This API is used to query details about an event of a specified ID.
Function
Querying Details About an Event of a Specified ID
URI
GET /v1/{project_id}/waf/event/{eventid}
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
project_id |
Yes |
String |
Project ID. To obtain it, go to Cloud management console and hover the cursor over your username. On the displayed window, choose My Credentials.Then, in the Projects area, view Project ID of the corresponding project. |
eventid |
Yes |
String |
Event ID. It can be obtained by calling the ListEvent API. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
enterprise_project_id |
No |
String |
You can obtain the ID by calling the ListEnterpriseProject API of EPS. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header). |
Content-Type |
Yes |
String |
Content type. Default: application/json;charset=utf8 |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
---|---|---|
total |
Integer |
Number of attack events |
items |
Array of ShowEventItems objects |
Details about an attack event |
Parameter |
Type |
Description |
---|---|---|
time |
Long |
Timestamp when the attack occurs, in milliseconds. |
policyid |
String |
ID of the policy |
sip |
String |
Source IP address |
host |
String |
Domain name |
url |
String |
Attacked URL |
attack |
String |
Attack type |
rule |
String |
ID of the hit rule |
action |
String |
Protective action |
cookie |
String |
Cookie of the attack request |
headers |
Object |
Header of the attack request |
host_id |
String |
ID of the attacked domain name |
id |
String |
Event ID |
payload |
String |
Malicious load |
payload_location |
String |
Malicious load location |
region |
String |
Geographical location of the source IP address |
process_time |
Integer |
Processing time |
request_line |
String |
Body of the attack request |
response_size |
Integer |
Response body size (byte) |
response_time |
Long |
Response time (ms) |
status |
String |
Response code |
request_body |
String |
Request body |
Status code: 400
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
Status code: 401
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
Status code: 500
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
Example Requests
GET https://{Endpoint}/v1/{project_id}/waf/event{event_id}?enterprise_project_id=0
Example Responses
Status code: 200
ok
{ "total" : 1, "items" : [ { "id" : "09-0000-0000-0000-12120220421093806-a60a6166", "time" : 1650505086000, "policyid" : "173ed802272a4b0798049d7edffeff03", "host" : "x.x.x.x:xxxxxx-xxx-xxx-xxx-xxxxxxxxx", "url" : "/mobile/DBconfigReader.jsp", "attack" : "vuln", "rule" : "091004", "payload" : " /mobile/dbconfigreader.jsp", "payload_location" : "uri", "sip" : "x.x.x.x", "action" : "block", "request_line" : "GET /mobile/DBconfigReader.jsp", "headers" : { "ls-id" : "c0d957e6-26a8-4f2e-8216-7fc9332a250f", "host" : "x.x.x.x:81", "lb-id" : "68d3c435-2607-45e0-a5e2-38980544dd45", "accept-encoding" : "gzip", "user-agent" : "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 CSIRTx/2022" }, "cookie" : "HWWAFSESID=2a0bf76a111c93926d; HWWAFSESTIME=1650505086260", "status" : "418", "region" : "Reserved IP", "host_id" : "e093a352fd3a4ddd994c585e2e1dda59", "response_time" : 0, "response_size" : 3318, "process_time" : 0, "request_body" : "{}" } ] }
Status Codes
Status Code |
Description |
---|---|
200 |
ok |
400 |
Request failed. |
401 |
The token does not have required permissions. |
500 |
Internal server error. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot