文档首页/ 数据库安全服务 DBSS/ API参考/ API/ 实例侧规则接口/ 查询指定风险规则策略
更新时间:2024-08-05 GMT+08:00
在线调试
CLI示例
查看PDF
分享

查询指定风险规则策略

功能介绍

查询指定风险规则策略

调用方法

请参见如何调用API

URI

GET /v1/{project_id}/{instance_id}/dbss/audit/rule/risk/{risk_id}

表1 路径参数

参数

是否必选

参数类型

描述

project_id

String

项目ID

instance_id

String

实例ID

risk_id

String

风险规则ID

请求参数

表2 请求Header参数

参数

是否必选

参数类型

描述

X-Auth-Token

String

用户Token

响应参数

状态码: 200

表3 响应Body参数

参数

参数类型

描述

rule_id

String

风险规则ID

rule_name

String

风险名称

status

String

风险规则状态 枚举值:  OFF  ON

action

String

操作集合, 中间逗号分隔 LOGIN CREATE_TABLE CREATE_TABLESPACE DROP_TABLE DROP_TABLESPACE DELETE INSERT INSERT_SELECT SELECT SELECT_FOR_UPDATE UPDATE CREATE_USER DROP_USER GRANT OPERATE ALL

schemas

Array of schemas objects

Schema列表

rank

Integer

风险规则优先级

ignore_case

Boolean

是否忽略大小写

risk_level

String

风险级别 枚举值:  LOW  MEDIUM  HIGH  NO_RISK

db_ids

String

数据库id,中间逗号分隔(单个id 小于256位)

execution_symbol

String

执行时长对执行时长阈值的关系 枚举值:  GREATER  EQUAL  LESS  GREATER_EQUAL  LESS_EQUAL  NO_MATCH

execution_time

Integer

设定的执行时长阈值

affect_symbol

String

影响行数对行数阈值的关系: 枚举值:  GREATER  EQUAL  LESS  GREATER_EQUAL  LESS_EQUAL  NO_MATCH

affect_rows

Integer

设定的影响行数阈值

client_ips

String

客户端IP段: IP-IP格式,或IP/XX 格式。 各个IP段使用逗号连接
表4 schemas

参数

参数类型

描述

schema

String

schema名称

table

String

表名

column

String

列名

状态码: 400

表5 响应Body参数

参数

参数类型

描述

error

Object

错误信息返回体。
表6 ErrorDetail

参数

参数类型

描述

error_code

String

错误请求返回的错误码。

error_msg

String

错误请求返回的错误信息。

状态码: 403

表7 响应Body参数

参数

参数类型

描述

error

Object

错误信息返回体。
表8 ErrorDetail

参数

参数类型

描述

error_code

String

错误请求返回的错误码。

error_msg

String

错误请求返回的错误信息。

状态码: 500

表9 响应Body参数

参数

参数类型

描述

error

Object

错误信息返回体。
表10 ErrorDetail

参数

参数类型

描述

error_code

String

错误请求返回的错误码。

error_msg

String

错误请求返回的错误信息。

请求示例

/v1/{project_id}/{instance_id}/dbss/audit/rule/risk/{risk_id}

响应示例

状态码: 200

成功

{
  "status" : "OFF",
  "action" : "LOGIN,SELECT,INSERT",
  "schemas" : [ {
    "schema" : "dbss_audit",
    "table" : null,
    "column" : null
  } ],
  "rank" : 6,
  "ignore_case" : false,
  "rule_id" : "AWT0HznX7At9UslqwTfm",
  "rule_name" : "risk_rule_name_00",
  "risk_level" : "MEDIUM",
  "db_ids" : "11111,22222",
  "execution_symbol" : "GREATER",
  "execution_time" : 10000,
  "affect_symbol" : "GREATER",
  "affect_rows" : 30,
  "client_ips" : "192.168.0.1"
}

状态码: 400

请求参数错误

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

状态码: 500

服务器内部错误

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

SDK代码示例

SDK代码示例如下。

Java

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.dbss.v1.region.DbssRegion;
import com.huaweicloud.sdk.dbss.v1.*;
import com.huaweicloud.sdk.dbss.v1.model.*;


public class ShowAuditRuleRiskSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withAk(ak)
                .withSk(sk);

        DbssClient client = DbssClient.newBuilder()
                .withCredential(auth)
                .withRegion(DbssRegion.valueOf("cn-north-4"))
                .build();
        ShowAuditRuleRiskRequest request = new ShowAuditRuleRiskRequest();
        try {
            ShowAuditRuleRiskResponse response = client.showAuditRuleRisk(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Python

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
 
# coding: utf-8

from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkdbss.v1.region.dbss_region import DbssRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkdbss.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.getenv("CLOUD_SDK_AK")
    sk = os.getenv("CLOUD_SDK_SK")

    credentials = BasicCredentials(ak, sk) \

    client = DbssClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(DbssRegion.value_of("cn-north-4")) \
        .build()

    try:
        request = ShowAuditRuleRiskRequest()
        response = client.show_audit_rule_risk(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Go

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
 
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    dbss "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dbss/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dbss/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dbss/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := dbss.NewDbssClient(
        dbss.DbssClientBuilder().
            WithRegion(region.ValueOf("cn-north-4")).
            WithCredential(auth).
            Build())

    request := &model.ShowAuditRuleRiskRequest{}
	response, err := client.ShowAuditRuleRisk(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

更多

更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。

状态码

状态码

描述

200

成功

400

请求参数错误

403

认证失败

500

服务器内部错误

错误码

请参见错误码

父主题: 实例侧规则接口

相关文档