查询主机动态网页防篡改防护动态
功能介绍
查询主机动态网页防篡改防护动态:包含告警级别、服务器ip、服务器名称、威胁类型、告警时间、攻击源ip、攻击源url信息
调用方法
请参见如何调用API。
URI
GET /v5/{project_id}/webtamper/rasp/protect-history
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
project_id |
是 |
String |
项目ID 最小长度:0 最大长度:64 |
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
enterprise_project_id |
否 |
String |
企业项目ID 最小长度:0 最大长度:64 |
host_id |
否 |
String |
Host Id,为空时查所有主机 最小长度:0 最大长度:128 |
start_time |
是 |
Long |
起始时间(ms) 最小值:0 最大值:4070880000000 |
end_time |
是 |
Long |
终止时间(ms) 最小值:0 最大值:4070880000000 |
limit |
是 |
Integer |
limit 最小值:0 最大值:100 |
offset |
是 |
Integer |
offset 最小值:0 最大值:100 |
alarm_level |
否 |
Integer |
告警级别
最小值:0 最大值:100 |
severity |
否 |
String |
威胁等级
最小长度:0 最大长度:32 |
protect_status |
否 |
String |
防护状态
最小长度:0 最大长度:32 |
请求参数
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
X-Auth-Token |
是 |
String |
用户Token。 通过调用IAM服务获取用户Token接口获取(响应消息头中X-Subject-Token的值) 最小长度:1 最大长度:32768 |
region |
是 |
String |
Region Id 最小长度:0 最大长度:32 |
响应参数
状态码: 200
参数 |
参数类型 |
描述 |
---|---|---|
total_num |
Long |
total number of dynamic WTPs 最小值:0 最大值:200000 |
data_list |
Array of HostRaspProtectHistoryResponseInfo objects |
data list 数组长度:0 - 200000 |
参数 |
参数类型 |
描述 |
---|---|---|
host_ip |
String |
服务器ip 最小长度:0 最大长度:64 |
host_name |
String |
服务器名称 最小长度:0 最大长度:64 |
alarm_time |
Long |
动态网页防篡改的告警时间(ms) 最小值:0 最大值:4070880000000 |
threat_type |
String |
威胁类型 最小长度:0 最大长度:64 |
alarm_level |
Integer |
告警级别 最小值:0 最大值:100 |
source_ip |
String |
攻击主机的源IP 最小长度:0 最大长度:128 |
attacked_url |
String |
攻击请求的URL 最小长度:0 最大长度:2000 |
请求示例
查询主机动态网页防篡改防护动态,目标主机ID为caa958ad-a481-4d46-b51e-6861b8864515,查询起始时间为1668563099000,查询终止时间为1668563199000。
GET https://{endpoint}/v5/{project_id}/webtamper/rasp/protect-history { "host_id" : "caa958ad-a481-4d46-b51e-6861b8864515", "start_time" : 1668563099000, "end_time" : 1668563199000, "limit" : 10, "offset" : 0 }
响应示例
状态码: 200
successful response
{ "total_num" : 1, "data_list" : [ { "host_ip" : "192.168.5.98", "host_name" : "hss-test", "alarm_level" : 2, "alarm_time" : 1668394634000, "attacked_url" : "/vulns/001-dir-1.jsp", "source_ip" : "10.100.30.200", "threat_type" : "Path Traversal" } ] }
SDK代码示例
SDK代码示例如下。
查询主机动态网页防篡改防护动态,目标主机ID为caa958ad-a481-4d46-b51e-6861b8864515,查询起始时间为1668563099000,查询终止时间为1668563199000。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.hss.v5.region.HssRegion; import com.huaweicloud.sdk.hss.v5.*; import com.huaweicloud.sdk.hss.v5.model.*; public class ListHostRaspProtectHistoryInfoSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); HssClient client = HssClient.newBuilder() .withCredential(auth) .withRegion(HssRegion.valueOf("<YOUR REGION>")) .build(); ListHostRaspProtectHistoryInfoRequest request = new ListHostRaspProtectHistoryInfoRequest(); request.withEnterpriseProjectId("<enterprise_project_id>"); request.withHostId("<host_id>"); request.withStartTime(<start_time>L); request.withEndTime(<end_time>L); request.withLimit(<limit>); request.withOffset(<offset>); request.withAlarmLevel(<alarm_level>); request.withSeverity("<severity>"); request.withProtectStatus("<protect_status>"); try { ListHostRaspProtectHistoryInfoResponse response = client.listHostRaspProtectHistoryInfo(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
查询主机动态网页防篡改防护动态,目标主机ID为caa958ad-a481-4d46-b51e-6861b8864515,查询起始时间为1668563099000,查询终止时间为1668563199000。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkhss.v5.region.hss_region import HssRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkhss.v5 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = HssClient.new_builder() \ .with_credentials(credentials) \ .with_region(HssRegion.value_of("<YOUR REGION>")) \ .build() try: request = ListHostRaspProtectHistoryInfoRequest() request.enterprise_project_id = "<enterprise_project_id>" request.host_id = "<host_id>" request.start_time = <start_time> request.end_time = <end_time> request.limit = <limit> request.offset = <offset> request.alarm_level = <alarm_level> request.severity = "<severity>" request.protect_status = "<protect_status>" response = client.list_host_rasp_protect_history_info(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
查询主机动态网页防篡改防护动态,目标主机ID为caa958ad-a481-4d46-b51e-6861b8864515,查询起始时间为1668563099000,查询终止时间为1668563199000。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" hss "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := hss.NewHssClient( hss.HssClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.ListHostRaspProtectHistoryInfoRequest{} enterpriseProjectIdRequest:= "<enterprise_project_id>" request.EnterpriseProjectId = &enterpriseProjectIdRequest hostIdRequest:= "<host_id>" request.HostId = &hostIdRequest request.StartTime = int64(<start_time>) request.EndTime = int64(<end_time>) request.Limit = int32(<limit>) request.Offset = int32(<offset>) alarmLevelRequest:= int32(<alarm_level>) request.AlarmLevel = &alarmLevelRequest severityRequest:= "<severity>" request.Severity = &severityRequest protectStatusRequest:= "<protect_status>" request.ProtectStatus = &protectStatusRequest response, err := client.ListHostRaspProtectHistoryInfo(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。
状态码
状态码 |
描述 |
---|---|
200 |
successful response |
错误码
请参见错误码。