Help Center> SecMaster> API Reference> API> Incident Management> Obtaining Details of an Incident

Updated on 2024-03-20 GMT+08:00

Online Debugging

CLI Examples

View PDF

Obtaining Details of an Incident

Function

This API is used to obtain details of an incident.

Calling Method

For details, see Calling APIs.

URI

GET /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/{incident_id}

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID. Minimum: 32 Maximum: 36
workspace_id	Yes	String	Workspace ID Minimum: 32 Maximum: 36
incident_id	Yes	String	Incident ID. Minimum: 32 Maximum: 36

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token. Minimum: 0 Maximum: 2097152
content-type	Yes	String	Content type. Default: application/json;charset=UTF-8 Minimum: 0 Maximum: 64

Response Parameters

Status code: 200

**Table 3** Response body parameters
Parameter	Type	Description
code	String	Error code Minimum: 0 Maximum: 64
message	String	Error Message Minimum: 0 Maximum: 1024
data	IncidentDetail object

**Table 4** IncidentDetail
Parameter	Type	Description
create_time	String	Recording time. The format is ISO 8601- YYYY-MM-DDTHH:mm:ss.ms+Timezone. Time zone where the incident occurred. If this parameter cannot be parsed, the default time zone GMT+8 is used. Minimum: 0 Maximum: 30
data_object	Incident object	Incident entity information.
dataclass_ref	dataclass_ref object	Data class object.
format_version	Integer	Format version. Minimum: 0 Maximum: 999
id	String	Unique identifier of an incident. The value is in UUID format and can contain a maximum of 36 characters. Minimum: 0 Maximum: 36
project_id	String	ID of the current project. Minimum: 0 Maximum: 64
update_time	String	Update time. The format is ISO 8601 -- YYYY-MM-DDTHH:mm:ss.ms+Timezone. Time zone where the alert occurred. If this parameter cannot be parsed, the default time zone GMT+8 is used. Minimum: 0 Maximum: 30
version	Integer	Version. Minimum: 0 Maximum: 999
workspace_id	String	ID of the current workspace. Minimum: 0 Maximum: 36

**Table 5** Incident
Parameter	Type	Description
version	String	Version of the data source of an incident. The version must be one officially released by the Huawei Cloud SSA service. Minimum: 0 Maximum: 64
id	String	Unique identifier of an incident. The value is in UUID format and can contain a maximum of 36 characters. Minimum: 0 Maximum: 36
domain_id	String	ID of the account (domain_id) to whom the data is delivered and hosted. Minimum: 0 Maximum: 36
region_id	String	ID of the region where the account to whom the data is delivered and hosted belongs to. Minimum: 0 Maximum: 36
workspace_id	String	ID of the current workspace. Minimum: 0 Maximum: 36
labels	String	Tag (display only) Minimum: 0 Maximum: 1024
environment	environment object	Coordinates of the environment where the incident was generated.
data_source	data_source object	Source the data is first reported.
first_observed_time	String	First discovery time. The format is ISO 8601- YYYY-MM-DDTHH:mm:ss.ms+Time zone. Time zone where the incident occurred. If this parameter cannot be parsed, the default time zone GMT+8 is used. Minimum: 0 Maximum: 30
last_observed_time	String	First discovery time. The format is ISO 8601- YYYY-MM-DDTHH:mm:ss.ms+Time zone. Time zone where the incident occurred. If this parameter cannot be parsed, the default time zone GMT+8 is used. Minimum: 0 Maximum: 30
create_time	String	Recording time. The format is ISO 8601- YYYY-MM-DDTHH:mm:ss.ms+Timezone. Time zone where the incident occurred. If this parameter cannot be parsed, the default time zone GMT+8 is used. Minimum: 0 Maximum: 30
arrive_time	String	Data receiving time. The format is ISO 8601- YYYY-MM-DDTHH:mm:ss.ms+Time zone. Time zone where the incident occurred. If this parameter cannot be parsed, the default time zone GMT+8 is used. Minimum: 0 Maximum: 30
title	String	Incident title. Minimum: 0 Maximum: 255
description	String	Event Description Minimum: 0 Maximum: 1024
source_url	String	Incident URL, which points to the page of the current incident description in the data source product. Minimum: 0 Maximum: 1024
count	Integer	Incident occurrences Minimum: 0 Maximum: 999
confidence	Integer	Incident confidence. Confidence is used to illustrate the accuracy of an identified behavior or incident. Value range -- 0-100. 0 indicates that the confidence is 0%, and 100 indicates that the confidence is 100%. Minimum: 0 Maximum: 100
severity	String	Severity level. Value range: Tips \| Low \| Medium \| High \| Fatal Description: 0: TIPS: No threats are found. 1: LOW: No actions are required for the threat. 2: MEDIUM: The threat needs to be handled but is not urgent. 3: HIGH: The threat must be handled preferentially. 4: FATAL: The threat must be handled immediately to prevent further damage. Minimum: 3 Maximum: 6 Enumeration values: Tips Low Medium High Fatal
criticality	Integer	Criticality, which specifies the importance level of the resources involved in an incident. Value range -- 0 to 100. The value 0 indicates that the resource is not critical, and 100 indicates that the resource is critical. Minimum: 0 Maximum: 100
incident_type	incident_type object	Incident categories. For details, see the Alert Incident Type Definition.
network_list	Array of network_list objects	Network Information Array Length: 0 - 999
resource_list	Array of resource_list objects	Affected resources. Array Length: 0 - 999
remediation	remediation object	Remedy measure.
verification_state	String	Verification status, which identifies the accuracy of an incident. The options are as follows: – Unknown – True_Positive – False_Positive Enter Unknown by default. Minimum: 32 Maximum: 64 Enumeration values: Unknown True_Positive False_Positive
handle_status	String	Incident handling status. The options are as follows: Open: enabled. Block: blocked. Closed: closed. The default value is Open. Minimum: 4 Maximum: 5 Enumeration values: Open Block Closed
sla	Integer	Risk close time -- Set the acceptable risk duration. Unit -- Hour Minimum: 0 Maximum: 999
update_time	String	Update time. The format is ISO 8601 -- YYYY-MM-DDTHH:mm:ss.ms+Timezone. Time zone where the alert occurred. If this parameter cannot be parsed, the default time zone GMT+8 is used. Minimum: 0 Maximum: 30
close_time	String	Closing time. The format is ISO 8601 -- YYYY-MM-DDTHH:mm:ss.ms+Timezone. Time zone where the incident occurred. If this parameter cannot be parsed, the default time zone GMT+8 is used. Minimum: 0 Maximum: 30
ipdrr_phase	String	Period/Handling phase No. Prepartion\|Detection and Analysis\|Containm, Eradication& Recovery\|Post-Incident-Activity Minimum: 0 Maximum: 64 Enumeration values: Prepartion Detection and Analysis Containm, Eradication& Recovery Post-Incident-Activity
simulation	String	Debugging field. Minimum: 0 Maximum: 64
actor	String	Incident investigator. Minimum: 0 Maximum: 64
owner	String	Owner and service owner. Minimum: 0 Maximum: 64
creator	String	Creator Minimum: 0 Maximum: 64
close_reason	String	Close reason. False positive. Resolved Repeated Other Minimum: 0 Maximum: 64 Enumeration values: False detection Resolved Repeated Other
close_comment	String	Whether to close comment. Minimum: 0 Maximum: 1024
malware	malware object	Malware
system_info	Object	System information.
process	Array of process objects	Process information. Array Length: 0 - 999
user_info	Array of user_info objects	User Details Array Length: 0 - 999
file_info	Array of file_info objects	Document Information Array Length: 0 - 999
system_alert_table	Object	Layout fields in the incident list.

**Table 6** environment
Parameter	Type	Description
vendor_type	String	Environment provider. The value can be HWCP, HWC, AWS, Azure, or GCP. Minimum: 0 Maximum: 64
domain_id	String	Tenant ID. Minimum: 0 Maximum: 64
region_id	String	Region ID. global is returned for global services. Minimum: 0 Maximum: 64
cross_workspace_id	String	ID of the source workspace for the data delivery. If the source workspace ID is null, then the destination workspace account ID is used. Minimum: 0 Maximum: 64
project_id	String	Project ID. The default value is null for global services. Minimum: 0 Maximum: 64

**Table 7** data_source
Parameter	Type	Description
source_type	Integer	Data source type. The options are as follows-- 1- Huawei product 2- Third-party product 3- Tenant product Minimum: 1 Maximum: 3 Enumeration values: 1 2 3
domain_id	String	Account ID to which the data source product belongs. Minimum: 0 Maximum: 36
project_id	String	ID of the project to which the data source product belongs. Minimum: 0 Maximum: 64
region_id	String	Region where the data source is located, for example, cn-north1. For details about the value range, see Regions and Endpoints. Minimum: 0 Maximum: 64
company_name	String	Name of the company to which a data source belongs. Minimum: 0 Maximum: 16
product_name	String	Name of the data source. Minimum: 0 Maximum: 24
product_feature	String	Name of the feature of the product that detects the incident. Minimum: 0 Maximum: 24
product_module	String	Threat detection module list. Minimum: 0 Maximum: 1024

**Table 8** incident_type
Parameter	Type	Description
category	String	Type Minimum: 0 Maximum: 1024
incident_type	String	Incident type. Minimum: 0 Maximum: 1024

**Table 9** network_list
Parameter	Type	Description
direction	String	Direction. The value can be IN or OUT. Minimum: 0 Maximum: 3 Enumeration values: IN OUT
protocol	String	Protocol, including Layer 7 and Layer 4 protocols. For details, see IANA registered name. https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml. Minimum: 0 Maximum: 64
src_ip	String	Source IP address Minimum: 0 Maximum: 64
src_port	Integer	Source port. The value ranges from 0 to 65535. Minimum: 0 Maximum: 65535
src_domain	String	Source domain name. Minimum: 0 Maximum: 128
src_geo	src_geo object	Geographical location of the source IP address.
dest_ip	String	Destination IP address Minimum: 32 Maximum: 64
dest_port	String	Destination port. The value ranges from 0 to 65535. Minimum: 0 Maximum: 65535
dest_domain	String	Destination domain name Minimum: 0 Maximum: 128
dest_geo	dest_geo object	Geographical location of the destination IP address.

**Table 10** src_geo
Parameter	Type	Description
latitude	Number	Latitude Minimum: 0 Maximum: 90
longitude	Number	Longitude Minimum: 0 Maximum: 180
city_code	String	City code. For example, Beijing or Shanghai. Minimum: 0 Maximum: 64
country_code	String	Country code. For details, see ISO 3166-1 alpha-2. For example, CN \| US \| DE \| IT \| SG. Minimum: 0 Maximum: 64

**Table 11** dest_geo
Parameter	Type	Description
latitude	Number	Latitude Minimum: 0 Maximum: 90
longitude	Number	Longitude Minimum: 0 Maximum: 180
city_code	String	City code. For example, Beijing or Shanghai. Minimum: 0 Maximum: 64
country_code	String	Country code. For details, see ISO 3166-1 alpha-2. For example, CN \| US \| DE \| IT \| SG. Minimum: 0 Maximum: 64

**Table 12** resource_list
Parameter	Type	Description
id	String	Cloud service resource ID. Minimum: 0 Maximum: 36
name	String	Resource name. Minimum: 0 Maximum: 255
type	String	Resource type. This parameter references the value of RMS type on Huawei Cloud. Minimum: 0 Maximum: 64
provider	String	Cloud service name, which is the same as the provider field in the RMS service. Minimum: 0 Maximum: 64
region_id	String	Region ID in Huawei Cloud, for example, cn-north-1. Minimum: 0 Maximum: 36
domain_id	String	ID of the account to which the resource belongs, in UUID format. Minimum: 0 Maximum: 36
project_id	String	ID of the account to which the resource belongs, in UUID format. Minimum: 0 Maximum: 36
ep_id	String	Specifies the enterprise project ID. Minimum: 0 Maximum: 128
ep_name	String	Enterprise Project Name Minimum: 0 Maximum: 128
tags	String	Resource tag. A maximum of 50 key/value pairs are supported. Value: a maximum of 255 characters, including letters, digits, spaces, and +, -, =, ., _, :, /,@ Minimum: 0 Maximum: 2048

**Table 13** remediation
Parameter	Type	Description
recommendation	String	Recommended solution. Minimum: 0 Maximum: 128
url	String	Link to the general fix information for the incident. The URL must be accessible from the public network with no credentials required. Minimum: 0 Maximum: 2048

**Table 14** malware
Parameter	Type	Description
malware_family	String	Malicious family. Minimum: 0 Maximum: 64
malware_class	String	Malware category. Minimum: 0 Maximum: 64

**Table 15** process
Parameter	Type	Description
process_name	String	Process name. Minimum: 0 Maximum: 64
process_path	String	Process execution file path. Minimum: 0 Maximum: 512
process_pid	Integer	Process ID. Minimum: 0 Maximum: 65535
process_uid	Integer	Process user ID. Minimum: 0 Maximum: 655350
process_cmdline	String	Process command line. Minimum: 0 Maximum: 128
process_parent_name	String	Parent process name. Minimum: 0 Maximum: 64
process_parent_path	String	Parent process execution file path. Minimum: 0 Maximum: 512
process_parent_pid	Integer	Parent process ID. Minimum: 0 Maximum: 65535
process_parent_uid	Integer	Parent process user ID. Minimum: 0 Maximum: 655350
process_parent_cmdline	String	Parent process command line. Minimum: 0 Maximum: 128
process_child_name	String	Subprocess name. Minimum: 0 Maximum: 64
process_child_path	String	Subprocess execution file path. Minimum: 0 Maximum: 512
process_child_pid	Integer	Subprocess ID. Minimum: 0 Maximum: 65535
process_child_uid	Integer	Subprocess user ID. Minimum: 0 Maximum: 655350
process_child_cmdline	String	Subprocess command line Minimum: 0 Maximum: 128
process_launche_time	String	Incident start time. The format is ISO 8601 -- YYYY-MM-DDTHH:mm:ss.ms+Time zone. Time zone where the incident occurred. If this parameter cannot be parsed, the default time zone GMT+8 is used. Minimum: 0 Maximum: 30
process_terminate_time	String	Process end time. The format is ISO 8601 -- YYYY-MM-DDTHH:mm:ss.ms+Time zone. Time zone where the incident occurred. If this parameter cannot be parsed, the default time zone GMT+8 is used. Minimum: 0 Maximum: 30

**Table 16** user_info
Parameter	Type	Description
user_id	String	User UID Minimum: 0 Maximum: 36
user_name	String	Username Minimum: 32 Maximum: 64

**Table 17** file_info
Parameter	Type	Description
file_path	String	File path/name. Minimum: 0 Maximum: 128
file_content	String	File path/name. Minimum: 0 Maximum: 1024
file_new_path	String	New file path/name. Minimum: 32 Maximum: 64
file_hash	String	File Hash Minimum: 0 Maximum: 128
file_md5	String	File MD5 Minimum: 0 Maximum: 128
file_sha256	String	File SHA256 Minimum: 0 Maximum: 128
file_attr	String	File attribute. Minimum: 0 Maximum: 1024

**Table 18** dataclass_ref
Parameter	Type	Description
id	String	Unique identifier of a data class. The value is in UUID format and can contain a maximum of 36 characters. Minimum: 0 Maximum: 36
name	String	Data class name. Minimum: 0 Maximum: 36

Status code: 400

**Table 19** Response body parameters
Parameter	Type	Description
code	String	Error Code Minimum: 0 Maximum: 64
message	String	Error Description Minimum: 0 Maximum: 1024

Example Requests

None

Example Responses

Status code: 200

Response body for requests for obtaining incident details.

{
  "code" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
  "message" : "Error message",
  "data" : {
    "data_object" : {
      "version" : "1.0",
      "environment" : {
        "vendor_type" : "MyXXX",
        "domain_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "region_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "project_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f"
      },
      "data_source" : {
        "source_type" : 3,
        "domain_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "project_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "region_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f"
      },
      "first_observed_time" : "2021-01-30T23:00:00Z+0800",
      "last_observed_time" : "2021-01-30T23:00:00Z+0800",
      "create_time" : "2021-01-30T23:00:00Z+0800",
      "arrive_time" : "2021-01-30T23:00:00Z+0800",
      "title" : "MyXXX",
      "description" : "This my XXXX",
      "source_url" : "http://xxx",
      "count" : "4",
      "confidence" : 4,
      "severity" : "TIPS",
      "criticality" : 4,
      "incident_type" : { },
      "network_list" : [ {
        "direction" : {
          "IN" : null
        },
        "protocol" : "TCP",
        "src_ip" : "192.168.0.1",
        "src_port" : "1",
        "src_domain" : "xxx",
        "dest_ip" : "192.168.0.1",
        "dest_port" : "1",
        "dest_domain" : "xxx",
        "src_geo" : {
          "latitude" : 90,
          "longitude" : 180
        },
        "dest_geo" : {
          "latitude" : 90,
          "longitude" : 180
        }
      } ],
      "resource_list" : [ {
        "id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "name" : "MyXXX",
        "type" : "MyXXX",
        "domain_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "project_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "region_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "ep_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "ep_name" : "MyXXX",
        "tags" : "909494e3-558e-46b6-a9eb-07a8e18ca62f"
      } ],
      "remediation" : {
        "recommendation" : "MyXXX",
        "url" : "MyXXX"
      },
      "verification_state" : "Unknown,True_Positive,False_Positive The default value is Unknown.",
      "handle_status" : "Open – enabled.Block – blocked.Closed – closed.The default value is Open.",
      "sla" : 60000,
      "update_time" : "2021-01-30T23:00:00Z+0800",
      "close_time" : "2021-01-30T23:00:00Z+0800",
      "ipdrr_phase" : "Prepartion|Detection and Analysis|Containm, Eradication& Recovery| Post-Incident-Activity",
      "simulation" : "false",
      "actor" : "Tom",
      "owner" : "MyXXX",
      "creator" : "MyXXX",
      "close_reason" : "False positive; Resolved; Duplicate; Others",
      "close_comment" : "False positive; Resolved; Duplicate; Others",
      "malware" : {
        "malware_family" : "family",
        "malware_class" : "Malicious memory occupation."
      },
      "system_info" : { },
      "process" : [ {
        "process_name" : "MyXXX",
        "process_path" : "MyXXX",
        "process_pid" : 123,
        "process_uid" : 123,
        "process_cmdline" : "MyXXX"
      } ],
      "user_info" : [ {
        "user_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "user_name" : "MyXXX"
      } ],
      "file_info" : [ {
        "file_path" : "MyXXX",
        "file_content" : "MyXXX",
        "file_new_path" : "MyXXX",
        "file_hash" : "MyXXX",
        "file_md5" : "MyXXX",
        "file_sha256" : "MyXXX",
        "file_attr" : "MyXXX"
      } ],
      "id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
      "workspace_id" : "909494e3-558e-46b6-a9eb-07a8e18ca620"
    },
    "create_time" : "2021-01-30T23:00:00Z+0800",
    "update_time" : "2021-01-30T23:00:00Z+0800",
    "project_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
    "workspace_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f"
  }
}

SDK Sample Code

The SDK sample code is as follows.

      
       
         
         
           package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.secmaster.v2.region.SecMasterRegion;
import com.huaweicloud.sdk.secmaster.v2.*;
import com.huaweicloud.sdk.secmaster.v2.model.*;


public class ShowIncidentSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withAk(ak)
                .withSk(sk);

        SecMasterClient client = SecMasterClient.newBuilder()
                .withCredential(auth)
                .withRegion(SecMasterRegion.valueOf("<YOUR REGION>"))
                .build();
        ShowIncidentRequest request = new ShowIncidentRequest();
        try {
            ShowIncidentResponse response = client.showIncident(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

          

        

      
     

      
       
         
         
           # coding: utf-8

from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdksecmaster.v2.region.secmaster_region import SecMasterRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdksecmaster.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = __import__('os').getenv("CLOUD_SDK_AK")
    sk = __import__('os').getenv("CLOUD_SDK_SK")

    credentials = BasicCredentials(ak, sk) \

    client = SecMasterClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(SecMasterRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ShowIncidentRequest()
        response = client.show_incident(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

          

        

      
     

      
       
         
         
           package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    secmaster "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := secmaster.NewSecMasterClient(
        secmaster.SecMasterClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ShowIncidentRequest{}
	response, err := client.ShowIncident(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

          

        

      
     