Help Center/ Database Security Service/ API Reference/ API/ Audit Rules/ Querying SQL Injection Rule Policies

Updated on 2025-06-19 GMT+08:00

View PDF

Querying SQL Injection Rule Policies

Function

This API is used to query an SQL injection rule policy.

Calling Method

For details, see Calling APIs.

URI

POST /v1/{project_id}/{instance_id}/dbss/audit/rule/sql-injections

**Table 1** URI parameter
Parameter	Mandatory	Parameter Type	Description
project_id	Yes	String	Project ID.
instance_id	Yes	String	Instance ID. You can obtain the value from the ID field in the API for querying the instance list.

Request Parameter

**Table 2** Request header parameter
Parameter	Mandatory	Parameter Type	Description
X-Auth-Token	Yes	String	User token. The token can be queried by calling the IAM API. (The token is the value of X-Subject-Token in the response header.)

**Table 3** Request body parameter
Parameter	Mandatory	Parameter Type	Description
risk_levels	No	String	Risk severity. HIGH MEDIUM LOW NO_RISK

Response Parameters

Status code: 200

**Table 4** Response body parameter
Parameter	Parameter Type	Description
rules	Array of rules objects	SQL rule list
total	Integer	Total number

**Table 5** rules
Parameter	Parameter Type	Description
id	String	SQL rule ID
name	String	SQL rule name
status	String	Rule status. The options are as follows: ON OFF
risk_level	String	Risk severity. HIGH MEDIUM LOW
type	String	Rule types. The value can be: SYSTEM: built-in rules CUSTOMIZE: user-defined rules
rank	Integer	Priority. A smaller value indicates a higher priority.
feature	String	SQL command features
regex	String	Regular expression

Status code: 400

**Table 6** Response body parameter
Parameter	Parameter Type	Description
error	Object	Error message.

**Table 7** ErrorDetail
Parameter	Parameter Type	Description
error_code	String	Error code
error_msg	String	Error message

Status code: 403

**Table 8** Response body parameter
Parameter	Parameter Type	Description
error	Object	Error message.

**Table 9** ErrorDetail
Parameter	Parameter Type	Description
error_code	String	Error code
error_msg	String	Error message

Status code: 500

**Table 10** Response body parameter
Parameter	Parameter Type	Description
error	Object	Error message.

**Table 11** ErrorDetail
Parameter	Parameter Type	Description
error_code	String	Error code
error_msg	String	Error message

Example Request

/v1/{project_id}/{instance_id}/dbss/audit/rule/sql-injections

{
  "risk_levels" : "HIGH"
}

Response Examples

Status code: 200

Succeeded

Status code: 400

Incorrect request parameters.

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

Status code: 500

Internal server error.

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

Status Code

Status Code	Description
200	Request succeeded.
400	Incorrect request parameter.
403	Authentication failed.
500	Internal server error.

Error Codes

For details, see Error Codes.

Parent topic: Audit Rules

Previous topic: Querying the Policy List of an Audit Scope

Next topic: Querying a Risk Rule Policy

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel