查询DDoS攻击事件列表 - ListDDoSAttackEventV2
功能介绍
查询DDoS攻击事件列表
调用方法
请参见如何调用API。
授权信息
账号具备所有API的调用权限,如果使用账号下的IAM用户调用当前API,该IAM用户需具备调用API所需的权限。
- 如果使用角色与策略授权,具体权限要求请参见AAD权限和授权项。
- 如果使用身份策略授权,当前API调用无需身份策略权限。
URI
POST /v2/aad/instances/{instance_id}/ddos-info/attack/events
|
参数 |
是否必选 |
参数类型 |
描述 |
|---|---|---|---|
|
instance_id |
是 |
String |
实例id |
请求参数
|
参数 |
是否必选 |
参数类型 |
描述 |
|---|---|---|---|
|
X-Auth-Token |
是 |
String |
token |
|
Content-Type |
是 |
String |
Content-Type |
|
参数 |
是否必选 |
参数类型 |
描述 |
|---|---|---|---|
|
start_time |
是 |
String |
开始时间 |
|
end_time |
是 |
String |
结束时间 |
|
offset |
是 |
Integer |
限制条数 |
|
limit |
是 |
Integer |
起始位 |
|
ip |
是 |
String |
ip |
|
attack_types |
是 |
Array of strings |
攻击类型,"SYN Flood", "ACK Flood", "SYN-ACK Flood", "FIN/RST Flood", "TCP ConcurConn Flood", "TCP NewConn Flood", "TCP Fragment Flood", "TCP Fragment Flood", "TCP Bandwidth Overflow", "UDP Flood", "UDP Fragment Flood", "UDP Fragment Flood", "UDP Bandwidth Overflow", "ICMP Flood", "Other Protocol Flood", "DstIP Bandwidth Overflow", "HTTPS Flood", "HTTP Flood", "DNS Query Flood", "DNS Reply Flood", "SIP Flood", "Blacklist Dropped Traffic", "HTTP Flood", "TCP Fragment Abnormal", "TCP Abnormal", "UDP Fragment Abnormal", "UDP Abnormal", "ICMP Abnormal", "Other Protocol Abnormal", "TCP Connection Flood", "DNS Domain Hijacking", "DNS Cache Poisoning", "DNS Reflection", "Large DNS Packet", "SrcIP DNS Query Rate Abnormal", "SrcIP DNS Response Rate Abnormal", "DNS Query Domain Rate Abnormal", "DNS Response Domain Rate Abnormal", "DNS TTL Abnormal", "DNS Malformed", "DNS Cache Match", "Port Scanning", "TCP Malformed", "SrcIP Traffic Overflow", "UDP Garbage Flood", "DNS NXDOMAIN Flood", "Other Flood", "Zone Bandwidth Overflow", "HTTP Connection Flood", "Botnets/Trojan horses/Worms Attack", "Malicious Domains Attack", "Filter-rule Dropped Traffic", "Web Attack", "SrcIP SIP Rate Abnormal", "Anti-Malware", "Botnet Traffic", "GeoIP Dropped Traffic", "DstIP NewConn Rate Limit", "TCP Traffic Block", "UDP Traffic Block", "ICMP Traffic Block", "Other Protocol Traffic Block", "Host Traffic Over Flow", "UDP Malformed", "TCP Dport Traffic Limit", "TCP Dport Relation Defense", "Filter-rule Dropped Traffic", "Hardware-filter-rule Dropped Carpet-bombing Traffic" |
|
attack_flow_low |
是 |
String |
攻击流量最小值 |
|
attack_flow_up |
是 |
String |
攻击流量最大值 |
|
attack_status |
是 |
String |
攻击状态,attack-攻击;normal-结束攻击 |
响应参数
状态码:200
|
参数 |
参数类型 |
描述 |
|---|---|---|
|
total |
Integer |
total |
|
data |
Array of ListDDoSEventData objects |
data |
|
参数 |
参数类型 |
描述 |
|---|---|---|
|
zone_ip |
String |
防护IP |
|
start_time |
String |
开始时间 |
|
end_time |
String |
结束时间 |
|
max_drop_kbps |
String |
攻击流量峰值,单位“kbps” |
|
max_drop_pps |
String |
攻击报文数峰值,单位“pps” |
|
max_in_kbps |
String |
入流量峰值,单位“kbps” |
|
max_in_pps |
String |
入报文数峰值,单位“pps” |
|
attack_types |
String |
攻击类型,"SYN Flood", "ACK Flood", "SYN-ACK Flood", "FIN/RST Flood", "TCP ConcurConn Flood", "TCP NewConn Flood", "TCP Fragment Flood", "TCP Fragment Flood", "TCP Bandwidth Overflow", "UDP Flood", "UDP Fragment Flood", "UDP Fragment Flood", "UDP Bandwidth Overflow", "ICMP Flood", "Other Protocol Flood", "DstIP Bandwidth Overflow", "HTTPS Flood", "HTTP Flood", "DNS Query Flood", "DNS Reply Flood", "SIP Flood", "Blacklist Dropped Traffic", "HTTP Flood", "TCP Fragment Abnormal", "TCP Abnormal", "UDP Fragment Abnormal", "UDP Abnormal", "ICMP Abnormal", "Other Protocol Abnormal", "TCP Connection Flood", "DNS Domain Hijacking", "DNS Cache Poisoning", "DNS Reflection", "Large DNS Packet", "SrcIP DNS Query Rate Abnormal", "SrcIP DNS Response Rate Abnormal", "DNS Query Domain Rate Abnormal", "DNS Response Domain Rate Abnormal", "DNS TTL Abnormal", "DNS Malformed", "DNS Cache Match", "Port Scanning", "TCP Malformed", "SrcIP Traffic Overflow", "UDP Garbage Flood", "DNS NXDOMAIN Flood", "Other Flood", "Zone Bandwidth Overflow", "HTTP Connection Flood", "Botnets/Trojan horses/Worms Attack", "Malicious Domains Attack", "Filter-rule Dropped Traffic", "Web Attack", "SrcIP SIP Rate Abnormal", "Anti-Malware", "Botnet Traffic", "GeoIP Dropped Traffic", "DstIP NewConn Rate Limit", "TCP Traffic Block", "UDP Traffic Block", "ICMP Traffic Block", "Other Protocol Traffic Block", "Host Traffic Over Flow", "UDP Malformed", "TCP Dport Traffic Limit", "TCP Dport Relation Defense", "Filter-rule Dropped Traffic", "Hardware-filter-rule Dropped Carpet-bombing Traffic" |
|
attack_ips |
String |
攻击源IP |
|
attack_ips_desc |
String |
攻击IP描述 |
|
attack_status |
String |
攻击状态,attack-攻击;normal-结束攻击 |
状态码:400
|
参数 |
参数类型 |
描述 |
|---|---|---|
|
error_code |
String |
错误码 |
|
error_description |
String |
错误描述 |
请求示例
无
响应示例
状态码:200
OK
{
"data" : [ {
"attack_ips" : "",
"attack_ips_desc" : "",
"attack_status" : "NORMAL",
"attack_types" : "Location Attack",
"end_time" : "1719194207000",
"max_drop_kbps" : "417",
"max_drop_pps" : "594",
"max_in_kbps" : "426",
"max_in_pps" : "606",
"star_time" : "1719193603000",
"zone_iP" : "10.10.10.10"
} ],
"total" : 1
}
状态码
|
状态码 |
描述 |
|---|---|
|
200 |
OK |
|
400 |
Error response |
