更新时间:2026-06-29 GMT+08:00
SecMaster
功能说明
安全云脑系统内置插件,可调用SecMaster(安全云脑)云服务接口执行操作。
系统内置插件均已存在对应内置的操作连接。
查看SecMasterUtilities插件详情和操作连接
- 登录安全云脑 SecMaster控制台。
- 单击管理控制台左上角的
,选择区域和项目。 - 在左侧导航栏选择,并在工作空间列表中,单击目标工作空间名称,进入目标工作空间管理页面。 图1 进入目标工作空间管理页面
- 在左侧导航栏选择,进入插件管理页面。 图2 插件管理页面
- 在插件管理页面,选择华为云目录下的SecMaster,默认进入插件“详情”页签。详情页签展示插件已关联操作连接的登录凭证信息。
- 单击SecMaster插件的“操作连接”页签,进入操作连接页面,可查看SecMaster插件已关联的操作连接信息。
- 若用户需编辑或删除操作连接,可参见编辑操作连接、删除操作连接。新增插件操作连接可参见新增操作连接,一个插件可存在多个操作连接。
插件执行函数changeAlert说明
- 函数changeAlert参数说明:介绍函数的输入参数和输出参数。
- 函数changeAlert输出示例:给出函数的输出示例。
函数changeAlert参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,更新告警。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| alertId | String | 告警id。 | 是 |
| dataObject | String | 告警数据对象需要更新的内容。示例:关闭告警并更新告警owner和告警title: { "owner": "test-owner", "title": "title updated by api", "close_comment": "api closed" } | 否 |
| triggerFlag | String | 可选值:true、false,用于判断是否触发“触发条件”参数配置为“事件触发”且“触发方式”参数配置为“更新”的剧本。默认值是false,推荐配置为false。 | 否 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| agency_type | String | 多账号管理统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数changeAlert输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "4d6162bb3aeb82b9a448dcb0123aa101",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Tue, 24 Feb 2026 08:32:53 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "origin,access-control-request-method,access-control-request-headers,accept-encoding",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"code": "00000000",
"data": {
"success_ids": [
"2e63a9a5-d6b4-46f9-85f1-10aa673918cc"
],
"error_ids": []
},
"success": true,
"message": "",
"request_id": null
}
} 插件执行函数createComment说明
- 函数createComment参数说明:介绍函数的输入参数和输出参数。
- 函数createComment输出示例:给出函数的输出示例。
函数createComment参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,新增告警评论信息。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| alertId | String | 告警id。 | 是 |
| type | String | 需要配置为固定值textMessage。 | 是 |
| content | String | 评论内容。 | 是 |
| noteType | String | 需要配置为固定值note。 | 是 |
| triggerFlag | String | 可选值:true、false。 用于判断是否触发“触发条件”参数配置为“事件触发”且“触发方式”参数配置为“更新”的剧本。默认值是false,推荐配置为false。 | 否 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数createComment输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "a888be8d33d3949e9e9f9b5ab1c24c15",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Tue, 24 Feb 2026 08:43:11 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"code": "00000000",
"data": {
"note_type": "note",
"war_room_id": "bbe340fd-872d-4fa2-b647-9db6c71d04e5",
"create_time": "2026-02-24T16:43:11.314Z+0800",
"data": {
"content": "321123"
},
"content_en": null,
"type": "textMessage",
"content": null,
"tags": "",
"target": null,
"content_zh": null,
"workspace_id": "fxxx6b-62bb-49c6-af65-75xxxx0c28b",
"update_time": "2026-02-24T16:43:11.314Z+0800",
"is_deleted": false,
"project_id": "099xxxxx14b68c0527",
"marked_note": true,
"marked_evidence": null,
"id": "6dcb8d79-3f8c-451d-9c22-118e294cc495",
"user": {
"name": "SecMasterRobot",
"id": "SecMasterRobot"
}
},
"success": true,
"message": "",
"request_id": ""
}
} 插件执行函数listAlerts说明
- 函数listAlerts参数说明:介绍函数的输入参数和输出参数。
- 函数listAlerts输出示例:给出函数的输出示例。
函数listAlerts参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,查询告警列表。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| limit | String | 常与offset搭配使用,limit用于指定返回记录的最大条数,offset 用于指定开始返回记录的偏移量(跳过多少条)。 | 否 |
| offset | String | 常与limit搭配使用,limit用于指定返回记录的最大条数,offset 用于指定开始返回记录的偏移量(跳过多少条)。 | 否 |
| sortBy | String | 排序字段,可选值:create_time 、update_time。 | 否 |
| order | String | 排序方式:DESC | ASC | 否 |
| fromDate | String | 查询开始日期,格式参考:"2026-01-01T00:00:00.000Z+0800"。 | 否 |
| toDate | String | 查询结束日期,格式参考:"2026-01-01T00:00:00.000Z+0800"。 | 否 |
| condition | String | 查询条件。示例:查询告警状态为打开(Open)状态且告警标题中包含High-risk的告警列表。 {
"conditions": [
{
"name": "title",
"data": [
"title",
"contains",
"High-risk"
]
}
],
"logics": [
"title"
]
} | 否 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| resultVariable | String | 可选参数,用于过滤查询结果。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数listAlerts输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "4d6162bb3aeb82b9a448dcb0123aa101",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Tue, 24 Feb 2026 08:32:53 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "origin,access-control-request-method,access-control-request-headers,accept-encoding",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"code": "00000000",
"data": {
"success_ids": [
"2e63a9a5-d6b4-46f9-85f1-10aa673918cc"
],
"error_ids": []
},
"success": true,
"message": "",
"request_id": null
}
}
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "3852be7d71ef9a889870a0c49d526780",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Tue, 24 Feb 2026 09:55:19 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "origin,access-control-request-method,access-control-request-headers,accept-encoding",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"total": 2,
"code": "00000000",
"data": [
{
"workspace_id": "ffxxxxx6b-62bb-49c6-af65-751xxxc28b",
"update_time": "2026-02-24T16:15:50.830Z+0800",
"format_version": 0,
"create_time": "2026-02-24T16:10:27.313Z+0800",
"project_id": "099706f409xxxxxx0bc014b68c0527",
"dataclass_ref": {
"name": null,
"id": "a164b25e-36ed-37cd-8b80-7xxxfebe71"
},
"aggs_data_objects": null,
"data_object": {
"first_observed_time": "2026-02-24T16:10:21.000Z+0800",
"is_auto_closed": null,
"simulation": "false",
"description": "123",
"title": "title updated by api",
"type": "alerts",
"alert_type": {
"id": "4335d81b88fe0ce7885ca9cfaca5e078",
"category": "集群异常行为",
"alert_type": "Kubernetes事件删除"
},
"workspace_id": "ff86716b-62bb-49c6-af65-75xxxxa0c28b",
"domain_id": "0996e7xxxx4c014f001b7c0",
"verification_state": "Unknown",
"update_time": "2026-02-24T16:15:50.830Z+0800",
"domain_name": "hxxxff_p_xxxCC",
"is_deleted": false,
"project_id": "099706f4xxxf0bc014b68c0527",
"handle_status": "Open",
"id": "bbe340fd-872d-4fa2-b647-9db6c71d04e5",
"severity": "Tips",
"owner": "test-owner",
"close_comment": "api closed",
"creator": "w3_sso_sexxr_ops_02",
"create_time": "2026-02-24T16:10:27.313Z+0800",
"ttd": 0,
"region_id": "cn-north-4",
"count": 1,
"dataclass_id": "a164b25e-36ed-37cd-8b80-7369fdfebe71",
"close_time": null,
"version": "1.0.0",
"data_source": {
"domain_id": "0996e74xxx3180f34c014f001b7c0",
"product_feature": "hss",
"project_id": "099706f40xxx6a62f0bc014b68c0527",
"company_name": "Huawei",
"region_id": "cn-north-4",
"source_type": 1,
"product_name": "hss"
},
"data_sources": [
{
"domain_id": "0996e744f600xxxxc014f001b7c0",
"product_feature": "hss",
"project_id": "099706f4090xxxxf0bc014b68c0527",
"company_name": "Huawei",
"region_id": "cn-north-4",
"source_type": 1,
"product_name": "hss"
}
],
"labels": "",
"arrive_time": "2026-02-24T16:10:27.248Z+0800",
"environment": {
"domain_id": "0996e744f600f3180f34c014f001b7c0",
"domain_name": "xxxff_p_SxxxxC",
"project_id": "099706f4090026a62f0bc014b68c0527",
"region_id": "cn-north-4",
"project_name": "cn-north-4",
"vendor_type": "HWC"
},
"trigger_flag": false,
"ipdrr_phase": "Preparation",
"creator_id": "w3_sxxxo_secmaster_oxxxs_02",
"creator_name": "w3_sxxxxo_secmaster_oxxxxs_02"
},
"id": "bbe340fd-872d-4fa2-b647-9db6c71d04e5",
"type": null,
"version": 0
},
{
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"update_time": "2026-02-24T16:32:53.251Z+0800",
"format_version": 0,
"create_time": "2026-02-24T16:16:22.970Z+0800",
"project_id": "099706f4090026a62f0bc014b68c0527",
"dataclass_ref": {
"name": null,
"id": "a164b25e-36ed-37cd-8b80-7369fdfebe71"
},
"aggs_data_objects": null,
"data_object": {
"first_observed_time": "2026-02-03T16:16:19.000Z+0800",
"is_auto_closed": null,
"simulation": "false",
"description": "1",
"title": "title updated by api",
"type": "alerts",
"alert_type": {
"id": "d601100066a433fd054b5fbc15162a32",
"category": "漏洞利用",
"alert_type": "ActiveX漏洞利用"
},
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"domain_id": "0996e744f600f3180f34c014f001b7c0",
"verification_state": "Unknown",
"update_time": "2026-02-24T16:32:53.251Z+0800",
"domain_name": "hwsxxxxff_p_SexxxxCC",
"is_deleted": false,
"project_id": "099706f4090026a62f0bc014b68c0527",
"handle_status": "Open",
"id": "2e63a9a5-d6b4-46f9-85f1-10aa673918cc",
"severity": "Tips",
"owner": "test-owner",
"close_comment": "api closed",
"creator": "w3_sxxxx_secmaster_oxxxxs_02",
"create_time": "2026-02-24T16:16:22.970Z+0800",
"ttd": 30240,
"region_id": "cn-north-4",
"count": 1,
"dataclass_id": "a164b25e-36ed-37cd-8b80-7369fdfebe71",
"close_time": null,
"version": "1.0.0",
"data_source": {
"domain_id": "0996e744f60xxxxc014f001b7c0",
"product_feature": "hss",
"project_id": "099706f4090xxxx014b68c0527",
"company_name": "Huawei",
"region_id": "cn-north-4",
"source_type": 1,
"product_name": "hss"
},
"data_sources": [
{
"domain_id": "0996e744f600f3180f34c014f001b7c0",
"product_feature": "hss",
"project_id": "099706f4090026a62f0bc014b68c0527",
"company_name": "Huawei",
"region_id": "cn-north-4",
"source_type": 1,
"product_name": "hss"
}
],
"labels": "",
"arrive_time": "2026-02-24T16:16:22.925Z+0800",
"environment": {
"domain_id": "0996e744f600f3180f34c014f001b7c0",
"domain_name": "hwxxxxf_p_SecCMCC",
"project_id": "099706f409002xxxxbc014b68c0527",
"region_id": "cn-north-4",
"project_name": "cn-north-4",
"vendor_type": "HWC"
},
"trigger_flag": false,
"ipdrr_phase": "Preparation",
"creator_id": "w3_xxxo_secxxxr_ops_02",
"creator_name": "w3_xxxo_sexxxster_ops_02"
},
"id": "2e63a9a5-d6b4-46f9-85f1-10aa673918cc",
"type": null,
"version": 0
}
],
"size": 0,
"success": true,
"page": 0,
"message": null,
"request_id": null
}
} 插件执行函数createPolicys说明
- 函数createPolicys参数说明:介绍函数的输入参数和输出参数。
- 函数createPolicys输出示例:给出函数的输出示例。
函数createPolicys参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,创建应急策略。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| blockTarget | String | 阻断对象。 当defenseType为IAM时输入被禁用的用户名; 当defenseType为WAF或VPC时输入被阻断IP; 当defenseType为CFW时输入被阻断IP或域名。 | 是 |
| isBlockAgeing | String | 是否设置老化时间。 | 否 |
| enterpriseProjectId | String | 企业项目ID。 | 否 |
| enterpriseProjectNmme | String | 企业项目名称。 | 否 |
| blockAgeing | String | 老化时间。 | 否 |
| description | String | 策略描述。 | 否 |
| defenseConnectionName | String | 防线资产连接名,根据不同的defenseType填写不同值。 IAM:IAM云服务认证凭据; WAF:WAF云服务认证凭据; VPC:VPC云服务认证凭据; CFW:CFW云服务认证凭据; | 是 |
| defenseType | String | 防线类型,可选值:IAM、WAF、VPC、CFW,输入其他值时无效。 | 是 |
| defenseConnectionRegionId | String | 防线资产连接名所属区域ID。 | 是 |
| defenseConnectionRegionName | String | 防线资产连接名所属区域名。 | 否 |
| dataObjectId | String | 数据对象ID,用于判断是否触发其他剧本,置空即可。 | 否 |
| triggerFlag | String | 可选值:true、false。 用于判断是否触发“触发条件”参数配置为“事件触发”且“触发方式”参数配置为“创建”的剧本。默认值是false,推荐配置为false。 | 否 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| policy_direction | String | 策略出入方向 | 是 |
| account_scope | String | 账号范围 | 是 |
| eps_scope | String | 企业项目范围 | 是 |
| region_scope | String | region范围 | 是 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数createPolicys输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "445df3c02e5cb28b05a075230a7a8b07",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"lubanops-gtrace-id": "2630817-1771988198123-2776",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Wed, 25 Feb 2026 02:56:39 GMT",
"lubanops-ntrace-id": "2630817-1771988198123-2776",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"lubanops-nenv-id": "374014",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate, no-cache, no-store, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"code": "00000000",
"error_msg": "",
"data": "86bc7dd6-2ba0-4bff-9a0b-415829b11456",
"success": true,
"error_code": "",
"message": "",
"request_id": ""
}
} 插件执行函数showAlert说明
- 函数showAlert参数说明:介绍函数的输入参数和输出参数。
- 函数showAlert输出示例:给出函数的输出示例。
函数showAlert参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,查询告警详情。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| alertId | String | 告警id。 | 是 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数showAlert输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "98cdb8b52390fda88170536607d2a7cd",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"lubanops-gtrace-id": "2630815-1771988606244-15776",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Wed, 25 Feb 2026 03:03:26 GMT",
"lubanops-ntrace-id": "2630815-1771988606244-15776",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"lubanops-nenv-id": "374014",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate, no-cache, no-store, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "origin,access-control-request-method,access-control-request-headers,accept-encoding",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"code": "00000000",
"error_msg": "",
"data": {
"workspace_id": "",
"update_time": "2026-02-25T11:02:50.661Z+0800",
"layout_id": "",
"create_time": "2026-02-25T11:02:50.661Z+0800",
"format_version": 0,
"project_id": "",
"dataclass_ref": {
"name": "Alert",
"id": "32719554-54b8-3a4b-abc2-1d0a58cc1d92"
},
"aggs_data_objects": [],
"data_object": {
"first_observed_time": "2026-02-24T03:02:32.000Z",
"is_auto_closed": null,
"simulation": "false",
"description": "for document ",
"title": "test-alert",
"type": "alerts",
"alert_type": {
"id": "353847ffad072ffd019197db7401c291",
"category": "网络异常行为",
"alert_type": "IP首次访问"
},
"workspace_id": "eeba6e24-ecd4-4d2d-a0b9-d6d652d9358c",
"domain_id": "52aba549ab5141dba19d30efa7e6644e",
"verification_state": "Unknown",
"update_time": "2026-02-25T03:02:50.661Z+0000",
"domain_name": "scc_cnfw_h00801130",
"is_deleted": false,
"project_id": "f8ae07d4148f4e418c5fe15833f6b105",
"handle_status": "Open",
"id": "ec1c30cd-09fa-49c3-8ce1-1149b63a57cc",
"severity": "Tips",
"creator": "huangqiong",
"create_time": "2026-02-25T03:02:50.661Z+0000",
"ttd": 1440,
"region_id": "cn-north-7",
"count": 1,
"dataclass_id": "32719554-54b8-3a4b-abc2-1d0a58cc1d92",
"close_time": null,
"version": "1.0.0",
"data_source": {
"domain_id": "52aba549ab5141dba19d30efa7e6644e",
"product_feature": "cfw",
"project_id": "f8ae07d4148f4e418c5fe15833f6b105",
"company_name": "System",
"region_id": "cn-north-7",
"source_type": 1,
"product_name": "cfw"
},
"data_sources": [
{
"domain_id": "52aba549ab5141dba19d30efa7e6644e",
"product_feature": "cfw",
"project_id": "f8ae07d4148f4e418c5fe15833f6b105",
"company_name": "System",
"region_id": "cn-north-7",
"source_type": 1,
"product_name": "cfw"
}
],
"labels": "",
"arrive_time": "2026-02-25T03:02:50.625Z",
"environment": {
"domain_id": "52aba549ab5141dba19d30efa7e6644e",
"domain_name": "scc_cnfw_h00801130",
"project_id": "f8ae07d4148f4e418c5fe15833f6b105",
"region_id": "cn-north-7",
"project_name": "cn-north-7",
"vendor_type": "CloudService"
},
"trigger_flag": true,
"ipdrr_phase": "Preparation",
"entities": [],
"creator_id": "huxxxxong",
"creator_name": "hxxxg"
},
"id": "ec1c30cd-09fa-49c3-8ce1-1149b63a57cc",
"type": null,
"version": 0
},
"success": true,
"error_code": "",
"message": "",
"request_id": ""
}
} 插件执行函数updateDataobject说明
- 函数updateDataobject参数说明:介绍函数的输入参数和输出参数。
- 函数updateDataobject输出示例:给出函数的输出示例。
函数updateDataobject参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,更新数据对象。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| ids | String | 数据对象ID,使用“[]”包裹,多个ID使用英文符号“,”分隔。实例:["id1","id2"] | 是 |
| dataclass | String | 数据类,可选值如下: Whitelist:白名单 Department:部门 Business:业务系统 Baseline:基线检查 PolicyRecord:策略记录 Policy:策略 Evidence:证据 Vulnerability:漏洞 CommonContext:通用上下文 Resource:资产 Incident:事件 Alert:告警 AccountRiskMetric:账号风控指标 Indicator:情报 | 是 |
| header | String | 请求头,置空即可。 | 否 |
| triggerFlag | String | 可选值:true、false。 用于判断是否触发“触发条件”参数配置为“事件触发”且“触发方式”参数配置为“更新”的剧本。默认值是false,推荐配置为false。 | 是 |
| formatVersion | String | 固定值:1。 | 是 |
| dataObject | String | 数据对象需要更新的内容。示例:关闭事件并更新事件owner和事件title: {
"owner": "test-owner",
"title": "title updated by api",
"close_comment": "api closed"
} | 是 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数updateDataobject输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "7448dfb7a5c77159e7a0e3e5fad5c6cf",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"lubanops-gtrace-id": "2630909-1772001496625-13587",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Wed, 25 Feb 2026 06:38:16 GMT",
"lubanops-ntrace-id": "2630909-1772001496625-13587",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"lubanops-nenv-id": "374017",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate, no-cache, no-store, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "origin,access-control-request-method,access-control-request-headers,accept-encoding",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"code": "00000000",
"error_msg": null,
"data": {
"success_ids": [
"f7fc3c5d-b1b1-4b54-b03d-ec238d0e4ca6",
"5c7d8c0a-a53d-4e0d-b393-710b18953e72"
],
"error_ids": []
},
"success": true,
"error_code": null,
"message": "",
"request_id": null
}
} 插件执行函数listDataobjects说明
- 函数listDataobjects参数说明:介绍函数的输入参数和输出参数。
- 函数listDataobjects输出示例:给出函数的输出示例。
函数listDataobjects参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,查询数据对象列表。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| dataclassName | String | 数据类业务编码,可选值:Alert、Incident、Indicator、Evidence、Vulnerability、Resource、PolicyRecord、Baseline、Policy。 | 是 |
| ids | String | 该参数无实际意义,不填或填写任意值均可,后续修复该显示问题。 | 否 |
| limit | String | 常与offset搭配使用,limit用于指定返回记录的最大条数,offset 用于指定开始返回记录的偏移量(跳过多少条)。 | 是 |
| offset | String | 常与limit搭配使用,limit用于指定返回记录的最大条数,offset 用于指定开始返回记录的偏移量(跳过多少条)。 | 是 |
| type | String | 该参数无实际意义,不填或填写任意值均可,后续修复该显示问题。 | 否 |
| sortBy | String | 排序字段,可选值:create_time 、update_time。 | 否 |
| order | String | 排序方式,可选值:
| 否 |
| fromDate | String | 搜索开始时间,例如:2023-02-20T00:00:00.000Z | 否 |
| toDate | String | 搜索结束时间,例如:2023-02-27T23:59:59.999Z | 否 |
| condition | String | 搜索条件表达式。 | 否 |
| resultVariable | String | 用于过滤查询结果。 | 否 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数listDataobjects输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "2ee9f10233600ba1ee7b2d6b2585f147",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Wed, 08 Apr 2026 09:40:41 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "origin,access-control-request-method,access-control-request-headers,accept-encoding",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"total": 27,
"code": "00000000",
"data": [
{
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"update_time": "2026-04-08T00:05:08.078Z+0800",
"format_version": 0,
"create_time": "2026-04-08T00:05:08.078Z+0800",
"project_id": "099706f4090026a62f0bc014b68c0527",
"dataclass_ref": {
"name": null,
"id": "a164b25e-36ed-37cd-8b80-7369fdfebe71"
},
"aggs_data_objects": null,
"data_object": {
"first_observed_time": "2026-04-08T00:05:01.893Z+0800",
"defense_type": "Network",
"description": "源主机:1x6.65.139.81,目的主机:121.36.76.xx9,执行:Vulnerability Exploit Attack",
"origin_id": "3700ffb1-5ebc-41ce-a15b-9bfbc54dd7cc",
"title": "【Vulnerability Exploit Attack】【CFW】源主机:176.65.139.81,目的主机:121.36.76.229,执行:Vulnerability Exploit Attack,2026-04-08T00:05:01.893+08:00",
"type": "defense_alerts",
"alert_type": {
"id": "e236e29fa7xxxxff4e1ae9fc2dffd",
"category": "其他",
"alert_type": "云防火墙攻击"
},
"domain_id": "0996e744fxxxxx34c014f001b7c0",
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"verification_state": "Unknown",
"update_time": "2026-04-08T00:05:08.078Z+0800",
"domain_name": "hwsxxxxxf_p_SecCMCC",
"is_deleted": false,
"project_id": "099706f4090026a62f0bc014b68c0527",
"extend_properties": {
"defense_action": "permit"
},
"region_name": "cn-north-4",
"id": "9a7fa4ab-9b0b-4971-b168-6a9676b72e38",
"handle_status": "Ignored",
"network_list": [
{
"src_ip": "176.65.139.81",
"src_port": "59943",
"protocol": "UDP",
"src_geo": {
"country_code": "Germany"
},
"dest_geo": {
"country_code": "China/Beijing"
},
"dest_ip": "121.36.76.229",
"dest_port": "9034",
"direction": "out2in"
}
],
"severity": "Fatal",
"network_payload": {
"app": "UDP-ANY",
"packet": "b3JmO2NkIC90bXAgfHwgY2QgL3Zhci9ydW4gfHwgY2QgL21udCB8fCBjZCAvcm9vdCB8fCBjZCAvOyB3Z2V0IGh0dHA6Ly8xNzYuNjUuMTM5LjgxL2FsbC5zaDsgY3VybCAtTyBodHRwOi8vMTc2LjY1LjEzOS44MS9hbGwuc2g7IGNobW9kIDc3NyBhbGwuc2g7IHNoIGFsbC5zaDsgdGZ0cCAxNzYuNjUuMTM5LjgxIC1jIGdldCBhbGwuc2g7IGNobW9kIDc3NyBhbGwuc2g7IHNoIGFsbC5zaDsgdGZ0cCAtciBhbGwuc2ggLWcgMTc2LjY1LjEzOS44MTsgY2htb2QgNzc3IGFsbC5zaDsgc2ggYWxsLnNoOyBmdHBnZXQgLXYgLXUgYW5vbnltb3VzIC1wIGFub255bW91cyAtUCAyMSAxNzYuNjUuMTM5LjgxIGFsbC5zaCBhbGwuc2g7IHNoIGFsbC5zaDsgcm0gLXJmIGFsbC5zaCBhbGwuc2ggYWxsLnNoIGFsbC5zaDsgcm0gLXJmICoKCg=="
},
"last_observed_time": "2026-04-08T00:05:01.893Z+0800",
"create_time": "2026-04-08T00:05:08.078Z+0800",
"defense_layers": {
"defense_policy": {
"policy_id": "806310",
"policy_name": "Realtek Jungle SDK Command Injection Vulnerability (CVE-2021-35394)",
"defense_action": "permit"
}
},
"ttd": 0,
"count": 1,
"region_id": "cn-north-4",
"raw": [
{
"data": "{\"attack_rule\":\"Realtek Jungle SDK Command Injection Vulnerability (CVE-2021-35394)\",\"app\":\"UDP-ANY\",\"attack_type\":\"Vulnerability Exploit Attack\",\"action\":\"permit\"}",
"type": "cfw"
}
],
"dataclass_id": "a164b25e-36ed-37cd-8b80-7369fdfebe71",
"version": "1.1.0_cfw_risk",
"data_source": {
"domain_id": "0996e744f600fxxxx4c014f001b7c0",
"product_feature": "cfw",
"project_id": "099706f4090026axxxc014b68c0527",
"company_name": "Huawei",
"region_id": "cn-north-4",
"source_type": 1,
"product_name": "cfw"
},
"data_sources": [
{
"domain_id": "0996e744f600f3180f34c014f001b7c0",
"product_feature": "cfw",
"project_id": "099706f4090026a62f0bc014b68c0527",
"company_name": "Huawei",
"region_id": "cn-north-4",
"source_type": 1,
"product_name": "cfw"
}
],
"arrive_time": "2026-04-08T00:05:01.893Z+0800",
"environment": {
"domain_id": "0996e744f600f3180f34c014f001b7c0",
"domain_name": "hwxxxxxf_p_SecCMCC",
"project_id": "099706f4090026a62f0bc014b68c0527",
"region_id": "cn-north-4",
"region_name": "cn-north-4",
"project_name": "cn-north-4",
"vendor_type": "HWC"
},
"trigger_flag": false
},
"id": "9a7fa4ab-9b0b-4971-b168-6a9676b72e38",
"type": null,
"version": 0
}
],
"size": 1,
"success": true,
"page": 0,
"message": null,
"request_id": null
}
} 插件执行函数createDataobject说明
- 函数createDataobject参数说明:介绍函数的输入参数和输出参数。
- 函数createDataobject输出示例:给出函数的输出示例。
函数createDataobject参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,创建数据对象。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| id | String | 数据对象id。 | 否 |
| dataclass | String | 数据类业务编码,可选值:Alert、Incident、Indicator、Evidence、Vulnerability、Resource、PolicyRecord、Baseline、Policy。 | 是 |
| type | String | 需要配置为固定值DATA_SOURCE即可。 | 是 |
| formatVersion | String | 对齐的模板版本号,默认传1。 | 是 |
| dataObject | String | 数据对象详情,需传入JSON格式字符串。 | 是 |
| triggerFlag | String | 可选值:true、false。 用于判断是否触发“触发条件”参数配置为“事件触发”且“触发方式”参数配置为“创建”的剧本。默认值是false,推荐配置为false。 | 否 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数createDataobject输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "5f4bc7c26041faffec036bc14b60fee5",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Thu, 09 Apr 2026 01:57:59 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "origin,access-control-request-method,access-control-request-headers,accept-encoding",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"event_id": "null",
"id": "79c85b41-72f2-4827-9e90-345deb3cf75b"
}
} 插件执行函数listMetrics说明
- 函数listMetrics参数说明:介绍函数的输入参数和输出参数。
- 函数listMetrics输出示例:给出函数的输出示例。
函数listMetrics参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,查询指标数据。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| metricId | String | 指标ID,多个ID使用英文逗号“,”隔开。 | 否 |
| resultVariable | String | 用于过滤查询结果。 | 是 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数listMetrics输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "f7e759ff25266227a1d31f5068a5b3ed",
"vary": "accept-encoding",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"lubanops-gtrace-id": "2632423-1777341427465-57926",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Tue, 28 Apr 2026 01:57:07 GMT",
"lubanops-ntrace-id": "2632423-1777341427465-57926",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"lubanops-nenv-id": "374017",
"Cache-Control": "no-cache, no-store, must-revalidate",
"Content-Encoding": "gzip",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json"
},
"code": 200,
"body": [
{
"result": {
"effective_column": null,
"datarows": [
[
8,
5,
0,
4,
9,
23,
0
]
],
"labels": [
"主机",
"网站",
"IP",
"数据库",
"EIP",
"VPC",
"设备"
]
},
"metric_id": "ec1a973e-8ab2-4dc7-8e8c-afbef12cca13",
"log_msg": null,
"metric_format": [],
"status": "SUCCESS",
"metrics_meta": {
"link": {
"default": "/secmaster/?region=cn-north-7#/ssa/workspace/soc/resource?project_id=5c85b9f0a7884f649112f90d91739e28&spaceId=4135627a-3c8e-41d4-b414-62abdc508916&tabType=0"
},
"description": {
"period": "实时",
"measurement_rule": "当前工作空间",
"caretaker": "default",
"source": "云脑接入的资产数据",
"frequence": "实时",
"title": "租户资产总数",
"calc_rule": "租户名下当前工作空间的资产总数",
"score_rule": ""
}
}
},
{
"result": {
"effective_column": null,
"datarows": [
[
0,
80,
0,
66.67,
0
]
],
"labels": [
"主机",
"网站",
"数据库",
"EIP",
"VPC"
]
},
"metric_id": "16f3d4df-a64f-4f0f-bba5-8aa953d913fa",
"log_msg": null,
"metric_format": [],
"status": "SUCCESS",
"metrics_meta": {
"link": {
"default": "/secmaster/?region=cn-north-7#/ssa/isap/securityAnalysis/table?project_id=5c85b9f0a7884f649112f90d91739e28&spaceId=4135627a-3c8e-41d4-b414-62abdc508916&metric_id=16f3d4df-a64f-4f0f-bba5-8aa953d913fa&table_name=security_resource"
},
"description": {
"period": "实时",
"measurement_rule": "当前工作空间",
"caretaker": "default",
"source": "资产表",
"frequence": "5分钟",
"title": "不同类型资产开启安全防护的比例",
"calc_rule": "每天不同类型资产开启安全防护的比例",
"score_rule": ""
}
}
},
{
"result": {
"effective_column": null,
"datarows": [
[
49
]
],
"labels": [
"资产总数"
]
},
"metric_id": "a1b38c8f-5659-47ad-915d-a5c075306c1f",
"log_msg": null,
"metric_format": [],
"status": "SUCCESS",
"metrics_meta": {
"link": null,
"description": null
}
}
]
} 插件执行函数relateDataobject说明
- 函数relateDataobject参数说明:介绍函数的输入参数和输出参数。
- 函数relateDataobject输出示例:给出函数的输出示例。
函数relateDataobject参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,关联数据对象。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| dataclassType | String | 关联主体数据对象所属数据类,小写复数,如告警为alerts,事件为incidents。 | 否 |
| dataObjectId | String | 关联主体数据对象的id。 | 是 |
| relatedDataclassType | String | 被关联的数据对象所属数据类,小写复数,如告警为alerts,事件为incidents。 | 是 |
| ids | String | 关联数据对象的ID列表。 | 是 |
| triggerFlag | String | 可选值:true、false。用于判断是否触发“触发条件”参数配置为“事件触发”且“触发方式”参数配置为“更新”的剧本。默认值是false,推荐配置为false。 | 否 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数relateDataobject输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "90fe94274a4c7ae3294556bdf8d5f79e",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"lubanops-gtrace-id": "2654515-1777427347441-9830",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Wed, 29 Apr 2026 01:49:09 GMT",
"lubanops-ntrace-id": "2654515-1777427347441-9830",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"lubanops-nenv-id": "374014",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate, no-cache, no-store, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"code": "00000000",
"error_msg": "",
"data": {
"success_ids": [
"05fa1ada-57f4-4ef7-9fee-ecd0372dba3b"
],
"error_ids": []
},
"success": true,
"error_code": "",
"message": "",
"request_id": ""
}
} 插件执行函数listResources说明
- 函数listResources参数说明:介绍函数的输入参数和输出参数。
- 函数listResources输出示例:给出函数的输出示例。
函数listResources参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,查询指定条件下的资产列表。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| limit | String | 常与offset搭配使用,limit用于指定返回记录的最大条数,offset 用于指定开始返回记录的偏移量(跳过多少条)。 | 否 |
| offset | String | 常与limit搭配使用,limit用于指定返回记录的最大条数,offset 用于指定开始返回记录的偏移量(跳过多少条)。 | 是 |
| condition | String | 查询条件,样例: {
"conditions": [
{
"name": "resource_id",
"data": [
"resource_id",
"=",
"d27f2d2e-5b35-4228-9533-7ad2c927f893"
]
}
],
"logics": [
"resource_id"
]
} | 是 |
| resultVariable | String | 用于过滤查询结果。 | 是 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数listResources输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "d12bcd1201134dac90e28be8adf977dd",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"lubanops-gtrace-id": "2654515-1777428667661-9954",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Wed, 29 Apr 2026 02:11:09 GMT",
"lubanops-ntrace-id": "2654515-1777428667661-9954",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"lubanops-nenv-id": "374014",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate, no-cache, no-store, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "origin,access-control-request-method,access-control-request-headers,accept-encoding",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"total": 1,
"code": "00000000",
"data": [
{
"workspace_id": "",
"update_time": "2026-04-29T17:52:36.500+08:00",
"create_time": "2026-04-02T03:41:59.711+08:00",
"format_version": 0,
"project_id": "",
"dataclass_ref": {
"name": "",
"id": "830bc41c-c7e0-39c0-b8da-975a76392467"
},
"data_object": {
"sys_key": "CloudServicecloudserversd27f2d2e-5b35-4228-9533-7ad2c927f8934135627a-3c8e-41d4-b414-62abdc508916",
"type": "cloudservers",
"domain_id": "a7e437dac49949148b08102a42bb0723",
"workspace_id": "4135627a-3c8e-41d4-b414-62abdc508916",
"domain_name": "scc_sa_l30042695_01",
"update_time": "2026-04-29T09:52:36.500Z+0800",
"is_deleted": false,
"provider": "ecs",
"project_id": "5c85b9f0a7884f649112f90d91739e28",
"region_name": "cn-north-7",
"id": "CloudServicecloudserversd27f2d2e-5b35-4228-9533-7ad2c927f8934135627a-3c8e-41d4-b414-62abdc508916",
"public_ips": [
"100.93.12.83"
],
"is_build_in": true,
"create_time": "2026-04-01T19:41:59.711Z+0800",
"import_time": "2026-04-29T09:52:35.983Z+0800",
"region_id": "cn-north-7",
"dataclass_id": "830bc41c-c7e0-39c0-b8da-975a76392467",
"resource_list": [
{
"id": "CloudServicevpcs316a461f-8219-498e-84cc-726d0ffe89764135627a-3c8e-41d4-b414-62abdc508916",
"import_type": "Manual"
},
{
"id": "CloudServicepublicips75a2eace-1c2a-445c-af59-6a2cd5cdf3374135627a-3c8e-41d4-b414-62abdc508916",
"import_type": "Manual"
},
{
"id": "CloudServicevpcs316a461f-8219-498e-84cc-726d0ffe89764135627a-3c8e-41d4-b414-62abdc508916",
"import_type": "Manual"
},
{
"id": "CloudServicewebsitea67510e1fb0445459e479620a096133d4135627a-3c8e-41d4-b414-62abdc508916",
"import_type": "Manual"
}
],
"protected_status": "CLOSE",
"environment": {
"domain_id": "f9d7bacbfd2c49e892532ba3f62ab75d",
"domain_name": "scc_sa_l00357374_01",
"project_id": "f69081793d9e4ea8a2f479dcef961989",
"region_id": "cn-north-7",
"ep_id": "0",
"project_name": "cn-north-7",
"ep_name": "default",
"vendor_type": "CloudService"
},
"trigger_flag": true,
"name": "test-a00607964",
"private_ips": [
"192.168.0.246"
],
"resource_id": "d27f2d2e-5b35-4228-9533-7ad2c927f893",
"properties": {
"ecs_cloudservers": {
"availability_zone": "cn-north-7c",
"metadata": {
"image_name": "hce-2.0-enterprise-x86_64_20250407110955.qcow2",
"vpc_id": "316a461f-8219-498e-84cc-726d0ffe8976",
"os_type": "Linux",
"resource_type": "1",
"resource_spec_code": "ac6.2xlarge.2.linux",
"os_bit": "64",
"image_id": "55a65962-6e5f-48aa-8d5a-30abb42d90e5",
"image_type": "gold"
},
"addresses": [
{
"vpc_id": "316a461f-8219-498e-84cc-726d0ffe8976",
"mac_addr": "fa:16:3e:1e:76:6c",
"port_id": "dd749bc7-4430-4d62-8ab0-90462a32592d",
"addr": "192.168.0.246",
"type": "fixed",
"version": "4"
},
{
"vpc_id": "316a461f-8219-498e-84cc-726d0ffe8976",
"mac_addr": "fa:16:3e:1e:76:6c",
"port_id": "dd749bc7-4430-4d62-8ab0-90462a32592d",
"addr": "100.93.12.83",
"type": "floating",
"version": "4"
}
],
"create_time": "2025-11-11T11:23:20.000+08:00",
"volumes_attached": [
{
"boot_index": "0",
"delete_on_termination": "true",
"id": "00646d03-a12e-431e-a3af-2a4dbcf5ea1a",
"device": "/dev/vda"
},
{
"boot_index": "-1",
"delete_on_termination": "false",
"id": "399e1d13-db64-4909-8fc2-328fc33528f8",
"device": "/dev/vdb"
}
],
"description": "",
"host_status": "UP",
"host_id": "f504ea6eac53da17c7dfe11f764daeefa7426171d4cd8812b256bba4",
"tags": [],
"flavor": {
"disk": "0",
"name": "ac6.2xlarge.2",
"id": "ac6.2xlarge.2",
"vcpus": "8",
"ram": "16384"
},
"security_groups": [
{
"name": "SecMaster_主机一键隔离",
"id": "50830185-312e-423c-b045-374f0bb24035"
},
{
"name": "default",
"id": "587a32c2-0c23-4eee-ab79-9287679da14c"
}
],
"update_time": "2026-04-29T09:52:30.000+08:00",
"enterprise_project_id": "0",
"user_id": "5e01a57cf13b45bfa991d07937f6e57c",
"project_id": "f69081793d9e4ea8a2f479dcef961989",
"scheduler_hints": {},
"name": "test-a00607964",
"id": "d27f2d2e-5b35-4228-9533-7ad2c927f893",
"locked": false,
"host_name": "f504ea6eac53da17c7dfe11f764daeefa7426171d4cd8812b256bba4",
"status": "ACTIVE"
}
}
},
"id": "CloudServicecloudserversd27f2d2e-5b35-4228-9533-7ad2c927f8934135627a-3c8e-41d4-b414-62abdc508916",
"type": null,
"version": 0
}
],
"size": 10,
"success": true,
"page": 0,
"message": "",
"request_id": ""
}
} 插件执行函数listType说明
- 函数listType参数说明:介绍函数的输入参数和输出参数。
- 函数listType输出示例:给出函数的输出示例。
函数listType参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,查询数据类布局。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| limit | String | 常与offset搭配使用,limit用于指定返回记录的最大条数,offset 用于指定开始返回记录的偏移量(跳过多少条)。 | 否 |
| dataclassName | String | 数据类业务编码,可选值:Alert、Incident、Indicator、Evidence、Vulnerability、Resource、PolicyRecord、Baseline、Policy。 | 是 |
| offset | String | 常与limit搭配使用,limit用于指定返回记录的最大条数,offset 用于指定开始返回记录的偏移量(跳过多少条)。 | 是 |
| categoryCode | String | 数据分类码。 | 是 |
| subCategoryCode | String | 子数据分类码。 | 是 |
| subCategory | String | 子数据分类。 | 否 |
| resultVariable | String | 用于过滤查询结果。 | 否 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数listType输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "dd699f389b510cb39432a0ca8cce0e2c",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"lubanops-gtrace-id": "2654515-1777442860773-13046",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Wed, 29 Apr 2026 06:07:40 GMT",
"lubanops-ntrace-id": "2654515-1777442860773-13046",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"lubanops-nenv-id": "374014",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate, no-cache, no-store, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"total": 0,
"code": "00000000",
"error_msg": "",
"data": [],
"size": 1,
"success": true,
"error_code": "",
"page": 0,
"message": "",
"request_id": ""
}
} 插件执行函数createDataobjectBatch说明
- 函数createDataobjectBatch参数说明:介绍函数的输入参数和输出参数。
- 函数createDataobjectBatch输出示例:给出函数的输出示例。
函数createDataobjectBatch参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,批量创建数据对象。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| id | String | 数据对象id。 | 否 |
| dataclass | String | 数据类业务编码,可选值:Alert、Incident、Indicator、Evidence、Vulnerability、Resource、PolicyRecord、Baseline、Policy。 | 是 |
| type | String | 需要填写为固定值DATA_SOURCE。 | 是 |
| formatVersion | String | 对齐的模板版本号,默认传1。 | 是 |
| dataObjectList | String | 数据对象详情列表,需传入JSON格式字符串。 | 是 |
| triggerFlag | String | 可选值:true、false。 用于判断是否触发“触发条件”参数配置为“事件触发”且“触发方式”参数配置为“创建”的剧本。默认值是false,推荐配置为false。 | 否 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数createDataobjectBatch输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "5f4bc7c26041faffec036bc14b60fee5",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Thu, 09 Apr 2026 01:57:59 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "origin,access-control-request-method,access-control-request-headers,accept-encoding",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"event_id": "null",
"id": "79c85b41-72f2-4827-9e90-345deb3cf75b"
}
} 插件执行函数showWorkspace说明
- 函数showWorkspace参数说明:介绍函数的输入参数和输出参数。
- 函数showWorkspace输出示例:给出函数的输出示例。
函数showWorkspace参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,查询工作空间详情。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspaceId | String | 工作空间id。 | 是 |
| resultVariable | String | 用于过滤查询结果。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数showWorkspace输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "a87360ec5001f532893bfa07b2e73e1b",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Tue, 28 Apr 2026 02:28:55 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"workspace": {
"modifier_name": "scc_sa_l30042695_01",
"create_time": "2026-02-11T10:32:52Z+0800",
"enterprise_project_name": "",
"workspace_agency_list": [],
"is_view": false,
"region_id": "cn-north-7",
"description": "1123114122",
"is_main_workspace": true,
"project_name": "cn-north-7",
"tags": [],
"domain_id": "a7e437dac49949148b08102a42bb0723",
"domain_name": "scc_sa_l30042695_01",
"enterprise_project_id": "",
"update_time": "2026-04-28T09:40:13Z+0800",
"is_force_init": null,
"project_id": "5c85b9f0a7884f649112f90d91739e28",
"view_bind_id": "",
"creator_id": "4f47b0fa23364416a105bf59b3f5a062",
"modifier_id": "3c8f21444d0d4fe5bdc3299ed481fae9",
"name": "多账号基线检查测试",
"creator_name": "z60055177",
"id": "4135627a-3c8e-41d4-b414-62abdc508916",
"statistical_resource": {
"alerts": null,
"assets": null,
"playbook_instances": null,
"incidents": null,
"playbooks": null,
"vulnerabilities": null,
"dataspaces": null
},
"view_bind_name": ""
}
}
} 插件执行函数entitlementServiceAssociationAgency说明
- 函数entitlementServiceAssociationAgency参数说明:介绍函数的输入参数和输出参数。
- 函数entitlementServiceAssociationAgency输出示例:给出函数的输出示例。
函数entitlementServiceAssociationAgency参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,根据body体中的角色和作用范围,创建委托,并将策略赋予给委托。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| organization_id | String | 组织id。 | 是 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数entitlementServiceAssociationAgency输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "2498b1b1d3bda69fc0c6d942ce46bf21",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Wed, 06 May 2026 07:33:48 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, must-revalidate",
"Vary": "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json"
},
"code": 200,
"body": "success"
} 插件执行函数showComment说明
- 函数showComment参数说明:介绍函数的输入参数和输出参数。
- 函数showComment输出示例:给出函数的输出示例。
函数showComment参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,搜索评论列表。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspace_id | String | 组织id。 | 是 |
| alert_id | String | 评论的对象ID。 | 是 |
| limit | String | 分页查询参数,用于指定一次查询最多的结果数,从1开始。 | 是 |
| offset | String | 分页查询参数。用于指定查询结果的起始位置,从0开始。 | 是 |
| order | String | 升序/降序。可选值:
| 否 |
| sortby | String | 排序字段。 | 否 |
| resultVariable | String | 用于过滤查询结果。 | 否 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| agency_type | String | 多账号统一适配参数,使用默认值即可。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数showComment输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "2fc5bfce28b41aea69ea23f2394fb258",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Wed, 29 Apr 2026 08:14:55 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "origin,access-control-request-method,access-control-request-headers,accept-encoding",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"total": 8,
"code": "00000000",
"data": [
{
"note_type": "note",
"war_room_id": "79c85b41-72f2-4827-9e90-345deb3cf75b",
"create_time": "2026-04-28T15:33:14.698Z+0800",
"data": {
"content": "<div><span style=\"font-size: 14px; color: #191919\">[项目ID]</span><span style=\"font-size: 14px; color: #595959\"> 099706f4090026a62f0bc014b68c0527</span></div><div><span style=\"font-size: 14px; color: #191919\">[工作空间ID]</span><span style=\"font-size: 14px; color: #595959\"> ff86716b-62bb-49c6-af65-75192ca0c28b</span></div><div><span style=\"font-size: 14px; color: #191919\">[数据对象ID]</span><span style=\"font-size: 14px; color: #595959\"> 79c85b41-72f2-4827-9e90-345deb3cf75b</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本名称]</span><span style=\"font-size: 14px; color: #595959\"> Add the IP indicator tag to the alert</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例ID]</span><span style=\"font-size: 14px; color: #595959\"> fcd884bb-d4f6-44b5-be23-b0e6e8b14e01</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例名称]</span><span style=\"font-size: 14px; color: #595959\"> ADD THE IP INDICATOR TAG TO THE ALERT-v1-20260428153314-554600</span></div><div><span style=\"font-size: 14px; color: #191919\">[结果]</span><span style=\"font-size: 14px; color: #595959\"> 成功</span></div>"
},
"content_en": null,
"type": "textMessage",
"content": {
"come_from": "SecMasterRobot",
"occurred_time": "2026-04-28T15:33:14.698Z+0800",
"value": "<div><span style=\"font-size: 14px; color: #191919\">[项目ID]</span><span style=\"font-size: 14px; color: #595959\"> 099706f4090026a62f0bc014b68c0527</span></div><div><span style=\"font-size: 14px; color: #191919\">[工作空间ID]</span><span style=\"font-size: 14px; color: #595959\"> ff86716b-62bb-49c6-af65-75192ca0c28b</span></div><div><span style=\"font-size: 14px; color: #191919\">[数据对象ID]</span><span style=\"font-size: 14px; color: #595959\"> 79c85b41-72f2-4827-9e90-345deb3cf75b</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本名称]</span><span style=\"font-size: 14px; color: #595959\"> Add the IP indicator tag to the alert</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例ID]</span><span style=\"font-size: 14px; color: #595959\"> fcd884bb-d4f6-44b5-be23-b0e6e8b14e01</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例名称]</span><span style=\"font-size: 14px; color: #595959\"> ADD THE IP INDICATOR TAG TO THE ALERT-v1-20260428153314-554600</span></div><div><span style=\"font-size: 14px; color: #191919\">[结果]</span><span style=\"font-size: 14px; color: #595959\"> 成功</span></div>"
},
"tags": "",
"target": null,
"content_zh": null,
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"update_time": "2026-04-28T15:33:14.698Z+0800",
"is_deleted": false,
"project_id": "099706f4090026a62f0bc014b68c0527",
"marked_note": true,
"marked_evidence": null,
"id": "4cb62d15-ebe1-49c3-b9dd-eebf61873045",
"user": {
"name": "SecMasterRobot",
"id": "SecMasterRobot"
}
},
{
"note_type": "relateToDataObject",
"war_room_id": "79c85b41-72f2-4827-9e90-345deb3cf75b",
"create_time": "2026-04-28T15:33:12.558Z+0800",
"data": {
"content": "w3_sso_secmaster_ops_02 关联indicators, id列表:a2446ff2-33fe-4cb8-83a4-12a653fe64ad"
},
"content_en": null,
"type": "textMessage",
"content": {
"come_from": "w3_sso_secmaster_ops_02",
"occurred_time": "2026-04-28T15:33:12.558Z+0800",
"value": "w3_sso_secmaster_ops_02 关联indicators, id列表:a2446ff2-33fe-4cb8-83a4-12a653fe64ad"
},
"tags": "",
"target": null,
"content_zh": null,
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"update_time": "2026-04-28T15:33:12.558Z+0800",
"is_deleted": false,
"project_id": "099706f4090026a62f0bc014b68c0527",
"marked_note": true,
"marked_evidence": null,
"id": "2e4d2eed-25a7-42f9-b582-f7688e5fc495",
"user": {
"name": "w3_sso_secmaster_ops_02",
"id": "w3_sso_secmaster_ops_02:w3_ops:t30027803"
}
},
{
"note_type": "note",
"war_room_id": "79c85b41-72f2-4827-9e90-345deb3cf75b",
"create_time": "2026-04-09T09:58:50.150Z+0800",
"data": {
"content": "<div><span style=\"font-size: 14px; color: #191919\">[项目ID]</span><span style=\"font-size: 14px; color: #595959\"> 099706f4090026a62f0bc014b68c0527</span></div><div><span style=\"font-size: 14px; color: #191919\">[工作空间ID]</span><span style=\"font-size: 14px; color: #595959\"> ff86716b-62bb-49c6-af65-75192ca0c28b</span></div><div><span style=\"font-size: 14px; color: #191919\">[数据对象ID]</span><span style=\"font-size: 14px; color: #595959\"> 79c85b41-72f2-4827-9e90-345deb3cf75b</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本名称]</span><span style=\"font-size: 14px; color: #595959\"> Add the IP indicator tag to the alert</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例ID]</span><span style=\"font-size: 14px; color: #595959\"> 4cc934cd-a614-426b-9a95-400376ead83c</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例名称]</span><span style=\"font-size: 14px; color: #595959\"> ADD THE IP INDICATOR TAG TO THE ALERT-v1-20260409095835-14165</span></div><div><span style=\"font-size: 14px; color: #191919\">[结果]</span><span style=\"font-size: 14px; color: #595959\"> 成功</span></div>"
},
"content_en": null,
"type": "textMessage",
"content": {
"come_from": "SecMasterRobot",
"occurred_time": "2026-04-09T09:58:50.150Z+0800",
"value": "<div><span style=\"font-size: 14px; color: #191919\">[项目ID]</span><span style=\"font-size: 14px; color: #595959\"> 099706f4090026a62f0bc014b68c0527</span></div><div><span style=\"font-size: 14px; color: #191919\">[工作空间ID]</span><span style=\"font-size: 14px; color: #595959\"> ff86716b-62bb-49c6-af65-75192ca0c28b</span></div><div><span style=\"font-size: 14px; color: #191919\">[数据对象ID]</span><span style=\"font-size: 14px; color: #595959\"> 79c85b41-72f2-4827-9e90-345deb3cf75b</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本名称]</span><span style=\"font-size: 14px; color: #595959\"> Add the IP indicator tag to the alert</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例ID]</span><span style=\"font-size: 14px; color: #595959\"> 4cc934cd-a614-426b-9a95-400376ead83c</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例名称]</span><span style=\"font-size: 14px; color: #595959\"> ADD THE IP INDICATOR TAG TO THE ALERT-v1-20260409095835-14165</span></div><div><span style=\"font-size: 14px; color: #191919\">[结果]</span><span style=\"font-size: 14px; color: #595959\"> 成功</span></div>"
},
"tags": "",
"target": null,
"content_zh": null,
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"update_time": "2026-04-09T09:58:50.150Z+0800",
"is_deleted": false,
"project_id": "099706f4090026a62f0bc014b68c0527",
"marked_note": true,
"marked_evidence": null,
"id": "d93a11cf-b621-4875-b632-0372bdef0441",
"user": {
"name": "SecMasterRobot",
"id": "SecMasterRobot"
}
},
{
"note_type": "note",
"war_room_id": "79c85b41-72f2-4827-9e90-345deb3cf75b",
"create_time": "2026-04-09T09:58:35.987Z+0800",
"data": {
"content": "<div><span style=\"font-size: 14px; color: #191919\">[项目ID]</span><span style=\"font-size: 14px; color: #595959\"> 099706f4090026a62f0bc014b68c0527</span></div><div><span style=\"font-size: 14px; color: #191919\">[工作空间ID]</span><span style=\"font-size: 14px; color: #595959\"> ff86716b-62bb-49c6-af65-75192ca0c28b</span></div><div><span style=\"font-size: 14px; color: #191919\">[数据对象ID]</span><span style=\"font-size: 14px; color: #595959\"> 79c85b41-72f2-4827-9e90-345deb3cf75b</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本名称]</span><span style=\"font-size: 14px; color: #595959\"> 重复告警自动关闭</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例ID]</span><span style=\"font-size: 14px; color: #595959\"> 55f8a830-a22a-489a-94d0-563a4c6bbd75</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例名称]</span><span style=\"font-size: 14px; color: #595959\"> ZFGJZDGB-v1-20260409095800-13072</span></div><div><span style=\"font-size: 14px; color: #191919\">[结果]</span><span style=\"font-size: 14px; color: #595959\"> 成功</span></div>"
},
"content_en": null,
"type": "textMessage",
"content": {
"come_from": "SecMasterRobot",
"occurred_time": "2026-04-09T09:58:35.987Z+0800",
"value": "<div><span style=\"font-size: 14px; color: #191919\">[项目ID]</span><span style=\"font-size: 14px; color: #595959\"> 099706f4090026a62f0bc014b68c0527</span></div><div><span style=\"font-size: 14px; color: #191919\">[工作空间ID]</span><span style=\"font-size: 14px; color: #595959\"> ff86716b-62bb-49c6-af65-75192ca0c28b</span></div><div><span style=\"font-size: 14px; color: #191919\">[数据对象ID]</span><span style=\"font-size: 14px; color: #595959\"> 79c85b41-72f2-4827-9e90-345deb3cf75b</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本名称]</span><span style=\"font-size: 14px; color: #595959\"> 重复告警自动关闭</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例ID]</span><span style=\"font-size: 14px; color: #595959\"> 55f8a830-a22a-489a-94d0-563a4c6bbd75</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例名称]</span><span style=\"font-size: 14px; color: #595959\"> ZFGJZDGB-v1-20260409095800-13072</span></div><div><span style=\"font-size: 14px; color: #191919\">[结果]</span><span style=\"font-size: 14px; color: #595959\"> 成功</span></div>"
},
"tags": "",
"target": null,
"content_zh": null,
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"update_time": "2026-04-09T09:58:35.987Z+0800",
"is_deleted": false,
"project_id": "099706f4090026a62f0bc014b68c0527",
"marked_note": true,
"marked_evidence": null,
"id": "d64522b9-be7f-40dc-9a1b-811b9cc9eb7a",
"user": {
"name": "SecMasterRobot",
"id": "SecMasterRobot"
}
},
{
"note_type": "relateToDataObject",
"war_room_id": "79c85b41-72f2-4827-9e90-345deb3cf75b",
"create_time": "2026-04-09T09:58:35.145Z+0800",
"data": {
"content": "SecMasterRobot 关联alerts, id列表:79c85b41-72f2-4827-9e90-345deb3cf75b"
},
"content_en": null,
"type": "textMessage",
"content": {
"come_from": "SecMasterRobot",
"occurred_time": "2026-04-09T09:58:35.145Z+0800",
"value": "SecMasterRobot 关联alerts, id列表:79c85b41-72f2-4827-9e90-345deb3cf75b"
},
"tags": "",
"target": null,
"content_zh": null,
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"update_time": "2026-04-09T09:58:35.145Z+0800",
"is_deleted": false,
"project_id": "099706f4090026a62f0bc014b68c0527",
"marked_note": true,
"marked_evidence": null,
"id": "cfd60b92-5d89-4cf8-b969-d1a3dbc7bcab",
"user": {
"name": "SecMasterRobot",
"id": "SecMasterRobot"
}
},
{
"note_type": "note",
"war_room_id": "79c85b41-72f2-4827-9e90-345deb3cf75b",
"create_time": "2026-04-09T09:58:32.441Z+0800",
"data": {
"content": "<div><span style=\"font-size: 14px; color: #191919\">[项目ID]</span><span style=\"font-size: 14px; color: #595959\"> 099706f4090026a62f0bc014b68c0527</span></div><div><span style=\"font-size: 14px; color: #191919\">[工作空间ID]</span><span style=\"font-size: 14px; color: #595959\"> ff86716b-62bb-49c6-af65-75192ca0c28b</span></div><div><span style=\"font-size: 14px; color: #191919\">[数据对象ID]</span><span style=\"font-size: 14px; color: #595959\"> 79c85b41-72f2-4827-9e90-345deb3cf75b</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本名称]</span><span style=\"font-size: 14px; color: #595959\"> 主机防线告警关联历史处置信息</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例ID]</span><span style=\"font-size: 14px; color: #595959\"> 7968bf95-5cb8-4c48-99cf-caa6fc2b4379</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例名称]</span><span style=\"font-size: 14px; color: #595959\"> ZJFXGJGLLSCZXX-v1-20260409095800-13070</span></div><div><span style=\"font-size: 14px; color: #191919\">[结果]</span><span style=\"font-size: 14px; color: #595959\"> 失败</span></div>"
},
"content_en": null,
"type": "textMessage",
"content": {
"come_from": "SecMasterRobot",
"occurred_time": "2026-04-09T09:58:32.441Z+0800",
"value": "<div><span style=\"font-size: 14px; color: #191919\">[项目ID]</span><span style=\"font-size: 14px; color: #595959\"> 099706f4090026a62f0bc014b68c0527</span></div><div><span style=\"font-size: 14px; color: #191919\">[工作空间ID]</span><span style=\"font-size: 14px; color: #595959\"> ff86716b-62bb-49c6-af65-75192ca0c28b</span></div><div><span style=\"font-size: 14px; color: #191919\">[数据对象ID]</span><span style=\"font-size: 14px; color: #595959\"> 79c85b41-72f2-4827-9e90-345deb3cf75b</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本名称]</span><span style=\"font-size: 14px; color: #595959\"> 主机防线告警关联历史处置信息</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例ID]</span><span style=\"font-size: 14px; color: #595959\"> 7968bf95-5cb8-4c48-99cf-caa6fc2b4379</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例名称]</span><span style=\"font-size: 14px; color: #595959\"> ZJFXGJGLLSCZXX-v1-20260409095800-13070</span></div><div><span style=\"font-size: 14px; color: #191919\">[结果]</span><span style=\"font-size: 14px; color: #595959\"> 失败</span></div>"
},
"tags": "",
"target": null,
"content_zh": null,
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"update_time": "2026-04-09T09:58:32.441Z+0800",
"is_deleted": false,
"project_id": "099706f4090026a62f0bc014b68c0527",
"marked_note": true,
"marked_evidence": null,
"id": "c41cb9e3-3e69-480f-b1d7-614fed2def42",
"user": {
"name": "SecMasterRobot",
"id": "SecMasterRobot"
}
},
{
"note_type": "note",
"war_room_id": "79c85b41-72f2-4827-9e90-345deb3cf75b",
"create_time": "2026-04-09T09:58:32.274Z+0800",
"data": {
"content": "<div><span style=\"font-size: 14px; color: #191919\">[项目ID]</span><span style=\"font-size: 14px; color: #595959\"> 099706f4090026a62f0bc014b68c0527</span></div><div><span style=\"font-size: 14px; color: #191919\">[工作空间ID]</span><span style=\"font-size: 14px; color: #595959\"> ff86716b-62bb-49c6-af65-75192ca0c28b</span></div><div><span style=\"font-size: 14px; color: #191919\">[数据对象ID]</span><span style=\"font-size: 14px; color: #595959\"> 79c85b41-72f2-4827-9e90-345deb3cf75b</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本名称]</span><span style=\"font-size: 14px; color: #595959\"> 主机防线告警关联历史处置信息</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例ID]</span><span style=\"font-size: 14px; color: #595959\"> 7968bf95-5cb8-4c48-99cf-caa6fc2b4379</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例名称]</span><span style=\"font-size: 14px; color: #595959\"> ZJFXGJGLLSCZXX-v1-20260409095800-13070</span></div><div><span style=\"font-size: 14px; color: #191919\">[结果]</span><span style=\"font-size: 14px; color: #595959\"> 失败</span></div>"
},
"content_en": null,
"type": "textMessage",
"content": {
"come_from": "SecMasterRobot",
"occurred_time": "2026-04-09T09:58:32.274Z+0800",
"value": "<div><span style=\"font-size: 14px; color: #191919\">[项目ID]</span><span style=\"font-size: 14px; color: #595959\"> 099706f4090026a62f0bc014b68c0527</span></div><div><span style=\"font-size: 14px; color: #191919\">[工作空间ID]</span><span style=\"font-size: 14px; color: #595959\"> ff86716b-62bb-49c6-af65-75192ca0c28b</span></div><div><span style=\"font-size: 14px; color: #191919\">[数据对象ID]</span><span style=\"font-size: 14px; color: #595959\"> 79c85b41-72f2-4827-9e90-345deb3cf75b</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本名称]</span><span style=\"font-size: 14px; color: #595959\"> 主机防线告警关联历史处置信息</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例ID]</span><span style=\"font-size: 14px; color: #595959\"> 7968bf95-5cb8-4c48-99cf-caa6fc2b4379</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例名称]</span><span style=\"font-size: 14px; color: #595959\"> ZJFXGJGLLSCZXX-v1-20260409095800-13070</span></div><div><span style=\"font-size: 14px; color: #191919\">[结果]</span><span style=\"font-size: 14px; color: #595959\"> 失败</span></div>"
},
"tags": "",
"target": null,
"content_zh": null,
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"update_time": "2026-04-09T09:58:32.274Z+0800",
"is_deleted": false,
"project_id": "099706f4090026a62f0bc014b68c0527",
"marked_note": true,
"marked_evidence": null,
"id": "9f92f602-5cde-41fb-8da1-92aa1caaafea",
"user": {
"name": "SecMasterRobot",
"id": "SecMasterRobot"
}
},
{
"note_type": "note",
"war_room_id": "79c85b41-72f2-4827-9e90-345deb3cf75b",
"create_time": "2026-04-09T09:58:31.904Z+0800",
"data": {
"content": "<div><span style=\"font-size: 14px; color: #191919\">[项目ID]</span><span style=\"font-size: 14px; color: #595959\"> 099706f4090026a62f0bc014b68c0527</span></div><div><span style=\"font-size: 14px; color: #191919\">[工作空间ID]</span><span style=\"font-size: 14px; color: #595959\"> ff86716b-62bb-49c6-af65-75192ca0c28b</span></div><div><span style=\"font-size: 14px; color: #191919\">[数据对象ID]</span><span style=\"font-size: 14px; color: #595959\"> 79c85b41-72f2-4827-9e90-345deb3cf75b</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本名称]</span><span style=\"font-size: 14px; color: #595959\"> Add the IP indicator tag to the alert</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例ID]</span><span style=\"font-size: 14px; color: #595959\"> 4d02b847-9741-4df7-a8ea-89b45fbe7ca9</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例名称]</span><span style=\"font-size: 14px; color: #595959\"> ADD THE IP INDICATOR TAG TO THE ALERT-v1-20260409095800-13071</span></div><div><span style=\"font-size: 14px; color: #191919\">[结果]</span><span style=\"font-size: 14px; color: #595959\"> 成功</span></div>"
},
"content_en": null,
"type": "textMessage",
"content": {
"come_from": "SecMasterRobot",
"occurred_time": "2026-04-09T09:58:31.904Z+0800",
"value": "<div><span style=\"font-size: 14px; color: #191919\">[项目ID]</span><span style=\"font-size: 14px; color: #595959\"> 099706f4090026a62f0bc014b68c0527</span></div><div><span style=\"font-size: 14px; color: #191919\">[工作空间ID]</span><span style=\"font-size: 14px; color: #595959\"> ff86716b-62bb-49c6-af65-75192ca0c28b</span></div><div><span style=\"font-size: 14px; color: #191919\">[数据对象ID]</span><span style=\"font-size: 14px; color: #595959\"> 79c85b41-72f2-4827-9e90-345deb3cf75b</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本名称]</span><span style=\"font-size: 14px; color: #595959\"> Add the IP indicator tag to the alert</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例ID]</span><span style=\"font-size: 14px; color: #595959\"> 4d02b847-9741-4df7-a8ea-89b45fbe7ca9</span></div><div><span style=\"font-size: 14px; color: #191919\">[剧本实例名称]</span><span style=\"font-size: 14px; color: #595959\"> ADD THE IP INDICATOR TAG TO THE ALERT-v1-20260409095800-13071</span></div><div><span style=\"font-size: 14px; color: #191919\">[结果]</span><span style=\"font-size: 14px; color: #595959\"> 成功</span></div>"
},
"tags": "",
"target": null,
"content_zh": null,
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"update_time": "2026-04-09T09:58:31.904Z+0800",
"is_deleted": false,
"project_id": "099706f4090026a62f0bc014b68c0527",
"marked_note": true,
"marked_evidence": null,
"id": "92e3f3ac-0bfa-4414-92b6-02c2fe2aa421",
"user": {
"name": "SecMasterRobot",
"id": "SecMasterRobot"
}
}
],
"size": 10,
"success": true,
"page": 0,
"message": "",
"request_id": ""
}
} 插件执行函数listPlaybooks说明
- 函数listPlaybooks参数说明:介绍函数的输入参数和输出参数。
- 函数listPlaybooks输出示例:给出函数的输出示例。
函数listPlaybooks参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,查询剧本列表。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspace_id | String | 组织id。 | 是 |
| limit | String | 分页查询参数,用于指定一次查询最多的结果数,从1开始。 | 是 |
| offset | String | 分页查询参数。用于指定查询结果的起始位置,从0开始。 | 是 |
| search_txt | String | 搜索关键字。 | 否 |
| enabled | String | 是否启用。 | 否 |
| description | String | 剧本描述。 | 否 |
| dataclass_name | String | 数据类名称。 | 否 |
| name | String | 剧本名称。 | 否 |
| resultVariable | String | 用于过滤查询结果。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数listPlaybooks输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "c00754a39bc7046caa557f054c58e34d",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Wed, 29 Apr 2026 08:31:54 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"total": 2,
"code": "00000000",
"data": [
{
"dataclass_name": "CommonContext",
"modifier_name": "xxxxx4216",
"create_time": "2024-08-13T00:41:01.000Z+0800",
"owner_id": "",
"description": "",
"dataclass_id": "58ed51dd-810e-36c6-a164-aeb99aba9562",
"version_id": "c5d263a9-f953-3a72-a8bf-01bbe204811a",
"approve_role": "",
"unaudited_version_id": "",
"edit_role": "",
"version": "v1",
"enabled": true,
"cloud_pack_id": "",
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"user_role": "",
"update_time": "2024-10-18T14:17:40.000Z+0800",
"cloud_pack_name": "",
"project_id": "099706f4090026a62f0bc014b68c0527",
"creator_id": "system",
"modifier_id": "5ed860274b1b433e9f6f581350c96215",
"name": "同步CFW黑IP到情报",
"creator_name": "system",
"id": "84a9c0a9-73af-337a-a21d-0c454671d259",
"reject_version_id": ""
},
{
"dataclass_name": "CommonContext",
"modifier_name": "xxxxx16",
"create_time": "2024-08-13T00:41:01.000Z+0800",
"owner_id": "",
"description": "",
"dataclass_id": "58ed51dd-810e-36c6-a164-aeb99aba9562",
"version_id": "58577d03-94e6-3960-97f5-22ec839dd8b7",
"approve_role": "",
"unaudited_version_id": "",
"edit_role": "",
"version": "v1",
"enabled": true,
"cloud_pack_id": "",
"workspace_id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"user_role": "",
"update_time": "2024-10-18T14:19:24.000Z+0800",
"cloud_pack_name": "",
"project_id": "099706f4090026a62f0bc014b68c0527",
"creator_id": "system",
"modifier_id": "5ed860274b1b433e9f6f581350c96215",
"name": "同步WAF黑IP到情报",
"creator_name": "system",
"id": "13b7f802-1e0a-38c4-a2a4-873e66231189",
"reject_version_id": ""
}
],
"size": 10,
"success": true,
"page": 1,
"message": "",
"request_id": ""
}
} 插件执行函数listWorkspaces说明
- 函数listWorkspaces参数说明:介绍函数的输入参数和输出参数。
- 函数listWorkspaces输出示例:给出函数的输出示例。
函数listWorkspaces参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,查询工作空间列表信息。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| region_id | String | 区域id。 | 否 |
| limit | String | 每页显示个数。 | 是 |
| offset | String | 指定返回记录的开始位置,必须为数字,取值范围为大于或等于0。 | 是 |
| view_bind_id | String | 视图绑定的空间id。 | 否 |
| view_bind_name | String | 视图绑定的空间名称。 | 否 |
| description | String | 描述查询。 | 否 |
| create_time_start | String | 创建时间开始,例如2024-04-26T16:08:09Z+0800。 | 否 |
| create_time_end | String | 创建时间结束,例如2024-04-2T16:08:09Z+0800。 | 否 |
| name | String | 名称查询。 | 否 |
| is_view | String | 是否查询视图,可选值:true、false。 | 否 |
| ids | String | 工作空间id数组,英文逗号分隔。 | 否 |
| normal_project_id | String | 普通项目的项目id。 | 否 |
| enterprise_project_id | String | 企业项目的项目id。 | 否 |
| resultVariable | String | 用于过滤查询结果。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数listWorkspaces输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "6390735e11356fec3d63083ec183d32b",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Wed, 29 Apr 2026 08:58:16 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"count": 5,
"workspaces": [
{
"modifier_name": "w3_sso_secmaster_ops_02",
"create_time": "2023-08-21T18:26:53Z+0800",
"enterprise_project_name": "",
"workspace_agency_list": [],
"is_view": false,
"region_id": "cn-north-4",
"description": "11",
"is_main_workspace": true,
"project_name": "cn-north-4",
"tags": [],
"domain_id": "0996e744f600f3180f34c014f001b7c0",
"domain_name": "hwstaff_p_SecCMCC",
"enterprise_project_id": "",
"update_time": "2025-10-29T15:27:02Z+0800",
"is_force_init": null,
"project_id": "099706f4090026a62f0bc014b68c0527",
"view_bind_id": "",
"creator_id": "7647edc14997453b896a962e3554d3c2",
"modifier_id": "w3_sso_secmaster_ops_02:w3_ops:l30073350",
"name": "SecMaster-POC",
"creator_name": "z00525017",
"id": "ff86716b-62bb-49c6-af65-75192ca0c28b",
"statistical_resource": {
"alerts": null,
"assets": null,
"playbook_instances": null,
"incidents": null,
"playbooks": null,
"vulnerabilities": null,
"dataspaces": null
},
"view_bind_name": ""
},
{
"modifier_name": "",
"create_time": "2026-04-16T16:06:44Z+0800",
"enterprise_project_name": "",
"workspace_agency_list": [],
"is_view": false,
"region_id": "cn-north-4",
"description": "",
"is_main_workspace": false,
"project_name": "cn-north-4",
"tags": [],
"domain_id": "0996e744f600f3180f34c014f001b7c0",
"domain_name": "hwstaff_p_SecCMCC",
"enterprise_project_id": "",
"update_time": "2026-04-16T16:06:44Z+0800",
"is_force_init": null,
"project_id": "099706f4090026a62f0bc014b68c0527",
"view_bind_id": "",
"creator_id": "w3_sso_secmaster_ops_02:w3_ops:m30074793",
"modifier_id": "",
"name": "IDCshowcase",
"creator_name": "w3_sso_secmaster_ops_02",
"id": "eb61684c-c2d5-4b69-a663-72efd4fc60ab",
"statistical_resource": {
"alerts": null,
"assets": null,
"playbook_instances": null,
"incidents": null,
"playbooks": null,
"vulnerabilities": null,
"dataspaces": null
},
"view_bind_name": ""
}
]
}
} 插件执行函数createBatchOrderAlerts说明
- 函数createBatchOrderAlerts参数说明:介绍函数的输入参数和输出参数。
- 函数createBatchOrderAlerts输出示例:给出函数的输出示例。
函数createBatchOrderAlerts参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,将告警批量转为事件。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| workspace_id | String | 工作空间id。 | 是 |
| ids | String | 转事件的告警id列表。 | 是 |
| title | String | 事件名称。 | 是 |
| id | String | 事件类型id。 | 是 |
| category | String | 事件类型父类。 | 是 |
| incident_type | String | 事件类型。 | 是 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数createBatchOrderAlerts输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "CloudWAF",
"X-Request-Id": "d3f816911df1cf413b5536487bce28e4",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Wed, 29 Apr 2026 09:16:18 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, max-age=0, must-revalidate",
"Vary": "Access-Control-Request-Headers",
"Set-Cookie": "HWWAFSESID=ff83573716301c994f; path=/",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": "00000000",
"data": {
"error_ids": [],
"success_ids": [
"79c85b41-72f2-4827-9e90-345deb3cf75b"
]
},
"message": "",
"request_id": "",
"success": true
} 插件执行函数listAccounts说明
- 函数listAccounts参数说明:介绍函数的输入参数和输出参数。
- 函数listAccounts输出示例:给出函数的输出示例。
函数listAccounts参数说明
函数功能:调用SecMaster(安全云脑云服务)接口,多账号场景下查询主账号下纳管的账号列表。
| 参数名称 | 参数类型 | 参数描述 | 是否必填 |
|---|---|---|---|
| ou_id | String | 组织id。 | 否 |
| status | String | 委托状态,TO_BE_RECEIVED待接收,RECEIVED已接受,REJECTED已拒绝,RELEASED已解除,WITHDRAWN已撤回 | 否 |
| limit | String | 常与offset搭配使用,limit用于指定返回记录的最大条数,offset 用于指定开始返回记录的偏移量(跳过多少条)。 | 否 |
| offset | String | 常与limit搭配使用,limit用于指定返回记录的最大条数,offset 用于指定开始返回记录的偏移量(跳过多少条)。 | 否 |
| language | String | 查询结果的响应语言,可取值范围:zh-cn、en-us,不支持大写,不支持其他取值。 其中zh-cn表示查询结果显示语言为简体中文;en-us表示查询结果显示语言为英语。 | 否 |
| resultVariable | String | 用于过滤查询结果。 | 否 |
| agency_type | String | 委托类型,ORG_AGENCY通过组织方式托管,ACCOUNT_AGENCY通过账号方式托管。 | 否 |
| 参数名称 | 参数类型 | 参数描述 |
|---|---|---|
| header | Object | 调用安全云脑接口返回的响应结果的headers,包含请求和响应的基本信息,如请求时间、响应服务、请求Id等信息。 |
| code | Int | 状态码,表明请求是否成功。 “code”取值示例说明:
|
| body | Object | 接口返回的具体内容。 |
函数listAccounts输出示例
{
"headers": {
"Transfer-Encoding": "chunked",
"Server": "api-gateway",
"X-Request-Id": "efd856d1bb0f8681925ce8b79f3bf055",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "no-cache",
"Date": "Fri, 24 Apr 2026 02:51:07 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubdomains;",
"Cache-Control": "no-cache, no-store, must-revalidate",
"Content-Encoding": "gzip",
"Vary": "origin,access-control-request-method,access-control-request-headers,accept-encoding",
"X-XSS-Protection": "1; mode=block;",
"Content-Type": "application/json; charset=UTF-8"
},
"code": 200,
"body": {
"total": 4,
"agencies": [
{
"iam_agency_id": "f7ea255ab6534d85a8e0444553960c01",
"org_ou_path": "o-xyh41atuqr0irw8wc67cnsv2xjzo663z/r-3zsjft4vo3ptq74v6tnfs8tdvgzf1qtn/ou-7qtb8abzfttluxh2kwguce5g1mfn4mi3",
"projects": [],
"create_time": "2026-03-18T10:56:09Z+0800",
"trust_domain_id": "a7e437dac49949148b08102a42bb0723",
"eps": [],
"trust_domain_name": "scc_sa_xxxxx695_01",
"domain_id": "f9d7bacbfd2c49e892532ba3f62ab75d",
"domain_name": "scc_sa_xxxx74_01",
"update_time": "2026-03-18T10:56:11Z+0800",
"org_id": "o-xyh41atuqr0irw8wc67cnsv2xjzo663z",
"org_ou_name": "",
"error_code": "",
"log_list": [],
"id": "e9d638d2-85b3-4554-bd2e-9bd5fcdc4510",
"agency_type": "ORG_AGENCY",
"iam_agency_name": "SecMaster_Account_Agency_e9d638d2-85b3-4554-bd2e-9bd5fcdc4510",
"status": "RECEIVED"
},
{
"iam_agency_id": "639a6cbe4c264491ac5eef7bd6c3ccca",
"org_ou_path": "o-xyh41atuqr0irw8wc67cnsv2xjzo663z/r-3zsjft4vo3ptq74v6tnfs8tdvgzf1qtn/ou-7qtb8abzfttluxh2kwguce5g1mfn4mi3",
"projects": [],
"create_time": "2026-02-05T11:29:58Z+0800",
"trust_domain_id": "a7e437dac49949148b08102a42bb0723",
"eps": [],
"trust_domain_name": "scc_sa_xxxxx695_01",
"domain_id": "9f284b6b77a247eb9d0ede96e092e322",
"domain_name": "scc_sa_xxxxx7803_01",
"update_time": "2026-02-05T11:30:00Z+0800",
"org_id": "o-xyh41atuqr0irw8wc67cnsv2xjzo663z",
"org_ou_name": "",
"error_code": "",
"log_list": [],
"id": "d8d3c54c-466b-4415-b7ee-7f70d07e46c2",
"agency_type": "ORG_AGENCY",
"iam_agency_name": "SecMaster_Account_Agency_d8d3c54c-466b-4415-b7ee-7f70d07e46c2",
"status": "RECEIVED"
},
{
"iam_agency_id": "bf62d98b39094c3da6a18081a50d16d0",
"org_ou_path": "o-xyh41atuqr0irw8wc67cnsv2xjzo663z/r-3zsjft4vo3ptq74v6tnfs8tdvgzf1qtn/ou-7qtb8abzfttluxh2kwguce5g1mfn4mi3",
"projects": [],
"create_time": "2026-02-05T11:29:43Z+0800",
"trust_domain_id": "a7e437dac49949148b08102a42bb0723",
"eps": [],
"trust_domain_name": "scc_sa_xxxxx5_01",
"domain_id": "090956086980d4330fc0c00c9f6ec180",
"domain_name": "SCC_SA_xxxx693_02",
"update_time": "2026-02-05T11:29:45Z+0800",
"org_id": "o-xyh41atuqr0irw8wc67cnsv2xjzo663z",
"org_ou_name": "",
"error_code": "",
"log_list": [],
"id": "781e1dd6-b474-4d10-b5af-052269cbc6b2",
"agency_type": "ORG_AGENCY",
"iam_agency_name": "SecMaster_Account_Agency_781e1dd6-b474-4d10-b5af-052269cbc6b2",
"status": "RECEIVED"
},
{
"iam_agency_id": "748e52f9f6fe45f3aaf79910cdc12cba",
"org_ou_path": "o-xyh41atuqr0irw8wc67cnsv2xjzo663z/r-3zsjft4vo3ptq74v6tnfs8tdvgzf1qtn/ou-7qtb8abzfttluxh2kwguce5g1mfn4mi3",
"projects": [],
"create_time": "2026-01-29T16:20:01Z+0800",
"trust_domain_id": "a7e437dac49949148b08102a42bb0723",
"eps": [],
"trust_domain_name": "",
"domain_id": "7de770a0f1084d78afd0523e59102e43",
"domain_name": "scc_sa_xxxxx03_02",
"update_time": "2026-02-05T11:20:00Z+0800",
"org_id": "o-xyh41atuqr0irw8wc67cnsv2xjzo663z",
"org_ou_name": "",
"error_code": "Failed to create the agency. Check the maximum number of IAM agencies that can be created by the hosting party.",
"log_list": [],
"id": "d3d98680-783e-4ab9-8f4e-9b0ad5a0578d",
"agency_type": "ORG_AGENCY",
"iam_agency_name": "SecMaster_Account_Agency_d3d98680-783e-4ab9-8f4e-9b0ad5a0578d",
"status": "RECEIVED"
}
],
"config": {
"org": {
"account_list": [],
"id": "",
"is_auto_agency": false
},
"trust_domain_id": "",
"accounts": []
}
}
} 父主题: 系统内置流程插件说明
