Querying the Security Check Report of a Specified Server
Function
Query the security check report of a specified server
Calling Method
For details, see Calling APIs.
URI
GET /v5/{project_id}/security-check/host-report/{host_id}
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Definition Project ID, which is used to specify the project that an asset belongs to. After the project ID is configured, you can query assets in the project using the project ID. For details about how to obtain it, see Obtaining a Project ID. Constraints N/A Range The value can contain 1 to 256 characters. Default Value N/A |
|
host_id |
Yes |
String |
Definition Server ID Constraints N/A Range The value can contain 1 to 64 characters. Default Value N/A |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
enterprise_project_id |
No |
String |
Definition Enterprise project ID, which is used to filter assets in different enterprise projects. For details, see Obtaining an Enterprise Project ID. To query assets in all enterprise projects, set this parameter to all_granted_eps. Constraints You need to set this parameter only after the enterprise project function is enabled. Range The value can contain 1 to 256 characters. Default Value 0: default enterprise project. |
|
scan_time |
Yes |
Long |
Definition Security check time. Constraints N/A Range N/A Default Value N/A |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
Definition User token, which contains user identity and permissions. The token can be used for identity authentication when an API is called. For details about how to obtain the token, see Obtaining a User Token. Constraints N/A Range The value can contain 1 to 32,768 characters. Default Value N/A |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
host_result |
Definition Server health check result. Range N/A |
|
|
host_status |
String |
Definition Server Health Status Range
|
|
scan_period_start |
Long |
Definition Start time of the health check period. Range N/A |
|
scan_period_end |
Long |
Definition End time of the health check period. Range N/A |
|
risk_rating |
Integer |
Definition Security score Range N/A |
|
severity |
String |
Definition Risk level. Range
|
|
risk_num |
Integer |
Definition Number of security risks. Range N/A |
|
scan_time |
Long |
Definition Last scan time. Range N/A |
|
free |
Boolean |
Definition Whether the report is a free security check report. Range
|
|
event_num_info |
SecurityCheckRiskNumInfo object |
Definition Number of intrusion risks. Range N/A |
|
vul_num_info |
SecurityCheckRiskNumInfo object |
Definition Number of vulnerability risks. Range N/A |
|
baseline_num_info |
SecurityCheckRiskNumInfo object |
Definition Number of baseline risks. Range N/A |
|
asset_num_info |
SecurityCheckRiskNumInfo object |
Definition Number of server asset risks. Range N/A |
|
asset_change_num |
Integer |
Definition Number of server asset change records. Range N/A |
|
app_num |
Integer |
Definition Pieces of software. Range N/A |
|
port_num |
Integer |
Definition Number of dangerous ports. Range N/A |
|
event_list |
Array of SecurityCheckRiskEventInfo objects |
Definition intrusion list Range N/A |
|
vul_list |
Array of SecurityCheckVulInfo objects |
Definition Vulnerability list. Range N/A |
|
security_config_list |
Array of SecurityConfigInfo objects |
Definition Configuring the detection list Range N/A |
|
security_config_item_list |
Array of SecurityConfigItemInfo objects |
Definition Configuration Check Items Range N/A |
|
pwd_policy_list |
Array of SecurityConfigPwdPolicyInfo objects |
Definition List of password complexity policies. Range N/A |
|
weak_pwd_list |
Array of SecurityConfigWeakPwdInfo objects |
Definition Common weak password list. Range N/A |
|
user_change_list |
Array of SecurityConfigUserChangeInfo objects |
Definition Change records of a server account. Range N/A |
|
port_list |
Array of SecurityConfigPortInfo objects |
Definition High-risk open port list. Range N/A |
|
app_list |
Array of AppResponseInfo objects |
Definition Asset software list Range N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
host_info |
SecurityCheckHostInfo object |
Definition Server Information Range N/A |
|
severity |
String |
Definition Risk level. Range
|
|
risk_rating |
Integer |
Definition Security score. Range N/A |
|
risk_num |
Integer |
Definition Number of risks. Range N/A |
|
scan_time |
Long |
Definition Last scan time. Range N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
host_name |
String |
Definition Server name. Range N/A |
|
host_id |
String |
Definition Server ID. Range N/A |
|
private_ip |
String |
Definition Server private IP address. Range N/A |
|
public_ip |
String |
Definition OS Range N/A |
|
os_type |
String |
Definition Server EIP. Range N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
total_risk_num |
Long |
Definition Total number of risks. Range N/A |
|
compare_status |
String |
Definition Comparison with the previous period. Range
|
|
compare_num |
Integer |
Definition Absolute value of the difference between the current period and the previous period Range N/A |
|
high_risk_num |
Integer |
Definition Number of high risks. Range N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
severity |
String |
Definition Risk level. Range
|
|
event_name |
String |
Definition Alarm/Event name Range N/A |
|
event_class_id |
String |
Definition Alarm event class, which is used by the foreground to generate event names. Range N/A |
|
attack_flag |
String |
Definition Attack tag. Range N/A |
|
attack_time |
Long |
Definition Attack time. Range N/A |
|
status |
String |
Definition Handling Status Range
|
|
Parameter |
Type |
Description |
|---|---|---|
|
vul_name |
String |
Definition Vulnerability name. Range N/A |
|
vul_id |
String |
Definition Vulnerability ID. Range N/A |
|
repair_necessity |
String |
Definition Repair urgency. Range N/A |
|
scan_time |
Long |
Definition Last scan time. Range N/A |
|
type |
String |
Definition Vulnerability type. Range N/A |
|
repair_cmd |
String |
Definition Fix command. Range N/A |
|
severity_level |
String |
Definition Vulnerability risk level. Range
|
|
Parameter |
Type |
Description |
|---|---|---|
|
severity |
String |
Definition Risk level. Range
|
|
check_name |
String |
Definition Baseline Name Range N/A |
|
check_rule_num |
Integer |
Definition Number of check items. Range N/A |
|
failed_rule_num |
Integer |
Definition Number of risk items. Range N/A |
|
scan_time |
Long |
Definition Last scan time. Range N/A |
|
check_type_desc |
String |
Definition Baseline description Range N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
check_name |
String |
Definition Baseline Name Range N/A |
|
check_item_rule |
String |
Definition Check item rule. Range N/A |
|
scan_result |
String |
Definition Check result. Range
|
|
Parameter |
Type |
Description |
|---|---|---|
|
min_length |
Boolean |
Definition Whether the minimum password length policy meets requirements Range
|
|
uppercase_letter |
Boolean |
Definition Whether the uppercase letter policy meets requirements Range
|
|
lowercase_letter |
Boolean |
Definition Whether the lowercase letter policy meets requirements Range
|
|
number |
Boolean |
Definition Whether the number policy meets requirements. Range
|
|
special_character |
Boolean |
Definition Whether the special character policy meets requirements Range
|
|
suggestion |
String |
Definition Modification suggestion. Range N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
user_name |
String |
Definition Name of an account using a weak password. Range N/A |
|
service_type |
String |
Definition Account Type Range N/A |
|
duration |
Integer |
Definition Validity period of a weak password, in days Range N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
change_type |
String |
Definition Change type of a server account. Range
|
|
login_permission |
Boolean |
Definition Whether the user has the login permission. Range
|
|
root_permission |
Boolean |
Definition Whether a user has root permissions. Range
|
|
user_group_name |
String |
Definition User groups Range N/A |
|
user_home_dir |
String |
Definition User directory. Range N/A |
|
shell |
String |
Definition User startup shell Range N/A |
|
user_name |
String |
Definition Username Range N/A |
|
scan_time |
Long |
Definition Latest scan time, which is a timestamp. The default value is millisecond. Range N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
port |
Integer |
Definition Port number Range 0-65535 |
|
type |
String |
Definition Type. Range N/A |
|
status |
String |
Definition Port risk level. Range
|
|
port_status |
Integer |
Definition Port status. Range
|
|
port_desc |
String |
Definition Port description. Range N/A |
|
Parameter |
Type |
Description |
|---|---|---|
|
agent_id |
String |
Definition agent ID Range N/A |
|
host_id |
String |
Definition Server IDs. Range N/A |
|
host_name |
String |
Definition Server Name Range N/A |
|
host_ip |
String |
Definition Server IP address Range N/A |
|
app_name |
String |
Definition Software name. Range N/A |
|
version |
String |
Definition Software version Range N/A |
|
install_dir |
String |
Definition Software installation path Range N/A |
|
container_id |
String |
Definition Container ID. Range N/A |
|
container_name |
String |
Definition Container name Range N/A |
|
recent_scan_time |
Long |
Definition Last scan time. Range N/A |
|
update_time |
Long |
Definition Update time. Range N/A |
Example Requests
None
Example Responses
Status code: 200
Request succeeded.
{
"host_result" : {
"host_info" : {
"host_name" : "hostName",
"host_id" : "00433ab9-bfb4-44a5-a755-0c1b",
"private_ip" : "1.1.1.1",
"public_ip" : "1.1.1.1",
"os_type" : "linux"
},
"severity" : "high",
"risk_rating" : 10,
"risk_num" : 10,
"scan_time" : 1745051197000
},
"host_status" : "ACTIVE",
"scan_period_start" : 1745051197000,
"scan_period_end" : 1745051197000,
"risk_rating" : 10,
"severity" : "high",
"risk_num" : 10,
"scan_time" : 1745051197000,
"event_num_info" : { },
"vul_num_info" : {
"total_risk_num" : 20,
"compare_status" : "equals",
"compare_num" : 10,
"high_risk_num" : 10
},
"baseline_num_info" : { },
"asset_num_info" : { },
"asset_change_num" : 10,
"port_num" : 10,
"event_list" : [ ],
"vul_list" : [ ],
"security_config_list" : [ ],
"security_config_item_list" : [ ],
"pwd_policy_list" : [ ],
"weak_pwd_list" : [ ],
"user_change_list" : [ ],
"port_list" : [ ]
}
SDK Sample Code
The SDK sample code is as follows.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.hss.v5.region.HssRegion; import com.huaweicloud.sdk.hss.v5.*; import com.huaweicloud.sdk.hss.v5.model.*; public class ShowSecurityCheckHostReportSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); HssClient client = HssClient.newBuilder() .withCredential(auth) .withRegion(HssRegion.valueOf("<YOUR REGION>")) .build(); ShowSecurityCheckHostReportRequest request = new ShowSecurityCheckHostReportRequest(); request.withHostId("{host_id}"); try { ShowSecurityCheckHostReportResponse response = client.showSecurityCheckHostReport(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkhss.v5.region.hss_region import HssRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkhss.v5 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = HssClient.new_builder() \ .with_credentials(credentials) \ .with_region(HssRegion.value_of("<YOUR REGION>")) \ .build() try: request = ShowSecurityCheckHostReportRequest() request.host_id = "{host_id}" response = client.show_security_check_host_report(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" hss "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := hss.NewHssClient( hss.HssClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.ShowSecurityCheckHostReportRequest{} request.HostId = "{host_id}" response, err := client.ShowSecurityCheckHostReport(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Request succeeded. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
