Counting Affected Servers and Vulnerabilities
Function
This API is used to query the numbers of affected servers and vulnerabilities.
Authorization Information
Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
- If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
- If you are using identity policy-based authorization, no identity policy-based permission required for calling this API.
URI
GET /v5/{project_id}/vulnerability/statistics/affected
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Definition Project ID, which is used to specify the project that an asset belongs to. After the project ID is configured, you can query assets in the project using the project ID. For details about how to obtain it, see Obtaining a Project ID. Constraints N/A Range The value can contain 1 to 256 characters. Default Value N/A |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
enterprise_project_id |
No |
String |
Definition Enterprise project ID, which is used to filter assets in different enterprise projects. For details, see Obtaining an Enterprise Project ID. To query assets in all enterprise projects, set this parameter to all_granted_eps. Constraints You need to set this parameter only after the enterprise project function is enabled. Range The value can contain 1 to 256 characters. Default Value 0: default enterprise project. |
|
select_type |
No |
String |
Definition Select vulnerabilities. Constraints N/A Range Default Value N/A |
|
type |
No |
String |
Definition Vulnerability type. This field is mandatory when select_type is set to all_vul. Constraints N/A Range Default Value N/A |
|
cluster_id |
No |
String |
Definition Cluster ID. Constraints N/A Range The value can contain 0 to 256 characters. Default Value N/A |
|
container_ids |
No |
Array of strings |
Definition Container ID set. Constraints N/A Range Minimum value: 1; Maximum value: 1,000 Default Value N/A |
|
is_container |
No |
Boolean |
Definition Whether it is the container scenario. Constraints N/A Range Default Value false |
|
vul_ids |
No |
Array of strings |
Definition Vulnerability ID set. Constraints N/A Range Minimum value: 1; Maximum value: 1,000 Default Value N/A |
|
host_ids |
No |
Array of strings |
Definition Server ID set. Constraints N/A Range Minimum value: 1; Maximum value: 1,000 Default Value N/A |
|
category |
No |
String |
Definition Type. The default value is host. Constraints N/A Range Default Value host |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
Definition User token, which contains user identity and permissions. The token can be used for identity authentication when an API is called. For details about how to obtain the token, see Obtaining a User Token. Constraints N/A Range The value can contain 1 to 32,768 characters. Default Value N/A |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
vul_num |
Integer |
Definition Number of affected vulnerabilities (calculated by vulnerability ID). Range The value range is 0 to 2,147,483,647. |
|
host_num |
Integer |
Definition Number of affected servers. Range The value range is 0 to 2,147,483,647. |
|
image_num |
Integer |
Definition Number of affected images. Range The value range is 0 to 2,147,483,647. |
|
container_num |
Integer |
Definition Number of affected containers Range The value range is 0 to 2,147,483,647. |
|
data_list |
Array of data_list objects |
Definition Statistics by vulnerability type. This field is available when select_type is set to all_host or empty. |
|
total_vul_num |
Integer |
Definition Total number of affected vulnerabilities (server + vulnerability) Range The value range is 0 to 2,147,483,647. |
|
extend_tips |
Array of strings |
Definition Tip. |
|
extend_text_tips |
Array of strings |
Definition Vulnerability fixing tip. Range Minimum value: 1; maximum value: 500 |
|
disabled_operate_types |
disabled_operate_types object |
Definition List of disabled vulnerability operation types |
|
cce_vul_num |
Integer |
Definition Number of CCE Vulnerabilities Range The value range is 0 to 2,147,483,647. |
|
basic_host_num |
Integer |
Definition Number of servers protected by the basic edition Range The value range is 0 to 2,147,483,647. |
|
cce_disabled_vul_list |
Array of cce_disabled_vul_list objects |
Definition CCE Server Vulnerabilities That Cannot Be Fixed |
|
Parameter |
Type |
Description |
|---|---|---|
|
type |
String |
Definition Vulnerability type. Range |
|
vul_num |
Integer |
Definition Number of vulnerabilities of this type Range The value range is 0 to 2,147,483,647. |
|
Parameter |
Type |
Description |
|---|---|---|
|
operate_type |
String |
Definition Forbidden operation types Range |
|
reason |
String |
Definition Reason for disabling. Range 0 to 4,096 characters |
|
Parameter |
Type |
Description |
|---|---|---|
|
host_name |
String |
Definition Server name. Range The value can contain 0 to 64 characters. |
|
host_id |
String |
Definition Server ID Range The value can contain 0 to 64 characters. |
|
vul_name |
String |
Definition Vulnerability name. Range The value can contain 0 to 256 characters. |
|
vul_id |
String |
Definition Vulnerability Patch No. Range The value contains 0 to 256 characters. |
|
operation_description |
String |
Definition Shortcuts Range The value can contain 0 to 4,096 characters. |
Example Requests
Query the scope of vulnerabilities affected by vulnerability operations (fixing) when the project ID is 2b31ed520xxxxxxebedb6e57xxxxxxxx and the server ID is cb193cfc-671a-4be6-bdcf-e0761d5ab734.
GET https://{endpoint}/v5/2b31ed520xxxxxxebedb6e57xxxxxxxx/vulnerability/statistics/affected?handle_status=unhandled&statistic_basic=false&operate_type=immediate_repair&host_ids=cb193cfc-671a-4be6-bdcf-e0761d5ab734&enterprise_project_id=all_granted_eps
Example Responses
Status code: 200
Request succeeded.
{
"vul_num" : 92,
"host_num" : 1,
"total_vul_num" : 92,
"data_list" : [ {
"type" : "linux_vul",
"vul_num" : 92
}, {
"type" : "windows_vul",
"vul_num" : 0
}, {
"type" : "web_cms",
"vul_num" : 0
}, {
"type" : "app_vul",
"vul_num" : 0
}, {
"type" : "urgent_vul",
"vul_num" : 0
}, {
"type" : "cluster_vul",
"vul_num" : 0
} ],
"extend_tips" : [ ],
"extend_text_tips" : [ ],
"disabled_operate_types" : {
"operate_type" : "xxx",
"reason" : "xxx"
},
"cce_vul_num" : 2,
"cce_disabled_vul_list" : [ {
"host_name" : "ecs-yescrypt is deleted by mistake.",
"host_id" : "cb193cfc-671a-4be6-bdcf-e0761d5ab734",
"vul_name" : "USN-7166-1: Linux kernel vulnerabilities",
"vul_id" : "USN-7166-1",
"operation_description" : "This software is the core dependency software of the CCE cluster. If you upgrade this software, CCE functions may be abnormal. Do not upgrade this software by yourself. You can upgrade the cluster to the latest version and then reset the node. If the cluster version is the latest and the vulnerability persists after the node is reset, CCE will fix the vulnerability in later versions based on the Huawei Cloud vulnerability SLO. For details about the vulnerability fixing policy, see https://support.huaweicloud.com/bulletin-cce/cce_bulletin_0011.html."
}, {
"host_name" : "ecs-yescrypt is deleted by mistake.",
"host_id" : "cb193cfc-671a-4be6-bdcf-e0761d5ab734",
"vul_name" : "USN-7179-1: Linux kernel vulnerabilities",
"vul_id" : "USN-7179-1",
"operation_description" : "This software is the core dependency software of the CCE cluster. If you upgrade this software, CCE functions may be abnormal. Do not upgrade this software by yourself. You can upgrade the cluster to the latest version and then reset the node. If the cluster version is the latest and the vulnerability persists after the node is reset, CCE will fix the vulnerability in later versions based on the Huawei Cloud vulnerability SLO. For details about the vulnerability fixing policy, see https://support.huaweicloud.com/bulletin-cce/cce_bulletin_0011.html."
} ]
}
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Request succeeded. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
