrtable\", \"command\": \"{N}\", \"ninserted\": 1, \"keysInserted\": 1, \"numYield\": 0, \"locks\": {\"Global\": {\"acquireCount\": {\"r\": 5, \"w\": 5}}, \"Database\": {\"acquireCount\": {\"w\": 4, \"W\": 1}}, \"Collection\": {\"acquireCount\": {\"w\": 2}}, \"oplog\": {\"acquireCount\": {\"w\": 2}}}, \"responseLength\": 230, \"protocol\": \"op_msg\", \"millis\": 555, \"ts\": {\"$date\": 1660989843204}, \"client\": \"192.168.0.64\", \"appName\": \"MongoDB Shell\", \"allUsers\": [{\"user\": \"rwuser\", \"db\": \"admin\"}], \"user\": \"rwuser@admin\"}", "type" : "string" }, { "fieldName" : "instance_id", "content" : "5b67dc63ba824145aae1f12ff51e58b8in02", "type" : "string" }, { "fieldName" : "node_id", "content" : "686a791e690e4db3af591ec4b6f72916no02", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "MONGODB_SLOW" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改CFW访问控制日志方式的结构化配置。
{ "content" : "{\"app\":\"PING\",\"direction\":\"in2out\",\"source-zone\":\"3002\",\"rule_id\":\"56827792-173e-435a-b22b-229f21d78244\",\"protocol\":\"ICMP: ECHO_REQUEST\",\"dst_ip\":\"100.85.222.23\",\"src_ip\":\"100.85.112.49\",\"log_type\":\"eip\",\"hit_time\":1655882537006,\"log-id\":\"44243649\",\"dst_port\":\"45243\",\"destination-zone\":\"3001\",\"index_day\":\"2022.06.22\",\"log_id\":6781,\"src_port\":\"17589\",\"fw_instance_id\":\"58ead9e7-418d-4166-8df8-f24941d4205c\",\"action\":\"permit\",\"vsys\":\"1\"}", "demo_fields" : [ { "fieldName" : "app", "content" : "PING", "type" : "string" }, { "fieldName" : "direction", "content" : "in2out", "type" : "string" }, { "fieldName" : "source-zone", "content" : "3002", "type" : "string" }, { "fieldName" : "rule_id", "content" : "56827792-173e-435a-b22b-229f21d78244", "type" : "string" }, { "fieldName" : "protocol", "content" : "ICMP: ECHO_REQUEST", "type" : "string" }, { "fieldName" : "dst_ip", "content" : "100.85.222.23", "type" : "string" }, { "fieldName" : "src_ip", "content" : "100.85.112.49", "type" : "string" }, { "fieldName" : "log_type", "content" : "eip", "type" : "string" }, { "fieldName" : "hit_time", "content" : "1655882537006", "type" : "long" }, { "fieldName" : "log-id", "content" : "44243649", "type" : "string" }, { "fieldName" : "dst_port", "content" : "45243", "type" : "string" }, { "fieldName" : "destination-zone", "content" : "3001", "type" : "string" }, { "fieldName" : "index_day", "content" : "2022.06.22", "type" : "string" }, { "fieldName" : "log_id", "content" : "6781", "type" : "long" }, { "fieldName" : "src_port", "content" : "17589", "type" : "string" }, { "fieldName" : "fw_instance_id", "content" : "58ead9e7-418d-4166-8df8-f24941d4205c", "type" : "string" }, { "fieldName" : "action", "content" : "permit", "type" : "string" }, { "fieldName" : "vsys", "content" : "1", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "CFW_ACCESS" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改CFW攻击日志方式的结构化配置。
{ "content" : "{\"source\":\"0\",\"app\":\"HTTP\",\"direction\":\"out2in\",\"dst_ip\":\"100.85.222.23\",\"src_ip\":\"10.108.170.229\",\"event_time\":1655974411462,\"log_type\":\"eip\",\"dst_port\":\"80\",\"attack_rule_id\":\"330409\",\"index_day\":\"2022.06.23\",\"log_id\":462688,\"src_port\":\"51002\",\"protocol\":\"TCP\",\"packet\":\"+hZUZMhT+hY/AaHMCABFAADnicBAAHgGgJIKbKrlZFXeF8c6AFAYCIpDV562+VAYBAILMwAAR0VUIC9qb2JtYW5hZ2VyL2xvZ3MvLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmZXRjJTI1MmZwYXNzd2QgSFRUUC8xLjENCkhvc3Q6IDEwMC44NS4yMjIuMjMNClVzZXItQWdlbnQ6IGN1cmwvNy42NS4wDQpBY2NlcHQ6ICovKg0KDQo=\",\"level\":\"HIGH\",\"attack_type\":\"Vulnerability Exploit Attack\",\"fw_instance_id\":\"58ead9e7-418d-4166-8df8-f24941d4205c\",\"action\":\"permit\",\"vsys\":\"1\",\"attack_rule\":\"VMware Spring Cloud Directory Traversal Vulnerability (CVE-2020-5410)\"}", "demo_fields" : [ { "fieldName" : "source", "content" : "0", "type" : "string" }, { "fieldName" : "app", "content" : "HTTP", "type" : "string" }, { "fieldName" : "direction", "content" : "out2in", "type" : "string" }, { "fieldName" : "dst_ip", "content" : "100.85.222.23", "type" : "string" }, { "fieldName" : "src_ip", "content" : "10.108.170.229", "type" : "string" }, { "fieldName" : "event_time", "content" : "1655974411462", "type" : "long" }, { "fieldName" : "log_type", "content" : "eip", "type" : "string" }, { "fieldName" : "dst_port", "content" : "80", "type" : "string" }, { "fieldName" : "attack_rule_id", "content" : "330409", "type" : "string" }, { "fieldName" : "index_day", "content" : "2022.06.23", "type" : "string" }, { "fieldName" : "log_id", "content" : "462688", "type" : "long" }, { "fieldName" : "src_port", "content" : "51002", "type" : "string" }, { "fieldName" : "protocol", "content" : "TCP", "type" : "string" }, { "fieldName" : "packet", "content" : "\"+hZUZMhT+hY/AaHMCABFAADnicBAAHgGgJIKbKrlZFXeF8c6AFAYCIpDV562+VAYBAILMwAAR0VUIC9qb2JtYW5hZ2VyL2xvZ3MvLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmZXRjJTI1MmZwYXNzd2QgSFRUUC8xLjENCkhvc3Q6IDEwMC44NS4yMjIuMjMNClVzZXItQWdlbnQ6IGN1cmwvNy42NS4wDQpBY2NlcHQ6ICovKg0KDQo=\"", "type" : "string" }, { "fieldName" : "level", "content" : "HIGH", "type" : "string" }, { "fieldName" : "attack_type", "content" : "Vulnerability Exploit Attack", "type" : "string" }, { "fieldName" : "fw_instance_id", "content" : "58ead9e7-418d-4166-8df8-f24941d4205c", "type" : "string" }, { "fieldName" : "action", "content" : "permit", "type" : "string" }, { "fieldName" : "vsys", "content" : "1", "type" : "string" }, { "fieldName" : "attack_rule", "content" : "VMware Spring Cloud Directory Traversal Vulnerability (CVE-2020-5410)", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "CFW_ATTACK" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改CFW流量日志方式的结构化配置。
{ "content" : "{\"dst_port\":\"80\",\"app\":\"HTTP\",\"to_c_pkts\":0.1,\"dst_ip\":\"100.85.222.23\",\"to_c_bytes\":0.1,\"end_time\":1655436321000,\"src_ip\":\"10.108.170.229\",\"index_day\":\"2022.06.17\",\"bytes\":1232.1,\"log-id\":\"4424364f\",\"vsys\":\"1\",\"suffix\":\"67\",\"packets\":10.1,\"direction\":\"out2in\",\"protocol\":\"TCP\",\"to_s_bytes\":1232.1,\"to_s_pkts\":10.1,\"src_port\":\"63934\",\"start_time\":1655436299000,\"fw_instance_id\":\"efbeb90c-1108-42ce-b099-f7e035a10b67\"}", "demo_fields" : [ { "fieldName" : "dst_port", "content" : "80", "type" : "string" }, { "fieldName" : "app", "content" : "HTTP", "type" : "string" }, { "fieldName" : "to_c_pkts", "content" : "0.1", "type" : "float" }, { "fieldName" : "dst_ip", "content" : "100.85.222.23", "type" : "string" }, { "fieldName" : "to_c_bytes", "content" : "0.1", "type" : "float" }, { "fieldName" : "end_time", "content" : "1655436321000", "type" : "long" }, { "fieldName" : "src_ip", "content" : "10.108.170.229", "type" : "string" }, { "fieldName" : "index_day", "content" : "2022.06.17", "type" : "string" }, { "fieldName" : "bytes", "content" : "1232.1", "type" : "float" }, { "fieldName" : "log-id", "content" : "4424364f", "type" : "string" }, { "fieldName" : "vsys", "content" : "1", "type" : "string" }, { "fieldName" : "suffix", "content" : "67", "type" : "string" }, { "fieldName" : "packets", "content" : "10.1", "type" : "float" }, { "fieldName" : "direction", "content" : "out2in", "type" : "string" }, { "fieldName" : "protocol", "content" : "TCP", "type" : "string" }, { "fieldName" : "to_s_bytes", "content" : "1232.1", "type" : "float" }, { "fieldName" : "to_s_pkts", "content" : "10.1", "type" : "float" }, { "fieldName" : "src_port", "content" : "63934", "type" : "string" }, { "fieldName" : "start_time", "content" : "1655436299000", "type" : "long" }, { "fieldName" : "fw_instance_id", "content" : "efbeb90c-1108-42ce-b099-f7e035a10b67", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "CFW_FLOW" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改POSTGRESQL慢日志方式的结构化配置。
{ "content" : "{\"log_type\":\"slow_log\",\"execute_time\":328.662,\"user\":\"authoring\",\"log_time\":\"2022-07-24T10:06:41.000\",\"database\":\"authoring-test\",\"statement\":\"SELECT * FROM ( SELECT n.user_id,n.id AS resource_id,e.create_at AS begin_time,e.create_at AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id WHERE e.category = N AND s.resource_ownership=N AND e.create_at BETWEEN $N AND $N UNION ALL SELECT n.user_id,n.id AS resource_id,$N AS begin_time,$N AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id INNER JOIN (SELECT resource_id,max(create_at) as create_at FROM t_resource_status_event WHERE create_at < $N AND category = N GROUP BY resource_id) x ON e.resource_id=x.resource_id AND e.create_at=x.create_at WHERE e.create_at < $N AND e.category = N AND e.status = N AND s.resource_ownership=N) m ORDER BY resource_id,begin_time ASC\",\"host\":\"10.*.*.206\",\"log_timestamp\":\"1658657201\",\"operate_type\":\"SELECT\",\"node_id\":\"d285609201534696bdcd648519fe2b8dno02\",\"instance_id\":\"5b67dc63ba824145aae1f12ff51e58b8in02\"}", "demo_fields" : [ { "fieldName" : "log_type", "content" : "slow_log", "type" : "string" }, { "fieldName" : "execute_time", "content" : "328.662", "type" : "float" }, { "fieldName" : "user", "content" : "authoring", "type" : "string" }, { "fieldName" : "log_time", "content" : "2022-07-24T10:06:41.000", "type" : "string" }, { "fieldName" : "database", "content" : "authoring-test", "type" : "string" }, { "fieldName" : "statement", "content" : "SELECT * FROM ( SELECT n.user_id,n.id AS resource_id,e.create_at AS begin_time,e.create_at AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id WHERE e.category = N AND s.resource_ownership=N AND e.create_at BETWEEN $N AND $N UNION ALL SELECT n.user_id,n.id AS resource_id,$N AS begin_time,$N AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id INNER JOIN (SELECT resource_id,max(create_at) as create_at FROM t_resource_status_event WHERE create_at < $N AND category = N GROUP BY resource_id) x ON e.resource_id=x.resource_id AND e.create_at=x.create_at WHERE e.create_at < $N AND e.category = N AND e.status = N AND s.resource_ownership=N) m ORDER BY resource_id,begin_time ASC", "type" : "string" }, { "fieldName" : "host", "content" : "10.*.*.206", "type" : "string" }, { "fieldName" : "log_timestamp", "content" : "1658657201", "type" : "string" }, { "fieldName" : "operate_type", "content" : "SELECT", "type" : "string" }, { "fieldName" : "node_id", "content" : "d285609201534696bdcd648519fe2b8dno02", "type" : "string" }, { "fieldName" : "instance_id", "content" : "5b67dc63ba824145aae1f12ff51e58b8in02", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "POSTGRESQL_SLOW" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改POSTGRESQL错误日志方式的结构化配置
{ "content" : "{\"log_type\":\"error_log\",\"severity\":\"WARNING\",\"log_time\":\"2022-08-22T06:52:08Z\",\"raw_message\":\"Occur error when reading bytes from a network handler. Client actively closes the connection.\",\"node_id\":\"d285609201534696bdcd648519fe2b8dno02\",\"instance_id\":\"5b67dc63ba824145aae1f12ff51e58b8in02\"}", "demo_fields" : [ { "fieldName" : "log_type", "content" : "error_log", "type" : "string" }, { "fieldName" : "severity", "content" : "WARNING", "type" : "string" }, { "fieldName" : "log_time", "content" : "2022-08-22T06:52:08Z", "type" : "string" }, { "fieldName" : "raw_message", "content" : "Occur error when reading bytes from a network handler. Client actively closes the connection.", "type" : "string" }, { "fieldName" : "node_id", "content" : "d285609201534696bdcd648519fe2b8dno02", "type" : "string" }, { "fieldName" : "instance_id", "content" : "5b67dc63ba824145aae1f12ff51e58b8in02", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "POSTGRESQL_ERROR" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改GAUSSDB_MYSQL慢日志方式的结构化配置。
{ "content" : "{\"start_time\":\"2022-07-27T02:49:19.000\",\"user\":\"commerce\",\"host\":\"100.*.*.222\",\"query_time\":\"1.461583\",\"lock_time\":\"0.000050\",\"rows_sent\":\"500\",\"rows_examined\":\"581000\",\"command_text\":\"SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;\",\"database\":\"saas_perf\",\"log_type\":\"slow_log\",\"log_time\":\"1658890159\",\"operate_type\":\"SELECT\"}", "demo_fields" : [ { "fieldName" : "start_time", "content" : "2022-07-27T02:49:19.000", "type" : "string" }, { "fieldName" : "user", "content" : "commerce", "type" : "string" }, { "fieldName" : "host", "content" : "100.*.*.222", "type" : "string" }, { "fieldName" : "query_time", "content" : "1.461583", "type" : "string" }, { "fieldName" : "lock_time", "content" : "0.000050", "type" : "string" }, { "fieldName" : "rows_sent", "content" : "500", "type" : "string" }, { "fieldName" : "rows_examined", "content" : "581000", "type" : "string" }, { "fieldName" : "command_text", "content" : "SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;", "type" : "string" }, { "fieldName" : "database", "content" : "saas_perf", "type" : "string" }, { "fieldName" : "log_type", "content" : "slow_log", "type" : "string" }, { "fieldName" : "log_time", "content" : "1658890159", "type" : "string" }, { "fieldName" : "operate_type", "content" : "SELECT", "type" : "string" } ], "rule" : { "type" : "built_in", "param" : "GAUSSDB_MYSQL_SLOW" }, "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true }, { "fieldName" : "hostName", "content" : "ecs-ictest", "type" : "string", "isAnalysis" : true } ], "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改GAUSSDB_MYSQL错误日志方式的结构化配置。
{ "content" : "{\"log_type\":\"error_log\",\"severity\":\"WARNING\",\"log_time\":\"2022-08-22T06:52:08Z\",\"raw_message\":\"Occur error when reading bytes from a network handler. Client actively closes the connection.\"}", "demo_fields" : [ { "fieldName" : "log_type", "content" : "error_log", "type" : "string" }, { "fieldName" : "severity", "content" : "WARNING", "type" : "string" }, { "fieldName" : "log_time", "content" : "2022-08-22T06:52:08Z", "type" : "string" }, { "fieldName" : "raw_message", "content" : "Occur error when reading bytes from a network handler. Client actively closes the connection.", "type" : "string" } ], "rule" : { "type" : "built_in", "param" : "GAUSSDB_MYSQL_ERROR" }, "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改CDN方式的结构化配置。
{ "content" : "{\"request_time\":\"1666604392000\",\"domain\":\"findercdn.video.qq.com\",\"method\":\"GET\",\"scheme\":\"http\",\"uri\":\"/BcimRg.txt\",\"uri_param\":\"cdnkey=*****&cdntoken=*****&tokenidx=1\",\"client_ip\":\"192.168.233.142\",\"client_port\":\"51517\",\"refer_protocol\":\"-\",\"refer_domain\":\"-\",\"refer_uri\":\"-\",\"refer_param\":\"-\",\"request_size\":\"301\",\"response_time\":\"14\",\"response_size\":\"588\",\"http_code\":\"403\",\"response_range\":\"-\",\"request_range\":\"-\",\"request_body_bytes\":\"150\",\"content_type\":\"text/html\",\"hit_info\":\"HIT\",\"user_agent\":\"python-requests/2.21.0\",\"uuid\":\"ce6327e015c1e16f581818b838a6cb0c\",\"via_info\":\"edge-cache01[14]\",\"xforwordfor\":\"-\"}", "demo_fields" : [ { "fieldName" : "request_time", "content" : "1666604392000", "type" : "string" }, { "fieldName" : "domain", "content" : "findercdn.video.qq.com", "type" : "string" }, { "fieldName" : "method", "content" : "GET", "type" : "string" }, { "fieldName" : "scheme", "content" : "http", "type" : "string" }, { "fieldName" : "uri", "content" : "/BcimRg.txt", "type" : "string" }, { "fieldName" : "uri_param", "content" : "cdnkey=*****&cdntoken=*****&tokenidx=1", "type" : "string" }, { "fieldName" : "client_ip", "content" : "192.168.233.142", "type" : "string" }, { "fieldName" : "client_port", "content" : "51517", "type" : "string" }, { "fieldName" : "refer_protocol", "content" : "-", "type" : "string" }, { "fieldName" : "refer_domain", "content" : "-", "type" : "string" }, { "fieldName" : "refer_uri", "content" : "-", "type" : "string" }, { "fieldName" : "refer_param", "content" : "-", "type" : "string" }, { "fieldName" : "request_size", "content" : "301", "type" : "string" }, { "fieldName" : "response_time", "content" : "14", "type" : "string" }, { "fieldName" : "response_size", "content" : "588", "type" : "string" }, { "fieldName" : "http_code", "content" : "403", "type" : "string" }, { "fieldName" : "response_range", "content" : "-", "type" : "string" }, { "fieldName" : "request_range", "content" : "-", "type" : "string" }, { "fieldName" : "request_body_bytes", "content" : "150", "type" : "string" }, { "fieldName" : "content_type", "content" : "text/html", "type" : "string" }, { "fieldName" : "hit_info", "content" : "HIT", "type" : "string" }, { "fieldName" : "user_agent", "content" : "python-requests/2.21.0", "type" : "string" }, { "fieldName" : "uuid", "content" : "ce6327e015c1e16f581818b838a6cb0c", "type" : "string" }, { "fieldName" : "via_info", "content" : "edge-cache01[14]", "type" : "string" }, { "fieldName" : "xforwordfor", "content" : "-", "type" : "string" } ], "rule" : { "type" : "built_in", "param" : "CDN" }, "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改SMN方式的结构化配置。
{ "content" : "{\"message_id\":\"1ae49922602a42fc83acb9689a2eb5f4\",\"project_id\":\"5a9f32e4f1ec4bbe9695ff9da51c2925\",\"topic_urn\":\"urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo\",\"subscriber_urn\":\"urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo:b55c3c6fa7cd471b9f24818d530a8740\",\"protocol_name\":\"https\",\"endpoint\":\"https://127.0.0.1:443/https\",\"status\":\"DELIVERED\",\"http_code\":200,\"create_time\":\"2022-11-01T00:00:00Z\",\"send_time\":\"2022-11-01T00:00:10Z\"}", "demo_fields" : [ { "fieldName" : "message_id", "content" : "1ae49922602a42fc83acb9689a2eb5f4", "type" : "string" }, { "fieldName" : "project_id", "content" : "5a9f32e4f1ec4bbe9695ff9da51c2925", "type" : "string" }, { "fieldName" : "topic_urn", "content" : "urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo", "type" : "string" }, { "fieldName" : "subscriber_urn", "content" : "urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo:b55c3c6fa7cd471b9f24818d530a8740", "type" : "string" }, { "fieldName" : "protocol_name", "content" : "https", "type" : "string" }, { "fieldName" : "endpoint", "content" : "https://127.0.0.1:443/https", "type" : "string" }, { "fieldName" : "status", "content" : "DELIVERED", "type" : "string" }, { "fieldName" : "http_code", "content" : "200", "type" : "long" }, { "fieldName" : "create_time", "content" : "2022-11-01T00:00:00Z", "type" : "string" }, { "fieldName" : "send_time", "content" : "2022-11-01T00:00:10Z", "type" : "string" } ], "rule" : { "type" : "built_in", "param" : "SMN" }, "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改WAF访问日志方式的结构化配置。
{ "content" : "{\"response_code\":\"504\",\"scheme\":\"http\",\"upstream_addr\":\"100.93.2.229:80\",\"body_bytes_sent\":\"163\",\"upstream_header_time\":\"-\",\"connection_requests\":\"1\",\"ssl_cipher\":\"\",\"hostid\":\"1736cc7331b74b198e2ef07555a970ce\",\"pid\":\"2152\",\"tls_version\":\"\",\"http_host\":\"www.testh.com\",\"process_time\":\"0\",\"access_stream_id\":\"88003425-d7bc-46ce-8ae7-77a8aa18a814\",\"time_iso8601\":\"2022-07-29T19:39:10+08:00\",\"intel_crawler\":\"\",\"upstream_status\":\"504\",\"remote_ip\":\"10.63.46.110\",\"request_time\":\"30.008\",\"tenantid\":\"1d26cc8c86a840e28a4f8d0d07852f1d\",\"sip\":\"10.63.46.110\",\"bytes_send\":\"420\",\"projectid\":\"2a473356cca5487f8373be891bffc1cf\",\"user_agent\":\"curl/7.29.0\",\"web_tag\":\"\",\"method\":\"GET\",\"bind_ip\":\"10.63.36.208\",\"region_id\":\"\",\"remote_port\":\"20582\",\"ssl_ciphers_md5\":\"\",\"x_real_ip\":\"\",\"url\":\"/\",\"x_forwarded_for\":\"\",\"sni\":\"\",\"args\":\"public/../style/general.css=true\",\"cdn_src_ip\":\"\",\"enterprise_project_id\":\"0\",\"upstream_connect_time\":\"-\",\"engine_id\":\"\",\"request_length\":\"110\",\"group_id\":\"5d574e6a-87da-42bc-bfd4-ff61a1b336a4\",\"requestid\":\"36f0a9212b14528ffc090f1811cd87d8\",\"ssl_curves\":\"\",\"ssl_session_reused\":\"\",\"waf-time\":\"2022-07-29T11:39:10.000Z\",\"upstream_response_time\":\"30.008\",\"time\":\"29/Jul/2022:19:39:10 +0800\",\"category\":\"access\",\"eng_ip\":\"10.63.36.208\"}", "demo_fields" : [ { "fieldName" : "response_code", "content" : "504", "type" : "string" }, { "fieldName" : "scheme", "content" : "http", "type" : "string" }, { "fieldName" : "upstream_addr", "content" : "100.93.2.229:80", "type" : "string" }, { "fieldName" : "body_bytes_sent", "content" : "163", "type" : "string" }, { "fieldName" : "upstream_header_time", "content" : "-", "type" : "string" }, { "fieldName" : "connection_requests", "content" : "1", "type" : "string" }, { "fieldName" : "ssl_cipher", "content" : "", "type" : "string" }, { "fieldName" : "hostid", "content" : "1736cc7331b74b198e2ef07555a970ce", "type" : "string" }, { "fieldName" : "pid", "content" : "2152", "type" : "string" }, { "fieldName" : "tls_version", "content" : "", "type" : "string" }, { "fieldName" : "http_host", "content" : "www.testh.com", "type" : "string" }, { "fieldName" : "process_time", "content" : "0", "type" : "string" }, { "fieldName" : "access_stream_id", "content" : "88003425-d7bc-46ce-8ae7-77a8aa18a814", "type" : "string" }, { "fieldName" : "time_iso8601", "content" : "2022-07-29T19:39:10+08:00", "type" : "string" }, { "fieldName" : "intel_crawler", "content" : "", "type" : "string" }, { "fieldName" : "upstream_status", "content" : "504", "type" : "string" }, { "fieldName" : "remote_ip", "content" : "10.63.46.110", "type" : "string" }, { "fieldName" : "request_time", "content" : "30.008", "type" : "string" }, { "fieldName" : "tenantid", "content" : "1d26cc8c86a840e28a4f8d0d07852f1d", "type" : "string" }, { "fieldName" : "sip", "content" : "10.63.46.110", "type" : "string" }, { "fieldName" : "bytes_send", "content" : "420", "type" : "string" }, { "fieldName" : "projectid", "content" : "2a473356cca5487f8373be891bffc1cf", "type" : "string" }, { "fieldName" : "user_agent", "content" : "curl/7.29.0", "type" : "string" }, { "fieldName" : "web_tag", "content" : "", "type" : "string" }, { "fieldName" : "method", "content" : "GET", "type" : "string" }, { "fieldName" : "bind_ip", "content" : "10.63.36.208", "type" : "string" }, { "fieldName" : "region_id", "content" : "", "type" : "string" }, { "fieldName" : "remote_port", "content" : "20582", "type" : "string" }, { "fieldName" : "ssl_ciphers_md5", "content" : "", "type" : "string" }, { "fieldName" : "x_real_ip", "content" : "", "type" : "string" }, { "fieldName" : "url", "content" : "/", "type" : "string" }, { "fieldName" : "x_forwarded_for", "content" : "", "type" : "string" }, { "fieldName" : "sni", "content" : "", "type" : "string" }, { "fieldName" : "args", "content" : "public/../style/general.css=true", "type" : "string" }, { "fieldName" : "cdn_src_ip", "content" : "", "type" : "string" }, { "fieldName" : "enterprise_project_id", "content" : "0", "type" : "string" }, { "fieldName" : "upstream_connect_time", "content" : "-", "type" : "string" }, { "fieldName" : "engine_id", "content" : "", "type" : "string" }, { "fieldName" : "request_length", "content" : "110", "type" : "string" }, { "fieldName" : "group_id", "content" : "5d574e6a-87da-42bc-bfd4-ff61a1b336a4", "type" : "string" }, { "fieldName" : "requestid", "content" : "36f0a9212b14528ffc090f1811cd87d8", "type" : "string" }, { "fieldName" : "ssl_curves", "content" : "", "type" : "string" }, { "fieldName" : "ssl_session_reused", "content" : "", "type" : "string" }, { "fieldName" : "waf-time", "content" : "2022-07-29T11:39:10.000Z", "type" : "string" }, { "fieldName" : "upstream_response_time", "content" : "30.009", "type" : "string" }, { "fieldName" : "time", "content" : "29/Jul/2022:19:39:10 +0800", "type" : "string" }, { "fieldName" : "waf_category", "content" : "access", "type" : "string" }, { "fieldName" : "eng_ip", "content" : "10.63.36.208", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "rule" : { "type" : "built_in", "param" : "WAF_ACCESS" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改WAF攻击日志方式的结构化配置。
{ "content" : "{\"policy_id\":\"cd081ba3d6674000acc37d7e2a4b9140\",\"hport\":\"80\",\"body_bytes_sent\":\"163\",\"hostid\":\"1736cc7331b74b198e2ef07555a970ce\",\"rule\":\"040002\",\"engine_ip\":\"10.63.36.208\",\"pid\":\"2152\",\"http_host\":\"www.testh.com\",\"process_time\":\"1\",\"reqid\":\"0000-0000-0000-20820220729193940-f34cf25e\",\"time_iso8601\":\"2022-07-29T19:39:40+08:00\",\"upstream_status\":\"504\",\"hit_data\":\"public/../style/general.css\",\"attack_stream_id\":\"98de5d5a-9f54-4d01-9882-eca7bec99d09\",\"remote_ip\":\"10.63.46.110\",\"attack\":\"lfi\",\"tenantid\":\"1d26cc8c86a840e28a4f8d0d07852f1d\",\"host\":\"www.testh.com\",\"action\":\"log\",\"backend\":{\"protocol\":\"HTTP\",\"alive\":true,\"port\":80,\"host\":\"100.93.2.229\",\"weight\":1,\"type\":\"ip\"},\"id\":\"04-0000-0000-0000-20820220729193940-f34cf25e\",\"sip\":\"10.63.46.110\",\"projectid\":\"2a473356cca5487f8373be891bffc1cf\",\"web_tag\":\"\",\"attack-time\":\"2022-07-29T11:39:40.000Z\",\"method\":\"GET\",\"cookie\":\"{\\\"HWWAFSESTIME\\\":\\\"1659094780939\\\",\\\"HWWAFSESID\\\":\\\"e2cd0733b4712e4cc4\\\"}\",\"level\":2,\"params\":\"{\\\"public\\\\/..\\\\/style\\\\/general.css\\\":\\\"true\\\"}\",\"x_real_ip\":\"\",\"uri\":\"/\",\"x_forwarded_for\":\"\",\"cdn_src_ip\":\"\",\"enterprise_project_id\":\"0\",\"req_body\":\"\",\"engine_id\":\"\",\"group_id\":\"5d574e6a-87da-42bc-bfd4-ff61a1b336a4\",\"requestid\":\"f34cf25eb33ed82cd7261a8276a60c39\",\"multipart\":\"null\",\"header\":\"{\\\"host\\\":\\\"www.testh.com\\\",\\\"user-agent\\\":\\\"curl\\\\/7.29.0\\\",\\\"accept\\\":\\\"*\\\\/*\\\"}\",\"location\":\"params\",\"upstream_response_time\":\"30.000\",\"time\":\"2022-07-29 19:39:40\",\"category\":\"attack\",\"sport\":28408,\"status\":\"504\"}", "demo_fields" : [ { "fieldName" : "policy_id", "content" : "cd081ba3d6674000acc37d7e2a4b9140", "type" : "string" }, { "fieldName" : "hport", "content" : "80", "type" : "string" }, { "fieldName" : "body_bytes_sent", "content" : "163", "type" : "string" }, { "fieldName" : "hostid", "content" : "1736cc7331b74b198e2ef07555a970ce", "type" : "string" }, { "fieldName" : "rule", "content" : "040002", "type" : "string" }, { "fieldName" : "engine_ip", "content" : "10.63.36.208", "type" : "string" }, { "fieldName" : "pid", "content" : "2152", "type" : "string" }, { "fieldName" : "http_host", "content" : "www.testh.com", "type" : "string" }, { "fieldName" : "process_time", "content" : "1", "type" : "string" }, { "fieldName" : "reqid", "content" : "0000-0000-0000-20820220729193940-f34cf25e", "type" : "string" }, { "fieldName" : "time_iso8601", "content" : "2022-07-29T19:39:40+08:00", "type" : "string" }, { "fieldName" : "upstream_status", "content" : "504", "type" : "string" }, { "fieldName" : "hit_data", "content" : "public/../style/general.css", "type" : "string" }, { "fieldName" : "attack_stream_id", "content" : "98de5d5a-9f54-4d01-9882-eca7bec99d09", "type" : "string" }, { "fieldName" : "remote_ip", "content" : "10.63.46.110", "type" : "string" }, { "fieldName" : "attack", "content" : "lfi", "type" : "string" }, { "fieldName" : "tenantid", "content" : "1d26cc8c86a840e28a4f8d0d07852f1d", "type" : "string" }, { "fieldName" : "host", "content" : "www.testh.com", "type" : "string" }, { "fieldName" : "action", "content" : "log", "type" : "string" }, { "fieldName" : "backend.protocol", "content" : "HTTP", "type" : "string" }, { "fieldName" : "backend.alive", "content" : "true", "type" : "string" }, { "fieldName" : "backend.port", "content" : "80", "type" : "long" }, { "fieldName" : "backend.host", "content" : "100.93.2.229", "type" : "string" }, { "fieldName" : "backend.weight", "content" : "1", "type" : "long" }, { "fieldName" : "backend.type", "content" : "ip", "type" : "string" }, { "fieldName" : "id", "content" : "04-0000-0000-0000-20820220729193940-f34cf25e", "type" : "string" }, { "fieldName" : "sip", "content" : "10.63.46.110", "type" : "string" }, { "fieldName" : "projectid", "content" : "2a473356cca5487f8373be891bffc1cf", "type" : "string" }, { "fieldName" : "web_tag", "content" : "", "type" : "string" }, { "fieldName" : "attack-time", "content" : "2022-07-29T11:39:40.000Z", "type" : "string" }, { "fieldName" : "method", "content" : "GET", "type" : "string" }, { "fieldName" : "cookie", "content" : "{\"HWWAFSESTIME\":\"1659094780939\",\"HWWAFSESID\":\"e2cd0733b4712e4cc4\"}", "type" : "string" }, { "fieldName" : "level", "content" : "2", "type" : "long" }, { "fieldName" : "params", "content" : "{\\\"public\\\\/..\\\\/style\\\\/general.css\\\":\\\"true\\\"}", "type" : "string" }, { "fieldName" : "x_real_ip", "content" : "", "type" : "string" }, { "fieldName" : "url", "content" : "/", "type" : "string" }, { "fieldName" : "x_forwarded_for", "content" : "", "type" : "string" }, { "fieldName" : "cdn_src_ip", "content" : "", "type" : "string" }, { "fieldName" : "enterprise_project_id", "content" : "0", "type" : "string" }, { "fieldName" : "req_body", "content" : "", "type" : "string" }, { "fieldName" : "engine_id", "content" : "", "type" : "string" }, { "fieldName" : "group_id", "content" : "5d574e6a-87da-42bc-bfd4-ff61a1b336a4", "type" : "string" }, { "fieldName" : "requestid", "content" : "f34cf25eb33ed82cd7261a8276a60c39", "type" : "string" }, { "fieldName" : "multipart", "content" : "null", "type" : "string" }, { "fieldName" : "header", "content" : "{\\\"host\\\":\\\"www.testh.com\\\",\\\"user-agent\\\":\\\"curl\\\\/7.29.0\\\",\\\"accept\\\":\\\"*\\\\/*\\\"}", "type" : "string" }, { "fieldName" : "location", "content" : "params", "type" : "string" }, { "fieldName" : "upstream_response_time", "content" : "30.000", "type" : "string" }, { "fieldName" : "time", "content" : "2022-07-29 19:39:40", "type" : "string" }, { "fieldName" : "waf_category", "content" : "attack", "type" : "string" }, { "fieldName" : "sport", "content" : "28408", "type" : "long" }, { "fieldName" : "status", "content" : "504", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "type" : "string" } ], "rule" : { "type" : "built_in", "param" : "WAF_ATTACK" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改DMS重平衡日志方式的结构化配置。
{ "content" : "{\"level\":\"INFO\",\"timestamp\":\"2023-03-23 17:23:22,906\",\"message\":{\"leaderId\":\"consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635\",\"generationId\":\"1\",\"reason\":\"Assignment received from leader for group KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0 for generation 1\",\"groupId\":\"KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0\",\"coordinatorId\":\"0\",\"type\":\"END_REBALANCE\",\"group\":\"GroupMetadata(groupId=KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0, generation=1, protocolType=Some(consumer), currentState=CompletingRebalance, members=Map(consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635 -> MemberMetadata(memberId=consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635, clientId=consumer-1, clientHost=/172.31.2.168, sessionTimeoutMs=10000, rebalanceTimeoutMs=300000, supportedProtocols=List(range), )))\"}}", "demo_fields" : [ { "fieldName" : "level", "content" : "INFO", "type" : "string" }, { "fieldName" : "timestamp", "content" : "2023-03-23 17:23:22,906", "type" : "string" }, { "fieldName" : "message.leaderId", "content" : "consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635", "type" : "string" }, { "fieldName" : "message.generationId", "content" : "1", "type" : "string" }, { "fieldName" : "message.reason", "content" : "Assignment received from leader for group KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0 for generation 1", "type" : "string" }, { "fieldName" : "message.groupId", "content" : "KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0", "type" : "string" }, { "fieldName" : "message.coordinatorId", "content" : "0", "type" : "string" }, { "fieldName" : "message.type", "content" : "END_REBALANCE", "type" : "string" }, { "fieldName" : "message.group", "content" : "GroupMetadata(groupId=KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0, generation=1, protocolType=Some(consumer), currentState=CompletingRebalance, members=Map(consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635 -> MemberMetadata(memberId=consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635, clientId=consumer-1, clientHost=/172.31.2.168, sessionTimeoutMs=10000, rebalanceTimeoutMs=300000, supportedProtocols=List(range), )))", "type" : "string" } ], "tag_fields" : [ { "fieldName" : "hostIP", "type" : "string" } ], "rule" : { "type" : "built_in", "param" : "DMS_REBALANCED" }, "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改GAUSSDB_REDIS慢日志方式的结构化配置。
{ "content" : "{\"instance_id\":\"32eaaf6c5a0142e3a6d80740cd5b3803in12\",\"node_id\":\"597a15b9f2ef4436811c5edcc67c013cno12\",\"database\":\"0\",\"log_type\":\"slow_log\",\"operate_type\":\"sismember\",\"log_time\":\"2022-10-12T07:42:21.253484Z\",\"cost_time\":\"1277.47\",\"whole_message\":\"{\"command_param\": \"dc:set:new:follow:uids:monthly:259008728:202210\",\"database\": 0}\"}", "demo_fields" : [ { "fieldName" : "instance_id", "content" : "32eaaf6c5a0142e3a6d80740cd5b3803in12", "type" : "string" }, { "fieldName" : "node_id", "content" : "597a15b9f2ef4436811c5edcc67c013cno12", "type" : "string" }, { "fieldName" : "database", "content" : "0", "type" : "string" }, { "fieldName" : "log_type", "content" : "slow_log", "type" : "string" }, { "fieldName" : "operate_type", "content" : "sismember", "type" : "string" }, { "fieldName" : "log_time", "content" : "2022-10-12T07:42:21.253484Z", "type" : "string" }, { "fieldName" : "cost_time", "content" : "1277.47", "type" : "float" }, { "fieldName" : "whole_message", "content" : "{\"command_param\":\"dc:set:new:follow:uids:monthly:259008728:202210\",\"database\":0}", "type" : "string" } ], "rule" : { "type" : "built_in", "param" : "GAUSSDB_REDIS_SLOW" }, "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string", "isAnalysis" : true } ], "log_group_id" : "925a750-e0f3-4fe9-a046-a04af676xxxx", "log_stream_id" : "7e432db8-9dad-4723-a4b1-fdabf712xxxx", "parse_type" : " ", "project_id" : "2a473356cca5487f8373be891bffxxxx" }
修改APIG结构化配置
{ "content" : "100.125.7.59 f57f6523b675504a23887d0f5c1c8ef3 f5ea2360a2fa443cac236b76f4052ad6 - - [27/Jan/2022:15:56:44 +0800] 0.113 GET http://c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com /api/echo HTTP/1.1 200 1443 408 \"APIGatewayDebugClient/1.0\" \"-\" \"100.125.2.39:443\" /v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations \"200\" \"0.010\" \"0.083\" \"0.083\" cn-north-4 0.083 0 - - - 0.03000020980835 - - \"-\" 486 HttpEchoDemo - - - \"-\" \"-\" \"-\" \"-\" \"-\" \"-\" \"-\" \"-\" \"-\" \"-\" remote", "demo_fields" : [ { "fieldName" : "my_remote_addr", "content" : "100.125.7.59", "type" : "string" }, { "fieldName" : "request_id", "content" : "f57f6523b675504a23887d0f5c1c8ef3", "type" : "string" }, { "fieldName" : "api_id", "content" : "f5ea2360a2fa443cac236b76f4052ad6", "type" : "string" }, { "fieldName" : "user_name", "content" : "-", "type" : "string" }, { "fieldName" : "app_id", "content" : "-", "type" : "string" }, { "fieldName" : "time_local", "content" : "27/Jan/2022:15:56:44", "type" : "string" }, { "fieldName" : "request_time", "content" : "0.113", "type" : "float" }, { "fieldName" : "request_method", "content" : "GET", "type" : "string" }, { "fieldName" : "scheme", "content" : "http", "type" : "string" }, { "fieldName" : "host", "content" : "c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com", "type" : "string" }, { "fieldName" : "router_uri", "content" : "/api/echo", "type" : "string" }, { "fieldName" : "server_protocol", "content" : "HTTP/1.1", "type" : "string" }, { "fieldName" : "status", "content" : "200", "type" : "long" }, { "fieldName" : "bytes_sent", "content" : "1443", "type" : "long" }, { "fieldName" : "request_length", "content" : "408", "type" : "long" }, { "fieldName" : "http_user_agent", "content" : "APIGatewayDebugClient/1.0", "type" : "string" }, { "fieldName" : "http_x_forwarded_for", "content" : "-", "type" : "string" }, { "fieldName" : "upstream_addr", "content" : "100.125.2.39:443", "type" : "string" }, { "fieldName" : "upstream_uri", "content" : "/v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations", "type" : "string" }, { "fieldName" : "upstream_status", "content" : "200", "type" : "long" }, { "fieldName" : "upstream_connect_time", "content" : "0.010", "type" : "float" }, { "fieldName" : "upstream_header_time", "content" : "0.083", "type" : "float" }, { "fieldName" : "upstream_response_time", "content" : "0.083", "type" : "float" }, { "fieldName" : "region_id", "content" : "cn-north-4", "type" : "string" }, { "fieldName" : "all_upstream_response_time", "content" : "0.083", "type" : "float" }, { "fieldName" : "errorType", "content" : "0", "type" : "long" }, { "fieldName" : "auth_type", "content" : "-", "type" : "string" }, { "fieldName" : "access_model1", "content" : "-", "type" : "string" }, { "fieldName" : "access_model2", "content" : "-", "type" : "string" }, { "fieldName" : "inner_time", "content" : "0.03000020980835", "type" : "float" }, { "fieldName" : "proxy_protocol_vni", "content" : "-", "type" : "string" }, { "fieldName" : "proxy_protocol_vpce_id", "content" : "-", "type" : "string" }, { "fieldName" : "proxy_protocol_addr", "content" : "-", "type" : "string" }, { "fieldName" : "body_bytes_sent", "content" : "486", "type" : "long" }, { "fieldName" : "api_name", "content" : "HttpEchoDemo", "type" : "string" }, { "fieldName" : "app_name", "content" : "-", "type" : "string" }, { "fieldName" : "provider_app_id", "content" : "-", "type" : "string" }, { "fieldName" : "provider_app_name", "content" : "-", "type" : "string" }, { "fieldName" : "custom_data_log1", "content" : "-", "type" : "string" }, { "fieldName" : "custom_data_log2", "content" : "-", "type" : "string" }, { "fieldName" : "custom_data_log3", "content" : "-", "type" : "string" }, { "fieldName" : "custom_data_log4", "content" : "-", "type" : "string" }, { "fieldName" : "custom_data_log5", "content" : "-", "type" : "string" }, { "fieldName" : "custom_data_log6", "content" : "-", "type" : "string" }, { "fieldName" : "custom_data_log7", "content" : "-", "type" : "string" }, { "fieldName" : "custom_data_log8", "content" : "-", "type" : "string" }, { "fieldName" : "custom_data_log9", "content" : "-", "type" : "string" }, { "fieldName" : "custom_data_log10", "content" : "-", "type" : "string" }, { "fieldName" : "response_source", "content" : "remote", "type" : "string" }, { "fieldName" : "start_time", "content" : "26/Dec/2022:12:21:40.000", "type" : "string" } ], "rule" : { "type" : "built_in", "param" : "APIG" }, "tag_fields" : [ { "fieldName" : "hostIP", "content" : "192.168.2.134", "type" : "string" }, { "fieldName" : "hostName", "content" : "ecs-ictest", "type" : "string" } ], "log_group_id" : "", "log_stream_id" : "", "parse_type" : "", "project_id" : "" }
响应示例
状态码: 200
请求响应成功, 成功修改结构化配置。
{ "2a473356cca5487f8373be891bffc1cf_8a75b77d-7d72-4d7e-8c50-a24562cf8b0b_fd5e1a7c-7412-475d-a013-8891d539574e" }
状态码: 400
BadRequest。非法请求。 建议根据error_msg直接修改该请求,不要重试该请求。
{ "errorCode" : "LTS.0612", "errorMessage" : "timee fieldType is error" }
状态码: 401
AuthFailed。鉴权失败, 请确认token后再次请求 。
{ "error_code" : "LTS.0414", "error_msg" : "Invalid token" }
状态码: 403
Forbidden。请求被拒绝访问。返回该状态码,表明请求能够到达服务端,且服务端能够理解用户请求,但是拒绝做更多的事情,因为该请求被设置为拒绝访问,建议直接修改该请求,不要重试该请求。
{ "error_code" : "LTS.0001", "error_msg" : "Invalid projectId" }
状态码: 500
InternalServerError。 表明服务端能被请求访问到,但是服务内部出错。
{ "error_code" : "LTS.0102", "error_msg" : "Failed to create log group" }
SDK代码示例
SDK代码示例如下。
修改正则方式的结构化配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); listbodyTagFields.add( new TagField() .withFieldName("hostName") .withType("string") .withContent("ecs-ictest") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("a01") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("a02") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("a03") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("a04") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("a05") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("a06") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("a07") .withType("long") ); body.withRegexRules("^(?<a01>[^ ]+)(?:[^ ]* ){1}(?<a02>\w+)(?:[^ ]* ){1}(?<a03>\w+)(?:[^ ]* ){1}(?<a04>\w+)(?:[^ ]* ){1}(?<a05>\w+)(?:[^ ]* ){1}(?<a06>\w+)(?:[^ ]* ){1}(?<a07>\d+)"); body.withProjectId(" "); body.withLogStreamId("ff8bd110-dc44-4692-af74-d3b1f6197887"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue("custom_regex")); body.withLogGroupId("ada6ce6b-17ba-43f3-a27f-aa563b4ab14e"); body.withContent("2021-09-09/18:15:41 this log is Error NO 6323"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改分隔符方式的结构化配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); listbodyTagFields.add( new TagField() .withFieldName("hostName") .withType("string") .withContent("ecs-ictest") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("b1") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("b2") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("b3") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("b4") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("b5") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("b6") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("b7") .withType("long") ); body.withTokenizer(" "); body.withProjectId(""); body.withLogStreamId("ff8bd110-dc44-4692-af74-d3b1f6197887"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue("split")); body.withLogGroupId("ada6ce6b-17ba-43f3-a27f-aa563b4ab14e"); body.withContent("2021-09-09/18:50:51 this log is Error NO 37"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改NGINX方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); listbodyTagFields.add( new TagField() .withFieldName("hostName") .withType("string") .withContent("ecs-ictest") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("his1") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withFieldName("his2") .withType("string") ); body.withLogFormat("log_format main '$his1 : $his2 /'"); body.withProjectId(""); body.withLogStreamId("ff8bd110-dc44-4692-af74-d3b1f6197887"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue("nginx")); body.withLogGroupId("ada6ce6b-17ba-43f3-a27f-aa563b4ab14e"); body.withContent("2021-09-09/18:54:55 this log is Error NO 281"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改CTS方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("CTS"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("201") .withFieldName("code") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("global") .withFieldName("event_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("221123nsada3sda3231das3111ndsab") .withFieldName("project_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1597042370464") .withFieldName("record_time") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("98763hkjhdteoi03861732hjh7983bhd") .withFieldName("resource_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("demodemodemo/demo") .withFieldName("resource_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("token") .withFieldName("resource_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("IAM") .withFieldName("service_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.10.1.10") .withFieldName("source_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1597042369296") .withFieldName("time") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1eesdd-dad6-11dsaea-edaxfeqdf") .withFieldName("trace_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("demodemodemo") .withFieldName("trace_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("normal") .withFieldName("trace_rating") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("ApiCall") .withFieldName("trace_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("global") .withFieldName("tracker_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("21185d8818e443e1ryjkh71622f09212b") .withFieldName("user.domain.id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("testdemo") .withFieldName("user.domain.name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("6hfakl86faqw87dsasasadf09ajbml") .withFieldName("user.id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("testdemo/demo") .withFieldName("user.name") .withType("string") ); body.withRule(rulebody); body.withProjectId(" "); body.withLogStreamId(" "); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId(" "); body.withContent("{"code":"201","source_ip":"10.10.1.10","trace_type":"ApiCall","event_type":"global","project_id":"221123nsada3sda3231das3111ndsab","trace_id":"1eesdd-dad6-11dsaea-edaxfeqdf","trace_name":"demodemodemo","resource_type":"token","trace_rating":"normal","service_type":"IAM","resource_id":"98763hkjhdteoi03861732hjh7983bhd","tracker_name":"global","time":"1597042369296","resource_name":"demodemodemo/demo","record_time":"1597042370464","user":{"domain":{"name":"testdemo","id":"21185d8818e443e1ryjkh71622f09212b"},"name":"testdemo/demo","id":"6hfakl86faqw87dsasasadf09ajbml"}}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改ELB方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("ELB"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("1594727856.337") .withFieldName("msec") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("e7c37d97-e922-457c-bbf3-dsadeqac") .withFieldName("access_log_topic_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2020-07-14T19:57:36+08:00") .withFieldName("time_iso8601") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("elb_01") .withFieldName("log_ver") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("192.0.0.0") .withFieldName("remote_addr") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("88888") .withFieldName("remote_port") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("200") .withFieldName("status") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("GET") .withFieldName("request_method") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("http") .withFieldName("scheme") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("prod.sss.ads.sg2.aaa") .withFieldName("host") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("loc/ation?version=3&ip=100.0.0.0&coordinate=27.7044784,85.3007481&device_id=dsadsadasdsadasd&beyla_id=wqeb123ndadsa233ddada") .withFieldName("router_request_uri") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("HTTP/1.1") .withFieldName("server_protocol") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("233") .withFieldName("request_length") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("293") .withFieldName("bytes_sent") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("138") .withFieldName("body_bytes_sent") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.001") .withFieldName("request_time") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("200") .withFieldName("upstream_status") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.000") .withFieldName("upstream_connect_time") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.001") .withFieldName("upstream_header_time") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.001") .withFieldName("upstream_response_time") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("100.0.0.0:9999") .withFieldName("upstream_addr") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("lua-resty-http/0.14 (Lua) ngx_lua/10000") .withFieldName("http_user_agent") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("http_referer") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("http_x_forwarded_for") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("loadbalancer_edsaee-4c9c-b467-5b8126b2f7f7dsa") .withFieldName("lb_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("listener_6077809b-913f-466d-a96c-376f08882d5d") .withFieldName("listener_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("08cc2b3f68aa4dddd1e6a90dddd1688348a4480") .withFieldName("listener_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("pool_b2f2966c-043d-4674-ad4b-c15f2adb2c6b") .withFieldName("pool_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("member_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2fb78dsadadq1213das1121dab146ad3cb0") .withFieldName("tenant_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("eip_address") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("80") .withFieldName("eip_port") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("101.0.0.0:10000") .withFieldName("upstream_addr_priv") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("certificate_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("ssl_protocol") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("ssl_cipher") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("sni_domain_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("9739") .withFieldName("tcpinfo_rtt") .withType("long") ); body.withRule(rulebody); body.withProjectId(" "); body.withLogStreamId(" "); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId(" "); body.withContent("1594727856.337 e7c37d97-e922-457c-bbf3-dsadeqac 2020-07-14T19:57:36+08:00 elb_01 192.0.0.0:88888 200 "GET http://prod.sss.ads.sg2.aaa/loc/ation?version=3&ip=100.0.0.0&coordinate=27.7044784,85.3007481&device_id=dsadsadasdsadasd&beyla_id=wqeb123ndadsa233ddada HTTP/1.1" 233 293 138 0.001 "200" "0.000" "0.001" "0.001" "100.0.0.0:9999" "lua-resty-http/0.14 (Lua) ngx_lua/10000" "-" "-" loadbalancer_edsaee-4c9c-b467-5b8126b2f7f7dsa listener_6077809b-913f-466d-a96c-376f08882d5d 08cc2b3f68aa4dddd1e6a90dddd1688348a4480 pool_b2f2966c-043d-4674-ad4b-c15f2adb2c6b "-" 2fb78dsadadq1213das1121dab146ad3cb0 -:80 "101.0.0.0:10000" - - - - 9739"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改VPC方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("VPC"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("1") .withFieldName("version") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("5f67944957444bd6bb4fe3b367de8f3d") .withFieldName("project_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1d515d18-1b36-47dc-a983-bd6512aed4bd") .withFieldName("interface_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("192.168.0.154") .withFieldName("srcaddr") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("192.168.3.25") .withFieldName("dstaddr") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("38929") .withFieldName("srcport") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("53") .withFieldName("dstport") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("17") .withFieldName("protocol") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1") .withFieldName("packets") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("96") .withFieldName("bytes") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1548752136") .withFieldName("start") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1548752736") .withFieldName("end") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("ACCEPT") .withFieldName("action") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("OK") .withFieldName("log_status") .withType("string") ); body.withRule(rulebody); body.withProjectId(" "); body.withLogStreamId(" "); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId(" "); body.withContent("1 5f67944957444bd6bb4fe3b367de8f3d 1d515d18-1b36-47dc-a983-bd6512aed4bd 192.168.0.154 192.168.3.25 38929 53 17 1 96 1548752136 1548752736 ACCEPT OK"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改DCS审计日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("DCS_AUDIT"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("1640966500017") .withFieldName("time") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("199a1e5a-8a37-40b9-899e-0ab6805c69eb") .withFieldName("instance_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("192.168.0.1") .withFieldName("server_addr") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("proxy") .withFieldName("role") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.0.0.1") .withFieldName("client_addr") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("client_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("default") .withFieldName("user") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1") .withFieldName("db") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("DEL") .withFieldName("command_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("string") .withFieldName("command_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("["key1","key2","key3"]") .withFieldName("command_keys") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("DEL key1 key2 key3") .withFieldName("command_param") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("500") .withFieldName("use_time") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("extend") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"time": 1640966500017, "instance_id": "199a1e5a-8a37-40b9-899e-0ab6805c69eb", "server_addr": "192.168.0.1", "role": "proxy", "client_addr": "10.0.0.1", "client_type": "0", "user": "default", "db": 1, "command_name": "DEL", "command_type": "string", "command_keys": ["key1", "key2", "key3"], "command_param": "DEL key1 key2 key3", "use_time": 500, "extend": ""}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改DDS审计日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("DDS_AUDIT"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("auditLog") .withFieldName("topic") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("9fbf813bc27e4a3ab54bddf783a4f774in01") .withFieldName("instanceid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("bf4cb0413d0b4221be94b08471708586no01") .withFieldName("nodeid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("test") .withFieldName("db") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("testCollection") .withFieldName("coll") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("update") .withFieldName("optype") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-08-05T08:24:15.536+0000") .withFieldName("time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.4.23.205") .withFieldName("user_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("47668") .withFieldName("user_port") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("rw_testuser") .withFieldName("user") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("{"command":"update","ns":"test.testCollection","op":[{"q":{"vin":"LDP31B965NG036174"},"u":{"$set":{"timestamp":{"$numberLong":"1659687855535"},"deviceTime":{"$numberLong":"1659687855340"},"longitude":"119.35516805555555","latitude":"26.057936388888891","location":"119.35516805555555,26.057936388888891","height":"10.097286797128618","direction":"12","speed":14,"accuracy":"0","h3Address7":"8741b5300ffffff"}},"upsert":true}],"args":{"update":"testCollection","ordered":true,"$db":"test","$clusterTime":{"clusterTime":{"$timestamp":{"t":1659687855,"i":1685}},"signature":{"hash":{"$binary":"CP5bfEf+gBJZdAxCKtF9HiSeqQY=","$type":"00"},"keyId":{"$numberLong":"7102408879899674942"}}},"lsid":{"id":{"$binary":"PXVVrbuvRuGkypCbu/oXXQ==","$type":"04"}}}}") .withFieldName("param") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"topic":"auditLog","instanceid":"9fbf813bc27e4a3ab54bddf783a4f774in01","nodeid":"bf4cb0413d0b4221be94b08471708586no01","db":"test","coll":"testCollection","optype":"update","time":"2022-08-05T08:24:15.536+0000","user_ip":"10.4.23.205","user_port":"47668","user":"rw_testuser","param":{"command":"update","ns":"test.testCollection","op":[{"q":{"vin":"LDP31B965NG036174"},"u":{"$set":{"timestamp":{"$numberLong":"1659687855535"},"deviceTime":{"$numberLong":"1659687855340"},"longitude":"119.35516805555555","latitude":"26.057936388888891","location":"119.35516805555555,26.057936388888891","height":"10.097286797128618","direction":"12","speed":14,"accuracy":"0","h3Address7":"8741b5300ffffff"}},"upsert":true}],"args":{"update":"testCollection","ordered":true,"$db":"test","$clusterTime":{"clusterTime":{"$timestamp":{"t":1659687855,"i":1685}},"signature":{"hash":{"$binary":"CP5bfEf+gBJZdAxCKtF9HiSeqQY=","$type":"00"},"keyId":{"$numberLong":"7102408879899674942"}}},"lsid":{"id":{"$binary":"PXVVrbuvRuGkypCbu/oXXQ==","$type":"04"}}}}}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改TOMCAT方式的结构化配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("TOMCAT"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("192.168.12.2") .withFieldName("remote_ip_address") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("remote_logical_username") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("remote_user_authenticated") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("07/Mar/2018:09:49:55") .withFieldName("time_local") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("GET") .withFieldName("scheme") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("/logHello/test") .withFieldName("router_uri") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("HTTP/1.1") .withFieldName("server_protocol") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("200") .withFieldName("status") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1943") .withFieldName("bytes_sent") .withType("long") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("192.168.12.2 - - [07/Mar/2018:09:49:55 +0800] "GET /logHello/test HTTP/1.1" 200 1943"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改GAUSSDB_OPENGAUSS_AUDIT方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("GAUSSDB_OPENGAUSS_AUDIT"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("rdsAdmin") .withFieldName("username") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("cm_agent@10.254.95.70") .withFieldName("client_conninfo") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("96e86f462bbc4f2286d7c8274815d0fein14") .withFieldName("instanceId") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("xid=30818, SET statement_timeout = 10000000;n") .withFieldName("detail_info") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("140463114942208@713872403507507") .withFieldName("thread_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("ok") .withFieldName("result") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("postgres") .withFieldName("database") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("8001") .withFieldName("local_port") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10") .withFieldName("userid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("06c267fad8054a0abcb17cfa3b8f260cno14") .withFieldName("nodeId") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("dn_6001_6002_6003") .withFieldName("node_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("statement_timeout") .withFieldName("object_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-08-15 17:53:23+08") .withFieldName("time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("set_parameter") .withFieldName("type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("50952") .withFieldName("remote_port") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"username":"rdsAdmin","client_conninfo":"cm_agent@10.254.95.70","instanceId":"96e86f462bbc4f2286d7c8274815d0fein14","detail_info":"xid=30818, SET statement_timeout = 10000000;n","thread_id":"140463114942208@713872403507507","result":"ok","database":"postgres","local_port":"8001","userid":"10","nodeId":"06c267fad8054a0abcb17cfa3b8f260cno14","node_name":"dn_6001_6002_6003","object_name":"statement_timeout","time":"2022-08-15 17:53:23+08","type":"set_parameter","remote_port":"50952"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改MYSQL慢日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("MYSQL_SLOW"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-07-27T02:49:19.000") .withFieldName("start_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("commerce") .withFieldName("user") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("100.*.*.222") .withFieldName("host") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1.461583") .withFieldName("query_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.000050") .withFieldName("lock_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("500") .withFieldName("rows_sent") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("581000") .withFieldName("rows_examined") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;") .withFieldName("command_text") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("saas_perf") .withFieldName("database") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("slow_log") .withFieldName("log_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1658890159") .withFieldName("log_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("SELECT") .withFieldName("operate_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("5d6c61bbd49b4ad3a1572461811e3dacno01") .withFieldName("node_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("207032924c644f429b74f6fc5d8c97f9in01") .withFieldName("instance_id") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"start_time":"2022-07-27T02:49:19.000","user":"commerce","host":"100.*.*.222","query_time":"1.461583","lock_time":"0.000050","rows_sent":"500","rows_examined":"581000","command_text":"SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;","database":"saas_perf","log_type":"slow_log","log_time":"1658890159","operate_type":"SELECT","node_id":"5d6c61bbd49b4ad3a1572461811e3dacno01","instance_id":"207032924c644f429b74f6fc5d8c97f9in01"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改MYSQL错误日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("MYSQL_ERROR"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("error_log") .withFieldName("log_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("WARNING") .withFieldName("severity") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-08-22T06:52:08Z") .withFieldName("log_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("Occur error when reading bytes from a network handler. Client actively closes the connection.") .withFieldName("raw_message") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("5d6c61bbd49b4ad3a1572461811e3dacno01") .withFieldName("node_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("207032924c644f429b74f6fc5d8c97f9in01") .withFieldName("instance_id") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection.","node_id":"5d6c61bbd49b4ad3a1572461811e3dacno01","instance_id":"207032924c644f429b74f6fc5d8c97f9in01"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改DDS错误日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("MONGODB_ERROR"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("error_log") .withFieldName("log_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("Error") .withFieldName("severity") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-08-22T09:33:15.142+0000") .withFieldName("log_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("E QUERY [ClusterDisasterBackupChangeJob] Get global setting disasterBackup failed.") .withFieldName("raw_message") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("5b67dc63ba824145aae1f12ff51e58b8in02") .withFieldName("instance_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("686a791e690e4db3af591ec4b6f72916no02") .withFieldName("node_id") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"log_type":"error_log","severity":"Error","log_time":"2022-08-22T09:33:15.142+0000","raw_message":"E QUERY [ClusterDisasterBackupChangeJob] Get global setting disasterBackup failed.","instance_id": "5b67dc63ba824145aae1f12ff51e58b8in02","node_id": "686a791e690e4db3af591ec4b6f72916no02"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改DDS慢日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("MONGODB_SLOW"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("slow_log") .withFieldName("log_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-08-20T10:04:03.204000Z") .withFieldName("log_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("data0820.table") .withFieldName("namespace") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("data0820") .withFieldName("database") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("table") .withFieldName("collection") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("insert") .withFieldName("operate_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("docs_scanned") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("docs_returned") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("n_deleted") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("n_matched") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("n_modified") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10") .withFieldName("n_inserted") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("555") .withFieldName("cost_time") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("lock_time") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("{"op": "insert", "ns": "data0820.usrtable", "command": "{N}", "ninserted": 1, "keysInserted": 1, "numYield": 0, "locks": {"Global": {"acquireCount": {"r": 5, "w": 5}}, "Database": {"acquireCount": {"w": 4, "W": 1}}, "Collection": {"acquireCount": {"w": 2}}, "oplog": {"acquireCount": {"w": 2}}}, "responseLength": 230, "protocol": "op_msg", "millis": 555, "ts": {"$date": 1660989843204}, "client": "192.168.0.64", "appName": "MongoDB Shell", "allUsers": [{"user": "rwuser", "db": "admin"}], "user": "rwuser@admin"}") .withFieldName("whole_message") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("5b67dc63ba824145aae1f12ff51e58b8in02") .withFieldName("instance_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("686a791e690e4db3af591ec4b6f72916no02") .withFieldName("node_id") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"log_type":"slow_log","log_time":"2022-08-20T10:04:03.204000Z","namespace":"data0820.table","database":"data0820","collection":"table","operate_type":"insert","docs_scanned":0,"docs_returned":0,"n_deleted":0,"n_matched":0,"n_modified":0,"n_inserted":10,"cost_time":555,"lock_time":0,"whole_message":"{"op": "insert", "ns": "data0820.usrtable", "command": "{N}", "ninserted": 1, "keysInserted": 1, "numYield": 0, "locks": {"Global": {"acquireCount": {"r": 5, "w": 5}}, "Database": {"acquireCount": {"w": 4, "W": 1}}, "Collection": {"acquireCount": {"w": 2}}, "oplog": {"acquireCount": {"w": 2}}}, "responseLength": 230, "protocol": "op_msg", "millis": 555, "ts": {"$date": 1660989843204}, "client": "192.168.0.64", "appName": "MongoDBShell", "allUsers": [{"user": "rwuser", "db": "admin"}], "user": "rwuser@admin"}","instance_id": "5b67dc63ba824145aae1f12ff51e58b8in02","node_id":"686a791e690e4db3af591ec4b6f72916no02"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改CFW访问控制日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("CFW_ACCESS"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("PING") .withFieldName("app") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("in2out") .withFieldName("direction") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("3002") .withFieldName("source-zone") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("56827792-173e-435a-b22b-229f21d78244") .withFieldName("rule_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("ICMP: ECHO_REQUEST") .withFieldName("protocol") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("100.85.222.23") .withFieldName("dst_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("100.85.112.49") .withFieldName("src_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("eip") .withFieldName("log_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1655882537006") .withFieldName("hit_time") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("44243649") .withFieldName("log-id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("45243") .withFieldName("dst_port") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("3001") .withFieldName("destination-zone") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022.06.22") .withFieldName("index_day") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("6781") .withFieldName("log_id") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("17589") .withFieldName("src_port") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("58ead9e7-418d-4166-8df8-f24941d4205c") .withFieldName("fw_instance_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("permit") .withFieldName("action") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1") .withFieldName("vsys") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"app":"PING","direction":"in2out","source-zone":"3002","rule_id":"56827792-173e-435a-b22b-229f21d78244","protocol":"ICMP: ECHO_REQUEST","dst_ip":"100.85.222.23","src_ip":"100.85.112.49","log_type":"eip","hit_time":1655882537006,"log-id":"44243649","dst_port":"45243","destination-zone":"3001","index_day":"2022.06.22","log_id":6781,"src_port":"17589","fw_instance_id":"58ead9e7-418d-4166-8df8-f24941d4205c","action":"permit","vsys":"1"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改CFW攻击日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("CFW_ATTACK"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("source") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("HTTP") .withFieldName("app") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("out2in") .withFieldName("direction") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("100.85.222.23") .withFieldName("dst_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.108.170.229") .withFieldName("src_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1655974411462") .withFieldName("event_time") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("eip") .withFieldName("log_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("80") .withFieldName("dst_port") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("330409") .withFieldName("attack_rule_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022.06.23") .withFieldName("index_day") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("462688") .withFieldName("log_id") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("51002") .withFieldName("src_port") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("TCP") .withFieldName("protocol") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent() .withFieldName("packet") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("HIGH") .withFieldName("level") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("Vulnerability Exploit Attack") .withFieldName("attack_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("58ead9e7-418d-4166-8df8-f24941d4205c") .withFieldName("fw_instance_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("permit") .withFieldName("action") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1") .withFieldName("vsys") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("VMware Spring Cloud Directory Traversal Vulnerability (CVE-2020-5410)") .withFieldName("attack_rule") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"source":"0","app":"HTTP","direction":"out2in","dst_ip":"100.85.222.23","src_ip":"10.108.170.229","event_time":1655974411462,"log_type":"eip","dst_port":"80","attack_rule_id":"330409","index_day":"2022.06.23","log_id":462688,"src_port":"51002","protocol":"TCP","packet":"+hZUZMhT+hY/AaHMCABFAADnicBAAHgGgJIKbKrlZFXeF8c6AFAYCIpDV562+VAYBAILMwAAR0VUIC9qb2JtYW5hZ2VyL2xvZ3MvLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmZXRjJTI1MmZwYXNzd2QgSFRUUC8xLjENCkhvc3Q6IDEwMC44NS4yMjIuMjMNClVzZXItQWdlbnQ6IGN1cmwvNy42NS4wDQpBY2NlcHQ6ICovKg0KDQo=","level":"HIGH","attack_type":"Vulnerability Exploit Attack","fw_instance_id":"58ead9e7-418d-4166-8df8-f24941d4205c","action":"permit","vsys":"1","attack_rule":"VMware Spring Cloud Directory Traversal Vulnerability (CVE-2020-5410)"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改CFW流量日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("CFW_FLOW"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("80") .withFieldName("dst_port") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("HTTP") .withFieldName("app") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.1") .withFieldName("to_c_pkts") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("100.85.222.23") .withFieldName("dst_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.1") .withFieldName("to_c_bytes") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1655436321000") .withFieldName("end_time") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.108.170.229") .withFieldName("src_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022.06.17") .withFieldName("index_day") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1232.1") .withFieldName("bytes") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("4424364f") .withFieldName("log-id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1") .withFieldName("vsys") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("67") .withFieldName("suffix") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.1") .withFieldName("packets") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("out2in") .withFieldName("direction") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("TCP") .withFieldName("protocol") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1232.1") .withFieldName("to_s_bytes") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.1") .withFieldName("to_s_pkts") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("63934") .withFieldName("src_port") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1655436299000") .withFieldName("start_time") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("efbeb90c-1108-42ce-b099-f7e035a10b67") .withFieldName("fw_instance_id") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"dst_port":"80","app":"HTTP","to_c_pkts":0.1,"dst_ip":"100.85.222.23","to_c_bytes":0.1,"end_time":1655436321000,"src_ip":"10.108.170.229","index_day":"2022.06.17","bytes":1232.1,"log-id":"4424364f","vsys":"1","suffix":"67","packets":10.1,"direction":"out2in","protocol":"TCP","to_s_bytes":1232.1,"to_s_pkts":10.1,"src_port":"63934","start_time":1655436299000,"fw_instance_id":"efbeb90c-1108-42ce-b099-f7e035a10b67"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改POSTGRESQL慢日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("POSTGRESQL_SLOW"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("slow_log") .withFieldName("log_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("328.662") .withFieldName("execute_time") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("authoring") .withFieldName("user") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-07-24T10:06:41.000") .withFieldName("log_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("authoring-test") .withFieldName("database") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("SELECT * FROM ( SELECT n.user_id,n.id AS resource_id,e.create_at AS begin_time,e.create_at AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id WHERE e.category = N AND s.resource_ownership=N AND e.create_at BETWEEN $N AND $N UNION ALL SELECT n.user_id,n.id AS resource_id,$N AS begin_time,$N AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id INNER JOIN (SELECT resource_id,max(create_at) as create_at FROM t_resource_status_event WHERE create_at < $N AND category = N GROUP BY resource_id) x ON e.resource_id=x.resource_id AND e.create_at=x.create_at WHERE e.create_at < $N AND e.category = N AND e.status = N AND s.resource_ownership=N) m ORDER BY resource_id,begin_time ASC") .withFieldName("statement") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.*.*.206") .withFieldName("host") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1658657201") .withFieldName("log_timestamp") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("SELECT") .withFieldName("operate_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("d285609201534696bdcd648519fe2b8dno02") .withFieldName("node_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("5b67dc63ba824145aae1f12ff51e58b8in02") .withFieldName("instance_id") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"log_type":"slow_log","execute_time":328.662,"user":"authoring","log_time":"2022-07-24T10:06:41.000","database":"authoring-test","statement":"SELECT * FROM ( SELECT n.user_id,n.id AS resource_id,e.create_at AS begin_time,e.create_at AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id WHERE e.category = N AND s.resource_ownership=N AND e.create_at BETWEEN $N AND $N UNION ALL SELECT n.user_id,n.id AS resource_id,$N AS begin_time,$N AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id INNER JOIN (SELECT resource_id,max(create_at) as create_at FROM t_resource_status_event WHERE create_at < $N AND category = N GROUP BY resource_id) x ON e.resource_id=x.resource_id AND e.create_at=x.create_at WHERE e.create_at < $N AND e.category = N AND e.status = N AND s.resource_ownership=N) m ORDER BY resource_id,begin_time ASC","host":"10.*.*.206","log_timestamp":"1658657201","operate_type":"SELECT","node_id":"d285609201534696bdcd648519fe2b8dno02","instance_id":"5b67dc63ba824145aae1f12ff51e58b8in02"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改POSTGRESQL错误日志方式的结构化配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("POSTGRESQL_ERROR"); [](model.TagField) listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); [](model.StructFieldInfo) listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("error_log") .withFieldName("log_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("WARNING") .withFieldName("severity") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-08-22T06:52:08Z") .withFieldName("log_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("Occur error when reading bytes from a network handler. Client actively closes the connection.") .withFieldName("raw_message") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("d285609201534696bdcd648519fe2b8dno02") .withFieldName("node_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("5b67dc63ba824145aae1f12ff51e58b8in02") .withFieldName("instance_id") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection.","node_id":"d285609201534696bdcd648519fe2b8dno02","instance_id":"5b67dc63ba824145aae1f12ff51e58b8in02"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改GAUSSDB_MYSQL慢日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("GAUSSDB_MYSQL_SLOW"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); listbodyTagFields.add( new TagField() .withFieldName("hostName") .withType("string") .withContent("ecs-ictest") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-07-27T02:49:19.000") .withFieldName("start_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("commerce") .withFieldName("user") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("100.*.*.222") .withFieldName("host") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1.461583") .withFieldName("query_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.000050") .withFieldName("lock_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("500") .withFieldName("rows_sent") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("581000") .withFieldName("rows_examined") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;") .withFieldName("command_text") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("saas_perf") .withFieldName("database") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("slow_log") .withFieldName("log_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1658890159") .withFieldName("log_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("SELECT") .withFieldName("operate_type") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"start_time":"2022-07-27T02:49:19.000","user":"commerce","host":"100.*.*.222","query_time":"1.461583","lock_time":"0.000050","rows_sent":"500","rows_examined":"581000","command_text":"SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;","database":"saas_perf","log_type":"slow_log","log_time":"1658890159","operate_type":"SELECT"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改GAUSSDB_MYSQL错误日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("GAUSSDB_MYSQL_ERROR"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("error_log") .withFieldName("log_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("WARNING") .withFieldName("severity") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-08-22T06:52:08Z") .withFieldName("log_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("Occur error when reading bytes from a network handler. Client actively closes the connection.") .withFieldName("raw_message") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection."}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改CDN方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("CDN"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("1666604392000") .withFieldName("request_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("findercdn.video.qq.com") .withFieldName("domain") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("GET") .withFieldName("method") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("http") .withFieldName("scheme") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("/BcimRg.txt") .withFieldName("uri") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("cdnkey=*****&cdntoken=*****&tokenidx=1") .withFieldName("uri_param") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("192.168.233.142") .withFieldName("client_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("51517") .withFieldName("client_port") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("refer_protocol") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("refer_domain") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("refer_uri") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("refer_param") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("301") .withFieldName("request_size") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("14") .withFieldName("response_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("588") .withFieldName("response_size") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("403") .withFieldName("http_code") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("response_range") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("request_range") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("150") .withFieldName("request_body_bytes") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("text/html") .withFieldName("content_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("HIT") .withFieldName("hit_info") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("python-requests/2.21.0") .withFieldName("user_agent") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("ce6327e015c1e16f581818b838a6cb0c") .withFieldName("uuid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("edge-cache01[14]") .withFieldName("via_info") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("xforwordfor") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"request_time":"1666604392000","domain":"findercdn.video.qq.com","method":"GET","scheme":"http","uri":"/BcimRg.txt","uri_param":"cdnkey=*****&cdntoken=*****&tokenidx=1","client_ip":"192.168.233.142","client_port":"51517","refer_protocol":"-","refer_domain":"-","refer_uri":"-","refer_param":"-","request_size":"301","response_time":"14","response_size":"588","http_code":"403","response_range":"-","request_range":"-","request_body_bytes":"150","content_type":"text/html","hit_info":"HIT","user_agent":"python-requests/2.21.0","uuid":"ce6327e015c1e16f581818b838a6cb0c","via_info":"edge-cache01[14]","xforwordfor":"-"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改SMN方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("SMN"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("1ae49922602a42fc83acb9689a2eb5f4") .withFieldName("message_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("5a9f32e4f1ec4bbe9695ff9da51c2925") .withFieldName("project_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo") .withFieldName("topic_urn") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo:b55c3c6fa7cd471b9f24818d530a8740") .withFieldName("subscriber_urn") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("https") .withFieldName("protocol_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("https://127.0.0.1:443/https") .withFieldName("endpoint") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("DELIVERED") .withFieldName("status") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("200") .withFieldName("http_code") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-11-01T00:00:00Z") .withFieldName("create_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-11-01T00:00:10Z") .withFieldName("send_time") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"message_id":"1ae49922602a42fc83acb9689a2eb5f4","project_id":"5a9f32e4f1ec4bbe9695ff9da51c2925","topic_urn":"urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo","subscriber_urn":"urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo:b55c3c6fa7cd471b9f24818d530a8740","protocol_name":"https","endpoint":"https://127.0.0.1:443/https","status":"DELIVERED","http_code":200,"create_time":"2022-11-01T00:00:00Z","send_time":"2022-11-01T00:00:10Z"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改WAF访问日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("WAF_ACCESS"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("504") .withFieldName("response_code") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("http") .withFieldName("scheme") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("100.93.2.229:80") .withFieldName("upstream_addr") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("163") .withFieldName("body_bytes_sent") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("upstream_header_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1") .withFieldName("connection_requests") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("ssl_cipher") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1736cc7331b74b198e2ef07555a970ce") .withFieldName("hostid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2152") .withFieldName("pid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("tls_version") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("www.testh.com") .withFieldName("http_host") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("process_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("88003425-d7bc-46ce-8ae7-77a8aa18a814") .withFieldName("access_stream_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-07-29T19:39:10+08:00") .withFieldName("time_iso8601") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("intel_crawler") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("504") .withFieldName("upstream_status") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.63.46.110") .withFieldName("remote_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("30.008") .withFieldName("request_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1d26cc8c86a840e28a4f8d0d07852f1d") .withFieldName("tenantid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.63.46.110") .withFieldName("sip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("420") .withFieldName("bytes_send") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2a473356cca5487f8373be891bffc1cf") .withFieldName("projectid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("curl/7.29.0") .withFieldName("user_agent") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("web_tag") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("GET") .withFieldName("method") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.63.36.208") .withFieldName("bind_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("region_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("20582") .withFieldName("remote_port") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("ssl_ciphers_md5") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("x_real_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("/") .withFieldName("url") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("x_forwarded_for") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("sni") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("public/../style/general.css=true") .withFieldName("args") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("cdn_src_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("enterprise_project_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("upstream_connect_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("engine_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("110") .withFieldName("request_length") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("5d574e6a-87da-42bc-bfd4-ff61a1b336a4") .withFieldName("group_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("36f0a9212b14528ffc090f1811cd87d8") .withFieldName("requestid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("ssl_curves") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("ssl_session_reused") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-07-29T11:39:10.000Z") .withFieldName("waf-time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("30.009") .withFieldName("upstream_response_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("29/Jul/2022:19:39:10 +0800") .withFieldName("time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("access") .withFieldName("waf_category") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.63.36.208") .withFieldName("eng_ip") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"response_code":"504","scheme":"http","upstream_addr":"100.93.2.229:80","body_bytes_sent":"163","upstream_header_time":"-","connection_requests":"1","ssl_cipher":"","hostid":"1736cc7331b74b198e2ef07555a970ce","pid":"2152","tls_version":"","http_host":"www.testh.com","process_time":"0","access_stream_id":"88003425-d7bc-46ce-8ae7-77a8aa18a814","time_iso8601":"2022-07-29T19:39:10+08:00","intel_crawler":"","upstream_status":"504","remote_ip":"10.63.46.110","request_time":"30.008","tenantid":"1d26cc8c86a840e28a4f8d0d07852f1d","sip":"10.63.46.110","bytes_send":"420","projectid":"2a473356cca5487f8373be891bffc1cf","user_agent":"curl/7.29.0","web_tag":"","method":"GET","bind_ip":"10.63.36.208","region_id":"","remote_port":"20582","ssl_ciphers_md5":"","x_real_ip":"","url":"/","x_forwarded_for":"","sni":"","args":"public/../style/general.css=true","cdn_src_ip":"","enterprise_project_id":"0","upstream_connect_time":"-","engine_id":"","request_length":"110","group_id":"5d574e6a-87da-42bc-bfd4-ff61a1b336a4","requestid":"36f0a9212b14528ffc090f1811cd87d8","ssl_curves":"","ssl_session_reused":"","waf-time":"2022-07-29T11:39:10.000Z","upstream_response_time":"30.008","time":"29/Jul/2022:19:39:10 +0800","category":"access","eng_ip":"10.63.36.208"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改WAF攻击日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("WAF_ATTACK"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("cd081ba3d6674000acc37d7e2a4b9140") .withFieldName("policy_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("80") .withFieldName("hport") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("163") .withFieldName("body_bytes_sent") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1736cc7331b74b198e2ef07555a970ce") .withFieldName("hostid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("040002") .withFieldName("rule") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.63.36.208") .withFieldName("engine_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2152") .withFieldName("pid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("www.testh.com") .withFieldName("http_host") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1") .withFieldName("process_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0000-0000-0000-20820220729193940-f34cf25e") .withFieldName("reqid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-07-29T19:39:40+08:00") .withFieldName("time_iso8601") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("504") .withFieldName("upstream_status") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("public/../style/general.css") .withFieldName("hit_data") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("98de5d5a-9f54-4d01-9882-eca7bec99d09") .withFieldName("attack_stream_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.63.46.110") .withFieldName("remote_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("lfi") .withFieldName("attack") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1d26cc8c86a840e28a4f8d0d07852f1d") .withFieldName("tenantid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("www.testh.com") .withFieldName("host") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("log") .withFieldName("action") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("HTTP") .withFieldName("backend.protocol") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("true") .withFieldName("backend.alive") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("80") .withFieldName("backend.port") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("100.93.2.229") .withFieldName("backend.host") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1") .withFieldName("backend.weight") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("ip") .withFieldName("backend.type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("04-0000-0000-0000-20820220729193940-f34cf25e") .withFieldName("id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("10.63.46.110") .withFieldName("sip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2a473356cca5487f8373be891bffc1cf") .withFieldName("projectid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("web_tag") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-07-29T11:39:40.000Z") .withFieldName("attack-time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("GET") .withFieldName("method") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("{"HWWAFSESTIME":"1659094780939","HWWAFSESID":"e2cd0733b4712e4cc4"}") .withFieldName("cookie") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2") .withFieldName("level") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("{\"public\\/..\\/style\\/general.css\":\"true\"}") .withFieldName("params") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("x_real_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("/") .withFieldName("url") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("x_forwarded_for") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("cdn_src_ip") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("enterprise_project_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("req_body") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("") .withFieldName("engine_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("5d574e6a-87da-42bc-bfd4-ff61a1b336a4") .withFieldName("group_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("f34cf25eb33ed82cd7261a8276a60c39") .withFieldName("requestid") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("null") .withFieldName("multipart") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("{\"host\":\"www.testh.com\",\"user-agent\":\"curl\\/7.29.0\",\"accept\":\"*\\/*\"}") .withFieldName("header") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("params") .withFieldName("location") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("30.000") .withFieldName("upstream_response_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-07-29 19:39:40") .withFieldName("time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("attack") .withFieldName("waf_category") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("28408") .withFieldName("sport") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("504") .withFieldName("status") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"policy_id":"cd081ba3d6674000acc37d7e2a4b9140","hport":"80","body_bytes_sent":"163","hostid":"1736cc7331b74b198e2ef07555a970ce","rule":"040002","engine_ip":"10.63.36.208","pid":"2152","http_host":"www.testh.com","process_time":"1","reqid":"0000-0000-0000-20820220729193940-f34cf25e","time_iso8601":"2022-07-29T19:39:40+08:00","upstream_status":"504","hit_data":"public/../style/general.css","attack_stream_id":"98de5d5a-9f54-4d01-9882-eca7bec99d09","remote_ip":"10.63.46.110","attack":"lfi","tenantid":"1d26cc8c86a840e28a4f8d0d07852f1d","host":"www.testh.com","action":"log","backend":{"protocol":"HTTP","alive":true,"port":80,"host":"100.93.2.229","weight":1,"type":"ip"},"id":"04-0000-0000-0000-20820220729193940-f34cf25e","sip":"10.63.46.110","projectid":"2a473356cca5487f8373be891bffc1cf","web_tag":"","attack-time":"2022-07-29T11:39:40.000Z","method":"GET","cookie":"{\"HWWAFSESTIME\":\"1659094780939\",\"HWWAFSESID\":\"e2cd0733b4712e4cc4\"}","level":2,"params":"{\"public\\/..\\/style\\/general.css\":\"true\"}","x_real_ip":"","uri":"/","x_forwarded_for":"","cdn_src_ip":"","enterprise_project_id":"0","req_body":"","engine_id":"","group_id":"5d574e6a-87da-42bc-bfd4-ff61a1b336a4","requestid":"f34cf25eb33ed82cd7261a8276a60c39","multipart":"null","header":"{\"host\":\"www.testh.com\",\"user-agent\":\"curl\\/7.29.0\",\"accept\":\"*\\/*\"}","location":"params","upstream_response_time":"30.000","time":"2022-07-29 19:39:40","category":"attack","sport":28408,"status":"504"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改DMS重平衡日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("DMS_REBALANCED"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("INFO") .withFieldName("level") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2023-03-23 17:23:22,906") .withFieldName("timestamp") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635") .withFieldName("message.leaderId") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1") .withFieldName("message.generationId") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("Assignment received from leader for group KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0 for generation 1") .withFieldName("message.reason") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0") .withFieldName("message.groupId") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("message.coordinatorId") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("END_REBALANCE") .withFieldName("message.type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("GroupMetadata(groupId=KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0, generation=1, protocolType=Some(consumer), currentState=CompletingRebalance, members=Map(consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635 -> MemberMetadata(memberId=consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635, clientId=consumer-1, clientHost=/172.31.2.168, sessionTimeoutMs=10000, rebalanceTimeoutMs=300000, supportedProtocols=List(range), )))") .withFieldName("message.group") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"level":"INFO","timestamp":"2023-03-23 17:23:22,906","message":{"leaderId":"consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635","generationId":"1","reason":"Assignment received from leader for group KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0 for generation 1","groupId":"KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0","coordinatorId":"0","type":"END_REBALANCE","group":"GroupMetadata(groupId=KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0, generation=1, protocolType=Some(consumer), currentState=CompletingRebalance, members=Map(consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635 -> MemberMetadata(memberId=consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635, clientId=consumer-1, clientHost=/172.31.2.168, sessionTimeoutMs=10000, rebalanceTimeoutMs=300000, supportedProtocols=List(range), )))"}}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改GAUSSDB_REDIS慢日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("GAUSSDB_REDIS_SLOW"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") .withIsAnalysis(true) ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("32eaaf6c5a0142e3a6d80740cd5b3803in12") .withFieldName("instance_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("597a15b9f2ef4436811c5edcc67c013cno12") .withFieldName("node_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("database") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("slow_log") .withFieldName("log_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("sismember") .withFieldName("operate_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("2022-10-12T07:42:21.253484Z") .withFieldName("log_time") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1277.47") .withFieldName("cost_time") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("{"command_param":"dc:set:new:follow:uids:monthly:259008728:202210","database":0}") .withFieldName("whole_message") .withType("string") ); body.withRule(rulebody); body.withProjectId("2a473356cca5487f8373be891bffxxxx"); body.withLogStreamId("7e432db8-9dad-4723-a4b1-fdabf712xxxx"); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue(" ")); body.withLogGroupId("925a750-e0f3-4fe9-a046-a04af676xxxx"); body.withContent("{"instance_id":"32eaaf6c5a0142e3a6d80740cd5b3803in12","node_id":"597a15b9f2ef4436811c5edcc67c013cno12","database":"0","log_type":"slow_log","operate_type":"sismember","log_time":"2022-10-12T07:42:21.253484Z","cost_time":"1277.47","whole_message":"{"command_param": "dc:set:new:follow:uids:monthly:259008728:202210","database": 0}"}"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改APIG结构化配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.lts.v2.region.LtsRegion; import com.huaweicloud.sdk.lts.v2.*; import com.huaweicloud.sdk.lts.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateStructTemplateSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); LtsClient client = LtsClient.newBuilder() .withCredential(auth) .withRegion(LtsRegion.valueOf("<YOUR REGION>")) .build(); UpdateStructTemplateRequest request = new UpdateStructTemplateRequest(); LtsStructTemplateInfo body = new LtsStructTemplateInfo(); Rule rulebody = new Rule(); rulebody.withType("built_in") .withParam("APIG"); List<TagField> listbodyTagFields = new ArrayList<>(); listbodyTagFields.add( new TagField() .withFieldName("hostIP") .withType("string") .withContent("192.168.2.134") ); listbodyTagFields.add( new TagField() .withFieldName("hostName") .withType("string") .withContent("ecs-ictest") ); List<StructFieldInfo> listbodyDemoFields = new ArrayList<>(); listbodyDemoFields.add( new StructFieldInfo() .withContent("100.125.7.59") .withFieldName("my_remote_addr") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("f57f6523b675504a23887d0f5c1c8ef3") .withFieldName("request_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("f5ea2360a2fa443cac236b76f4052ad6") .withFieldName("api_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("user_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("app_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("27/Jan/2022:15:56:44") .withFieldName("time_local") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.113") .withFieldName("request_time") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("GET") .withFieldName("request_method") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("http") .withFieldName("scheme") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com") .withFieldName("host") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("/api/echo") .withFieldName("router_uri") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("HTTP/1.1") .withFieldName("server_protocol") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("200") .withFieldName("status") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("1443") .withFieldName("bytes_sent") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("408") .withFieldName("request_length") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("APIGatewayDebugClient/1.0") .withFieldName("http_user_agent") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("http_x_forwarded_for") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("100.125.2.39:443") .withFieldName("upstream_addr") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("/v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations") .withFieldName("upstream_uri") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("200") .withFieldName("upstream_status") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.010") .withFieldName("upstream_connect_time") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.083") .withFieldName("upstream_header_time") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.083") .withFieldName("upstream_response_time") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("cn-north-4") .withFieldName("region_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.083") .withFieldName("all_upstream_response_time") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0") .withFieldName("errorType") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("auth_type") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("access_model1") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("access_model2") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("0.03000020980835") .withFieldName("inner_time") .withType("float") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("proxy_protocol_vni") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("proxy_protocol_vpce_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("proxy_protocol_addr") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("486") .withFieldName("body_bytes_sent") .withType("long") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("HttpEchoDemo") .withFieldName("api_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("app_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("provider_app_id") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("provider_app_name") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("custom_data_log1") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("custom_data_log2") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("custom_data_log3") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("custom_data_log4") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("custom_data_log5") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("custom_data_log6") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("custom_data_log7") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("custom_data_log8") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("custom_data_log9") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("-") .withFieldName("custom_data_log10") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("remote") .withFieldName("response_source") .withType("string") ); listbodyDemoFields.add( new StructFieldInfo() .withContent("26/Dec/2022:12:21:40.000") .withFieldName("start_time") .withType("string") ); body.withRule(rulebody); body.withProjectId(""); body.withLogStreamId(""); body.withParseType(LtsStructTemplateInfo.ParseTypeEnum.fromValue("")); body.withLogGroupId(""); body.withContent("100.125.7.59 f57f6523b675504a23887d0f5c1c8ef3 f5ea2360a2fa443cac236b76f4052ad6 - - [27/Jan/2022:15:56:44 +0800] 0.113 GET http://c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com /api/echo HTTP/1.1 200 1443 408 "APIGatewayDebugClient/1.0" "-" "100.125.2.39:443" /v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations "200" "0.010" "0.083" "0.083" cn-north-4 0.083 0 - - - 0.03000020980835 - - "-" 486 HttpEchoDemo - - - "-" "-" "-" "-" "-" "-" "-" "-" "-" "-" remote"); body.withTagFields(listbodyTagFields); body.withDemoFields(listbodyDemoFields); request.withBody(body); try { UpdateStructTemplateResponse response = client.updateStructTemplate(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }
修改正则方式的结构化配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ), TagField( field_name="hostName", type="string", content="ecs-ictest", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( field_name="a01", type="string" ), StructFieldInfo( field_name="a02", type="string" ), StructFieldInfo( field_name="a03", type="string" ), StructFieldInfo( field_name="a04", type="string" ), StructFieldInfo( field_name="a05", type="string" ), StructFieldInfo( field_name="a06", type="string" ), StructFieldInfo( field_name="a07", type="long" ) ] request.body = LtsStructTemplateInfo( regex_rules="^(?<a01>[^ ]+)(?:[^ ]* ){1}(?<a02>\w+)(?:[^ ]* ){1}(?<a03>\w+)(?:[^ ]* ){1}(?<a04>\w+)(?:[^ ]* ){1}(?<a05>\w+)(?:[^ ]* ){1}(?<a06>\w+)(?:[^ ]* ){1}(?<a07>\d+)", project_id=" ", log_stream_id="ff8bd110-dc44-4692-af74-d3b1f6197887", parse_type="custom_regex", log_group_id="ada6ce6b-17ba-43f3-a27f-aa563b4ab14e", content="2021-09-09/18:15:41 this log is Error NO 6323", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改分隔符方式的结构化配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ), TagField( field_name="hostName", type="string", content="ecs-ictest", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( field_name="b1", type="string" ), StructFieldInfo( field_name="b2", type="string" ), StructFieldInfo( field_name="b3", type="string" ), StructFieldInfo( field_name="b4", type="string" ), StructFieldInfo( field_name="b5", type="string" ), StructFieldInfo( field_name="b6", type="string" ), StructFieldInfo( field_name="b7", type="long" ) ] request.body = LtsStructTemplateInfo( tokenizer=" ", project_id="", log_stream_id="ff8bd110-dc44-4692-af74-d3b1f6197887", parse_type="split", log_group_id="ada6ce6b-17ba-43f3-a27f-aa563b4ab14e", content="2021-09-09/18:50:51 this log is Error NO 37", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改NGINX方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ), TagField( field_name="hostName", type="string", content="ecs-ictest", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( field_name="his1", type="string" ), StructFieldInfo( field_name="his2", type="string" ) ] request.body = LtsStructTemplateInfo( log_format="log_format main '$his1 : $his2 /'", project_id="", log_stream_id="ff8bd110-dc44-4692-af74-d3b1f6197887", parse_type="nginx", log_group_id="ada6ce6b-17ba-43f3-a27f-aa563b4ab14e", content="2021-09-09/18:54:55 this log is Error NO 281", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改CTS方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="CTS" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="201", field_name="code", type="long" ), StructFieldInfo( content="global", field_name="event_type", type="string" ), StructFieldInfo( content="221123nsada3sda3231das3111ndsab", field_name="project_id", type="string" ), StructFieldInfo( content="1597042370464", field_name="record_time", type="long" ), StructFieldInfo( content="98763hkjhdteoi03861732hjh7983bhd", field_name="resource_id", type="string" ), StructFieldInfo( content="demodemodemo/demo", field_name="resource_name", type="string" ), StructFieldInfo( content="token", field_name="resource_type", type="string" ), StructFieldInfo( content="IAM", field_name="service_type", type="string" ), StructFieldInfo( content="10.10.1.10", field_name="source_ip", type="string" ), StructFieldInfo( content="1597042369296", field_name="time", type="long" ), StructFieldInfo( content="1eesdd-dad6-11dsaea-edaxfeqdf", field_name="trace_id", type="string" ), StructFieldInfo( content="demodemodemo", field_name="trace_name", type="string" ), StructFieldInfo( content="normal", field_name="trace_rating", type="string" ), StructFieldInfo( content="ApiCall", field_name="trace_type", type="string" ), StructFieldInfo( content="global", field_name="tracker_name", type="string" ), StructFieldInfo( content="21185d8818e443e1ryjkh71622f09212b", field_name="user.domain.id", type="string" ), StructFieldInfo( content="testdemo", field_name="user.domain.name", type="string" ), StructFieldInfo( content="6hfakl86faqw87dsasasadf09ajbml", field_name="user.id", type="string" ), StructFieldInfo( content="testdemo/demo", field_name="user.name", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id=" ", log_stream_id=" ", parse_type=" ", log_group_id=" ", content="{"code":"201","source_ip":"10.10.1.10","trace_type":"ApiCall","event_type":"global","project_id":"221123nsada3sda3231das3111ndsab","trace_id":"1eesdd-dad6-11dsaea-edaxfeqdf","trace_name":"demodemodemo","resource_type":"token","trace_rating":"normal","service_type":"IAM","resource_id":"98763hkjhdteoi03861732hjh7983bhd","tracker_name":"global","time":"1597042369296","resource_name":"demodemodemo/demo","record_time":"1597042370464","user":{"domain":{"name":"testdemo","id":"21185d8818e443e1ryjkh71622f09212b"},"name":"testdemo/demo","id":"6hfakl86faqw87dsasasadf09ajbml"}}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改ELB方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="ELB" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="1594727856.337", field_name="msec", type="float" ), StructFieldInfo( content="e7c37d97-e922-457c-bbf3-dsadeqac", field_name="access_log_topic_id", type="string" ), StructFieldInfo( content="2020-07-14T19:57:36+08:00", field_name="time_iso8601", type="string" ), StructFieldInfo( content="elb_01", field_name="log_ver", type="string" ), StructFieldInfo( content="192.0.0.0", field_name="remote_addr", type="string" ), StructFieldInfo( content="88888", field_name="remote_port", type="long" ), StructFieldInfo( content="200", field_name="status", type="long" ), StructFieldInfo( content="GET", field_name="request_method", type="string" ), StructFieldInfo( content="http", field_name="scheme", type="string" ), StructFieldInfo( content="prod.sss.ads.sg2.aaa", field_name="host", type="string" ), StructFieldInfo( content="loc/ation?version=3&ip=100.0.0.0&coordinate=27.7044784,85.3007481&device_id=dsadsadasdsadasd&beyla_id=wqeb123ndadsa233ddada", field_name="router_request_uri", type="string" ), StructFieldInfo( content="HTTP/1.1", field_name="server_protocol", type="string" ), StructFieldInfo( content="233", field_name="request_length", type="long" ), StructFieldInfo( content="293", field_name="bytes_sent", type="long" ), StructFieldInfo( content="138", field_name="body_bytes_sent", type="long" ), StructFieldInfo( content="0.001", field_name="request_time", type="float" ), StructFieldInfo( content="200", field_name="upstream_status", type="long" ), StructFieldInfo( content="0.000", field_name="upstream_connect_time", type="float" ), StructFieldInfo( content="0.001", field_name="upstream_header_time", type="float" ), StructFieldInfo( content="0.001", field_name="upstream_response_time", type="float" ), StructFieldInfo( content="100.0.0.0:9999", field_name="upstream_addr", type="string" ), StructFieldInfo( content="lua-resty-http/0.14 (Lua) ngx_lua/10000", field_name="http_user_agent", type="string" ), StructFieldInfo( content="-", field_name="http_referer", type="string" ), StructFieldInfo( content="-", field_name="http_x_forwarded_for", type="string" ), StructFieldInfo( content="loadbalancer_edsaee-4c9c-b467-5b8126b2f7f7dsa", field_name="lb_name", type="string" ), StructFieldInfo( content="listener_6077809b-913f-466d-a96c-376f08882d5d", field_name="listener_name", type="string" ), StructFieldInfo( content="08cc2b3f68aa4dddd1e6a90dddd1688348a4480", field_name="listener_id", type="string" ), StructFieldInfo( content="pool_b2f2966c-043d-4674-ad4b-c15f2adb2c6b", field_name="pool_name", type="string" ), StructFieldInfo( content="-", field_name="member_name", type="string" ), StructFieldInfo( content="2fb78dsadadq1213das1121dab146ad3cb0", field_name="tenant_id", type="string" ), StructFieldInfo( content="-", field_name="eip_address", type="string" ), StructFieldInfo( content="80", field_name="eip_port", type="long" ), StructFieldInfo( content="101.0.0.0:10000", field_name="upstream_addr_priv", type="string" ), StructFieldInfo( content="-", field_name="certificate_id", type="string" ), StructFieldInfo( content="-", field_name="ssl_protocol", type="string" ), StructFieldInfo( content="-", field_name="ssl_cipher", type="string" ), StructFieldInfo( content="-", field_name="sni_domain_name", type="string" ), StructFieldInfo( content="9739", field_name="tcpinfo_rtt", type="long" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id=" ", log_stream_id=" ", parse_type=" ", log_group_id=" ", content="1594727856.337 e7c37d97-e922-457c-bbf3-dsadeqac 2020-07-14T19:57:36+08:00 elb_01 192.0.0.0:88888 200 "GET http://prod.sss.ads.sg2.aaa/loc/ation?version=3&ip=100.0.0.0&coordinate=27.7044784,85.3007481&device_id=dsadsadasdsadasd&beyla_id=wqeb123ndadsa233ddada HTTP/1.1" 233 293 138 0.001 "200" "0.000" "0.001" "0.001" "100.0.0.0:9999" "lua-resty-http/0.14 (Lua) ngx_lua/10000" "-" "-" loadbalancer_edsaee-4c9c-b467-5b8126b2f7f7dsa listener_6077809b-913f-466d-a96c-376f08882d5d 08cc2b3f68aa4dddd1e6a90dddd1688348a4480 pool_b2f2966c-043d-4674-ad4b-c15f2adb2c6b "-" 2fb78dsadadq1213das1121dab146ad3cb0 -:80 "101.0.0.0:10000" - - - - 9739", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改VPC方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="VPC" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="1", field_name="version", type="long" ), StructFieldInfo( content="5f67944957444bd6bb4fe3b367de8f3d", field_name="project_id", type="string" ), StructFieldInfo( content="1d515d18-1b36-47dc-a983-bd6512aed4bd", field_name="interface_id", type="string" ), StructFieldInfo( content="192.168.0.154", field_name="srcaddr", type="string" ), StructFieldInfo( content="192.168.3.25", field_name="dstaddr", type="string" ), StructFieldInfo( content="38929", field_name="srcport", type="long" ), StructFieldInfo( content="53", field_name="dstport", type="long" ), StructFieldInfo( content="17", field_name="protocol", type="long" ), StructFieldInfo( content="1", field_name="packets", type="long" ), StructFieldInfo( content="96", field_name="bytes", type="long" ), StructFieldInfo( content="1548752136", field_name="start", type="long" ), StructFieldInfo( content="1548752736", field_name="end", type="long" ), StructFieldInfo( content="ACCEPT", field_name="action", type="string" ), StructFieldInfo( content="OK", field_name="log_status", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id=" ", log_stream_id=" ", parse_type=" ", log_group_id=" ", content="1 5f67944957444bd6bb4fe3b367de8f3d 1d515d18-1b36-47dc-a983-bd6512aed4bd 192.168.0.154 192.168.3.25 38929 53 17 1 96 1548752136 1548752736 ACCEPT OK", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改DCS审计日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="DCS_AUDIT" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="1640966500017", field_name="time", type="long" ), StructFieldInfo( content="199a1e5a-8a37-40b9-899e-0ab6805c69eb", field_name="instance_id", type="string" ), StructFieldInfo( content="192.168.0.1", field_name="server_addr", type="string" ), StructFieldInfo( content="proxy", field_name="role", type="string" ), StructFieldInfo( content="10.0.0.1", field_name="client_addr", type="string" ), StructFieldInfo( content="0", field_name="client_type", type="string" ), StructFieldInfo( content="default", field_name="user", type="string" ), StructFieldInfo( content="1", field_name="db", type="long" ), StructFieldInfo( content="DEL", field_name="command_name", type="string" ), StructFieldInfo( content="string", field_name="command_type", type="string" ), StructFieldInfo( content="["key1","key2","key3"]", field_name="command_keys", type="string" ), StructFieldInfo( content="DEL key1 key2 key3", field_name="command_param", type="string" ), StructFieldInfo( content="500", field_name="use_time", type="long" ), StructFieldInfo( content="", field_name="extend", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"time": 1640966500017, "instance_id": "199a1e5a-8a37-40b9-899e-0ab6805c69eb", "server_addr": "192.168.0.1", "role": "proxy", "client_addr": "10.0.0.1", "client_type": "0", "user": "default", "db": 1, "command_name": "DEL", "command_type": "string", "command_keys": ["key1", "key2", "key3"], "command_param": "DEL key1 key2 key3", "use_time": 500, "extend": ""}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改DDS审计日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="DDS_AUDIT" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="auditLog", field_name="topic", type="string" ), StructFieldInfo( content="9fbf813bc27e4a3ab54bddf783a4f774in01", field_name="instanceid", type="string" ), StructFieldInfo( content="bf4cb0413d0b4221be94b08471708586no01", field_name="nodeid", type="string" ), StructFieldInfo( content="test", field_name="db", type="string" ), StructFieldInfo( content="testCollection", field_name="coll", type="string" ), StructFieldInfo( content="update", field_name="optype", type="string" ), StructFieldInfo( content="2022-08-05T08:24:15.536+0000", field_name="time", type="string" ), StructFieldInfo( content="10.4.23.205", field_name="user_ip", type="string" ), StructFieldInfo( content="47668", field_name="user_port", type="string" ), StructFieldInfo( content="rw_testuser", field_name="user", type="string" ), StructFieldInfo( content="{"command":"update","ns":"test.testCollection","op":[{"q":{"vin":"LDP31B965NG036174"},"u":{"$set":{"timestamp":{"$numberLong":"1659687855535"},"deviceTime":{"$numberLong":"1659687855340"},"longitude":"119.35516805555555","latitude":"26.057936388888891","location":"119.35516805555555,26.057936388888891","height":"10.097286797128618","direction":"12","speed":14,"accuracy":"0","h3Address7":"8741b5300ffffff"}},"upsert":true}],"args":{"update":"testCollection","ordered":true,"$db":"test","$clusterTime":{"clusterTime":{"$timestamp":{"t":1659687855,"i":1685}},"signature":{"hash":{"$binary":"CP5bfEf+gBJZdAxCKtF9HiSeqQY=","$type":"00"},"keyId":{"$numberLong":"7102408879899674942"}}},"lsid":{"id":{"$binary":"PXVVrbuvRuGkypCbu/oXXQ==","$type":"04"}}}}", field_name="param", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"topic":"auditLog","instanceid":"9fbf813bc27e4a3ab54bddf783a4f774in01","nodeid":"bf4cb0413d0b4221be94b08471708586no01","db":"test","coll":"testCollection","optype":"update","time":"2022-08-05T08:24:15.536+0000","user_ip":"10.4.23.205","user_port":"47668","user":"rw_testuser","param":{"command":"update","ns":"test.testCollection","op":[{"q":{"vin":"LDP31B965NG036174"},"u":{"$set":{"timestamp":{"$numberLong":"1659687855535"},"deviceTime":{"$numberLong":"1659687855340"},"longitude":"119.35516805555555","latitude":"26.057936388888891","location":"119.35516805555555,26.057936388888891","height":"10.097286797128618","direction":"12","speed":14,"accuracy":"0","h3Address7":"8741b5300ffffff"}},"upsert":true}],"args":{"update":"testCollection","ordered":true,"$db":"test","$clusterTime":{"clusterTime":{"$timestamp":{"t":1659687855,"i":1685}},"signature":{"hash":{"$binary":"CP5bfEf+gBJZdAxCKtF9HiSeqQY=","$type":"00"},"keyId":{"$numberLong":"7102408879899674942"}}},"lsid":{"id":{"$binary":"PXVVrbuvRuGkypCbu/oXXQ==","$type":"04"}}}}}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改TOMCAT方式的结构化配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="TOMCAT" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="192.168.12.2", field_name="remote_ip_address", type="string" ), StructFieldInfo( content="-", field_name="remote_logical_username", type="string" ), StructFieldInfo( content="-", field_name="remote_user_authenticated", type="string" ), StructFieldInfo( content="07/Mar/2018:09:49:55", field_name="time_local", type="string" ), StructFieldInfo( content="GET", field_name="scheme", type="string" ), StructFieldInfo( content="/logHello/test", field_name="router_uri", type="string" ), StructFieldInfo( content="HTTP/1.1", field_name="server_protocol", type="string" ), StructFieldInfo( content="200", field_name="status", type="long" ), StructFieldInfo( content="1943", field_name="bytes_sent", type="long" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="192.168.12.2 - - [07/Mar/2018:09:49:55 +0800] "GET /logHello/test HTTP/1.1" 200 1943", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改GAUSSDB_OPENGAUSS_AUDIT方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="GAUSSDB_OPENGAUSS_AUDIT" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="rdsAdmin", field_name="username", type="string" ), StructFieldInfo( content="cm_agent@10.254.95.70", field_name="client_conninfo", type="string" ), StructFieldInfo( content="96e86f462bbc4f2286d7c8274815d0fein14", field_name="instanceId", type="string" ), StructFieldInfo( content="xid=30818, SET statement_timeout = 10000000;n", field_name="detail_info", type="string" ), StructFieldInfo( content="140463114942208@713872403507507", field_name="thread_id", type="string" ), StructFieldInfo( content="ok", field_name="result", type="string" ), StructFieldInfo( content="postgres", field_name="database", type="string" ), StructFieldInfo( content="8001", field_name="local_port", type="string" ), StructFieldInfo( content="10", field_name="userid", type="string" ), StructFieldInfo( content="06c267fad8054a0abcb17cfa3b8f260cno14", field_name="nodeId", type="string" ), StructFieldInfo( content="dn_6001_6002_6003", field_name="node_name", type="string" ), StructFieldInfo( content="statement_timeout", field_name="object_name", type="string" ), StructFieldInfo( content="2022-08-15 17:53:23+08", field_name="time", type="string" ), StructFieldInfo( content="set_parameter", field_name="type", type="string" ), StructFieldInfo( content="50952", field_name="remote_port", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"username":"rdsAdmin","client_conninfo":"cm_agent@10.254.95.70","instanceId":"96e86f462bbc4f2286d7c8274815d0fein14","detail_info":"xid=30818, SET statement_timeout = 10000000;n","thread_id":"140463114942208@713872403507507","result":"ok","database":"postgres","local_port":"8001","userid":"10","nodeId":"06c267fad8054a0abcb17cfa3b8f260cno14","node_name":"dn_6001_6002_6003","object_name":"statement_timeout","time":"2022-08-15 17:53:23+08","type":"set_parameter","remote_port":"50952"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改MYSQL慢日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="MYSQL_SLOW" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="2022-07-27T02:49:19.000", field_name="start_time", type="string" ), StructFieldInfo( content="commerce", field_name="user", type="string" ), StructFieldInfo( content="100.*.*.222", field_name="host", type="string" ), StructFieldInfo( content="1.461583", field_name="query_time", type="string" ), StructFieldInfo( content="0.000050", field_name="lock_time", type="string" ), StructFieldInfo( content="500", field_name="rows_sent", type="string" ), StructFieldInfo( content="581000", field_name="rows_examined", type="string" ), StructFieldInfo( content="SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;", field_name="command_text", type="string" ), StructFieldInfo( content="saas_perf", field_name="database", type="string" ), StructFieldInfo( content="slow_log", field_name="log_type", type="string" ), StructFieldInfo( content="1658890159", field_name="log_time", type="string" ), StructFieldInfo( content="SELECT", field_name="operate_type", type="string" ), StructFieldInfo( content="5d6c61bbd49b4ad3a1572461811e3dacno01", field_name="node_id", type="string" ), StructFieldInfo( content="207032924c644f429b74f6fc5d8c97f9in01", field_name="instance_id", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"start_time":"2022-07-27T02:49:19.000","user":"commerce","host":"100.*.*.222","query_time":"1.461583","lock_time":"0.000050","rows_sent":"500","rows_examined":"581000","command_text":"SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;","database":"saas_perf","log_type":"slow_log","log_time":"1658890159","operate_type":"SELECT","node_id":"5d6c61bbd49b4ad3a1572461811e3dacno01","instance_id":"207032924c644f429b74f6fc5d8c97f9in01"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改MYSQL错误日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="MYSQL_ERROR" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="error_log", field_name="log_type", type="string" ), StructFieldInfo( content="WARNING", field_name="severity", type="string" ), StructFieldInfo( content="2022-08-22T06:52:08Z", field_name="log_time", type="string" ), StructFieldInfo( content="Occur error when reading bytes from a network handler. Client actively closes the connection.", field_name="raw_message", type="string" ), StructFieldInfo( content="5d6c61bbd49b4ad3a1572461811e3dacno01", field_name="node_id", type="string" ), StructFieldInfo( content="207032924c644f429b74f6fc5d8c97f9in01", field_name="instance_id", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection.","node_id":"5d6c61bbd49b4ad3a1572461811e3dacno01","instance_id":"207032924c644f429b74f6fc5d8c97f9in01"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改DDS错误日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="MONGODB_ERROR" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="error_log", field_name="log_type", type="string" ), StructFieldInfo( content="Error", field_name="severity", type="string" ), StructFieldInfo( content="2022-08-22T09:33:15.142+0000", field_name="log_time", type="string" ), StructFieldInfo( content="E QUERY [ClusterDisasterBackupChangeJob] Get global setting disasterBackup failed.", field_name="raw_message", type="string" ), StructFieldInfo( content="5b67dc63ba824145aae1f12ff51e58b8in02", field_name="instance_id", type="string" ), StructFieldInfo( content="686a791e690e4db3af591ec4b6f72916no02", field_name="node_id", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"log_type":"error_log","severity":"Error","log_time":"2022-08-22T09:33:15.142+0000","raw_message":"E QUERY [ClusterDisasterBackupChangeJob] Get global setting disasterBackup failed.","instance_id": "5b67dc63ba824145aae1f12ff51e58b8in02","node_id": "686a791e690e4db3af591ec4b6f72916no02"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改DDS慢日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="MONGODB_SLOW" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="slow_log", field_name="log_type", type="string" ), StructFieldInfo( content="2022-08-20T10:04:03.204000Z", field_name="log_time", type="string" ), StructFieldInfo( content="data0820.table", field_name="namespace", type="string" ), StructFieldInfo( content="data0820", field_name="database", type="string" ), StructFieldInfo( content="table", field_name="collection", type="string" ), StructFieldInfo( content="insert", field_name="operate_type", type="string" ), StructFieldInfo( content="0", field_name="docs_scanned", type="long" ), StructFieldInfo( content="0", field_name="docs_returned", type="long" ), StructFieldInfo( content="0", field_name="n_deleted", type="long" ), StructFieldInfo( content="0", field_name="n_matched", type="long" ), StructFieldInfo( content="0", field_name="n_modified", type="long" ), StructFieldInfo( content="10", field_name="n_inserted", type="long" ), StructFieldInfo( content="555", field_name="cost_time", type="long" ), StructFieldInfo( content="0", field_name="lock_time", type="long" ), StructFieldInfo( content="{"op": "insert", "ns": "data0820.usrtable", "command": "{N}", "ninserted": 1, "keysInserted": 1, "numYield": 0, "locks": {"Global": {"acquireCount": {"r": 5, "w": 5}}, "Database": {"acquireCount": {"w": 4, "W": 1}}, "Collection": {"acquireCount": {"w": 2}}, "oplog": {"acquireCount": {"w": 2}}}, "responseLength": 230, "protocol": "op_msg", "millis": 555, "ts": {"$date": 1660989843204}, "client": "192.168.0.64", "appName": "MongoDB Shell", "allUsers": [{"user": "rwuser", "db": "admin"}], "user": "rwuser@admin"}", field_name="whole_message", type="string" ), StructFieldInfo( content="5b67dc63ba824145aae1f12ff51e58b8in02", field_name="instance_id", type="string" ), StructFieldInfo( content="686a791e690e4db3af591ec4b6f72916no02", field_name="node_id", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"log_type":"slow_log","log_time":"2022-08-20T10:04:03.204000Z","namespace":"data0820.table","database":"data0820","collection":"table","operate_type":"insert","docs_scanned":0,"docs_returned":0,"n_deleted":0,"n_matched":0,"n_modified":0,"n_inserted":10,"cost_time":555,"lock_time":0,"whole_message":"{"op": "insert", "ns": "data0820.usrtable", "command": "{N}", "ninserted": 1, "keysInserted": 1, "numYield": 0, "locks": {"Global": {"acquireCount": {"r": 5, "w": 5}}, "Database": {"acquireCount": {"w": 4, "W": 1}}, "Collection": {"acquireCount": {"w": 2}}, "oplog": {"acquireCount": {"w": 2}}}, "responseLength": 230, "protocol": "op_msg", "millis": 555, "ts": {"$date": 1660989843204}, "client": "192.168.0.64", "appName": "MongoDBShell", "allUsers": [{"user": "rwuser", "db": "admin"}], "user": "rwuser@admin"}","instance_id": "5b67dc63ba824145aae1f12ff51e58b8in02","node_id":"686a791e690e4db3af591ec4b6f72916no02"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改CFW访问控制日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="CFW_ACCESS" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="PING", field_name="app", type="string" ), StructFieldInfo( content="in2out", field_name="direction", type="string" ), StructFieldInfo( content="3002", field_name="source-zone", type="string" ), StructFieldInfo( content="56827792-173e-435a-b22b-229f21d78244", field_name="rule_id", type="string" ), StructFieldInfo( content="ICMP: ECHO_REQUEST", field_name="protocol", type="string" ), StructFieldInfo( content="100.85.222.23", field_name="dst_ip", type="string" ), StructFieldInfo( content="100.85.112.49", field_name="src_ip", type="string" ), StructFieldInfo( content="eip", field_name="log_type", type="string" ), StructFieldInfo( content="1655882537006", field_name="hit_time", type="long" ), StructFieldInfo( content="44243649", field_name="log-id", type="string" ), StructFieldInfo( content="45243", field_name="dst_port", type="string" ), StructFieldInfo( content="3001", field_name="destination-zone", type="string" ), StructFieldInfo( content="2022.06.22", field_name="index_day", type="string" ), StructFieldInfo( content="6781", field_name="log_id", type="long" ), StructFieldInfo( content="17589", field_name="src_port", type="string" ), StructFieldInfo( content="58ead9e7-418d-4166-8df8-f24941d4205c", field_name="fw_instance_id", type="string" ), StructFieldInfo( content="permit", field_name="action", type="string" ), StructFieldInfo( content="1", field_name="vsys", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"app":"PING","direction":"in2out","source-zone":"3002","rule_id":"56827792-173e-435a-b22b-229f21d78244","protocol":"ICMP: ECHO_REQUEST","dst_ip":"100.85.222.23","src_ip":"100.85.112.49","log_type":"eip","hit_time":1655882537006,"log-id":"44243649","dst_port":"45243","destination-zone":"3001","index_day":"2022.06.22","log_id":6781,"src_port":"17589","fw_instance_id":"58ead9e7-418d-4166-8df8-f24941d4205c","action":"permit","vsys":"1"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改CFW攻击日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="CFW_ATTACK" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="0", field_name="source", type="string" ), StructFieldInfo( content="HTTP", field_name="app", type="string" ), StructFieldInfo( content="out2in", field_name="direction", type="string" ), StructFieldInfo( content="100.85.222.23", field_name="dst_ip", type="string" ), StructFieldInfo( content="10.108.170.229", field_name="src_ip", type="string" ), StructFieldInfo( content="1655974411462", field_name="event_time", type="long" ), StructFieldInfo( content="eip", field_name="log_type", type="string" ), StructFieldInfo( content="80", field_name="dst_port", type="string" ), StructFieldInfo( content="330409", field_name="attack_rule_id", type="string" ), StructFieldInfo( content="2022.06.23", field_name="index_day", type="string" ), StructFieldInfo( content="462688", field_name="log_id", type="long" ), StructFieldInfo( content="51002", field_name="src_port", type="string" ), StructFieldInfo( content="TCP", field_name="protocol", type="string" ), StructFieldInfo( field_name="packet", type="string" ), StructFieldInfo( content="HIGH", field_name="level", type="string" ), StructFieldInfo( content="Vulnerability Exploit Attack", field_name="attack_type", type="string" ), StructFieldInfo( content="58ead9e7-418d-4166-8df8-f24941d4205c", field_name="fw_instance_id", type="string" ), StructFieldInfo( content="permit", field_name="action", type="string" ), StructFieldInfo( content="1", field_name="vsys", type="string" ), StructFieldInfo( content="VMware Spring Cloud Directory Traversal Vulnerability (CVE-2020-5410)", field_name="attack_rule", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"source":"0","app":"HTTP","direction":"out2in","dst_ip":"100.85.222.23","src_ip":"10.108.170.229","event_time":1655974411462,"log_type":"eip","dst_port":"80","attack_rule_id":"330409","index_day":"2022.06.23","log_id":462688,"src_port":"51002","protocol":"TCP","packet":"+hZUZMhT+hY/AaHMCABFAADnicBAAHgGgJIKbKrlZFXeF8c6AFAYCIpDV562+VAYBAILMwAAR0VUIC9qb2JtYW5hZ2VyL2xvZ3MvLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmLi4lMjUyZi4uJTI1MmYuLiUyNTJmZXRjJTI1MmZwYXNzd2QgSFRUUC8xLjENCkhvc3Q6IDEwMC44NS4yMjIuMjMNClVzZXItQWdlbnQ6IGN1cmwvNy42NS4wDQpBY2NlcHQ6ICovKg0KDQo=","level":"HIGH","attack_type":"Vulnerability Exploit Attack","fw_instance_id":"58ead9e7-418d-4166-8df8-f24941d4205c","action":"permit","vsys":"1","attack_rule":"VMware Spring Cloud Directory Traversal Vulnerability (CVE-2020-5410)"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改CFW流量日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="CFW_FLOW" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="80", field_name="dst_port", type="string" ), StructFieldInfo( content="HTTP", field_name="app", type="string" ), StructFieldInfo( content="0.1", field_name="to_c_pkts", type="float" ), StructFieldInfo( content="100.85.222.23", field_name="dst_ip", type="string" ), StructFieldInfo( content="0.1", field_name="to_c_bytes", type="float" ), StructFieldInfo( content="1655436321000", field_name="end_time", type="long" ), StructFieldInfo( content="10.108.170.229", field_name="src_ip", type="string" ), StructFieldInfo( content="2022.06.17", field_name="index_day", type="string" ), StructFieldInfo( content="1232.1", field_name="bytes", type="float" ), StructFieldInfo( content="4424364f", field_name="log-id", type="string" ), StructFieldInfo( content="1", field_name="vsys", type="string" ), StructFieldInfo( content="67", field_name="suffix", type="string" ), StructFieldInfo( content="10.1", field_name="packets", type="float" ), StructFieldInfo( content="out2in", field_name="direction", type="string" ), StructFieldInfo( content="TCP", field_name="protocol", type="string" ), StructFieldInfo( content="1232.1", field_name="to_s_bytes", type="float" ), StructFieldInfo( content="10.1", field_name="to_s_pkts", type="float" ), StructFieldInfo( content="63934", field_name="src_port", type="string" ), StructFieldInfo( content="1655436299000", field_name="start_time", type="long" ), StructFieldInfo( content="efbeb90c-1108-42ce-b099-f7e035a10b67", field_name="fw_instance_id", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"dst_port":"80","app":"HTTP","to_c_pkts":0.1,"dst_ip":"100.85.222.23","to_c_bytes":0.1,"end_time":1655436321000,"src_ip":"10.108.170.229","index_day":"2022.06.17","bytes":1232.1,"log-id":"4424364f","vsys":"1","suffix":"67","packets":10.1,"direction":"out2in","protocol":"TCP","to_s_bytes":1232.1,"to_s_pkts":10.1,"src_port":"63934","start_time":1655436299000,"fw_instance_id":"efbeb90c-1108-42ce-b099-f7e035a10b67"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改POSTGRESQL慢日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="POSTGRESQL_SLOW" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="slow_log", field_name="log_type", type="string" ), StructFieldInfo( content="328.662", field_name="execute_time", type="float" ), StructFieldInfo( content="authoring", field_name="user", type="string" ), StructFieldInfo( content="2022-07-24T10:06:41.000", field_name="log_time", type="string" ), StructFieldInfo( content="authoring-test", field_name="database", type="string" ), StructFieldInfo( content="SELECT * FROM ( SELECT n.user_id,n.id AS resource_id,e.create_at AS begin_time,e.create_at AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id WHERE e.category = N AND s.resource_ownership=N AND e.create_at BETWEEN $N AND $N UNION ALL SELECT n.user_id,n.id AS resource_id,$N AS begin_time,$N AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id INNER JOIN (SELECT resource_id,max(create_at) as create_at FROM t_resource_status_event WHERE create_at < $N AND category = N GROUP BY resource_id) x ON e.resource_id=x.resource_id AND e.create_at=x.create_at WHERE e.create_at < $N AND e.category = N AND e.status = N AND s.resource_ownership=N) m ORDER BY resource_id,begin_time ASC", field_name="statement", type="string" ), StructFieldInfo( content="10.*.*.206", field_name="host", type="string" ), StructFieldInfo( content="1658657201", field_name="log_timestamp", type="string" ), StructFieldInfo( content="SELECT", field_name="operate_type", type="string" ), StructFieldInfo( content="d285609201534696bdcd648519fe2b8dno02", field_name="node_id", type="string" ), StructFieldInfo( content="5b67dc63ba824145aae1f12ff51e58b8in02", field_name="instance_id", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"log_type":"slow_log","execute_time":328.662,"user":"authoring","log_time":"2022-07-24T10:06:41.000","database":"authoring-test","statement":"SELECT * FROM ( SELECT n.user_id,n.id AS resource_id,e.create_at AS begin_time,e.create_at AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id WHERE e.category = N AND s.resource_ownership=N AND e.create_at BETWEEN $N AND $N UNION ALL SELECT n.user_id,n.id AS resource_id,$N AS begin_time,$N AS end_time ,N AS resource_spec_code,COALESCE(cast(e.flavor as varchar), cast(s.volume_size as varchar)) AS billing_unit,c.az_id,-N AS accumulate_factor_value,CONCAT(N, s.id, N) AS bss_params,n.project_id, n.domain_id, e.status , N AS resource_type , w.workspace_id,w.enterprise_project_id FROM t_resource_status_event e INNER JOIN t_notebook_evs_storage s on s.id=e.resource_id LEFT JOIN t_notebook_instance n on s.id=n.storage_id LEFT JOIN t_logic_cluster l on n.resource_cluster_id=l.id LEFT JOIN t_cce_cluster c on c.id=l.cce_id LEFT JOIN t_workspace w on w.workspace_id=n.workspace_id INNER JOIN (SELECT resource_id,max(create_at) as create_at FROM t_resource_status_event WHERE create_at < $N AND category = N GROUP BY resource_id) x ON e.resource_id=x.resource_id AND e.create_at=x.create_at WHERE e.create_at < $N AND e.category = N AND e.status = N AND s.resource_ownership=N) m ORDER BY resource_id,begin_time ASC","host":"10.*.*.206","log_timestamp":"1658657201","operate_type":"SELECT","node_id":"d285609201534696bdcd648519fe2b8dno02","instance_id":"5b67dc63ba824145aae1f12ff51e58b8in02"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改POSTGRESQL错误日志方式的结构化配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="POSTGRESQL_ERROR" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="error_log", field_name="log_type", type="string" ), StructFieldInfo( content="WARNING", field_name="severity", type="string" ), StructFieldInfo( content="2022-08-22T06:52:08Z", field_name="log_time", type="string" ), StructFieldInfo( content="Occur error when reading bytes from a network handler. Client actively closes the connection.", field_name="raw_message", type="string" ), StructFieldInfo( content="d285609201534696bdcd648519fe2b8dno02", field_name="node_id", type="string" ), StructFieldInfo( content="5b67dc63ba824145aae1f12ff51e58b8in02", field_name="instance_id", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection.","node_id":"d285609201534696bdcd648519fe2b8dno02","instance_id":"5b67dc63ba824145aae1f12ff51e58b8in02"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改GAUSSDB_MYSQL慢日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="GAUSSDB_MYSQL_SLOW" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ), TagField( field_name="hostName", type="string", content="ecs-ictest", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="2022-07-27T02:49:19.000", field_name="start_time", type="string" ), StructFieldInfo( content="commerce", field_name="user", type="string" ), StructFieldInfo( content="100.*.*.222", field_name="host", type="string" ), StructFieldInfo( content="1.461583", field_name="query_time", type="string" ), StructFieldInfo( content="0.000050", field_name="lock_time", type="string" ), StructFieldInfo( content="500", field_name="rows_sent", type="string" ), StructFieldInfo( content="581000", field_name="rows_examined", type="string" ), StructFieldInfo( content="SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;", field_name="command_text", type="string" ), StructFieldInfo( content="saas_perf", field_name="database", type="string" ), StructFieldInfo( content="slow_log", field_name="log_type", type="string" ), StructFieldInfo( content="1658890159", field_name="log_time", type="string" ), StructFieldInfo( content="SELECT", field_name="operate_type", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"start_time":"2022-07-27T02:49:19.000","user":"commerce","host":"100.*.*.222","query_time":"1.461583","lock_time":"0.000050","rows_sent":"500","rows_examined":"581000","command_text":"SELECT DN_N.record_id `a.id`,DN_N.name `a.name`,DN_N.valueN `a.ExternalCode`,DN_N.valueN `a.DeviceName`,DN_N.valueN `a.DeviceDef`,DN_N.created_date `a.createdDate`,DN_N.last_modified_date `a.lastModifiedDate`,DN_N.valueN `a.DeviceProduct`,DN_N.valueN `a.Channel`,DN_N.valueN `a.Status`,CN_N.valueN `a.Remark`,DN_N.valueN `a.NodeId`,DN_N.valueN `a.ConnectStatus`,CAST(DN_N.valueN AS CHAR(N)) `a.GatewayId`,CAST(DN_N.valueN AS CHAR(N)) `a.HMI`,DN_N.valueN `a.SerialNo`,CAST(DN_N.valueN AS DECIMAL(N,N)) `a.TelemetryPeriod`,DN_N.valueN `a.ConnectStatusChgTime`,DN_N.valueN `a.DeviceNumber`,CAST(DN_N.valueN AS CHAR(N)) `a.ControllerType`,CAST(DN_N.valueN AS CHAR(N)) `a.ProjectId`,DN_N.valueN `a.RegisterStatus`,DN_N.created_date ORD_FN FROM dataN DN_N,clobs CN_N WHERE (DN_N.tenant_id= N AND DN_N.obj_id= N AND DN_N.tenant_id= CN_N.tenant_id AND DN_N.obj_id= CN_N.obj_id AND DN_N.record_id= CN_N.record_id) AND ((DN_N.valueN = N)) ORDER BY DN_N.created_date DESC limit N,N;","database":"saas_perf","log_type":"slow_log","log_time":"1658890159","operate_type":"SELECT"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改GAUSSDB_MYSQL错误日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="GAUSSDB_MYSQL_ERROR" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="error_log", field_name="log_type", type="string" ), StructFieldInfo( content="WARNING", field_name="severity", type="string" ), StructFieldInfo( content="2022-08-22T06:52:08Z", field_name="log_time", type="string" ), StructFieldInfo( content="Occur error when reading bytes from a network handler. Client actively closes the connection.", field_name="raw_message", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"log_type":"error_log","severity":"WARNING","log_time":"2022-08-22T06:52:08Z","raw_message":"Occur error when reading bytes from a network handler. Client actively closes the connection."}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改CDN方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="CDN" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="1666604392000", field_name="request_time", type="string" ), StructFieldInfo( content="findercdn.video.qq.com", field_name="domain", type="string" ), StructFieldInfo( content="GET", field_name="method", type="string" ), StructFieldInfo( content="http", field_name="scheme", type="string" ), StructFieldInfo( content="/BcimRg.txt", field_name="uri", type="string" ), StructFieldInfo( content="cdnkey=*****&cdntoken=*****&tokenidx=1", field_name="uri_param", type="string" ), StructFieldInfo( content="192.168.233.142", field_name="client_ip", type="string" ), StructFieldInfo( content="51517", field_name="client_port", type="string" ), StructFieldInfo( content="-", field_name="refer_protocol", type="string" ), StructFieldInfo( content="-", field_name="refer_domain", type="string" ), StructFieldInfo( content="-", field_name="refer_uri", type="string" ), StructFieldInfo( content="-", field_name="refer_param", type="string" ), StructFieldInfo( content="301", field_name="request_size", type="string" ), StructFieldInfo( content="14", field_name="response_time", type="string" ), StructFieldInfo( content="588", field_name="response_size", type="string" ), StructFieldInfo( content="403", field_name="http_code", type="string" ), StructFieldInfo( content="-", field_name="response_range", type="string" ), StructFieldInfo( content="-", field_name="request_range", type="string" ), StructFieldInfo( content="150", field_name="request_body_bytes", type="string" ), StructFieldInfo( content="text/html", field_name="content_type", type="string" ), StructFieldInfo( content="HIT", field_name="hit_info", type="string" ), StructFieldInfo( content="python-requests/2.21.0", field_name="user_agent", type="string" ), StructFieldInfo( content="ce6327e015c1e16f581818b838a6cb0c", field_name="uuid", type="string" ), StructFieldInfo( content="edge-cache01[14]", field_name="via_info", type="string" ), StructFieldInfo( content="-", field_name="xforwordfor", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"request_time":"1666604392000","domain":"findercdn.video.qq.com","method":"GET","scheme":"http","uri":"/BcimRg.txt","uri_param":"cdnkey=*****&cdntoken=*****&tokenidx=1","client_ip":"192.168.233.142","client_port":"51517","refer_protocol":"-","refer_domain":"-","refer_uri":"-","refer_param":"-","request_size":"301","response_time":"14","response_size":"588","http_code":"403","response_range":"-","request_range":"-","request_body_bytes":"150","content_type":"text/html","hit_info":"HIT","user_agent":"python-requests/2.21.0","uuid":"ce6327e015c1e16f581818b838a6cb0c","via_info":"edge-cache01[14]","xforwordfor":"-"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改SMN方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="SMN" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="1ae49922602a42fc83acb9689a2eb5f4", field_name="message_id", type="string" ), StructFieldInfo( content="5a9f32e4f1ec4bbe9695ff9da51c2925", field_name="project_id", type="string" ), StructFieldInfo( content="urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo", field_name="topic_urn", type="string" ), StructFieldInfo( content="urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo:b55c3c6fa7cd471b9f24818d530a8740", field_name="subscriber_urn", type="string" ), StructFieldInfo( content="https", field_name="protocol_name", type="string" ), StructFieldInfo( content="https://127.0.0.1:443/https", field_name="endpoint", type="string" ), StructFieldInfo( content="DELIVERED", field_name="status", type="string" ), StructFieldInfo( content="200", field_name="http_code", type="long" ), StructFieldInfo( content="2022-11-01T00:00:00Z", field_name="create_time", type="string" ), StructFieldInfo( content="2022-11-01T00:00:10Z", field_name="send_time", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"message_id":"1ae49922602a42fc83acb9689a2eb5f4","project_id":"5a9f32e4f1ec4bbe9695ff9da51c2925","topic_urn":"urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo","subscriber_urn":"urn:smn:cn-north-1:5a9f32e4f1ec4bbe9695ff9da51c2925:demo:b55c3c6fa7cd471b9f24818d530a8740","protocol_name":"https","endpoint":"https://127.0.0.1:443/https","status":"DELIVERED","http_code":200,"create_time":"2022-11-01T00:00:00Z","send_time":"2022-11-01T00:00:10Z"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改WAF访问日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="WAF_ACCESS" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="504", field_name="response_code", type="string" ), StructFieldInfo( content="http", field_name="scheme", type="string" ), StructFieldInfo( content="100.93.2.229:80", field_name="upstream_addr", type="string" ), StructFieldInfo( content="163", field_name="body_bytes_sent", type="string" ), StructFieldInfo( content="-", field_name="upstream_header_time", type="string" ), StructFieldInfo( content="1", field_name="connection_requests", type="string" ), StructFieldInfo( content="", field_name="ssl_cipher", type="string" ), StructFieldInfo( content="1736cc7331b74b198e2ef07555a970ce", field_name="hostid", type="string" ), StructFieldInfo( content="2152", field_name="pid", type="string" ), StructFieldInfo( content="", field_name="tls_version", type="string" ), StructFieldInfo( content="www.testh.com", field_name="http_host", type="string" ), StructFieldInfo( content="0", field_name="process_time", type="string" ), StructFieldInfo( content="88003425-d7bc-46ce-8ae7-77a8aa18a814", field_name="access_stream_id", type="string" ), StructFieldInfo( content="2022-07-29T19:39:10+08:00", field_name="time_iso8601", type="string" ), StructFieldInfo( content="", field_name="intel_crawler", type="string" ), StructFieldInfo( content="504", field_name="upstream_status", type="string" ), StructFieldInfo( content="10.63.46.110", field_name="remote_ip", type="string" ), StructFieldInfo( content="30.008", field_name="request_time", type="string" ), StructFieldInfo( content="1d26cc8c86a840e28a4f8d0d07852f1d", field_name="tenantid", type="string" ), StructFieldInfo( content="10.63.46.110", field_name="sip", type="string" ), StructFieldInfo( content="420", field_name="bytes_send", type="string" ), StructFieldInfo( content="2a473356cca5487f8373be891bffc1cf", field_name="projectid", type="string" ), StructFieldInfo( content="curl/7.29.0", field_name="user_agent", type="string" ), StructFieldInfo( content="", field_name="web_tag", type="string" ), StructFieldInfo( content="GET", field_name="method", type="string" ), StructFieldInfo( content="10.63.36.208", field_name="bind_ip", type="string" ), StructFieldInfo( content="", field_name="region_id", type="string" ), StructFieldInfo( content="20582", field_name="remote_port", type="string" ), StructFieldInfo( content="", field_name="ssl_ciphers_md5", type="string" ), StructFieldInfo( content="", field_name="x_real_ip", type="string" ), StructFieldInfo( content="/", field_name="url", type="string" ), StructFieldInfo( content="", field_name="x_forwarded_for", type="string" ), StructFieldInfo( content="", field_name="sni", type="string" ), StructFieldInfo( content="public/../style/general.css=true", field_name="args", type="string" ), StructFieldInfo( content="", field_name="cdn_src_ip", type="string" ), StructFieldInfo( content="0", field_name="enterprise_project_id", type="string" ), StructFieldInfo( content="-", field_name="upstream_connect_time", type="string" ), StructFieldInfo( content="", field_name="engine_id", type="string" ), StructFieldInfo( content="110", field_name="request_length", type="string" ), StructFieldInfo( content="5d574e6a-87da-42bc-bfd4-ff61a1b336a4", field_name="group_id", type="string" ), StructFieldInfo( content="36f0a9212b14528ffc090f1811cd87d8", field_name="requestid", type="string" ), StructFieldInfo( content="", field_name="ssl_curves", type="string" ), StructFieldInfo( content="", field_name="ssl_session_reused", type="string" ), StructFieldInfo( content="2022-07-29T11:39:10.000Z", field_name="waf-time", type="string" ), StructFieldInfo( content="30.009", field_name="upstream_response_time", type="string" ), StructFieldInfo( content="29/Jul/2022:19:39:10 +0800", field_name="time", type="string" ), StructFieldInfo( content="access", field_name="waf_category", type="string" ), StructFieldInfo( content="10.63.36.208", field_name="eng_ip", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"response_code":"504","scheme":"http","upstream_addr":"100.93.2.229:80","body_bytes_sent":"163","upstream_header_time":"-","connection_requests":"1","ssl_cipher":"","hostid":"1736cc7331b74b198e2ef07555a970ce","pid":"2152","tls_version":"","http_host":"www.testh.com","process_time":"0","access_stream_id":"88003425-d7bc-46ce-8ae7-77a8aa18a814","time_iso8601":"2022-07-29T19:39:10+08:00","intel_crawler":"","upstream_status":"504","remote_ip":"10.63.46.110","request_time":"30.008","tenantid":"1d26cc8c86a840e28a4f8d0d07852f1d","sip":"10.63.46.110","bytes_send":"420","projectid":"2a473356cca5487f8373be891bffc1cf","user_agent":"curl/7.29.0","web_tag":"","method":"GET","bind_ip":"10.63.36.208","region_id":"","remote_port":"20582","ssl_ciphers_md5":"","x_real_ip":"","url":"/","x_forwarded_for":"","sni":"","args":"public/../style/general.css=true","cdn_src_ip":"","enterprise_project_id":"0","upstream_connect_time":"-","engine_id":"","request_length":"110","group_id":"5d574e6a-87da-42bc-bfd4-ff61a1b336a4","requestid":"36f0a9212b14528ffc090f1811cd87d8","ssl_curves":"","ssl_session_reused":"","waf-time":"2022-07-29T11:39:10.000Z","upstream_response_time":"30.008","time":"29/Jul/2022:19:39:10 +0800","category":"access","eng_ip":"10.63.36.208"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改WAF攻击日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="WAF_ATTACK" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string" ) ] listDemoFieldsbody = [ StructFieldInfo( content="cd081ba3d6674000acc37d7e2a4b9140", field_name="policy_id", type="string" ), StructFieldInfo( content="80", field_name="hport", type="string" ), StructFieldInfo( content="163", field_name="body_bytes_sent", type="string" ), StructFieldInfo( content="1736cc7331b74b198e2ef07555a970ce", field_name="hostid", type="string" ), StructFieldInfo( content="040002", field_name="rule", type="string" ), StructFieldInfo( content="10.63.36.208", field_name="engine_ip", type="string" ), StructFieldInfo( content="2152", field_name="pid", type="string" ), StructFieldInfo( content="www.testh.com", field_name="http_host", type="string" ), StructFieldInfo( content="1", field_name="process_time", type="string" ), StructFieldInfo( content="0000-0000-0000-20820220729193940-f34cf25e", field_name="reqid", type="string" ), StructFieldInfo( content="2022-07-29T19:39:40+08:00", field_name="time_iso8601", type="string" ), StructFieldInfo( content="504", field_name="upstream_status", type="string" ), StructFieldInfo( content="public/../style/general.css", field_name="hit_data", type="string" ), StructFieldInfo( content="98de5d5a-9f54-4d01-9882-eca7bec99d09", field_name="attack_stream_id", type="string" ), StructFieldInfo( content="10.63.46.110", field_name="remote_ip", type="string" ), StructFieldInfo( content="lfi", field_name="attack", type="string" ), StructFieldInfo( content="1d26cc8c86a840e28a4f8d0d07852f1d", field_name="tenantid", type="string" ), StructFieldInfo( content="www.testh.com", field_name="host", type="string" ), StructFieldInfo( content="log", field_name="action", type="string" ), StructFieldInfo( content="HTTP", field_name="backend.protocol", type="string" ), StructFieldInfo( content="true", field_name="backend.alive", type="string" ), StructFieldInfo( content="80", field_name="backend.port", type="long" ), StructFieldInfo( content="100.93.2.229", field_name="backend.host", type="string" ), StructFieldInfo( content="1", field_name="backend.weight", type="long" ), StructFieldInfo( content="ip", field_name="backend.type", type="string" ), StructFieldInfo( content="04-0000-0000-0000-20820220729193940-f34cf25e", field_name="id", type="string" ), StructFieldInfo( content="10.63.46.110", field_name="sip", type="string" ), StructFieldInfo( content="2a473356cca5487f8373be891bffc1cf", field_name="projectid", type="string" ), StructFieldInfo( content="", field_name="web_tag", type="string" ), StructFieldInfo( content="2022-07-29T11:39:40.000Z", field_name="attack-time", type="string" ), StructFieldInfo( content="GET", field_name="method", type="string" ), StructFieldInfo( content="{"HWWAFSESTIME":"1659094780939","HWWAFSESID":"e2cd0733b4712e4cc4"}", field_name="cookie", type="string" ), StructFieldInfo( content="2", field_name="level", type="long" ), StructFieldInfo( content="{\"public\\/..\\/style\\/general.css\":\"true\"}", field_name="params", type="string" ), StructFieldInfo( content="", field_name="x_real_ip", type="string" ), StructFieldInfo( content="/", field_name="url", type="string" ), StructFieldInfo( content="", field_name="x_forwarded_for", type="string" ), StructFieldInfo( content="", field_name="cdn_src_ip", type="string" ), StructFieldInfo( content="0", field_name="enterprise_project_id", type="string" ), StructFieldInfo( content="", field_name="req_body", type="string" ), StructFieldInfo( content="", field_name="engine_id", type="string" ), StructFieldInfo( content="5d574e6a-87da-42bc-bfd4-ff61a1b336a4", field_name="group_id", type="string" ), StructFieldInfo( content="f34cf25eb33ed82cd7261a8276a60c39", field_name="requestid", type="string" ), StructFieldInfo( content="null", field_name="multipart", type="string" ), StructFieldInfo( content="{\"host\":\"www.testh.com\",\"user-agent\":\"curl\\/7.29.0\",\"accept\":\"*\\/*\"}", field_name="header", type="string" ), StructFieldInfo( content="params", field_name="location", type="string" ), StructFieldInfo( content="30.000", field_name="upstream_response_time", type="string" ), StructFieldInfo( content="2022-07-29 19:39:40", field_name="time", type="string" ), StructFieldInfo( content="attack", field_name="waf_category", type="string" ), StructFieldInfo( content="28408", field_name="sport", type="long" ), StructFieldInfo( content="504", field_name="status", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"policy_id":"cd081ba3d6674000acc37d7e2a4b9140","hport":"80","body_bytes_sent":"163","hostid":"1736cc7331b74b198e2ef07555a970ce","rule":"040002","engine_ip":"10.63.36.208","pid":"2152","http_host":"www.testh.com","process_time":"1","reqid":"0000-0000-0000-20820220729193940-f34cf25e","time_iso8601":"2022-07-29T19:39:40+08:00","upstream_status":"504","hit_data":"public/../style/general.css","attack_stream_id":"98de5d5a-9f54-4d01-9882-eca7bec99d09","remote_ip":"10.63.46.110","attack":"lfi","tenantid":"1d26cc8c86a840e28a4f8d0d07852f1d","host":"www.testh.com","action":"log","backend":{"protocol":"HTTP","alive":true,"port":80,"host":"100.93.2.229","weight":1,"type":"ip"},"id":"04-0000-0000-0000-20820220729193940-f34cf25e","sip":"10.63.46.110","projectid":"2a473356cca5487f8373be891bffc1cf","web_tag":"","attack-time":"2022-07-29T11:39:40.000Z","method":"GET","cookie":"{\"HWWAFSESTIME\":\"1659094780939\",\"HWWAFSESID\":\"e2cd0733b4712e4cc4\"}","level":2,"params":"{\"public\\/..\\/style\\/general.css\":\"true\"}","x_real_ip":"","uri":"/","x_forwarded_for":"","cdn_src_ip":"","enterprise_project_id":"0","req_body":"","engine_id":"","group_id":"5d574e6a-87da-42bc-bfd4-ff61a1b336a4","requestid":"f34cf25eb33ed82cd7261a8276a60c39","multipart":"null","header":"{\"host\":\"www.testh.com\",\"user-agent\":\"curl\\/7.29.0\",\"accept\":\"*\\/*\"}","location":"params","upstream_response_time":"30.000","time":"2022-07-29 19:39:40","category":"attack","sport":28408,"status":"504"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改DMS重平衡日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="DMS_REBALANCED" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string" ) ] listDemoFieldsbody = [ StructFieldInfo( content="INFO", field_name="level", type="string" ), StructFieldInfo( content="2023-03-23 17:23:22,906", field_name="timestamp", type="string" ), StructFieldInfo( content="consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635", field_name="message.leaderId", type="string" ), StructFieldInfo( content="1", field_name="message.generationId", type="string" ), StructFieldInfo( content="Assignment received from leader for group KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0 for generation 1", field_name="message.reason", type="string" ), StructFieldInfo( content="KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0", field_name="message.groupId", type="string" ), StructFieldInfo( content="0", field_name="message.coordinatorId", type="string" ), StructFieldInfo( content="END_REBALANCE", field_name="message.type", type="string" ), StructFieldInfo( content="GroupMetadata(groupId=KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0, generation=1, protocolType=Some(consumer), currentState=CompletingRebalance, members=Map(consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635 -> MemberMetadata(memberId=consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635, clientId=consumer-1, clientHost=/172.31.2.168, sessionTimeoutMs=10000, rebalanceTimeoutMs=300000, supportedProtocols=List(range), )))", field_name="message.group", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"level":"INFO","timestamp":"2023-03-23 17:23:22,906","message":{"leaderId":"consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635","generationId":"1","reason":"Assignment received from leader for group KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0 for generation 1","groupId":"KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0","coordinatorId":"0","type":"END_REBALANCE","group":"GroupMetadata(groupId=KMOffsetCache-dms-vm-fa3cf9d6-manager-shared-server-0, generation=1, protocolType=Some(consumer), currentState=CompletingRebalance, members=Map(consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635 -> MemberMetadata(memberId=consumer-1-177817b6-1f29-4717-8a83-dda8eaab1635, clientId=consumer-1, clientHost=/172.31.2.168, sessionTimeoutMs=10000, rebalanceTimeoutMs=300000, supportedProtocols=List(range), )))"}}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改GAUSSDB_REDIS慢日志方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="GAUSSDB_REDIS_SLOW" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134", is_analysis=True ) ] listDemoFieldsbody = [ StructFieldInfo( content="32eaaf6c5a0142e3a6d80740cd5b3803in12", field_name="instance_id", type="string" ), StructFieldInfo( content="597a15b9f2ef4436811c5edcc67c013cno12", field_name="node_id", type="string" ), StructFieldInfo( content="0", field_name="database", type="string" ), StructFieldInfo( content="slow_log", field_name="log_type", type="string" ), StructFieldInfo( content="sismember", field_name="operate_type", type="string" ), StructFieldInfo( content="2022-10-12T07:42:21.253484Z", field_name="log_time", type="string" ), StructFieldInfo( content="1277.47", field_name="cost_time", type="float" ), StructFieldInfo( content="{"command_param":"dc:set:new:follow:uids:monthly:259008728:202210","database":0}", field_name="whole_message", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="2a473356cca5487f8373be891bffxxxx", log_stream_id="7e432db8-9dad-4723-a4b1-fdabf712xxxx", parse_type=" ", log_group_id="925a750-e0f3-4fe9-a046-a04af676xxxx", content="{"instance_id":"32eaaf6c5a0142e3a6d80740cd5b3803in12","node_id":"597a15b9f2ef4436811c5edcc67c013cno12","database":"0","log_type":"slow_log","operate_type":"sismember","log_time":"2022-10-12T07:42:21.253484Z","cost_time":"1277.47","whole_message":"{"command_param": "dc:set:new:follow:uids:monthly:259008728:202210","database": 0}"}", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改APIG结构化配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdklts.v2.region.lts_region import LtsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdklts.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = LtsClient.new_builder() \ .with_credentials(credentials) \ .with_region(LtsRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateStructTemplateRequest() rulebody = Rule( type="built_in", param="APIG" ) listTagFieldsbody = [ TagField( field_name="hostIP", type="string", content="192.168.2.134" ), TagField( field_name="hostName", type="string", content="ecs-ictest" ) ] listDemoFieldsbody = [ StructFieldInfo( content="100.125.7.59", field_name="my_remote_addr", type="string" ), StructFieldInfo( content="f57f6523b675504a23887d0f5c1c8ef3", field_name="request_id", type="string" ), StructFieldInfo( content="f5ea2360a2fa443cac236b76f4052ad6", field_name="api_id", type="string" ), StructFieldInfo( content="-", field_name="user_name", type="string" ), StructFieldInfo( content="-", field_name="app_id", type="string" ), StructFieldInfo( content="27/Jan/2022:15:56:44", field_name="time_local", type="string" ), StructFieldInfo( content="0.113", field_name="request_time", type="float" ), StructFieldInfo( content="GET", field_name="request_method", type="string" ), StructFieldInfo( content="http", field_name="scheme", type="string" ), StructFieldInfo( content="c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com", field_name="host", type="string" ), StructFieldInfo( content="/api/echo", field_name="router_uri", type="string" ), StructFieldInfo( content="HTTP/1.1", field_name="server_protocol", type="string" ), StructFieldInfo( content="200", field_name="status", type="long" ), StructFieldInfo( content="1443", field_name="bytes_sent", type="long" ), StructFieldInfo( content="408", field_name="request_length", type="long" ), StructFieldInfo( content="APIGatewayDebugClient/1.0", field_name="http_user_agent", type="string" ), StructFieldInfo( content="-", field_name="http_x_forwarded_for", type="string" ), StructFieldInfo( content="100.125.2.39:443", field_name="upstream_addr", type="string" ), StructFieldInfo( content="/v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations", field_name="upstream_uri", type="string" ), StructFieldInfo( content="200", field_name="upstream_status", type="long" ), StructFieldInfo( content="0.010", field_name="upstream_connect_time", type="float" ), StructFieldInfo( content="0.083", field_name="upstream_header_time", type="float" ), StructFieldInfo( content="0.083", field_name="upstream_response_time", type="float" ), StructFieldInfo( content="cn-north-4", field_name="region_id", type="string" ), StructFieldInfo( content="0.083", field_name="all_upstream_response_time", type="float" ), StructFieldInfo( content="0", field_name="errorType", type="long" ), StructFieldInfo( content="-", field_name="auth_type", type="string" ), StructFieldInfo( content="-", field_name="access_model1", type="string" ), StructFieldInfo( content="-", field_name="access_model2", type="string" ), StructFieldInfo( content="0.03000020980835", field_name="inner_time", type="float" ), StructFieldInfo( content="-", field_name="proxy_protocol_vni", type="string" ), StructFieldInfo( content="-", field_name="proxy_protocol_vpce_id", type="string" ), StructFieldInfo( content="-", field_name="proxy_protocol_addr", type="string" ), StructFieldInfo( content="486", field_name="body_bytes_sent", type="long" ), StructFieldInfo( content="HttpEchoDemo", field_name="api_name", type="string" ), StructFieldInfo( content="-", field_name="app_name", type="string" ), StructFieldInfo( content="-", field_name="provider_app_id", type="string" ), StructFieldInfo( content="-", field_name="provider_app_name", type="string" ), StructFieldInfo( content="-", field_name="custom_data_log1", type="string" ), StructFieldInfo( content="-", field_name="custom_data_log2", type="string" ), StructFieldInfo( content="-", field_name="custom_data_log3", type="string" ), StructFieldInfo( content="-", field_name="custom_data_log4", type="string" ), StructFieldInfo( content="-", field_name="custom_data_log5", type="string" ), StructFieldInfo( content="-", field_name="custom_data_log6", type="string" ), StructFieldInfo( content="-", field_name="custom_data_log7", type="string" ), StructFieldInfo( content="-", field_name="custom_data_log8", type="string" ), StructFieldInfo( content="-", field_name="custom_data_log9", type="string" ), StructFieldInfo( content="-", field_name="custom_data_log10", type="string" ), StructFieldInfo( content="remote", field_name="response_source", type="string" ), StructFieldInfo( content="26/Dec/2022:12:21:40.000", field_name="start_time", type="string" ) ] request.body = LtsStructTemplateInfo( rule=rulebody, project_id="", log_stream_id="", parse_type="", log_group_id="", content="100.125.7.59 f57f6523b675504a23887d0f5c1c8ef3 f5ea2360a2fa443cac236b76f4052ad6 - - [27/Jan/2022:15:56:44 +0800] 0.113 GET http://c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com /api/echo HTTP/1.1 200 1443 408 "APIGatewayDebugClient/1.0" "-" "100.125.2.39:443" /v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations "200" "0.010" "0.083" "0.083" cn-north-4 0.083 0 - - - 0.03000020980835 - - "-" 486 HttpEchoDemo - - - "-" "-" "-" "-" "-" "-" "-" "-" "-" "-" remote", tag_fields=listTagFieldsbody, demo_fields=listDemoFieldsbody ) response = client.update_struct_template(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)
修改正则方式的结构化配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" lts "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := lts.NewLtsClient( lts.LtsClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.UpdateStructTemplateRequest{} contentTagFields:= "192.168.2.134" isAnalysisTagFields:= true contentTagFields1:= "ecs-ictest" isAnalysisTagFields1:= true var listTagFieldsbody = []model.TagField{ { FieldName: "hostIP", Type: "string", Content: &contentTagFields, IsAnalysis: &isAnalysisTagFields, }, { FieldName: "hostName", Type: "string", Content: &contentTagFields1, IsAnalysis: &isAnalysisTagFields1, }, } fieldNameDemoFields:= "a01" fieldNameDemoFields1:= "a02" fieldNameDemoFields2:= "a03" fieldNameDemoFields3:= "a04" fieldNameDemoFields4:= "a05" fieldNameDemoFields5:= "a06" fieldNameDemoFields6:= "a07" var listDemoFieldsbody = []model.StructFieldInfo{ { FieldName: &fieldNameDemoFields, Type: "string", }, { FieldName: &fieldNameDemoFields1, Type: "string", }, { FieldName: &fieldNameDemoFields2, Type: "string", }, { FieldName: &fieldNameDemoFields3, Type: "string", }, { FieldName: &fieldNameDemoFields4, Type: "string", }, { FieldName: &fieldNameDemoFields5, Type: "string", }, { FieldName: &fieldNameDemoFields6, Type: "long", }, } regexRulesLtsStructTemplateInfo:= "^(?<a01>[^ ]+)(?:[^ ]* ){1}(?<a02>\w+)(?:[^ ]* ){1}(?<a03>\w+)(?:[^ ]* ){1}(?<a04>\w+)(?:[^ ]* ){1}(?<a05>\w+)(?:[^ ]* ){1}(?<a06>\w+)(?:[^ ]* ){1}(?<a07>\d+)" request.Body = &model.LtsStructTemplateInfo{ RegexRules: ®exRulesLtsStructTemplateInfo, ProjectId: " ", LogStreamId: "ff8bd110-dc44-4692-af74-d3b1f6197887", ParseType: model.GetLtsStructTemplateInfoParseTypeEnum().CUSTOM_REGEX, LogGroupId: "ada6ce6b-17ba-43f3-a27f-aa563b4ab14e", Content: "2021-09-09/18:15:41 this log is Error NO 6323", TagFields: listTagFieldsbody, DemoFields: listDemoFieldsbody, } response, err := client.UpdateStructTemplate(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } }
修改分隔符方式的结构化配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" lts "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := lts.NewLtsClient( lts.LtsClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.UpdateStructTemplateRequest{} contentTagFields:= "192.168.2.134" isAnalysisTagFields:= true contentTagFields1:= "ecs-ictest" isAnalysisTagFields1:= true var listTagFieldsbody = []model.TagField{ { FieldName: "hostIP", Type: "string", Content: &contentTagFields, IsAnalysis: &isAnalysisTagFields, }, { FieldName: "hostName", Type: "string", Content: &contentTagFields1, IsAnalysis: &isAnalysisTagFields1, }, } fieldNameDemoFields:= "b1" fieldNameDemoFields1:= "b2" fieldNameDemoFields2:= "b3" fieldNameDemoFields3:= "b4" fieldNameDemoFields4:= "b5" fieldNameDemoFields5:= "b6" fieldNameDemoFields6:= "b7" var listDemoFieldsbody = []model.StructFieldInfo{ { FieldName: &fieldNameDemoFields, Type: "string", }, { FieldName: &fieldNameDemoFields1, Type: "string", }, { FieldName: &fieldNameDemoFields2, Type: "string", }, { FieldName: &fieldNameDemoFields3, Type: "string", }, { FieldName: &fieldNameDemoFields4, Type: "string", }, { FieldName: &fieldNameDemoFields5, Type: "string", }, { FieldName: &fieldNameDemoFields6, Type: "long", }, } tokenizerLtsStructTemplateInfo:= " " request.Body = &model.LtsStructTemplateInfo{ Tokenizer: &tokenizerLtsStructTemplateInfo, ProjectId: "", LogStreamId: "ff8bd110-dc44-4692-af74-d3b1f6197887", ParseType: model.GetLtsStructTemplateInfoParseTypeEnum().SPLIT, LogGroupId: "ada6ce6b-17ba-43f3-a27f-aa563b4ab14e", Content: "2021-09-09/18:50:51 this log is Error NO 37", TagFields: listTagFieldsbody, DemoFields: listDemoFieldsbody, } response, err := client.UpdateStructTemplate(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } }
修改NGINX方式的结构化配置。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" lts "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := lts.NewLtsClient( lts.LtsClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.UpdateStructTemplateRequest{} contentTagFields:= "192.168.2.134" isAnalysisTagFields:= true contentTagFields1:= "ecs-ictest" isAnalysisTagFields1:= true var listTagFieldsbody = []model.TagField{ { FieldName: "hostIP", Type: "string", Content: &contentTagFields, IsAnalysis: &isAnalysisTagFields, }, { FieldName: "hostName", Type: "string", Content: &contentTagFields1, IsAnalysis: &isAnalysisTagFields1, }, } fieldNameDemoFields:= "his1" fieldNameDemoFields1:= "his2" var listDemoFieldsbody = []model.StructFieldInfo{ { FieldName: &fieldNameDemoFields, Type: "string", }, { FieldName: &fieldNameDemoFields1, Type: "string", }, } logFormatLtsStructTemplateInfo:= "log_format main '$his1 : $his2 /'" request.Body = &model.LtsStructTemplateInfo{ LogFormat: &logFormatLtsStructTemplateInfo, ProjectId: "", LogStreamId: "ff8bd110-dc44-4692-af74-d3b1f6197887", ParseType: model.GetLtsStructTemplateInfoParseTypeEnum().NGINX, LogGroupId: "ada6ce6b-17ba-43f3-a27f-aa563b4ab14e", Content: "2021-09-09/18:54:55 this log is Error NO 281", TagFields: listTagFieldsbody, DemoFields: listDemoFieldsbody, } response, err := client.UpdateStructTemplate(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } }
修改CTS方式的结构化配置。
修改ELB方式的结构化配置。
修改VPC方式的结构化配置。
修改DCS审计日志方式的结构化配置。
修改DDS审计日志方式的结构化配置。
修改TOMCAT方式的结构化配置
修改GAUSSDB_OPENGAUSS_AUDIT方式的结构化配置。
修改MYSQL慢日志方式的结构化配置。
修改MYSQL错误日志方式的结构化配置。
修改DDS错误日志方式的结构化配置。
修改DDS慢日志方式的结构化配置。
修改CFW访问控制日志方式的结构化配置。
修改CFW攻击日志方式的结构化配置。
修改CFW流量日志方式的结构化配置。
修改POSTGRESQL慢日志方式的结构化配置。
修改POSTGRESQL错误日志方式的结构化配置
修改GAUSSDB_MYSQL慢日志方式的结构化配置。
修改GAUSSDB_MYSQL错误日志方式的结构化配置。
修改CDN方式的结构化配置。
修改SMN方式的结构化配置。
修改WAF访问日志方式的结构化配置。
修改WAF攻击日志方式的结构化配置。
修改DMS重平衡日志方式的结构化配置。
修改GAUSSDB_REDIS慢日志方式的结构化配置。
修改APIG结构化配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" lts "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/lts/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := lts.NewLtsClient( lts.LtsClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.UpdateStructTemplateRequest{} rulebody := &model.Rule{ Type: "built_in", Param: "APIG", } contentTagFields:= "192.168.2.134" contentTagFields1:= "ecs-ictest" var listTagFieldsbody = []model.TagField{ { FieldName: "hostIP", Type: "string", Content: &contentTagFields, }, { FieldName: "hostName", Type: "string", Content: &contentTagFields1, }, } contentDemoFields:= "100.125.7.59" fieldNameDemoFields:= "my_remote_addr" contentDemoFields1:= "f57f6523b675504a23887d0f5c1c8ef3" fieldNameDemoFields1:= "request_id" contentDemoFields2:= "f5ea2360a2fa443cac236b76f4052ad6" fieldNameDemoFields2:= "api_id" contentDemoFields3:= "-" fieldNameDemoFields3:= "user_name" contentDemoFields4:= "-" fieldNameDemoFields4:= "app_id" contentDemoFields5:= "27/Jan/2022:15:56:44" fieldNameDemoFields5:= "time_local" contentDemoFields6:= "0.113" fieldNameDemoFields6:= "request_time" contentDemoFields7:= "GET" fieldNameDemoFields7:= "request_method" contentDemoFields8:= "http" fieldNameDemoFields8:= "scheme" contentDemoFields9:= "c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com" fieldNameDemoFields9:= "host" contentDemoFields10:= "/api/echo" fieldNameDemoFields10:= "router_uri" contentDemoFields11:= "HTTP/1.1" fieldNameDemoFields11:= "server_protocol" contentDemoFields12:= "200" fieldNameDemoFields12:= "status" contentDemoFields13:= "1443" fieldNameDemoFields13:= "bytes_sent" contentDemoFields14:= "408" fieldNameDemoFields14:= "request_length" contentDemoFields15:= "APIGatewayDebugClient/1.0" fieldNameDemoFields15:= "http_user_agent" contentDemoFields16:= "-" fieldNameDemoFields16:= "http_x_forwarded_for" contentDemoFields17:= "100.125.2.39:443" fieldNameDemoFields17:= "upstream_addr" contentDemoFields18:= "/v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations" fieldNameDemoFields18:= "upstream_uri" contentDemoFields19:= "200" fieldNameDemoFields19:= "upstream_status" contentDemoFields20:= "0.010" fieldNameDemoFields20:= "upstream_connect_time" contentDemoFields21:= "0.083" fieldNameDemoFields21:= "upstream_header_time" contentDemoFields22:= "0.083" fieldNameDemoFields22:= "upstream_response_time" contentDemoFields23:= "cn-north-4" fieldNameDemoFields23:= "region_id" contentDemoFields24:= "0.083" fieldNameDemoFields24:= "all_upstream_response_time" contentDemoFields25:= "0" fieldNameDemoFields25:= "errorType" contentDemoFields26:= "-" fieldNameDemoFields26:= "auth_type" contentDemoFields27:= "-" fieldNameDemoFields27:= "access_model1" contentDemoFields28:= "-" fieldNameDemoFields28:= "access_model2" contentDemoFields29:= "0.03000020980835" fieldNameDemoFields29:= "inner_time" contentDemoFields30:= "-" fieldNameDemoFields30:= "proxy_protocol_vni" contentDemoFields31:= "-" fieldNameDemoFields31:= "proxy_protocol_vpce_id" contentDemoFields32:= "-" fieldNameDemoFields32:= "proxy_protocol_addr" contentDemoFields33:= "486" fieldNameDemoFields33:= "body_bytes_sent" contentDemoFields34:= "HttpEchoDemo" fieldNameDemoFields34:= "api_name" contentDemoFields35:= "-" fieldNameDemoFields35:= "app_name" contentDemoFields36:= "-" fieldNameDemoFields36:= "provider_app_id" contentDemoFields37:= "-" fieldNameDemoFields37:= "provider_app_name" contentDemoFields38:= "-" fieldNameDemoFields38:= "custom_data_log1" contentDemoFields39:= "-" fieldNameDemoFields39:= "custom_data_log2" contentDemoFields40:= "-" fieldNameDemoFields40:= "custom_data_log3" contentDemoFields41:= "-" fieldNameDemoFields41:= "custom_data_log4" contentDemoFields42:= "-" fieldNameDemoFields42:= "custom_data_log5" contentDemoFields43:= "-" fieldNameDemoFields43:= "custom_data_log6" contentDemoFields44:= "-" fieldNameDemoFields44:= "custom_data_log7" contentDemoFields45:= "-" fieldNameDemoFields45:= "custom_data_log8" contentDemoFields46:= "-" fieldNameDemoFields46:= "custom_data_log9" contentDemoFields47:= "-" fieldNameDemoFields47:= "custom_data_log10" contentDemoFields48:= "remote" fieldNameDemoFields48:= "response_source" contentDemoFields49:= "26/Dec/2022:12:21:40.000" fieldNameDemoFields49:= "start_time" var listDemoFieldsbody = []model.StructFieldInfo{ { Content: &contentDemoFields, FieldName: &fieldNameDemoFields, Type: "string", }, { Content: &contentDemoFields1, FieldName: &fieldNameDemoFields1, Type: "string", }, { Content: &contentDemoFields2, FieldName: &fieldNameDemoFields2, Type: "string", }, { Content: &contentDemoFields3, FieldName: &fieldNameDemoFields3, Type: "string", }, { Content: &contentDemoFields4, FieldName: &fieldNameDemoFields4, Type: "string", }, { Content: &contentDemoFields5, FieldName: &fieldNameDemoFields5, Type: "string", }, { Content: &contentDemoFields6, FieldName: &fieldNameDemoFields6, Type: "float", }, { Content: &contentDemoFields7, FieldName: &fieldNameDemoFields7, Type: "string", }, { Content: &contentDemoFields8, FieldName: &fieldNameDemoFields8, Type: "string", }, { Content: &contentDemoFields9, FieldName: &fieldNameDemoFields9, Type: "string", }, { Content: &contentDemoFields10, FieldName: &fieldNameDemoFields10, Type: "string", }, { Content: &contentDemoFields11, FieldName: &fieldNameDemoFields11, Type: "string", }, { Content: &contentDemoFields12, FieldName: &fieldNameDemoFields12, Type: "long", }, { Content: &contentDemoFields13, FieldName: &fieldNameDemoFields13, Type: "long", }, { Content: &contentDemoFields14, FieldName: &fieldNameDemoFields14, Type: "long", }, { Content: &contentDemoFields15, FieldName: &fieldNameDemoFields15, Type: "string", }, { Content: &contentDemoFields16, FieldName: &fieldNameDemoFields16, Type: "string", }, { Content: &contentDemoFields17, FieldName: &fieldNameDemoFields17, Type: "string", }, { Content: &contentDemoFields18, FieldName: &fieldNameDemoFields18, Type: "string", }, { Content: &contentDemoFields19, FieldName: &fieldNameDemoFields19, Type: "long", }, { Content: &contentDemoFields20, FieldName: &fieldNameDemoFields20, Type: "float", }, { Content: &contentDemoFields21, FieldName: &fieldNameDemoFields21, Type: "float", }, { Content: &contentDemoFields22, FieldName: &fieldNameDemoFields22, Type: "float", }, { Content: &contentDemoFields23, FieldName: &fieldNameDemoFields23, Type: "string", }, { Content: &contentDemoFields24, FieldName: &fieldNameDemoFields24, Type: "float", }, { Content: &contentDemoFields25, FieldName: &fieldNameDemoFields25, Type: "long", }, { Content: &contentDemoFields26, FieldName: &fieldNameDemoFields26, Type: "string", }, { Content: &contentDemoFields27, FieldName: &fieldNameDemoFields27, Type: "string", }, { Content: &contentDemoFields28, FieldName: &fieldNameDemoFields28, Type: "string", }, { Content: &contentDemoFields29, FieldName: &fieldNameDemoFields29, Type: "float", }, { Content: &contentDemoFields30, FieldName: &fieldNameDemoFields30, Type: "string", }, { Content: &contentDemoFields31, FieldName: &fieldNameDemoFields31, Type: "string", }, { Content: &contentDemoFields32, FieldName: &fieldNameDemoFields32, Type: "string", }, { Content: &contentDemoFields33, FieldName: &fieldNameDemoFields33, Type: "long", }, { Content: &contentDemoFields34, FieldName: &fieldNameDemoFields34, Type: "string", }, { Content: &contentDemoFields35, FieldName: &fieldNameDemoFields35, Type: "string", }, { Content: &contentDemoFields36, FieldName: &fieldNameDemoFields36, Type: "string", }, { Content: &contentDemoFields37, FieldName: &fieldNameDemoFields37, Type: "string", }, { Content: &contentDemoFields38, FieldName: &fieldNameDemoFields38, Type: "string", }, { Content: &contentDemoFields39, FieldName: &fieldNameDemoFields39, Type: "string", }, { Content: &contentDemoFields40, FieldName: &fieldNameDemoFields40, Type: "string", }, { Content: &contentDemoFields41, FieldName: &fieldNameDemoFields41, Type: "string", }, { Content: &contentDemoFields42, FieldName: &fieldNameDemoFields42, Type: "string", }, { Content: &contentDemoFields43, FieldName: &fieldNameDemoFields43, Type: "string", }, { Content: &contentDemoFields44, FieldName: &fieldNameDemoFields44, Type: "string", }, { Content: &contentDemoFields45, FieldName: &fieldNameDemoFields45, Type: "string", }, { Content: &contentDemoFields46, FieldName: &fieldNameDemoFields46, Type: "string", }, { Content: &contentDemoFields47, FieldName: &fieldNameDemoFields47, Type: "string", }, { Content: &contentDemoFields48, FieldName: &fieldNameDemoFields48, Type: "string", }, { Content: &contentDemoFields49, FieldName: &fieldNameDemoFields49, Type: "string", }, } request.Body = &model.LtsStructTemplateInfo{ Rule: rulebody, ProjectId: "", LogStreamId: "", ParseType: model.GetLtsStructTemplateInfoParseTypeEnum().EMPTY, LogGroupId: "", Content: "100.125.7.59 f57f6523b675504a23887d0f5c1c8ef3 f5ea2360a2fa443cac236b76f4052ad6 - - [27/Jan/2022:15:56:44 +0800] 0.113 GET http://c965898968af48248ec7fac4ec0666f4.apic.cn-north-4.huaweicloudapis.com /api/echo HTTP/1.1 200 1443 408 "APIGatewayDebugClient/1.0" "-" "100.125.2.39:443" /v2/x/fgs/functions/urn:fss:cn-north-4:106506b9a92342df9a5025fc12351cfc:function:default:apigDemo_1640743997661:latest/invocations "200" "0.010" "0.083" "0.083" cn-north-4 0.083 0 - - - 0.03000020980835 - - "-" 486 HttpEchoDemo - - - "-" "-" "-" "-" "-" "-" "-" "-" "-" "-" remote", TagFields: listTagFieldsbody, DemoFields: listDemoFieldsbody, } response, err := client.UpdateStructTemplate(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } }
更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。
状态码
状态码 |
描述 |
---|---|
200 |
请求响应成功, 成功修改结构化配置。 |
400 |
BadRequest。非法请求。 建议根据error_msg直接修改该请求,不要重试该请求。 |
401 |
AuthFailed。鉴权失败, 请确认token后再次请求 。 |
403 |
Forbidden。请求被拒绝访问。返回该状态码,表明请求能够到达服务端,且服务端能够理解用户请求,但是拒绝做更多的事情,因为该请求被设置为拒绝访问,建议直接修改该请求,不要重试该请求。 |
500 |
InternalServerError。 表明服务端能被请求访问到,但是服务内部出错。 |
503 |
ServiceUnavailable。 被请求的服务无效, 服务不可用。 |
错误码
请参见错误码。