Help Center> Host Security Service (New)> API Reference> API Description> Baseline Management> Querying the Checklist of a Security Configuration Item
Updated on 2023-01-19 GMT+08:00
View PDF

Querying the Checklist of a Security Configuration Item

Function

This API is used to query the checklist of a specified security configuration item.

URI

GET /v5/{project_id}/baseline/risk-config/{check_name}/check-rules

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

User project ID

Minimum: 20

Maximum: 64

check_name

Yes

String

Baseline name

Minimum: 0

Maximum: 256
Table 2 Query Parameters

Parameter

Mandatory

Type

Description

enterprise_project_id

No

String

Enterprise project ID. To query all enterprise projects, set this parameter to all_granted_eps.

Minimum: 0

Maximum: 64

standard

Yes

String

Standard type. Its value can be:

  • cn_standard: DJCP MLPS compliance standard

  • hw_standard: Huawei standard

  • qt_standard: Qingteng standard

Minimum: 0

Maximum: 32

result_type

No

String

Result type. Its value can be:

  • safe: The item passed the check.

  • unhandled: The item failed the check and is not ignored.

  • ignored: The item failed the check but is ignored.

Default: unhandled

Minimum: 0

Maximum: 64

check_rule_name

No

String

Check item name. Fuzzy match is supported.

Minimum: 0

Maximum: 2048

severity

No

String

Risk level. Its value can be:

  • Security

  • Low

  • Medium

  • High

  • Critical

Minimum: 0

Maximum: 255

host_id

No

String

Server ID. If this parameter is not specified, all the servers of the user are queried.

Minimum: 0

Maximum: 64

limit

No

Integer

Number of items per page

Minimum: 0

Maximum: 200

Default: 10

offset

No

Integer

Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

Minimum: 0

Maximum: 2000000

Default: 0

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

x-auth-token

Yes

String

User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

Minimum: 32

Maximum: 2097152

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

total_num

Long

Total risks

Minimum: 0

Maximum: 9223372036854775807

data_list

Array of CheckRuleRiskInfoResponseInfo objects

Data list
Table 5 CheckRuleRiskInfoResponseInfo

Parameter

Type

Description

severity

String

Risk level. Its value can be:

  • Low

  • Medium

  • High

Minimum: 0

Maximum: 255

check_name

String

Baseline name

Minimum: 0

Maximum: 256

check_type

String

Baseline name

Minimum: 0

Maximum: 256

standard

String

Standard type. Its value can be:

  • cn_standard: DJCP MLPS compliance standard

  • hw_standard: Huawei standard

  • qt_standard: Qingteng standard

Minimum: 0

Maximum: 16

check_rule_name

String

Check item

Minimum: 0

Maximum: 2048

check_rule_id

String

Check item ID

Minimum: 0

Maximum: 64

host_num

Integer

Number of affected servers

Minimum: 0

Maximum: 2147483647

scan_result

String

Detection result. Its value can be:

  • pass

  • failed

Minimum: 0

Maximum: 64

status

String

Status. Its value can be:

  • safe

  • ignored

  • unhandled

  • fixing

  • fix-failed

  • verifying

Minimum: 0

Maximum: 64

enable_fix

Integer

Indicates whether one-click repair is supported. 1: yes; 0: no.

Minimum: 0

Maximum: 2147483647

enable_click

Boolean

Indicates whether the repair, ignore, and verify buttons of the check item can be clicked. true: The button can be clicked. false: The button cannot be clicked.

rule_params

Array of CheckRuleFixParamInfo objects

Range of parameters applicable to the check items that can be fixed by parameter transfer
Table 6 CheckRuleFixParamInfo

Parameter

Type

Description

rule_param_id

Integer

Check item parameter ID

Minimum: 0

Maximum: 10

rule_desc

String

Check item parameter description

Minimum: 0

Maximum: 256

default_value

Integer

Default values of check item parameters

Minimum: 0

Maximum: 2147483647

range_min

Integer

Minimum value of check item parameters

Minimum: 0

Maximum: 2147483647

range_max

Integer

Minimum value of check item parameters

Minimum: 0

Maximum: 2147483647

Example Requests

{
  "standard" : "hw_standard"
}

Example Responses

Status code: 200

checklist of the specified security configuration item

{
  "total_num" : 1,
  "data_list" : [ {
    "check_rule_id" : "1.1",
    "check_rule_name" : "Rule:Ensure that permissions on /etc/ssh/sshd_config are configured.",
    "check_type" : "SSH",
    "host_num" : 2,
    "standard" : "hw_standard",
    "scan_result" : "failed",
    "severity" : "High",
    "status" : "unhandled",
    "enable_fix" : 1,
    "enable_click" : false,
    "rule_params" : [ {
      "rule_param_id" : 1,
      "rule_desc" : "Set the timeout duration.",
      "default_value" : 5,
      "range_min" : 1,
      "range_max" : 10
    }, {
      "rule_param_id" : 2,
      "rule_desc" : "Set the number of restarts.",
      "default_value" : 10,
      "range_min" : 1,
      "range_max" : 20
    } ]
  } ]
}

Status Codes

Status Code

Description

200

checklist of the specified security configuration item

Error Codes

See Error Codes.

Parent topic: Baseline Management