Help Center/ Database Security Service/ API Reference/ API/ Audit Rules/ Querying a Specified Risk Rule Policy
Updated on 2025-06-19 GMT+08:00
View PDF

Querying a Specified Risk Rule Policy

Function

This API is used to query a specified risk rule policy.

Calling Method

For details, see Calling APIs.

URI

GET /v1/{project_id}/{instance_id}/dbss/audit/rule/risk/{rule_id}

Table 1 URI parameter

Parameter

Mandatory

Parameter Type

Description

project_id

Yes

String

Project ID.

instance_id

Yes

String

Instance ID. You can obtain the value from the ID field in the API for querying the instance list.

rule_id

Yes

String

Risk rule ID. You can obtain the value from the ID field in the API for querying risk rule policies.

Request Parameter

Table 2 Request header parameter

Parameter

Mandatory

Parameter Type

Description

X-Auth-Token

Yes

String

User token. The token can be queried by calling the IAM API. (The token is the value of X-Subject-Token in the response header.)

Response Parameters

Status code: 200

Table 3 Response body parameter

Parameter

Parameter Type

Description

rule_id

String

Risk rule ID

rule_name

String

Risk rule name

status

String

Risk rule status. The value can be:

  • OFF
  • ON

action

String

Operation set, which is separated by commas (,). LOGIN,CREATE_TABLE,CREATE_TABLESPACE,DROP_TABLE, DROP_TABLESPACE,DELETE,INSERT,INSERT_SELECT,SELECT,SELECT_FOR_UPDATE, UPDATE,CREATE_USER,DROP_USER,GRANT,OPERATE ALL

schemas

Array of schemas objects

Schemas

rank

Integer

Risk rule priority. A smaller value indicates a higher priority.

ignore_case

Boolean

Whether to ignore the case of the customized operation object

risk_level

String

Risk severity.

  • LOW
  • MEDIUM
  • HIGH
  • NO_RISK

db_ids

String

Database ID. Values are separated by commas (,). A single ID can contain up to 256 characters.

execution_symbol

String

Relationship between the execution duration and the execution duration threshold. The value can be:

  • GREATER
  • EQUAL
  • LESS
  • GREATER_EQUAL
  • LESS_EQUAL
  • NO_MATCH

execution_time

Integer

Execution duration threshold

affect_symbol

String

Relationship between the number of affected rows and the rows threshold. The value can be:

  • GREATER
  • EQUAL
  • LESS
  • GREATER_EQUAL
  • LESS_EQUAL
  • NO_MATCH

affect_rows

Integer

Threshold of affected rows

client_ips

String

Client IP address segment. The value is in the IP-IP format or IP/XX format. IP address segments are separated by commas (,).
Table 4 schemas

Parameter

Parameter Type

Description

schema

String

Schema name

table

String

Table

column

String

Column

Status code: 400

Table 5 Response body parameter

Parameter

Parameter Type

Description

error

Object

Error message.
Table 6 ErrorDetail

Parameter

Parameter Type

Description

error_code

String

Error code

error_msg

String

Error message

Status code: 403

Table 7 Response body parameter

Parameter

Parameter Type

Description

error

Object

Error message.
Table 8 ErrorDetail

Parameter

Parameter Type

Description

error_code

String

Error code

error_msg

String

Error message

Status code: 500

Table 9 Response body parameter

Parameter

Parameter Type

Description

error

Object

Error message.
Table 10 ErrorDetail

Parameter

Parameter Type

Description

error_code

String

Error code

error_msg

String

Error message

Example request

/v1/{project_id}/{instance_id}/dbss/audit/rule/risk/{rule_id}

Example Response

Status code: 200

Execution succeeded.

{
  "status" : "OFF",
  "action" : "LOGIN,SELECT,INSERT",
  "schemas" : [ {
    "schema" : "dbss_audit",
    "table" : null,
    "column" : null
  } ],
  "rank" : 6,
  "ignore_case" : false,
  "rule_id" : "AWT0HznX7At9UslqwTfm",
  "rule_name" : "risk_rule_name_00",
  "risk_level" : "MEDIUM",
  "db_ids" : "11111,22222",
  "execution_symbol" : "GREATER",
  "execution_time" : 10000,
  "affect_symbol" : "GREATER",
  "affect_rows" : 30,
  "client_ips" : "192.168.0.1"
}

Status code: 400

Incorrect request parameter.

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

Status code: 500

Internal server error.

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

Status Code

Status Code

Description

200

Request succeeded.

400

Incorrect request parameter.

403

Authentication failed.

500

Internal Server Error

Error Codes

For details, see Error Codes.

Parent topic: Audit Rules