Querying Security Report Content
Function
This API is used to query the content of a security report.
Calling Method
For details, see Calling APIs.
URI
GET /v1/{project_id}/waf/security-reports/{report_id}
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Definition Tenant project ID, which is used to identify the project to which the tenant belongs. To obtain the project ID, log in to the console, click the username, choose My Credentials, locate the project in the Projects list, and check the Project ID. Constraints N/A Range N/A Default Value N/A |
|
report_id |
Yes |
String |
Definition Report ID, which uniquely identifies the security report to be queried. The value can be obtained from the security report list API. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
subscription_id |
Yes |
String |
Definition Subscription ID, which is associated with the subscription record of the report to be queried. The value can be obtained from the security report subscription list API. Constraints N/A Range N/A Default Value N/A |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
Definition Tenant token, which is used for identity authentication. You can obtain the token by calling the IAM API for obtaining a user token. The token is the value of X-Subject-Token in the response header. Constraints N/A Range Length: 32 to 4096 characters Default Value N/A |
|
Content-Type |
Yes |
String |
Definition Content type, which specifies the data format of the request body. Constraints N/A Range Length: 32 to 64 characters Default Value application/json;charset=utf8 |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
report_id |
String |
Definition Report ID, which uniquely identifies the security report to be queried. Constraints N/A Range N/A Default Value N/A |
|
subscription_id |
String |
Definition Subscription ID, which is associated with the security report subscription record to which the current report belongs. Constraints N/A Range N/A Default Value N/A |
|
sending_period |
String |
Definition Preset time frame to send the report. For example, morning indicates the security report will be sent in the morning. Constraints N/A Range N/A Default Value N/A |
|
report_name |
String |
Definition Report name, which is used to identify the name of the current security report. Constraints N/A Range N/A Default Value N/A |
|
report_category |
String |
Definition Report type; for example, daily_report indicates the daily security report. Constraints N/A Range N/A Default Value N/A |
|
topic_urn |
String |
Definition URN of the SMN topic to which the report is sent. Constraints N/A Range N/A Default Value N/A |
|
subscription_type |
String |
Definition Subscription type, which indicates the subscription mode of the security report. For example, silent indicates silent subscription. Constraints N/A Range N/A Default Value N/A |
|
report_content_subscription_info |
Definition Subscription of the report content, including all statistics details of the security report. Constraints N/A Range N/A Default Value N/A |
|
|
stat_period |
stat_period object |
Definition Statistical period, which indicates the time range of the current security report statistics. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
overview_statistics_list_info |
Array of overview_statistics_list_info objects |
Definition Overview statistics, including the summary statistics of each dimension and top domain name details. Constraints N/A Range N/A Default Value N/A |
|
request_statistics_info_list |
Array of request_statistics_info_list objects |
Definition Statistics on the number of requests by dimension and timeline. Constraints N/A Range N/A Default Value N/A |
|
qps_statistics_info |
qps_statistics_info object |
Definition QPS statistics, including the average QPS and peak QPS statistics of each dimension by timeline. Constraints N/A Range N/A Default Value N/A |
|
bandwidth_statistics_info |
bandwidth_statistics_info object |
Definition Bandwidth statistics, including the average bandwidth and peak bandwidth statistics of each dimension by timeline. Constraints N/A Range N/A Default Value N/A |
|
response_code_statistics_info |
Definition Response code statistics, including the timeline statistics of each response code of WAF and upstream servers. Constraints N/A Range N/A Default Value N/A |
|
|
attack_type_distribution_info_list |
Array of attack_type_distribution_info_list objects |
Definition Attack type distribution statistics, including the number of attacks of each attack type. Constraints N/A Range N/A Default Value N/A |
|
top_attacked_domains_info_list |
Array of top_attacked_domains_info_list objects |
Definition List of top attacked domain names, sorted by the number of attacks. Constraints N/A Range N/A Default Value N/A |
|
top_attack_source_ips_info_list |
Array of top_attack_source_ips_info_list objects |
Definition Source IP addresses of top attacks, sorted by the number of attacks. Constraints N/A Range N/A Default Value N/A |
|
top_attacked_urls_info_list |
Array of top_attacked_urls_info_list objects |
Definition List of top attacked URLs, sorted by the number of attacks. Constraints N/A Range N/A Default Value N/A |
|
top_attack_source_locations_info_list |
Array of top_attack_source_locations_info_list objects |
Definition Geographical locations of top attack sources, which are sorted by the number of attacks. Constraints N/A Range N/A Default Value N/A |
|
top_abnormal_urls_info |
top_abnormal_urls_info object |
Definition Top URLs that return error codes 502, 500, and 404, sorted by error times. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition Statistical dimension identifier (for example, ACCESS indicates access statistics). Constraints N/A Range N/A Default Value N/A |
|
num |
Integer |
Definition Total number of records in the statistical dimension. Constraints N/A Range ≥ 0 Default Value 0 |
|
top_domains |
Array of top_domains objects |
Definition Top domain name list, which is sorted by the number of records. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
num |
Integer |
Definition Number of records of the domain name in the statistical dimension. Constraints N/A Range ≥ 0 Default Value 0 |
|
host |
String |
Definition Domain name ID, including the domain name and association ID. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition Statistical dimension identifier (for example, ACCESS indicates access statistics). Constraints N/A Range N/A Default Value N/A |
|
timeline |
Array of timeline objects |
Definition Timeline data, which is the number of statistics sorted by time. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
time |
Integer |
Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
|
num |
Integer |
Definition Number of dimensions corresponding to the time point. Constraints N/A Range ≥ 0 Default Value 0 |
|
Parameter |
Type |
Description |
|---|---|---|
|
average_info_list |
Array of average_info_list objects |
Definition List of average QPS statistics, including the average QPS data of each dimension by timeline. Constraints N/A Range N/A Default Value N/A |
|
peak_info_list |
Array of peak_info_list objects |
Definition Peak QPS statistics list, which contains the peak QPS data of each dimension by timeline. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition Statistical dimension identifier (for example, ACCESS indicates access statistics). Constraints N/A Range N/A Default Value N/A |
|
timeline |
Array of timeline objects |
Definition Timeline data, which is the average QPS values sorted by time. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
time |
Long |
Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
|
num |
Long |
Definition Average QPS in the statistical dimension corresponding to the time point. Constraints N/A Range ≥ 0 Default Value 0 |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition Statistical dimension identifier (for example, ACCESS indicates access statistics). Constraints N/A Range N/A Default Value N/A |
|
timeline |
Array of timeline objects |
Definition Timeline data, which is the peak QPS values sorted by time. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
time |
Long |
Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
|
num |
Long |
Definition Peak QPS in the statistical dimension corresponding to the time point. Constraints N/A Range ≥ 0 Default Value 0 |
|
Parameter |
Type |
Description |
|---|---|---|
|
average_info_list |
Array of average_info_list objects |
Definition List of average bandwidth statistics, including the average bandwidth data of each dimension by timeline. Constraints N/A Range N/A Default Value N/A |
|
peak_info_list |
Array of peak_info_list objects |
Definition List of peak bandwidth statistics, which contains the peak bandwidth data of each dimension by timeline. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition Statistical dimension identifier; for example, BANDWIDTH indicates bandwidth statistics. Constraints N/A Range N/A Default Value N/A |
|
timeline |
Array of timeline objects |
Definition Timeline data, which is the average bandwidth values sorted by time. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
time |
Long |
Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
|
num |
Integer |
Definition Average bandwidth in the statistical dimension corresponding to the time point. Constraints N/A Range ≥ 0 Default Value 0 |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition Statistical dimension identifier; for example, BANDWIDTH indicates bandwidth statistics. Constraints N/A Range N/A Default Value N/A |
|
timeline |
Array of timeline objects |
Definition Timeline data, which is the peak bandwidth values sorted by time. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
time |
Long |
Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
|
num |
Integer |
Definition Peak bandwidth in the statistical dimension corresponding to the time point. Constraints N/A Range ≥ 0 Default Value 0 |
|
Parameter |
Type |
Description |
|---|---|---|
|
response_source_waf_info_list |
Array of response_source_waf_info_list objects |
Definition WAF response code statistics list, which contains the WAF response code quantity by timeline. Constraints N/A Range N/A Default Value N/A |
|
response_source_upstream_info_list |
Array of response_source_upstream_info_list objects |
Definition Upstream response code statistics list, which contains the upstream response code quantity by timeline. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition Response code, for example, 504 indicates that the gateway times out. Constraints N/A Range N/A Default Value N/A |
|
timeline |
Array of timeline objects |
Definition Timeline data, which is the WAF response code quantity sorted by time. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
time |
Long |
Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
|
num |
Long |
Definition Number of response codes returned by WAF at the time point. Constraints N/A Range ≥ 0 Default Value 0 |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition Response code, for example, 504 indicates that the gateway times out. Constraints N/A Range N/A Default Value N/A |
|
timeline |
Array of timeline objects |
Definition Timeline data, which is the upstream response code quantity sorted by time. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
time |
Long |
Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
|
num |
Long |
Definition Number of response codes returned by the upstream server at the time point. Constraints N/A Range ≥ 0 Default Value 0 |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition Attack type ID; for example, custom_custom indicates attacks hit precise protection rules. Constraints N/A Range N/A Default Value N/A |
|
num |
Integer |
Definition Total number of attacks of the attack type. Constraints N/A Range ≥ 0 Default Value 0 |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition Domain name ID, including the domain name and port number; for example, *:80 indicates port 80 of all domain names. Constraints N/A Range N/A Default Value N/A |
|
num |
Integer |
Definition Total number of attacks on the domain name. Constraints N/A Range ≥ 0 Default Value 0 |
|
web_tag |
String |
Definition Web tag of the domain name. It is used to identify the service type of the domain name. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition Attack source IP address. Constraints N/A Range N/A Default Value N/A |
|
num |
Integer |
Definition Total number of attacks from the IP address. Constraints N/A Range ≥ 0 Default Value 0 |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition Path of the attacked URL. Constraints N/A Range N/A Default Value N/A |
|
num |
Integer |
Definition Total number of attacks on the URL. Constraints N/A Range ≥ 0 Default Value 0 |
|
host |
String |
Definition Domain name ID of the URL, for example, *:80 indicates port 80 of all domain names. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition Attack source geological location identifier; for example, unknown indicates an unknown location. Constraints N/A Range N/A Default Value N/A |
|
num |
Integer |
Definition Total number of attacks from the geographical location. Constraints N/A Range ≥ 0 Default Value 0 |
|
Parameter |
Type |
Description |
|---|---|---|
|
abnormal_502_info_list |
Array of abnormal_502_info_list objects |
Definition Top URLs that return 502 errors, sorted by error times. Constraints N/A Range N/A Default Value N/A |
|
abnormal_500_info_list |
Array of abnormal_500_info_list objects |
Definition Top URLs that return error code 500, sorted by error times. Constraints N/A Range N/A Default Value N/A |
|
abnormal_404_info_list |
Array of abnormal_404_info_list objects |
Definition Top URLs that return error code 404, sorted by error times. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition URL that returns a 502 error. Constraints N/A Range N/A Default Value N/A |
|
num |
Integer |
Definition Number of times that the URL returns error code 502. Constraints N/A Range ≥ 0 Default Value 0 |
|
host |
String |
Definition Domain name to which the URL belongs. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition URL that returns a 500 error. Constraints N/A Range N/A Default Value N/A |
|
num |
Integer |
Definition Number of times that the URL returns error code 500. Constraints N/A Range ≥ 0 Default Value 0 |
|
host |
String |
Definition Domain name to which the URL belongs. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Definition URL that returns a 404 error. Constraints N/A Range N/A Default Value N/A |
|
num |
Integer |
Definition Number of times that the URL returns a 404 error. Constraints N/A Range ≥ 0 Default Value 0 |
|
host |
String |
Definition Domain name to which the URL belongs. Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
begin_time |
Long |
Definition Start time, which is the start timestamp (in milliseconds) of the statistical period. Constraints N/A Range N/A Default Value N/A |
|
end_time |
Long |
Definition End time, which is the end timestamp (in milliseconds) of the statistical period. Constraints N/A Range N/A Default Value N/A |
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
encoded_authorization_message |
String |
You can call the decode-authorization-message interface of the STS service to decode the rejection reason. For details, see the STS5 joint commissioning and self-verification. This parameter is returned only when an IAM 5 authentication error occurs. |
|
details |
Array of IAM5ErrorDetails objects |
The set of error messages reported when a downstream service is invoked. This parameter is returned only when an IAM 5 authentication error occurs. |
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error codes of the downstream service. |
|
error_msg |
String |
Error messages of the downstream service. |
Status code: 401
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
encoded_authorization_message |
String |
You can call the decode-authorization-message interface of the STS service to decode the rejection reason. For details, see the STS5 joint commissioning and self-verification. This parameter is returned only when an IAM 5 authentication error occurs. |
|
details |
Array of IAM5ErrorDetails objects |
The set of error messages reported when a downstream service is invoked. This parameter is returned only when an IAM 5 authentication error occurs. |
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error codes of the downstream service. |
|
error_msg |
String |
Error messages of the downstream service. |
Status code: 500
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
encoded_authorization_message |
String |
You can call the decode-authorization-message interface of the STS service to decode the rejection reason. For details, see the STS5 joint commissioning and self-verification. This parameter is returned only when an IAM 5 authentication error occurs. |
|
details |
Array of IAM5ErrorDetails objects |
The set of error messages reported when a downstream service is invoked. This parameter is returned only when an IAM 5 authentication error occurs. |
Example Requests
None
Example Responses
None
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Content report response. |
|
400 |
Request failed. |
|
401 |
The token does not have required permissions. |
|
500 |
Internal server error. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
