1. 接口描述
接口请求域名: csip.tencentcloudapi.com 。
告警中心全量告警列表接口
默认接口请求频率限制:3次/秒。
推荐使用 API Explorer
点击调试
API Explorer 提供了在线调用、签名验证、SDK 代码生成和快速检索接口等能力。您可查看每次调用的请求内容和返回结果以及自动生成 SDK 调用示例。
2. 输入参数
以下请求参数列表仅列出了接口请求参数和部分公共参数,完整公共参数列表见 公共请求参数。
参数名称 | 必选 | 类型 | 描述 |
---|---|---|---|
Action | 是 | String | 公共参数,本接口取值:DescribeAlertList。 |
Version | 是 | String | 公共参数,本接口取值:2022-11-21。 |
Region | 否 | String | 公共参数,此参数为可选参数。 |
Filter | 是 | Filter | 标签搜索筛选 |
MemberId.N | 否 | Array of String | 集团账号的成员id 示例值:[]{"mem-6wfo0fzks3","mem-85fo0fzks4"} |
OperatedMemberId.N | 否 | Array of String | 被调用的集团账号的成员id 示例值:[]{"mem-6wfo0fzks3","mem-85fo0fzks4"} |
AssetType | 否 | Integer | 0:默认全部 1:资产ID 2:域名 示例值:0 |
3. 输出参数
参数名称 | 类型 | 描述 |
---|---|---|
AlertList | Array of AlertInfo | 全量告警列表 |
AlertTypeCount | Array of TagCount | 告警大类数量 |
TotalCount | Integer | 告警总数 |
ReturnCode | Integer | 0:succeed 1:timeout 示例值:0 |
ReturnMsg | String | 返回状态信息 示例值:success |
RequestId | String | 唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。 |
4. 示例
示例1 告警中心全量告警示例
输入示例
POST / HTTP/1.1
Host: csip.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeAlertList
<公共请求参数>
{
"MemberId": [
"abc"
],
"OperatedMemberId": [
"abc"
],
"AssetType": 0,
"Filter": {
"Limit": 0,
"Offset": 0,
"Order": "abc",
"By": "abc",
"Filters": [
{
"Name": "abc",
"Values": [
"abc"
],
"OperatorType": 0
}
],
"StartTime": "abc",
"EndTime": "abc"
}
}
输出示例
{
"Response": {
"AlertList": [
{
"ID": "abc",
"Name": "abc",
"Source": "abc",
"Level": 1,
"Attacker": {
"IP": "abc",
"HostIP": "abc",
"Port": 1,
"InstanceID": "abc",
"City": "abc",
"Province": "abc",
"Country": "abc",
"Address": "abc",
"Latitude": "abc",
"Longitude": "abc",
"Info": "abc",
"Domain": "abc",
"Name": "abc",
"Account": "abc",
"Family": "abc",
"VirusName": "abc",
"MD5": "abc",
"FileName": "abc"
},
"Victim": {
"IP": "abc",
"HostIP": "abc",
"Port": 1,
"InstanceID": "abc",
"City": "abc",
"Province": "abc",
"Country": "abc",
"Address": "abc",
"Latitude": "abc",
"Longitude": "abc",
"Info": "abc",
"Domain": "abc",
"Name": "abc",
"Account": "abc",
"Family": "abc",
"VirusName": "abc",
"MD5": "abc",
"FileName": "abc"
},
"EvidenceData": "abc",
"EvidenceLocation": "abc",
"EvidencePath": "abc",
"CreateTime": "abc",
"UpdateTime": "abc",
"Count": 1,
"UrgentSuggestion": "abc",
"RemediationSuggestion": "abc",
"RiskInvestigation": "abc",
"RiskTreatment": "abc",
"Status": 1,
"ProcessType": "abc",
"Type": "abc",
"SubType": "abc",
"ExtraInfo": {
"RelateEvent": {
"EventID": "abc",
"Description": "abc",
"RelatedCount": 0
},
"LeakContent": "abc",
"LeakAPI": "abc",
"SecretID": "abc",
"Rule": "abc",
"RuleDesc": "abc",
"ProtocolPort": "abc",
"AttackContent": "abc",
"AttackIPProfile": "abc",
"AttackIPTags": "abc",
"RequestMethod": "abc",
"HttpLog": "abc",
"AttackDomain": "abc",
"FilePath": "abc",
"UserAgent": "abc",
"RequestHeaders": "abc",
"LoginUserName": "abc",
"VulnerabilityName": "abc",
"CVE": "abc",
"ServiceProcess": "abc",
"FileName": "abc",
"FileSize": "abc",
"FileMD5": "abc",
"FileLastAccessTime": "abc",
"FileModifyTime": "abc",
"RecentAccessTime": "abc",
"RecentModifyTime": "abc",
"VirusName": "abc",
"VirusFileTags": "abc",
"BehavioralCharacteristics": "abc",
"ProcessNamePID": "abc",
"ProcessPath": "abc",
"ProcessCommandLine": "abc",
"ProcessPermissions": "abc",
"ExecutedCommand": "abc",
"AffectedFileName": "abc",
"DecoyPath": "abc",
"MaliciousProcessFileSize": "abc",
"MaliciousProcessFileMD5": "abc",
"MaliciousProcessNamePID": "abc",
"MaliciousProcessPath": "abc",
"MaliciousProcessStartTime": "abc",
"CommandContent": "abc",
"StartupUser": "abc",
"UserGroup": "abc",
"NewPermissions": "abc",
"ParentProcess": "abc",
"ClassName": "abc",
"ClassLoader": "abc",
"ClassFileSize": "abc",
"ClassFileMD5": "abc",
"ParentClassName": "abc",
"InheritedInterface": "abc",
"Comment": "abc",
"PayloadContent": "abc",
"CallbackAddressPortrait": "abc",
"CallbackAddressTag": "abc",
"ProcessMD5": "abc",
"FilePermission": "abc",
"HitProbe": "abc",
"HitHoneyPot": "abc",
"CommandList": "abc",
"AttackEventDesc": "abc",
"ProcessInfo": "abc",
"UserNameAndPwd": "abc"
},
"Key": "abc",
"Date": "abc",
"AppID": "abc",
"NickName": "abc",
"Uin": "abc"
}
],
"AlertTypeCount": [
{
"Name": "abc",
"Count": 1
}
],
"TotalCount": 1,
"RequestId": "abc"
}
}
5. 开发者资源
腾讯云 API 平台
腾讯云 API 平台 是综合 API 文档、错误码、API Explorer 及 SDK 等资源的统一查询平台,方便您从同一入口查询及使用腾讯云提供的所有 API 服务。
API Inspector
用户可通过 API Inspector 查看控制台每一步操作关联的 API 调用情况,并自动生成各语言版本的 API 代码,也可前往 API Explorer 进行在线调试。
SDK
云 API 3.0 提供了配套的开发工具集(SDK),支持多种编程语言,能更方便的调用 API。
- Tencent Cloud SDK 3.0 for Python: GitHub Gitee
- Tencent Cloud SDK 3.0 for Java: GitHub Gitee
- Tencent Cloud SDK 3.0 for PHP: GitHub Gitee
- Tencent Cloud SDK 3.0 for Go: GitHub Gitee
- Tencent Cloud SDK 3.0 for Node.js: GitHub Gitee
- Tencent Cloud SDK 3.0 for .NET: GitHub Gitee
- Tencent Cloud SDK 3.0 for C++: GitHub Gitee
- Tencent Cloud SDK 3.0 for Ruby: GitHub Gitee
命令行工具
6. 错误码
该接口暂无业务逻辑相关的错误码,其他错误码详见 公共错误码。