Querying Security Report Content
Function
This API is used to query the content of a security report.
Calling Method
For details, see Calling APIs.
URI
GET /v1/{project_id}/waf/security-reports/{report_id}
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| project_id | Yes | String | Definition Project ID. To obtain it, log in to the Huawei Cloud console, click the username, choose My Credentials, and find the project ID in the Projects list. Constraints N/A Range The value contains 32 characters. Only letters and digits are supported. Default Value N/A |
| report_id | Yes | String | Definition Report ID. You can call the "Querying the Sending Records of a Security Report" API (ListSecurityReportSendingRecords) to obtain the ID. Constraints N/A Range N/A Default Value N/A |
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| subscription_id | Yes | String | Definition ID of the subscription to be deleted. You can obtain the ID by calling the ListSecurityReportSubscriptions API for querying the list of security report subscriptions. Constraints N/A Range N/A Default Value N/A |
Request Parameters
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| X-Auth-Token | Yes | String | Definition User token. You can obtain it by calling the IAM API for obtaining a user token. The user token is the value of X-Subject-Token in the response header. Constraints N/A Range N/A Default Value N/A |
| Content-Type | Yes | String | Definition Content type. Constraints N/A Range N/A Default Value application/json;charset=utf8 |
Response Parameters
Status code: 200
| Parameter | Type | Description |
|---|---|---|
| report_id | String | Definition Report ID, which uniquely identifies the security report to be queried. Constraints N/A Range N/A Default Value N/A |
| subscription_id | String | Definition Subscription ID, which is associated with the security report subscription record to which the current report belongs. Constraints N/A Range N/A Default Value N/A |
| sending_period | String | Definition Preset time frame for sending the report. For example, morning indicates the security report will be sent in the morning. Constraints N/A Range Default Value N/A |
| report_name | String | Definition Report name, which is used to identify the name of the current security report. Constraints N/A Range N/A Default Value N/A |
| report_category | String | Definition Report type you want to subscribe to; for example, daily_report indicates the daily security report. Constraints N/A Range Default Value N/A |
| topic_urn | String | Definition URN of the SMN topic to which the report is sent. Constraints N/A Range N/A Default Value N/A |
| subscription_type | String | Definition The subscription method of receiving the security report. For example, silent indicates silent subscription. Constraints N/A Range Default Value N/A |
| report_content_info | report_content_info object | Definition Subscription of the report content, including all statistics details of the security report. Constraints N/A Range N/A Default Value N/A |
| create_time | Long | Definition Time when the report was created. Constraints N/A Range N/A Default Value N/A |
| stat_period | stat_period object | Definition Statistical period, which indicates the time range of the current security report statistics. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| overview_statistics_list_info | Array of overview_statistics_list_info objects | Definition Overview statistics, including the summary statistics of each dimension and top domain name details. Constraints N/A Range N/A Default Value N/A |
| request_statistics_info_list | Array of request_statistics_info_list objects | Definition Statistics on the number of requests by dimension and timeline. Constraints N/A Range N/A Default Value N/A |
| qps_statistics_info | qps_statistics_info object | Definition QPS statistics, including the average QPS and peak QPS statistics of each dimension by timeline. Constraints N/A Range N/A Default Value N/A |
| bandwidth_statistics_info | bandwidth_statistics_info object | Definition Bandwidth statistics, including the average bandwidth and peak bandwidth statistics of each dimension by timeline. Constraints N/A Range N/A Default Value N/A |
| response_code_statistics_info | Definition Response code statistics, including the timeline statistics of each response code of WAF and upstream servers. Constraints N/A Range N/A Default Value N/A | |
| attack_type_distribution_info_list | Array of attack_type_distribution_info_list objects | Definition Attack type distribution statistics, including the number of attacks of each attack type. Constraints N/A Range N/A Default Value N/A |
| top_attacked_domains_info_list | Array of top_attacked_domains_info_list objects | Definition List of top attacked domain names, sorted by the number of attacks. Constraints N/A Range N/A Default Value N/A |
| top_attack_source_ips_info_list | Array of top_attack_source_ips_info_list objects | Definition Source IP addresses of top attacks, sorted by the number of attacks. Constraints N/A Range N/A Default Value N/A |
| top_attacked_urls_info_list | Array of top_attacked_urls_info_list objects | Definition List of top attacked URLs, sorted by the number of attacks. Constraints N/A Range N/A Default Value N/A |
| top_attack_source_locations_info_list | Array of top_attack_source_locations_info_list objects | Definition Geographical locations of top attack sources, which are sorted by the number of attacks. Constraints N/A Range N/A Default Value N/A |
| top_abnormal_urls_info | top_abnormal_urls_info object | Definition Top URLs that return error codes 502, 500, and 404, sorted by error times. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition Statistical dimension identifier; for example, ACCESS indicates access statistics. Constraints N/A Range N/A Default Value N/A |
| num | Integer | Definition Total number of records in the statistical dimension. Constraints N/A Range ≥0 Default Value 0 |
| top_domains | Array of top_domains objects | Definition Top domain names, sorted by the number of records. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| num | Integer | Definition Number of records in the statistical dimension for the domain name. Constraints N/A Range ≥0 Default Value 0 |
| host | String | Definition Domain name ID, including the domain name and association ID. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition Statistical dimension identifier; for example, ACCESS indicates access statistics. Constraints N/A Range N/A Default Value N/A |
| timeline | Array of timeline objects | Definition Timeline data, which is the number of records sorted by time. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| time | Long | Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
| num | Integer | Definition Number of statistical dimensions corresponding to the time point. Constraints N/A Range ≥0 Default Value 0 |
| Parameter | Type | Description |
|---|---|---|
| average_info_list | Array of average_info_list objects | Definition List of average QPS statistics, including the average QPS data of each dimension by timeline. Constraints N/A Range N/A Default Value N/A |
| peak_info_list | Array of peak_info_list objects | Definition Peak QPS statistics list, which contains the peak QPS data of each dimension by timeline. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition Statistical dimension identifier; for example, ACCESS indicates access statistics. Constraints N/A Range N/A Default Value N/A |
| timeline | Array of timeline objects | Definition Average QPS values sorted by time. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| time | Long | Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
| num | Long | Definition Average QPS in the statistical dimension corresponding to the time point. Constraints N/A Range ≥0 Default Value 0 |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition Statistical dimension identifier; for example, ACCESS indicates access statistics. Constraints N/A Range N/A Default Value N/A |
| timeline | Array of timeline objects | Definition Peak QPS values sorted by time. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| time | Long | Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
| num | Long | Definition Peak QPS in the statistical dimension corresponding to the time point. Constraints N/A Range ≥0 Default Value 0 |
| Parameter | Type | Description |
|---|---|---|
| average_info_list | Array of average_info_list objects | Definition List of average bandwidth statistics, including the average bandwidth data of each dimension by timeline. Constraints N/A Range N/A Default Value N/A |
| peak_info_list | Array of peak_info_list objects | Definition List of peak bandwidth statistics, which contains the peak bandwidth data of each dimension by timeline. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition Statistical dimension identifier; for example, BANDWIDTH indicates bandwidth statistics. Constraints N/A Range N/A Default Value N/A |
| timeline | Array of timeline objects | Definition Timeline data, which is the average bandwidth values sorted by time. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| time | Long | Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
| num | Integer | Definition Average bandwidth in the statistical dimension corresponding to the time point. Constraints N/A Range ≥0 Default Value 0 |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition Statistical dimension identifier; for example, BANDWIDTH indicates bandwidth statistics. Constraints N/A Range N/A Default Value N/A |
| timeline | Array of timeline objects | Definition Timeline data, which is the peak bandwidth values sorted by time. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| time | Long | Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
| num | Integer | Definition Peak bandwidth in the statistical dimension corresponding to the time point. Constraints N/A Range ≥0 Default Value 0 |
| Parameter | Type | Description |
|---|---|---|
| response_source_waf_info_list | Array of response_source_waf_info_list objects | Definition WAF response code statistics list, which contains the WAF response code quantity by timeline. Constraints N/A Range N/A Default Value N/A |
| response_source_upstream_info_list | Array of response_source_upstream_info_list objects | Definition Upstream response code statistics list, which contains the upstream response code quantity by timeline. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition Response code, for example, 504 indicates that the gateway times out. Constraints N/A Range N/A Default Value N/A |
| timeline | Array of timeline objects | Definition Timeline data, which is the WAF response code quantity sorted by time. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| time | Long | Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
| num | Long | Definition Number of response codes returned by WAF at the time point. Constraints N/A Range ≥0 Default Value 0 |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition Response code, for example, 504 indicates that the gateway times out. Constraints N/A Range N/A Default Value N/A |
| timeline | Array of timeline objects | Definition Timeline data, which is the upstream response code quantity sorted by time. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| time | Long | Definition Timestamp (in milliseconds), which indicates the time point corresponding to the statistics. Constraints N/A Range N/A Default Value N/A |
| num | Long | Definition Number of response codes returned by the upstream server at the time point. Constraints N/A Range ≥0 Default Value 0 |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition Attack type ID; for example, custom_custom indicates attacks hit precise protection rules. Constraints N/A Range N/A Default Value N/A |
| num | Integer | Definition Total number of attacks of the attack type. Constraints N/A Range ≥0 Default Value 0 |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition Domain name ID, including the domain name and port number; for example, *:80 indicates port 80 of all domain names. Constraints N/A Range N/A Default Value N/A |
| num | Integer | Definition Total number of attacks against the domain name. Constraints N/A Range ≥0 Default Value 0 |
| web_tag | String | Definition Web tag of the domain name. It is used to identify the service type of the domain name. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition Attack source IP address. Constraints N/A Range N/A Default Value N/A |
| num | Integer | Definition Total number of attacks from the IP address. Constraints N/A Range ≥0 Default Value 0 |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition Path of the attacked URL. Constraints N/A Range N/A Default Value N/A |
| num | Integer | Definition Total number of attacks against the URL. Constraints N/A Range ≥0 Default Value 0 |
| host | String | Definition Domain name ID of the URL, for example, *:80 indicates port 80 of all domain names. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition Attack source geological location identifier; for example, unknown indicates an unknown location. Constraints N/A Range N/A Default Value N/A |
| num | Integer | Definition Total number of attacks from the geographical location. Constraints N/A Range ≥0 Default Value 0 |
| Parameter | Type | Description |
|---|---|---|
| abnormal_502_info_list | Array of abnormal_502_info_list objects | Definition Top URLs that return error code 502, sorted by error times. Constraints N/A Range N/A Default Value N/A |
| abnormal_500_info_list | Array of abnormal_500_info_list objects | Definition Top URLs that return error code 500, sorted by error times. Constraints N/A Range N/A Default Value N/A |
| abnormal_404_info_list | Array of abnormal_404_info_list objects | Definition Top URLs that return error code 404, sorted by error times. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition URL that returns a 502 error. Constraints N/A Range N/A Default Value N/A |
| num | Integer | Definition Number of times that the URL returns error code 502. Constraints N/A Range ≥0 Default Value 0 |
| host | String | Definition Domain name to which the URL belongs. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition URL that returns a 500 error. Constraints N/A Range N/A Default Value N/A |
| num | Integer | Definition Number of times that the URL returns error code 500. Constraints N/A Range ≥0 Default Value 0 |
| host | String | Definition Domain name to which the URL belongs. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| key | String | Definition URL that returns a 404 error. Constraints N/A Range N/A Default Value N/A |
| num | Integer | Definition Number of times that the URL returns a 404 error. Constraints N/A Range ≥0 Default Value 0 |
| host | String | Definition Domain name to which the URL belongs. Constraints N/A Range N/A Default Value N/A |
| Parameter | Type | Description |
|---|---|---|
| begin_time | Long | Definition Start time, which is the start timestamp (in milliseconds) of the statistical period. Constraints N/A Range N/A Default Value N/A |
| end_time | Long | Definition End time, which is the end timestamp (in milliseconds) of the statistical period. Constraints N/A Range N/A Default Value N/A |
Status code: 400
| Parameter | Type | Description |
|---|---|---|
| error_code | String | Error code. |
| error_msg | String | Error message. |
| encoded_authorization_message | String | You can call the decode-authorization-message interface of the STS service to decode the rejection reason. For details, see the STS5 joint commissioning and self-verification. This parameter is returned only when an IAM 5 authentication error occurs. |
| details | Array of IAM5ErrorDetails objects | The set of error messages reported when a downstream service is invoked. This parameter is returned only when an IAM 5 authentication error occurs. |
| Parameter | Type | Description |
|---|---|---|
| error_code | String | Error codes of the downstream service. |
| error_msg | String | Error messages of the downstream service. |
Status code: 401
| Parameter | Type | Description |
|---|---|---|
| error_code | String | Error code. |
| error_msg | String | Error message. |
| encoded_authorization_message | String | You can call the decode-authorization-message interface of the STS service to decode the rejection reason. For details, see the STS5 joint commissioning and self-verification. This parameter is returned only when an IAM 5 authentication error occurs. |
| details | Array of IAM5ErrorDetails objects | The set of error messages reported when a downstream service is invoked. This parameter is returned only when an IAM 5 authentication error occurs. |
| Parameter | Type | Description |
|---|---|---|
| error_code | String | Error codes of the downstream service. |
| error_msg | String | Error messages of the downstream service. |
Status code: 500
| Parameter | Type | Description |
|---|---|---|
| error_code | String | Error code. |
| error_msg | String | Error message. |
| encoded_authorization_message | String | You can call the decode-authorization-message interface of the STS service to decode the rejection reason. For details, see the STS5 joint commissioning and self-verification. This parameter is returned only when an IAM 5 authentication error occurs. |
| details | Array of IAM5ErrorDetails objects | The set of error messages reported when a downstream service is invoked. This parameter is returned only when an IAM 5 authentication error occurs. |
Example Requests
None
Example Responses
Status code: 200
Content report response.
{
"report_id" : "b4e80ab721ca43e5bc515746d80c6190",
"subscription_id" : "88c8dfefe647462ea82f8aa7b03c4183",
"report_name" : "Security report for protected domain name www.test.com.",
"report_category" : "custom_report",
"subscription_type" : "message_center",
"stat_period" : {
"begin_time" : 1757433600000,
"end_time" : 1757606399999
}
} SDK Sample Code
The SDK sample code is as follows.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 | package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.waf.v1.region.WafRegion; import com.huaweicloud.sdk.waf.v1.*; import com.huaweicloud.sdk.waf.v1.model.*; public class ShowSecurityReportContentSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); WafClient client = WafClient.newBuilder() .withCredential(auth) .withRegion(WafRegion.valueOf("<YOUR REGION>")) .build(); ShowSecurityReportContentRequest request = new ShowSecurityReportContentRequest(); request.withReportId("{report_id}"); try { ShowSecurityReportContentResponse response = client.showSecurityReportContent(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 | # coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkwaf.v1.region.waf_region import WafRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkwaf.v1 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = WafClient.new_builder() \ .with_credentials(credentials) \ .with_region(WafRegion.value_of("<YOUR REGION>")) \ .build() try: request = ShowSecurityReportContentRequest() request.report_id = "{report_id}" response = client.show_security_report_content(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 | package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" waf "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth, err := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). SafeBuild() if err != nil { fmt.Println(err) return } hcClient, err := waf.WafClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). SafeBuild() if err != nil { fmt.Println(err) return } client := waf.NewWafClient(hcClient) request := &model.ShowSecurityReportContentRequest{} request.ReportId = "{report_id}" response, err := client.ShowSecurityReportContent(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
| Status Code | Description |
|---|---|
| 200 | Content report response. |
| 400 | Request failed. |
| 401 | The token does not have required permissions. |
| 500 | Internal server error. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
