Help Center/ Database Security Service/ API Reference/ API/ Audit Rules/ Querying SQL Injection Rule Policies
Updated on 2025-06-19 GMT+08:00
View PDF

Querying SQL Injection Rule Policies

Function

This API is used to query an SQL injection rule policy.

Calling Method

For details, see Calling APIs.

URI

POST /v1/{project_id}/{instance_id}/dbss/audit/rule/sql-injections

Table 1 URI parameter

Parameter

Mandatory

Parameter Type

Description

project_id

Yes

String

Project ID.

instance_id

Yes

String

Instance ID. You can obtain the value from the ID field in the API for querying the instance list.

Request Parameter

Table 2 Request header parameter

Parameter

Mandatory

Parameter Type

Description

X-Auth-Token

Yes

String

User token. The token can be queried by calling the IAM API. (The token is the value of X-Subject-Token in the response header.)
Table 3 Request body parameter

Parameter

Mandatory

Parameter Type

Description

risk_levels

No

String

Risk severity.

  • HIGH
  • MEDIUM
  • LOW
  • NO_RISK

Response Parameters

Status code: 200

Table 4 Response body parameter

Parameter

Parameter Type

Description

rules

Array of rules objects

SQL rule list

total

Integer

Total number
Table 5 rules

Parameter

Parameter Type

Description

id

String

SQL rule ID

name

String

SQL rule name

status

String

Rule status. The options are as follows:

  • ON
  • OFF

risk_level

String

Risk severity.

  • HIGH
  • MEDIUM
  • LOW

type

String

Rule types. The value can be:

  • SYSTEM: built-in rules
  • CUSTOMIZE: user-defined rules

rank

Integer

Priority. A smaller value indicates a higher priority.

feature

String

SQL command features

regex

String

Regular expression

Status code: 400

Table 6 Response body parameter

Parameter

Parameter Type

Description

error

Object

Error message.
Table 7 ErrorDetail

Parameter

Parameter Type

Description

error_code

String

Error code

error_msg

String

Error message

Status code: 403

Table 8 Response body parameter

Parameter

Parameter Type

Description

error

Object

Error message.
Table 9 ErrorDetail

Parameter

Parameter Type

Description

error_code

String

Error code

error_msg

String

Error message

Status code: 500

Table 10 Response body parameter

Parameter

Parameter Type

Description

error

Object

Error message.
Table 11 ErrorDetail

Parameter

Parameter Type

Description

error_code

String

Error code

error_msg

String

Error message

Example Request

/v1/{project_id}/{instance_id}/dbss/audit/rule/sql-injections

{
  "risk_levels" : "HIGH"
}

Response Examples

Status code: 200

Succeeded

Status code: 400

Incorrect request parameters.

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

Status code: 500

Internal server error.

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

Status Code

Status Code

Description

200

Request succeeded.

400

Incorrect request parameter.

403

Authentication failed.

500

Internal server error.

Error Codes

For details, see Error Codes.

Parent topic: Audit Rules