diff --git a/docs/hss/api-ref/ALL_META.TXT.json b/docs/hss/api-ref/ALL_META.TXT.json new file mode 100644 index 00000000..0e6723b7 --- /dev/null +++ b/docs/hss/api-ref/ALL_META.TXT.json @@ -0,0 +1,1225 @@ +[ + { + "dockw":"API Reference" + }, + { + "uri":"hss_02_0001.html", + "node_id":"hss_02_0001.xml", + "product_code":"hss", + "code":"1", + "des":"Public cloud APIs comply with the RESTful API design principles. REST-based Web services are organized into resources. Each resource is identified by one or more Uniform ", + "doc_type":"api", + "kw":"API Usage Guidelines,API Reference", + "search_title":"", + "metedata":[ + { + "documenttype":"api", + "opensource":"true", + "prodname":"hss", + "IsBot":"Yes" + } + ], + "title":"API Usage Guidelines", + "githuburl":"" + }, + { + "uri":"hss_02_0011.html", + "node_id":"hss_02_0011.xml", + "product_code":"hss", + "code":"2", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"API Description", + "search_title":"", + "metedata":[ + { + "documenttype":"api", + "opensource":"true", + "prodname":"hss", + "IsBot":"Yes" + } + ], + "title":"API Description", + "githuburl":"" + }, + { + "uri":"topic_300000000.html", + "node_id":"topic_300000000.xml", + "product_code":"hss", + "code":"3", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Asset Management", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Asset Management", + "githuburl":"" + }, + { + "uri":"ShowAssetStatistic.html", + "node_id":"showassetstatistic.xml", + "product_code":"hss", + "code":"4", + "des":"This API is used to collect statistics on assets, such as accounts, ports, and processes.GET /v5/{project_id}/asset/statisticsStatus code: 200This API is used to query th", + "doc_type":"api", + "kw":"Collecting Asset Statistics, Including Accounts, Ports, and Processes,Asset Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Collecting Asset Statistics, Including Accounts, Ports, and Processes", + "githuburl":"" + }, + { + "uri":"ListUserStatistics.html", + "node_id":"listuserstatistics.xml", + "product_code":"hss", + "code":"5", + "des":"This API is used to check account information in asset fingerprints.GET /v5/{project_id}/asset/user/statisticsStatus code: 200The first 10 accounts are queried by default", + "doc_type":"api", + "kw":"Asset Fingerprint - Account Information,Asset Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Asset Fingerprint - Account Information", + "githuburl":"" + }, + { + "uri":"ListProcessStatistics.html", + "node_id":"listprocessstatistics.xml", + "product_code":"hss", + "code":"6", + "des":"This API is used to check process information in asset fingerprints.GET /v5/{project_id}/asset/process/statisticsStatus code: 200The first 10 processes whose type is host", + "doc_type":"api", + "kw":"Asset Fingerprint - Process Information,Asset Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Asset Fingerprint - Process Information", + "githuburl":"" + }, + { + "uri":"ListAppStatistics.html", + "node_id":"listappstatistics.xml", + "product_code":"hss", + "code":"7", + "des":"This API is used to check software information in asset fingerprints.GET /v5/{project_id}/asset/app/statisticsStatus code: 200The first 10 software lists whose type is ho", + "doc_type":"api", + "kw":"Asset Fingerprint - Software Information,Asset Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Asset Fingerprint - Software Information", + "githuburl":"" + }, + { + "uri":"ListAutoLaunchStatistics.html", + "node_id":"listautolaunchstatistics.xml", + "product_code":"hss", + "code":"8", + "des":"This API is used to check auto-started items in asset fingerprints.GET /v5/{project_id}/asset/auto-launch/statisticsStatus code: 200The first 10 auto-startup items are qu", + "doc_type":"api", + "kw":"Asset Fingerprint - Auto-Started Item Information,Asset Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Asset Fingerprint - Auto-Started Item Information", + "githuburl":"" + }, + { + "uri":"ListUsers.html", + "node_id":"listusers.xml", + "product_code":"hss", + "code":"9", + "des":"This API is used to query the server list of an account.GET /v5/{project_id}/asset/usersStatus code: 200Query servers list whose account is daemon by default.Status code:", + "doc_type":"api", + "kw":"Querying the Server List of an Account,Asset Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Server List of an Account", + "githuburl":"" + }, + { + "uri":"ListPorts.html", + "node_id":"listports.xml", + "product_code":"hss", + "code":"10", + "des":"This API is used to check open port information in the asset fingerprints of a server.GET /v5/{project_id}/asset/portsStatus code: 200The first 10 open ports whose host_i", + "doc_type":"api", + "kw":"Asset Fingerprint of a Server - Open Port Information,Asset Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Asset Fingerprint of a Server - Open Port Information", + "githuburl":"" + }, + { + "uri":"ListApps.html", + "node_id":"listapps.xml", + "product_code":"hss", + "code":"11", + "des":"This API is used to check software information in the asset fingerprints of a server.GET /v5/{project_id}/asset/appsStatus code: 200The first 10 servers whose software na", + "doc_type":"api", + "kw":"Asset Fingerprint of a Server - Software,Asset Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Asset Fingerprint of a Server - Software", + "githuburl":"" + }, + { + "uri":"ListAutoLaunchs.html", + "node_id":"listautolaunchs.xml", + "product_code":"hss", + "code":"12", + "des":"This API is used to check auto-started items in the asset fingerprints of a server.GET /v5/{project_id}/asset/auto-launchsStatus code: 200The first 10 services whose auto", + "doc_type":"api", + "kw":"Asset Fingerprint of a Server - Auto-Started Items,Asset Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Asset Fingerprint of a Server - Auto-Started Items", + "githuburl":"" + }, + { + "uri":"ListUserChangeHistories.html", + "node_id":"listuserchangehistories.xml", + "product_code":"hss", + "code":"13", + "des":"This API is used to obtain the account change history.GET /v5/{project_id}/asset/user/change-historyStatus code: 200The first 10 account change records whose start time i", + "doc_type":"api", + "kw":"Obtaining the Account Change History,Asset Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Obtaining the Account Change History", + "githuburl":"" + }, + { + "uri":"ListAppChangeHistories.html", + "node_id":"listappchangehistories.xml", + "product_code":"hss", + "code":"14", + "des":"This API is used to check the change history of software in the asset fingerprints of a server.GET /v5/{project_id}/asset/app/change-historyStatus code: 200The first 10 s", + "doc_type":"api", + "kw":"Asset Fingerprint - Software Information - Change History,Asset Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Asset Fingerprint - Software Information - Change History", + "githuburl":"" + }, + { + "uri":"ListPortStatistics.html", + "node_id":"listportstatistics.xml", + "product_code":"hss", + "code":"15", + "des":"This API is used to check open port information in asset fingerprints.GET /v5/{project_id}/asset/port/statisticsStatus code: 200The first 10 open ports whose port number ", + "doc_type":"api", + "kw":"Asset Fingerprint - Open Port Information,Asset Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Asset Fingerprint - Open Port Information", + "githuburl":"" + }, + { + "uri":"ListAutoLaunchChangeHistories.html", + "node_id":"listautolaunchchangehistories.xml", + "product_code":"hss", + "code":"16", + "des":"This API is used to check the change history of auto-started items in the asset fingerprints of a server.GET /v5/{project_id}/asset/auto-launch/change-historyStatus code:", + "doc_type":"api", + "kw":"Asset Fingerprint - Auto-started Item - Change History,Asset Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Asset Fingerprint - Auto-started Item - Change History", + "githuburl":"" + }, + { + "uri":"topic_300000001.html", + "node_id":"topic_300000001.xml", + "product_code":"hss", + "code":"17", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Ransomware Prevention", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Ransomware Prevention", + "githuburl":"" + }, + { + "uri":"ListProtectionPolicy.html", + "node_id":"listprotectionpolicy.xml", + "product_code":"hss", + "code":"18", + "des":"This API is used to query the protection policy list of ransomware.GET /v5/{project_id}/ransomware/protection/policyStatus code: 200Query the protection policy list of ra", + "doc_type":"api", + "kw":"Querying the Protection Policy List of Ransomware,Ransomware Prevention,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Protection Policy List of Ransomware", + "githuburl":"" + }, + { + "uri":"UpdateProtectionPolicy.html", + "node_id":"updateprotectionpolicy.xml", + "product_code":"hss", + "code":"19", + "des":"This API is used to modify ransomware protection policies.PUT /v5/{project_id}/ransomware/protection/policyNoneModify the ransomware protection policy. Set the OS type to", + "doc_type":"api", + "kw":"Modifying Ransomware Protection Policies,Ransomware Prevention,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Modifying Ransomware Protection Policies", + "githuburl":"" + }, + { + "uri":"StopProtection.html", + "node_id":"stopprotection.xml", + "product_code":"hss", + "code":"20", + "des":"This API is used to disable ransomware prevention.POST /v5/{project_id}/ransomware/protection/closeNoneDisable ransomware protection for the server. The target server ID ", + "doc_type":"api", + "kw":"Disabling Ransomware Prevention,Ransomware Prevention,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Disabling Ransomware Prevention", + "githuburl":"" + }, + { + "uri":"UpdateBackupPolicyInfo.html", + "node_id":"updatebackuppolicyinfo.xml", + "product_code":"hss", + "code":"21", + "des":"This API is used to modify the backup policy associated with the vaultPUT /v5/{project_id}/backup/policyNoneModify the backup policy. The target backup policy ID is af4d0", + "doc_type":"api", + "kw":"Modifying the Backup Policy Bound to HSS Protection Vault,Ransomware Prevention,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Modifying the Backup Policy Bound to HSS Protection Vault", + "githuburl":"" + }, + { + "uri":"topic_300000002.html", + "node_id":"topic_300000002.xml", + "product_code":"hss", + "code":"22", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Baseline Management", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Baseline Management", + "githuburl":"" + }, + { + "uri":"ListWeakPasswordUsers.html", + "node_id":"listweakpasswordusers.xml", + "product_code":"hss", + "code":"23", + "des":"This API is used to query the list of weak password detection results.GET /v5/{project_id}/baseline/weak-password-usersStatus code: 200Query the weak password of servers ", + "doc_type":"api", + "kw":"Querying the Weak Password Detection Result List,Baseline Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Weak Password Detection Result List", + "githuburl":"" + }, + { + "uri":"ListPasswordComplexity.html", + "node_id":"listpasswordcomplexity.xml", + "product_code":"hss", + "code":"24", + "des":"This API is used to query the password complexity policy detection report.GET /v5/{project_id}/baseline/password-complexityStatus code: 200Query the password complexity o", + "doc_type":"api", + "kw":"Querying the Password Complexity Policy Detection Report,Baseline Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Password Complexity Policy Detection Report", + "githuburl":"" + }, + { + "uri":"ListRiskConfigs.html", + "node_id":"listriskconfigs.xml", + "product_code":"hss", + "code":"25", + "des":"This API is used to query the result list of a user's server security configuration check.GET /v5/{project_id}/baseline/risk-configsStatus code: 200This API is used to qu", + "doc_type":"api", + "kw":"Querying the Result List of Server Security Configuration Check,Baseline Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Result List of Server Security Configuration Check", + "githuburl":"" + }, + { + "uri":"ShowRiskConfigDetail.html", + "node_id":"showriskconfigdetail.xml", + "product_code":"hss", + "code":"26", + "des":"This API is used to query the check result of a specified security configuration item.GET /v5/{project_id}/baseline/risk-config/{check_name}/detailStatus code: 200This AP", + "doc_type":"api", + "kw":"Querying the Check Result of a Security Configuration Item,Baseline Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Check Result of a Security Configuration Item", + "githuburl":"" + }, + { + "uri":"ListRiskConfigCheckRules.html", + "node_id":"listriskconfigcheckrules.xml", + "product_code":"hss", + "code":"27", + "des":"This API is used to query the checklist of a specified security configuration item.GET /v5/{project_id}/baseline/risk-config/{check_name}/check-rulesStatus code: 200This ", + "doc_type":"api", + "kw":"Querying the Checklist of a Security Configuration Item,Baseline Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Checklist of a Security Configuration Item", + "githuburl":"" + }, + { + "uri":"ListRiskConfigHosts.html", + "node_id":"listriskconfighosts.xml", + "product_code":"hss", + "code":"28", + "des":"This API is used to query the list of affected servers of a specified security configuration item.GET /v5/{project_id}/baseline/risk-config/{check_name}/hostsStatus code:", + "doc_type":"api", + "kw":"Querying the List of Affected Servers of a Security Configuration Item,Baseline Management,API Refer", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the List of Affected Servers of a Security Configuration Item", + "githuburl":"" + }, + { + "uri":"ShowCheckRuleDetail.html", + "node_id":"showcheckruledetail.xml", + "product_code":"hss", + "code":"29", + "des":"This API is used to query the report of a check item in a security configuration check.GET /v5/{project_id}/baseline/check-rule/detailStatus code: 200This API is used to ", + "doc_type":"api", + "kw":"Querying the Report of a Check Item in a Security Configuration Check,Baseline Management,API Refere", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Report of a Check Item in a Security Configuration Check", + "githuburl":"" + }, + { + "uri":"topic_300000003.html", + "node_id":"topic_300000003.xml", + "product_code":"hss", + "code":"30", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Quota Management", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Quota Management", + "githuburl":"" + }, + { + "uri":"ListQuotasDetail.html", + "node_id":"listquotasdetail.xml", + "product_code":"hss", + "code":"31", + "des":"This API is used to query quota details.GET /v5/{project_id}/billing/quotas-detailStatus code: 200This API is used to query quotas details in all enterprise projects.Stat", + "doc_type":"api", + "kw":"Querying Quota Details,Quota Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying Quota Details", + "githuburl":"" + }, + { + "uri":"topic_300000004.html", + "node_id":"topic_300000004.xml", + "product_code":"hss", + "code":"32", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Intrusion Detection", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Intrusion Detection", + "githuburl":"" + }, + { + "uri":"ListSecurityEvents.html", + "node_id":"listsecurityevents.xml", + "product_code":"hss", + "code":"33", + "des":"This API is used to query the detected intrusion list.GET /v5/{project_id}/event/eventsStatus code: 200Query the first 50 unprocessed server events whose enterprise proje", + "doc_type":"api", + "kw":"Querying the Detected Intrusion List,Intrusion Detection,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Detected Intrusion List", + "githuburl":"" + }, + { + "uri":"ListAlarmWhiteList.html", + "node_id":"listalarmwhitelist.xml", + "product_code":"hss", + "code":"34", + "des":"This API is used to query the alarm whitelist.GET /v5/{project_id}/event/white-list/alarmStatus code: 200Query the first 10 alarm whitelists whose enterprise project is x", + "doc_type":"api", + "kw":"Querying the Alarm Whitelist,Intrusion Detection,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Alarm Whitelist", + "githuburl":"" + }, + { + "uri":"ChangeEvent.html", + "node_id":"changeevent.xml", + "product_code":"hss", + "code":"35", + "des":"This API is used to handle alarm events.POST /v5/{project_id}/event/operateNoneNoneSee Error Codes.", + "doc_type":"api", + "kw":"Handling Alarm Events,Intrusion Detection,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Handling Alarm Events", + "githuburl":"" + }, + { + "uri":"topic_300000005.html", + "node_id":"topic_300000005.xml", + "product_code":"hss", + "code":"36", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Server Management", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Server Management", + "githuburl":"" + }, + { + "uri":"ListHostStatus.html", + "node_id":"listhoststatus.xml", + "product_code":"hss", + "code":"37", + "des":"This API is used to query ECSs.GET /v5/{project_id}/host-management/hostsStatus code: 200Query the 10 Linux servers in all enterprise projects whose agent status is onlin", + "doc_type":"api", + "kw":"Querying ECSs,Server Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying ECSs", + "githuburl":"" + }, + { + "uri":"SwitchHostsProtectStatus.html", + "node_id":"switchhostsprotectstatus.xml", + "product_code":"hss", + "code":"38", + "des":"This API is used to change the protection status.POST /v5/{project_id}/host-management/protectionNoneSwitch the protection edition of the server whose ID is 71a15ecc-049f", + "doc_type":"api", + "kw":"Changing the Protection Status,Server Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Changing the Protection Status", + "githuburl":"" + }, + { + "uri":"ListHostGroups.html", + "node_id":"listhostgroups.xml", + "product_code":"hss", + "code":"39", + "des":"This API is used to query server groups.GET /v5/{project_id}/host-management/groupsStatus code: 200Query the server group whose name is test.Status code: 200Server group ", + "doc_type":"api", + "kw":"Querying Server Groups,Server Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying Server Groups", + "githuburl":"" + }, + { + "uri":"AddHostsGroup.html", + "node_id":"addhostsgroup.xml", + "product_code":"hss", + "code":"40", + "des":"This API is used to create a server group.POST /v5/{project_id}/host-management/groupsNoneCreate a server group named test. The ID of the server in the server group is 15", + "doc_type":"api", + "kw":"Creating a Server Group,Server Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Creating a Server Group", + "githuburl":"" + }, + { + "uri":"ChangeHostsGroup.html", + "node_id":"changehostsgroup.xml", + "product_code":"hss", + "code":"41", + "des":"This API is used to edit a server group.PUT /v5/{project_id}/host-management/groupsNoneEdit the server group named test. The server group ID is eca40dbe-27f7-4229-8f9d-a5", + "doc_type":"api", + "kw":"Editing a Server Group,Server Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Editing a Server Group", + "githuburl":"" + }, + { + "uri":"DeleteHostsGroup.html", + "node_id":"deletehostsgroup.xml", + "product_code":"hss", + "code":"42", + "des":"This API is used to delete a server group.DELETE /v5/{project_id}/host-management/groupsNoneDelete the server group whose ID is 34fcf861-402b-45c6-9b6a-13087791aae3.NoneS", + "doc_type":"api", + "kw":"Deleting a Server Group,Server Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Deleting a Server Group", + "githuburl":"" + }, + { + "uri":"topic_300000006.html", + "node_id":"topic_300000006.xml", + "product_code":"hss", + "code":"43", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Policy Management", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Policy Management", + "githuburl":"" + }, + { + "uri":"ListPolicyGroup.html", + "node_id":"listpolicygroup.xml", + "product_code":"hss", + "code":"44", + "des":"This API is used to query the policy group list.GET /v5/{project_id}/policy/groupsStatus code: 200Query the policy group list of all enterprise projects.Status code: 200P", + "doc_type":"api", + "kw":"Querying the Policy Group List,Policy Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Policy Group List", + "githuburl":"" + }, + { + "uri":"AssociatePolicyGroup.html", + "node_id":"associatepolicygroup.xml", + "product_code":"hss", + "code":"45", + "des":"Applying a policy groupPOST /v5/{project_id}/policy/deployNoneDeploy a server protection policy. The target server ID is 15462c0e-32c6-4217-a869-bbd131a00ecf, and the tar", + "doc_type":"api", + "kw":"Applying a Policy Group,Policy Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Applying a Policy Group", + "githuburl":"" + }, + { + "uri":"topic_300000007.html", + "node_id":"topic_300000007.xml", + "product_code":"hss", + "code":"46", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Vulnerability Management", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Vulnerability Management", + "githuburl":"" + }, + { + "uri":"ListVulnerabilities.html", + "node_id":"listvulnerabilities.xml", + "product_code":"hss", + "code":"47", + "des":"This API is used to query the list of detected vulnerabilities.GET /v5/{project_id}/vulnerability/vulnerabilitiesStatus code: 200Query the first 10 records in the vulnera", + "doc_type":"api", + "kw":"Querying the Vulnerability List,Vulnerability Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Vulnerability List", + "githuburl":"" + }, + { + "uri":"ListVulHosts.html", + "node_id":"listvulhosts.xml", + "product_code":"hss", + "code":"48", + "des":"This API is used to query the servers affected by a vulnerability.GET /v5/{project_id}/vulnerability/hostsStatus code: 200Query the first 10 records in the list of server", + "doc_type":"api", + "kw":"Querying the Servers Affected by a Vulnerability,Vulnerability Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Servers Affected by a Vulnerability", + "githuburl":"" + }, + { + "uri":"ChangeVulStatus.html", + "node_id":"changevulstatus.xml", + "product_code":"hss", + "code":"49", + "des":"This API is used to change the status of a vulnerability.PUT /v5/{project_id}/vulnerability/statusNoneChange the vulnerability status of the server whose ID is 71a15ecc-0", + "doc_type":"api", + "kw":"Changing the Status of a Vulnerability,Vulnerability Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Changing the Status of a Vulnerability", + "githuburl":"" + }, + { + "uri":"topic_300000008.html", + "node_id":"topic_300000008.xml", + "product_code":"hss", + "code":"50", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Web Tamper Protection", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Web Tamper Protection", + "githuburl":"" + }, + { + "uri":"SetWtpProtectionStatusInfo.html", + "node_id":"setwtpprotectionstatusinfo.xml", + "product_code":"hss", + "code":"51", + "des":"This API is used to enable or disable WTP.POST /v5/{project_id}/webtamper/static/statusNoneEnable WTP, set the target server IDs to a and b, and pay for the yearly/monthl", + "doc_type":"api", + "kw":"Enabling or Disabling WTP,Web Tamper Protection,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Enabling or Disabling WTP", + "githuburl":"" + }, + { + "uri":"SetRaspSwitch.html", + "node_id":"setraspswitch.xml", + "product_code":"hss", + "code":"52", + "des":"This API is used to enable or disable dynamic WTP.POST /v5/{project_id}/webtamper/rasp/statusNoneEnable dynamic WTP for servers a and b.NoneSee Error Codes.", + "doc_type":"api", + "kw":"Enabling or Disabling Dynamic WTP,Web Tamper Protection,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Enabling or Disabling Dynamic WTP", + "githuburl":"" + }, + { + "uri":"ListHostProtectHistoryInfo.html", + "node_id":"listhostprotecthistoryinfo.xml", + "product_code":"hss", + "code":"53", + "des":"This API is used to query the status of static WTP for a server.GET /v5/{project_id}/webtamper/static/protect-historyStatus code: 200Query the static WTP status of a serv", + "doc_type":"api", + "kw":"Querying the Status of Static WTP for a Server,Web Tamper Protection,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Status of Static WTP for a Server", + "githuburl":"" + }, + { + "uri":"ListHostRaspProtectHistoryInfo.html", + "node_id":"listhostraspprotecthistoryinfo.xml", + "product_code":"hss", + "code":"54", + "des":"This API is used to query the status of dynamic WTP for a server.GET /v5/{project_id}/webtamper/rasp/protect-historyStatus code: 200Query the dynamic WTP status of a serv", + "doc_type":"api", + "kw":"Querying the Status of Dynamic WTP for a Server,Web Tamper Protection,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Querying the Status of Dynamic WTP for a Server", + "githuburl":"" + }, + { + "uri":"topic_300000009.html", + "node_id":"topic_300000009.xml", + "product_code":"hss", + "code":"55", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Tag Management", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Tag Management", + "githuburl":"" + }, + { + "uri":"BatchCreateTags.html", + "node_id":"batchcreatetags.xml", + "product_code":"hss", + "code":"56", + "des":"This API is used to create tags in batches.POST /v5/{project_id}/{resource_type}/{resource_id}/tags/createNoneCreate a tag key TESTKEY20220831190155 (the tag value is 2) ", + "doc_type":"api", + "kw":"Creating Tags in Batches,Tag Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Creating Tags in Batches", + "githuburl":"" + }, + { + "uri":"DeleteResourceInstanceTag.html", + "node_id":"deleteresourceinstancetag.xml", + "product_code":"hss", + "code":"57", + "des":"This API is used to delete a tag from a resource.DELETE /v5/{project_id}/{resource_type}/{resource_id}/tags/{key}NoneDelete the tag whose key is abc, project_id is 94b526", + "doc_type":"api", + "kw":"Deleting a Resource Tag,Tag Management,API Reference", + "search_title":"", + "metedata":[ + { + "operation_id":"UpdateProtectionPolicy", + "documenttype":"api", + "prodname":"hss", + "opensource":"true" + } + ], + "title":"Deleting a Resource Tag", + "githuburl":"" + }, + { + "uri":"hss_02_0015.html", + "node_id":"hss_02_0015.xml", + "product_code":"hss", + "code":"58", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Appendixes", + "search_title":"", + "metedata":[ + { + "documenttype":"api", + "opensource":"true", + "prodname":"hss", + "IsBot":"Yes" + } + ], + "title":"Appendixes", + "githuburl":"" + }, + { + "uri":"hss_02_0016.html", + "node_id":"hss_02_0016.xml", + "product_code":"hss", + "code":"59", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Status Codes,Appendixes,API Reference", + "search_title":"", + "metedata":[ + { + "documenttype":"api", + "opensource":"true", + "prodname":"hss", + "IsBot":"Yes" + } + ], + "title":"Status Codes", + "githuburl":"" + }, + { + "uri":"ErrorCode.html", + "node_id":"errorcode_1.xml", + "product_code":"hss", + "code":"60", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Error Codes,Appendixes,API Reference", + "search_title":"", + "metedata":[ + { + "documenttype":"api", + "opensource":"true", + "prodname":"hss", + "IsBot":"Yes" + } + ], + "title":"Error Codes", + "githuburl":"" + }, + { + "uri":"hss_02_0017.html", + "node_id":"hss_02_0017.xml", + "product_code":"hss", + "code":"61", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Change History,API Reference", + "search_title":"", + "metedata":[ + { + "documenttype":"api", + "opensource":"true", + "prodname":"hss", + "IsBot":"Yes" + } + ], + "title":"Change History", + "githuburl":"" + } +] \ No newline at end of file diff --git a/docs/hss/api-ref/AddHostsGroup.html b/docs/hss/api-ref/AddHostsGroup.html new file mode 100644 index 00000000..29b387a3 --- /dev/null +++ b/docs/hss/api-ref/AddHostsGroup.html @@ -0,0 +1,194 @@ + + +

Creating a Server Group

+

Function

This API is used to create a server group.

+
+

URI

POST /v5/{project_id}/host-management/groups

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+

Content-Type

+

No

+

String

+

Default value: application/json; charset=utf-8

+

Minimum: 0

+

Maximum: 128

+
+
+ +
+ + + + + + + + + + + + + + + + +
Table 4 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

group_name

+

Yes

+

String

+

Server group name

+

Minimum: 1

+

Maximum: 128

+

host_id_list

+

Yes

+

Array of strings

+

Server ID list

+

Minimum: 1

+

Maximum: 128

+

Array Length: 1 - 10000

+
+
+
+

Response Parameters

None

+
+

Example Requests

Create a server group named test. The ID of the server in the server group is 15dac7fe-d81b-43bc-a4a7-4710fe673972.

+
POST https://{endpoint}/v5/{project_id}/host-management/groups
+
+{
+  "group_name" : "test",
+  "host_id_list" : [ "15dac7fe-d81b-43bc-a4a7-4710fe673972" ]
+}
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + + + + + + + + + + + + + + + + +

Status Code

+

Description

+

200

+

success

+

400

+

Invalid parameter.

+

401

+

Authentication failed.

+

403

+

Insufficient permission.

+

404

+

Resource not found.

+

500

+

System error.

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Server Management
+
+
+ diff --git a/docs/hss/api-ref/AssociatePolicyGroup.html b/docs/hss/api-ref/AssociatePolicyGroup.html new file mode 100644 index 00000000..7a794d0d --- /dev/null +++ b/docs/hss/api-ref/AssociatePolicyGroup.html @@ -0,0 +1,207 @@ + + +

Applying a Policy Group

+

Function

Applying a policy group

+
+

URI

POST /v5/{project_id}/policy/deploy

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+

Content-Type

+

No

+

String

+

Default value: application/json; charset=utf-8

+

Minimum: 0

+

Maximum: 128

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + +
Table 4 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

target_policy_group_id

+

Yes

+

String

+

ID of the policy group to be deployed

+

Minimum: 36

+

Maximum: 64

+

operate_all

+

No

+

Boolean

+

Whether to deploy the policy for all servers.

+

  • true: The policy is deployed on all servers. You do not need to set host_id_list.

    +

  • false: The policy is not deployed on all servers. You need to set host_id_list.

    +
+

host_id_list

+

No

+

Array of strings

+

IDs of servers where the policy group needs to be deployed

+

Minimum: 1

+

Maximum: 128

+

Array Length: 0 - 10000

+
+
+
+

Response Parameters

None

+
+

Example Requests

Deploy a server protection policy. The target server ID is 15462c0e-32c6-4217-a869-bbd131a00ecf, and the target policy ID is f671f7-2677-4705-a320-de1a62bff306.

+
POST https://{endpoint}/v5/{project_id}/policy/deploy
+
+{
+  "target_policy_group_id" : "1df671f7-2677-4705-a320-de1a62bff306",
+  "host_id_list" : [ "15462c0e-32c6-4217-a869-bbd131a00ecf" ],
+  "operate_all" : false
+}
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + + + + + + + + + + + + + + + + +

Status Code

+

Description

+

200

+

Success

+

400

+

Invalid parameter.

+

401

+

Authentication failed.

+

403

+

Insufficient permission.

+

404

+

Resource not found.

+

500

+

System error.

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Policy Management
+
+
+ diff --git a/docs/hss/api-ref/BatchCreateTags.html b/docs/hss/api-ref/BatchCreateTags.html new file mode 100644 index 00000000..489cd87f --- /dev/null +++ b/docs/hss/api-ref/BatchCreateTags.html @@ -0,0 +1,218 @@ + + +

Creating Tags in Batches

+

Function

This API is used to create tags in batches.

+
+

URI

POST /v5/{project_id}/{resource_type}/{resource_id}/tags/create

+ +
+ + + + + + + + + + + + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+

resource_type

+

Yes

+

String

+

Resource type defined by TMS. When HSS calls the API, the resource type is HSS.

+

Minimum: 1

+

Maximum: 64

+

resource_id

+

Yes

+

String

+

Resource ID defined by TMS. When HSS calls the API, the resource ID is the quota ID.

+

Minimum: 0

+

Maximum: 128

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + + + + + + +
Table 2 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 512

+

Content-Type

+

No

+

String

+

Default value: application/json; charset=utf-8

+

Minimum: 0

+

Maximum: 128

+
+
+ +
+ + + + + + + + + + + +
Table 3 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

tags

+

Yes

+

Array of ResourceTagInfo objects

+

Tag List

+

Array Length: 0 - 1024

+
+
+ +
+ + + + + + + + + + + + + + + + +
Table 4 ResourceTagInfo

Parameter

+

Mandatory

+

Type

+

Description

+

key

+

Yes

+

String

+

Key. It can contain up to 128 Unicode characters. The key cannot be left blank.

+

Minimum: 1

+

Maximum: 128

+

value

+

Yes

+

String

+

Value.

+

Minimum: 1

+

Maximum: 128

+
+
+
+

Response Parameters

None

+
+

Example Requests

Create a tag key TESTKEY20220831190155 (the tag value is 2) and a tag key test (the tag value is hss).

+
POST https://{endpoint}/v5/05e1e8b7ba8010dd2f80c01070a8d4cd/hss/fbaa9aca-2b5f-11ee-8c64-fa163e139e02/tags/create
+
+{
+  "tags" : [ {
+    "key" : "TESTKEY20220831190155",
+    "value" : "2"
+  }, {
+    "key" : "test",
+    "value" : "hss"
+  } ]
+}
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + + + + + + + + + + + + + + + + +

Status Code

+

Description

+

200

+

success

+

400

+

Invalid parameter.

+

401

+

Authentication failed.

+

403

+

Insufficient permission.

+

404

+

Resources not found.

+

500

+

System error.

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Tag Management
+
+
+ diff --git a/docs/hss/api-ref/CLASS.TXT.json b/docs/hss/api-ref/CLASS.TXT.json new file mode 100644 index 00000000..66498555 --- /dev/null +++ b/docs/hss/api-ref/CLASS.TXT.json @@ -0,0 +1,551 @@ +[ + { + "desc":"Public cloud APIs comply with the RESTful API design principles. REST-based Web services are organized into resources. Each resource is identified by one or more Uniform ", + "product_code":"hss", + "title":"API Usage Guidelines", + "uri":"hss_02_0001.html", + "doc_type":"api", + "p_code":"", + "code":"1" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"API Description", + "uri":"hss_02_0011.html", + "doc_type":"api", + "p_code":"", + "code":"2" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Asset Management", + "uri":"topic_300000000.html", + "doc_type":"api", + "p_code":"2", + "code":"3" + }, + { + "desc":"This API is used to collect statistics on assets, such as accounts, ports, and processes.GET /v5/{project_id}/asset/statisticsStatus code: 200This API is used to query th", + "product_code":"hss", + "title":"Collecting Asset Statistics, Including Accounts, Ports, and Processes", + "uri":"ShowAssetStatistic.html", + "doc_type":"api", + "p_code":"3", + "code":"4" + }, + { + "desc":"This API is used to check account information in asset fingerprints.GET /v5/{project_id}/asset/user/statisticsStatus code: 200The first 10 accounts are queried by default", + "product_code":"hss", + "title":"Asset Fingerprint - Account Information", + "uri":"ListUserStatistics.html", + "doc_type":"api", + "p_code":"3", + "code":"5" + }, + { + "desc":"This API is used to check process information in asset fingerprints.GET /v5/{project_id}/asset/process/statisticsStatus code: 200The first 10 processes whose type is host", + "product_code":"hss", + "title":"Asset Fingerprint - Process Information", + "uri":"ListProcessStatistics.html", + "doc_type":"api", + "p_code":"3", + "code":"6" + }, + { + "desc":"This API is used to check software information in asset fingerprints.GET /v5/{project_id}/asset/app/statisticsStatus code: 200The first 10 software lists whose type is ho", + "product_code":"hss", + "title":"Asset Fingerprint - Software Information", + "uri":"ListAppStatistics.html", + "doc_type":"api", + "p_code":"3", + "code":"7" + }, + { + "desc":"This API is used to check auto-started items in asset fingerprints.GET /v5/{project_id}/asset/auto-launch/statisticsStatus code: 200The first 10 auto-startup items are qu", + "product_code":"hss", + "title":"Asset Fingerprint - Auto-Started Item Information", + "uri":"ListAutoLaunchStatistics.html", + "doc_type":"api", + "p_code":"3", + "code":"8" + }, + { + "desc":"This API is used to query the server list of an account.GET /v5/{project_id}/asset/usersStatus code: 200Query servers list whose account is daemon by default.Status code:", + "product_code":"hss", + "title":"Querying the Server List of an Account", + "uri":"ListUsers.html", + "doc_type":"api", + "p_code":"3", + "code":"9" + }, + { + "desc":"This API is used to check open port information in the asset fingerprints of a server.GET /v5/{project_id}/asset/portsStatus code: 200The first 10 open ports whose host_i", + "product_code":"hss", + "title":"Asset Fingerprint of a Server - Open Port Information", + "uri":"ListPorts.html", + "doc_type":"api", + "p_code":"3", + "code":"10" + }, + { + "desc":"This API is used to check software information in the asset fingerprints of a server.GET /v5/{project_id}/asset/appsStatus code: 200The first 10 servers whose software na", + "product_code":"hss", + "title":"Asset Fingerprint of a Server - Software", + "uri":"ListApps.html", + "doc_type":"api", + "p_code":"3", + "code":"11" + }, + { + "desc":"This API is used to check auto-started items in the asset fingerprints of a server.GET /v5/{project_id}/asset/auto-launchsStatus code: 200The first 10 services whose auto", + "product_code":"hss", + "title":"Asset Fingerprint of a Server - Auto-Started Items", + "uri":"ListAutoLaunchs.html", + "doc_type":"api", + "p_code":"3", + "code":"12" + }, + { + "desc":"This API is used to obtain the account change history.GET /v5/{project_id}/asset/user/change-historyStatus code: 200The first 10 account change records whose start time i", + "product_code":"hss", + "title":"Obtaining the Account Change History", + "uri":"ListUserChangeHistories.html", + "doc_type":"api", + "p_code":"3", + "code":"13" + }, + { + "desc":"This API is used to check the change history of software in the asset fingerprints of a server.GET /v5/{project_id}/asset/app/change-historyStatus code: 200The first 10 s", + "product_code":"hss", + "title":"Asset Fingerprint - Software Information - Change History", + "uri":"ListAppChangeHistories.html", + "doc_type":"api", + "p_code":"3", + "code":"14" + }, + { + "desc":"This API is used to check open port information in asset fingerprints.GET /v5/{project_id}/asset/port/statisticsStatus code: 200The first 10 open ports whose port number ", + "product_code":"hss", + "title":"Asset Fingerprint - Open Port Information", + "uri":"ListPortStatistics.html", + "doc_type":"api", + "p_code":"3", + "code":"15" + }, + { + "desc":"This API is used to check the change history of auto-started items in the asset fingerprints of a server.GET /v5/{project_id}/asset/auto-launch/change-historyStatus code:", + "product_code":"hss", + "title":"Asset Fingerprint - Auto-started Item - Change History", + "uri":"ListAutoLaunchChangeHistories.html", + "doc_type":"api", + "p_code":"3", + "code":"16" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Ransomware Prevention", + "uri":"topic_300000001.html", + "doc_type":"api", + "p_code":"2", + "code":"17" + }, + { + "desc":"This API is used to query the protection policy list of ransomware.GET /v5/{project_id}/ransomware/protection/policyStatus code: 200Query the protection policy list of ra", + "product_code":"hss", + "title":"Querying the Protection Policy List of Ransomware", + "uri":"ListProtectionPolicy.html", + "doc_type":"api", + "p_code":"17", + "code":"18" + }, + { + "desc":"This API is used to modify ransomware protection policies.PUT /v5/{project_id}/ransomware/protection/policyNoneModify the ransomware protection policy. Set the OS type to", + "product_code":"hss", + "title":"Modifying Ransomware Protection Policies", + "uri":"UpdateProtectionPolicy.html", + "doc_type":"api", + "p_code":"17", + "code":"19" + }, + { + "desc":"This API is used to disable ransomware prevention.POST /v5/{project_id}/ransomware/protection/closeNoneDisable ransomware protection for the server. The target server ID ", + "product_code":"hss", + "title":"Disabling Ransomware Prevention", + "uri":"StopProtection.html", + "doc_type":"api", + "p_code":"17", + "code":"20" + }, + { + "desc":"This API is used to modify the backup policy associated with the vaultPUT /v5/{project_id}/backup/policyNoneModify the backup policy. The target backup policy ID is af4d0", + "product_code":"hss", + "title":"Modifying the Backup Policy Bound to HSS Protection Vault", + "uri":"UpdateBackupPolicyInfo.html", + "doc_type":"api", + "p_code":"17", + "code":"21" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Baseline Management", + "uri":"topic_300000002.html", + "doc_type":"api", + "p_code":"2", + "code":"22" + }, + { + "desc":"This API is used to query the list of weak password detection results.GET /v5/{project_id}/baseline/weak-password-usersStatus code: 200Query the weak password of servers ", + "product_code":"hss", + "title":"Querying the Weak Password Detection Result List", + "uri":"ListWeakPasswordUsers.html", + "doc_type":"api", + "p_code":"22", + "code":"23" + }, + { + "desc":"This API is used to query the password complexity policy detection report.GET /v5/{project_id}/baseline/password-complexityStatus code: 200Query the password complexity o", + "product_code":"hss", + "title":"Querying the Password Complexity Policy Detection Report", + "uri":"ListPasswordComplexity.html", + "doc_type":"api", + "p_code":"22", + "code":"24" + }, + { + "desc":"This API is used to query the result list of a user's server security configuration check.GET /v5/{project_id}/baseline/risk-configsStatus code: 200This API is used to qu", + "product_code":"hss", + "title":"Querying the Result List of Server Security Configuration Check", + "uri":"ListRiskConfigs.html", + "doc_type":"api", + "p_code":"22", + "code":"25" + }, + { + "desc":"This API is used to query the check result of a specified security configuration item.GET /v5/{project_id}/baseline/risk-config/{check_name}/detailStatus code: 200This AP", + "product_code":"hss", + "title":"Querying the Check Result of a Security Configuration Item", + "uri":"ShowRiskConfigDetail.html", + "doc_type":"api", + "p_code":"22", + "code":"26" + }, + { + "desc":"This API is used to query the checklist of a specified security configuration item.GET /v5/{project_id}/baseline/risk-config/{check_name}/check-rulesStatus code: 200This ", + "product_code":"hss", + "title":"Querying the Checklist of a Security Configuration Item", + "uri":"ListRiskConfigCheckRules.html", + "doc_type":"api", + "p_code":"22", + "code":"27" + }, + { + "desc":"This API is used to query the list of affected servers of a specified security configuration item.GET /v5/{project_id}/baseline/risk-config/{check_name}/hostsStatus code:", + "product_code":"hss", + "title":"Querying the List of Affected Servers of a Security Configuration Item", + "uri":"ListRiskConfigHosts.html", + "doc_type":"api", + "p_code":"22", + "code":"28" + }, + { + "desc":"This API is used to query the report of a check item in a security configuration check.GET /v5/{project_id}/baseline/check-rule/detailStatus code: 200This API is used to ", + "product_code":"hss", + "title":"Querying the Report of a Check Item in a Security Configuration Check", + "uri":"ShowCheckRuleDetail.html", + "doc_type":"api", + "p_code":"22", + "code":"29" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Quota Management", + "uri":"topic_300000003.html", + "doc_type":"api", + "p_code":"2", + "code":"30" + }, + { + "desc":"This API is used to query quota details.GET /v5/{project_id}/billing/quotas-detailStatus code: 200This API is used to query quotas details in all enterprise projects.Stat", + "product_code":"hss", + "title":"Querying Quota Details", + "uri":"ListQuotasDetail.html", + "doc_type":"api", + "p_code":"30", + "code":"31" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Intrusion Detection", + "uri":"topic_300000004.html", + "doc_type":"api", + "p_code":"2", + "code":"32" + }, + { + "desc":"This API is used to query the detected intrusion list.GET /v5/{project_id}/event/eventsStatus code: 200Query the first 50 unprocessed server events whose enterprise proje", + "product_code":"hss", + "title":"Querying the Detected Intrusion List", + "uri":"ListSecurityEvents.html", + "doc_type":"api", + "p_code":"32", + "code":"33" + }, + { + "desc":"This API is used to query the alarm whitelist.GET /v5/{project_id}/event/white-list/alarmStatus code: 200Query the first 10 alarm whitelists whose enterprise project is x", + "product_code":"hss", + "title":"Querying the Alarm Whitelist", + "uri":"ListAlarmWhiteList.html", + "doc_type":"api", + "p_code":"32", + "code":"34" + }, + { + "desc":"This API is used to handle alarm events.POST /v5/{project_id}/event/operateNoneNoneSee Error Codes.", + "product_code":"hss", + "title":"Handling Alarm Events", + "uri":"ChangeEvent.html", + "doc_type":"api", + "p_code":"32", + "code":"35" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Server Management", + "uri":"topic_300000005.html", + "doc_type":"api", + "p_code":"2", + "code":"36" + }, + { + "desc":"This API is used to query ECSs.GET /v5/{project_id}/host-management/hostsStatus code: 200Query the 10 Linux servers in all enterprise projects whose agent status is onlin", + "product_code":"hss", + "title":"Querying ECSs", + "uri":"ListHostStatus.html", + "doc_type":"api", + "p_code":"36", + "code":"37" + }, + { + "desc":"This API is used to change the protection status.POST /v5/{project_id}/host-management/protectionNoneSwitch the protection edition of the server whose ID is 71a15ecc-049f", + "product_code":"hss", + "title":"Changing the Protection Status", + "uri":"SwitchHostsProtectStatus.html", + "doc_type":"api", + "p_code":"36", + "code":"38" + }, + { + "desc":"This API is used to query server groups.GET /v5/{project_id}/host-management/groupsStatus code: 200Query the server group whose name is test.Status code: 200Server group ", + "product_code":"hss", + "title":"Querying Server Groups", + "uri":"ListHostGroups.html", + "doc_type":"api", + "p_code":"36", + "code":"39" + }, + { + "desc":"This API is used to create a server group.POST /v5/{project_id}/host-management/groupsNoneCreate a server group named test. The ID of the server in the server group is 15", + "product_code":"hss", + "title":"Creating a Server Group", + "uri":"AddHostsGroup.html", + "doc_type":"api", + "p_code":"36", + "code":"40" + }, + { + "desc":"This API is used to edit a server group.PUT /v5/{project_id}/host-management/groupsNoneEdit the server group named test. The server group ID is eca40dbe-27f7-4229-8f9d-a5", + "product_code":"hss", + "title":"Editing a Server Group", + "uri":"ChangeHostsGroup.html", + "doc_type":"api", + "p_code":"36", + "code":"41" + }, + { + "desc":"This API is used to delete a server group.DELETE /v5/{project_id}/host-management/groupsNoneDelete the server group whose ID is 34fcf861-402b-45c6-9b6a-13087791aae3.NoneS", + "product_code":"hss", + "title":"Deleting a Server Group", + "uri":"DeleteHostsGroup.html", + "doc_type":"api", + "p_code":"36", + "code":"42" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Policy Management", + "uri":"topic_300000006.html", + "doc_type":"api", + "p_code":"2", + "code":"43" + }, + { + "desc":"This API is used to query the policy group list.GET /v5/{project_id}/policy/groupsStatus code: 200Query the policy group list of all enterprise projects.Status code: 200P", + "product_code":"hss", + "title":"Querying the Policy Group List", + "uri":"ListPolicyGroup.html", + "doc_type":"api", + "p_code":"43", + "code":"44" + }, + { + "desc":"Applying a policy groupPOST /v5/{project_id}/policy/deployNoneDeploy a server protection policy. The target server ID is 15462c0e-32c6-4217-a869-bbd131a00ecf, and the tar", + "product_code":"hss", + "title":"Applying a Policy Group", + "uri":"AssociatePolicyGroup.html", + "doc_type":"api", + "p_code":"43", + "code":"45" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Vulnerability Management", + "uri":"topic_300000007.html", + "doc_type":"api", + "p_code":"2", + "code":"46" + }, + { + "desc":"This API is used to query the list of detected vulnerabilities.GET /v5/{project_id}/vulnerability/vulnerabilitiesStatus code: 200Query the first 10 records in the vulnera", + "product_code":"hss", + "title":"Querying the Vulnerability List", + "uri":"ListVulnerabilities.html", + "doc_type":"api", + "p_code":"46", + "code":"47" + }, + { + "desc":"This API is used to query the servers affected by a vulnerability.GET /v5/{project_id}/vulnerability/hostsStatus code: 200Query the first 10 records in the list of server", + "product_code":"hss", + "title":"Querying the Servers Affected by a Vulnerability", + "uri":"ListVulHosts.html", + "doc_type":"api", + "p_code":"46", + "code":"48" + }, + { + "desc":"This API is used to change the status of a vulnerability.PUT /v5/{project_id}/vulnerability/statusNoneChange the vulnerability status of the server whose ID is 71a15ecc-0", + "product_code":"hss", + "title":"Changing the Status of a Vulnerability", + "uri":"ChangeVulStatus.html", + "doc_type":"api", + "p_code":"46", + "code":"49" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Web Tamper Protection", + "uri":"topic_300000008.html", + "doc_type":"api", + "p_code":"2", + "code":"50" + }, + { + "desc":"This API is used to enable or disable WTP.POST /v5/{project_id}/webtamper/static/statusNoneEnable WTP, set the target server IDs to a and b, and pay for the yearly/monthl", + "product_code":"hss", + "title":"Enabling or Disabling WTP", + "uri":"SetWtpProtectionStatusInfo.html", + "doc_type":"api", + "p_code":"50", + "code":"51" + }, + { + "desc":"This API is used to enable or disable dynamic WTP.POST /v5/{project_id}/webtamper/rasp/statusNoneEnable dynamic WTP for servers a and b.NoneSee Error Codes.", + "product_code":"hss", + "title":"Enabling or Disabling Dynamic WTP", + "uri":"SetRaspSwitch.html", + "doc_type":"api", + "p_code":"50", + "code":"52" + }, + { + "desc":"This API is used to query the status of static WTP for a server.GET /v5/{project_id}/webtamper/static/protect-historyStatus code: 200Query the static WTP status of a serv", + "product_code":"hss", + "title":"Querying the Status of Static WTP for a Server", + "uri":"ListHostProtectHistoryInfo.html", + "doc_type":"api", + "p_code":"50", + "code":"53" + }, + { + "desc":"This API is used to query the status of dynamic WTP for a server.GET /v5/{project_id}/webtamper/rasp/protect-historyStatus code: 200Query the dynamic WTP status of a serv", + "product_code":"hss", + "title":"Querying the Status of Dynamic WTP for a Server", + "uri":"ListHostRaspProtectHistoryInfo.html", + "doc_type":"api", + "p_code":"50", + "code":"54" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Tag Management", + "uri":"topic_300000009.html", + "doc_type":"api", + "p_code":"2", + "code":"55" + }, + { + "desc":"This API is used to create tags in batches.POST /v5/{project_id}/{resource_type}/{resource_id}/tags/createNoneCreate a tag key TESTKEY20220831190155 (the tag value is 2) ", + "product_code":"hss", + "title":"Creating Tags in Batches", + "uri":"BatchCreateTags.html", + "doc_type":"api", + "p_code":"55", + "code":"56" + }, + { + "desc":"This API is used to delete a tag from a resource.DELETE /v5/{project_id}/{resource_type}/{resource_id}/tags/{key}NoneDelete the tag whose key is abc, project_id is 94b526", + "product_code":"hss", + "title":"Deleting a Resource Tag", + "uri":"DeleteResourceInstanceTag.html", + "doc_type":"api", + "p_code":"55", + "code":"57" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Appendixes", + "uri":"hss_02_0015.html", + "doc_type":"api", + "p_code":"", + "code":"58" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Status Codes", + "uri":"hss_02_0016.html", + "doc_type":"api", + "p_code":"58", + "code":"59" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Error Codes", + "uri":"ErrorCode.html", + "doc_type":"api", + "p_code":"58", + "code":"60" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"hss", + "title":"Change History", + "uri":"hss_02_0017.html", + "doc_type":"api", + "p_code":"", + "code":"61" + } +] \ No newline at end of file diff --git a/docs/hss/api-ref/ChangeEvent.html b/docs/hss/api-ref/ChangeEvent.html new file mode 100644 index 00000000..1c4be249 --- /dev/null +++ b/docs/hss/api-ref/ChangeEvent.html @@ -0,0 +1,436 @@ + + +

Handling Alarm Events

+

Function

This API is used to handle alarm events.

+
+

URI

POST /v5/{project_id}/event/operate

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 20

+

Maximum: 64

+
+
+ +
+ + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Minimum: 0

+

Maximum: 64

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + +
Table 4 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

operate_type

+

Yes

+

String

+

Handling method. Its value can be:

+

  • mark_as_handled

    +

  • ignore

    +

  • add_to_alarm_whitelist

    +

  • add_to_login_whitelist

    +

  • isolate_and_kill

    +

  • unhandle

    +

  • do_not_ignore

    +

  • remove_from_alarm_whitelist

    +

  • remove_from_login_whitelist

    +

  • do_not_isolate_or_kill

    +
+

handler

+

No

+

String

+

Remarks. This API is available only for handled alarms.

+

operate_event_list

+

Yes

+

Array of OperateEventRequestInfo objects

+

Operated event list

+

Array Length: 0 - 100

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 OperateEventRequestInfo

Parameter

+

Mandatory

+

Type

+

Description

+

event_class_id

+

Yes

+

String

+

Event category. Its value can be:

+

  • container_1001: Container namespace

    +

  • container_1002: Container open port

    +

  • container_1003: Container security option

    +

  • container_1004: Container mount directory

    +

  • containerescape_0001: High-risk system call

    +

  • containerescape_0002: Shocker attack

    +

  • containerescape_0003: Dirty Cow attack

    +

  • containerescape_0004: Container file escape

    +

  • dockerfile_001: Modification of user-defined protected container file

    +

  • dockerfile_002: Modification of executable files in the container file system

    +

  • dockerproc_001: Abnormal container process

    +

  • fileprotect_0001: File privilege escalation

    +

  • fileprotect_0002: Key file change

    +

  • fileprotect_0003: AuthorizedKeysFile path change

    +

  • fileprotect_0004: File directory change

    +

  • login_0001: Brute-force attack attempt

    +

  • login_0002: Brute-force attack succeeded

    +

  • login_1001: Succeeded login

    +

  • login_1002: Remote login

    +

  • login_1003: Weak password

    +

  • malware_0001: Shell change

    +

  • malware_0002: Reverse shell

    +

  • malware_1001: Malicious program

    +

  • procdet_0001: Abnormal process behavior

    +

  • procdet_0002: Process privilege escalation

    +

  • procreport_0001: High-risk command

    +

  • user_1001: Account change

    +

  • user_1002: Unsafe account

    +

  • vmescape_0001: Sensitive command executed on VM

    +

  • vmescape_0002: Sensitive file accessed by virtualization process

    +

  • vmescape_0003: Abnormal VM port access

    +

  • webshell_0001: Web shell

    +

  • network_1001: Mining

    +

  • network_1002: DDoS attacks

    +

  • network_1003: Malicious scanning

    +

  • network_1004: Attack in sensitive areas

    +

  • crontab_1001: Suspicious crontab task

    +
+

event_id

+

Yes

+

String

+

Event ID

+

event_type

+

Yes

+

Integer

+

Intrusion type. Its value can be:

+

  • 1001: Malware

    +

  • 1010: Rootkit

    +

  • 1011: Ransomware

    +

  • 1015: Web shell

    +

  • 1017: Reverse shell

    +

  • 2001: Common vulnerability exploit

    +

  • 3002: File privilege escalation

    +

  • 3003: Process privilege escalation

    +

  • 3004: Important file change

    +

  • 3005: File/Directory change

    +

  • 3007: Abnormal process behavior

    +

  • 3015: High-risk command execution

    +

  • 3018: Abnormal shell

    +

  • 3027: Suspicious crontab tasks

    +

  • 4002: Brute-force attack

    +

  • 4004: Abnormal login

    +

  • 4006: Invalid system account

    +
+

occur_time

+

Yes

+

Integer

+

Occurrence time, accurate to milliseconds.

+

operate_detail_list

+

Yes

+

Array of EventDetailRequestInfo objects

+

Operation details list. If operate_type is set to add_to_alarm_whitelist or remove_from_alarm_whitelist, keyword and hash are mandatory. If operate_type is set to add_to_login_whitelist or remove_from_login_whitelist, the login_ip, private_ip, and login_user_name parameters are mandatory. If operate_type is set to isolate_and_kill or do_not_isolate_or_kill, the agent_id, file_hash, file_path, and process_pid parameters are mandatory. In other cases, the parameters are optional.

+

Array Length: 0 - 100

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 6 EventDetailRequestInfo

Parameter

+

Mandatory

+

Type

+

Description

+

agent_id

+

No

+

String

+

Agent ID

+

process_pid

+

No

+

Integer

+

Process ID

+

file_hash

+

No

+

String

+

File hash

+

file_path

+

No

+

String

+

File path

+

file_attr

+

No

+

String

+

File attribute

+

keyword

+

No

+

String

+

Alarm event keyword, which is used only for the alarm whitelist.

+

hash

+

No

+

String

+

Alarm event hash, which is used only for the alarm whitelist.

+

private_ip

+

No

+

String

+

Server private IP address

+

login_ip

+

No

+

String

+

Login source IP address

+

login_user_name

+

No

+

String

+

Login username

+
+
+
+

Response Parameters

None

+
+

Example Requests

POST https://{endpoint}/v5/{project_id}/event/operate?enterprise_project_id=xxx
+
+{
+  "operate_type" : "mark_as_handled",
+  "handler" : "test",
+  "operate_event_list" : [ {
+    "event_class_id" : "rootkit_0001",
+    "event_id" : "2a71e1e2-60f4-4d56-b314-2038fdc39de6",
+    "occur_time" : 1672046760353,
+    "event_type" : 1010,
+    "operate_detail_list" : [ {
+      "agent_id" : "c9bed5397db449ebdfba15e85fcfc36accee125c68954daf5cab0528bab59bd8",
+      "file_hash" : "e8b50f0b91e3dce0885ccc5902846b139d28108a0a7976c9b8d43154c5dbc44d",
+      "file_path" : "/usr/test",
+      "process_pid" : 3123,
+      "file_attr" : 33261,
+      "keyword" : "file_path=/usr/test",
+      "hash" : "e8b50f0b91e3dce0885ccc5902846b139d28108a0a7976c9b8d43154c5dbc44d",
+      "login_ip" : "127.0.0.1",
+      "private_ip" : "127.0.0.2",
+      "login_user_name" : "root"
+    } ]
+  } ],
+  "x-request-examples-description-1" : "Manually handle the intrusion alarms whose alarm event type is Rootkit and alarm event ID is 2a71e1e2-60f4-4d56-b314-2038fdc39de6."
+}
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + + + + + + + + + + + + + + + + +

Status Code

+

Description

+

200

+

success

+

400

+

Invalid parameter.

+

401

+

Authentication failed.

+

403

+

Insufficient permission.

+

404

+

Resource not found.

+

500

+

System error.

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Intrusion Detection
+
+
+ diff --git a/docs/hss/api-ref/ChangeHostsGroup.html b/docs/hss/api-ref/ChangeHostsGroup.html new file mode 100644 index 00000000..66723aec --- /dev/null +++ b/docs/hss/api-ref/ChangeHostsGroup.html @@ -0,0 +1,199 @@ + + +

Editing a Server Group

+

Function

This API is used to edit a server group.

+
+

URI

PUT /v5/{project_id}/host-management/groups

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+

Content-Type

+

No

+

String

+

Default value: application/json; charset=utf-8

+

Minimum: 0

+

Maximum: 128

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + +
Table 4 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

group_name

+

No

+

String

+

Server group name

+

group_id

+

Yes

+

String

+

Server group ID

+

host_id_list

+

No

+

Array of strings

+

Server ID list

+
+
+
+

Response Parameters

None

+
+

Example Requests

Edit the server group named test. The server group ID is eca40dbe-27f7-4229-8f9d-a58213129fdc. The IDs of the servers in the server group are 15dac7fe-d81b-43bc-a4a7-4710fe673972 and 21303c5b-36ad-4510-a1b0-cb4ac4c2875c.

+
PUT https://{endpoint}/v5/{project_id}/host-management/groups
+
+{
+  "group_id" : "eca40dbe-27f7-4229-8f9d-a58213129fdc",
+  "group_name" : "test",
+  "host_id_list" : [ "15dac7fe-d81b-43bc-a4a7-4710fe673972", "21303c5b-36ad-4510-a1b0-cb4ac4c2875c" ]
+}
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + + + + + + + + + + + + + + + + +

Status Code

+

Description

+

200

+

success

+

400

+

Invalid parameter.

+

401

+

Authentication failed.

+

403

+

Insufficient permission.

+

404

+

Resource not found.

+

500

+

System error.

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Server Management
+
+
+ diff --git a/docs/hss/api-ref/ChangeVulStatus.html b/docs/hss/api-ref/ChangeVulStatus.html new file mode 100644 index 00000000..4833f45b --- /dev/null +++ b/docs/hss/api-ref/ChangeVulStatus.html @@ -0,0 +1,208 @@ + + +

Changing the Status of a Vulnerability

+

Function

This API is used to change the status of a vulnerability.

+
+

URI

PUT /v5/{project_id}/vulnerability/status

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 128

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+

Content-Type

+

No

+

String

+

Default value: application/json; charset=utf-8

+

Minimum: 0

+

Maximum: 128

+
+
+ +
+ + + + + + + + + + + + + + + + +
Table 4 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

operate_type

+

Yes

+

String

+

Operation type. Its value can be:

+

  • ignore

    +

  • not_ignore: unignore

    +

  • immediate_repair: fix

    +

  • verify

    +
+

data_list

+

Yes

+

Array of VulOperateInfo objects

+

Vulnerability list

+

Array Length: 1 - 500

+
+
+ +
+ + + + + + + + + + + + + + + + +
Table 5 VulOperateInfo

Parameter

+

Mandatory

+

Type

+

Description

+

vul_id

+

Yes

+

String

+

Vulnerability ID

+

Minimum: 1

+

Maximum: 64

+

host_id_list

+

Yes

+

Array of strings

+

Server list

+

Minimum: 1

+

Maximum: 64

+

Array Length: 1 - 500

+
+
+
+

Response Parameters

None

+
+

Example Requests

Change the vulnerability status of the server whose ID is 71a15ecc-049f-4cca-bd28-5e90aca1817f. Change the status of EulerOS-SA-2021-1894 to ignored.

+
{
+  "operate_type" : "ignore",
+  "data_list" : [ {
+    "vul_id" : "EulerOS-SA-2021-1894",
+    "host_id_list" : [ "71a15ecc-049f-4cca-bd28-5e90aca1817f" ]
+  } ]
+}
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Successful

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Vulnerability Management
+
+
+ diff --git a/docs/hss/api-ref/DeleteHostsGroup.html b/docs/hss/api-ref/DeleteHostsGroup.html new file mode 100644 index 00000000..d131091c --- /dev/null +++ b/docs/hss/api-ref/DeleteHostsGroup.html @@ -0,0 +1,154 @@ + + +

Deleting a Server Group

+

Function

This API is used to delete a server group.

+
+

URI

DELETE /v5/{project_id}/host-management/groups

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+

group_id

+

Yes

+

String

+

Server group ID

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

None

+
+

Example Requests

Delete the server group whose ID is 34fcf861-402b-45c6-9b6a-13087791aae3.

+
DELETE https://{endpoint}/v5/{project_id}/host-management/groups
+
+{
+  "group_id" : "34fcf861-402b-45c6-9b6a-13087791aae3"
+}
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + + + + + + + + + + + + + + + + +

Status Code

+

Description

+

200

+

success

+

400

+

Invalid parameter.

+

401

+

Authentication failed.

+

403

+

Insufficient permission.

+

404

+

Resource not found.

+

500

+

System error.

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Server Management
+
+
+ diff --git a/docs/hss/api-ref/DeleteResourceInstanceTag.html b/docs/hss/api-ref/DeleteResourceInstanceTag.html new file mode 100644 index 00000000..2470e52b --- /dev/null +++ b/docs/hss/api-ref/DeleteResourceInstanceTag.html @@ -0,0 +1,148 @@ + + +

Deleting a Resource Tag

+

Function

This API is used to delete a tag from a resource.

+
+

URI

DELETE /v5/{project_id}/{resource_type}/{resource_id}/tags/{key}

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+

resource_type

+

Yes

+

String

+

Resource type defined by TMS. When HSS calls the API, the resource type is HSS.

+

Minimum: 1

+

Maximum: 64

+

resource_id

+

Yes

+

String

+

Resource ID defined by TMS. When HSS calls the API, the resource ID is the quota ID.

+

Minimum: 0

+

Maximum: 128

+

key

+

Yes

+

String

+

Key to be deleted

+

Minimum: 1

+

Maximum: 256

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 2 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 512

+
+
+
+

Response Parameters

None

+
+

Example Requests

Delete the tag whose key is abc, project_id is 94b5266c14ce489fa6549817f032dc61, resource_type is hss, and resource_id is 2acc46ee-34c2-40c2-8060-dc652e6c672a.

+
DELETE https://{endpoint}/v5/94b5266c14ce489fa6549817f032dc61/hss/2acc46ee-34c2-40c2-8060-dc652e6c672a/tags/abc
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + + + + + + + + + + + + + + + + +

Status Code

+

Description

+

200

+

Success

+

400

+

Invalid parameter.

+

401

+

Authentication failed.

+

403

+

Insufficient permission.

+

404

+

Resources not found.

+

500

+

System error.

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Tag Management
+
+
+ diff --git a/docs/hss/api-ref/ErrorCode.html b/docs/hss/api-ref/ErrorCode.html new file mode 100644 index 00000000..82f44c3f --- /dev/null +++ b/docs/hss/api-ref/ErrorCode.html @@ -0,0 +1,48 @@ + + +

Error Codes

+
+
+ + + + + + + + + + + + + + + + + + + +

Status Code

+

Error Code

+

Message

+

Description

+

Measure

+

400

+

HSS.0001

+

Invalid param error

+

The parameter is invalid.

+

Ensure parameter values are valid.

+

500

+

HSS.0041

+

Query host extend info error

+

An error occurred during query.

+

Ensure parameter values are valid.

+
+
+
+
+
+
Parent topic: Appendixes
+
+
+ diff --git a/docs/hss/api-ref/ListAlarmWhiteList.html b/docs/hss/api-ref/ListAlarmWhiteList.html new file mode 100644 index 00000000..aaec83a4 --- /dev/null +++ b/docs/hss/api-ref/ListAlarmWhiteList.html @@ -0,0 +1,300 @@ + + +

Querying the Alarm Whitelist

+

Function

This API is used to query the alarm whitelist.

+
+

URI

GET /v5/{project_id}/event/white-list/alarm

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 20

+

Maximum: 64

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 64

+

hash

+

No

+

String

+

Hash value of the event whitelist description (SHA256 algorithm)

+

Minimum: 64

+

Maximum: 64

+

event_type

+

No

+

Integer

+

Event type. Its value can be:

+

  • 1001: malware

    +

  • 1010 : Rootkit

    +

  • 1011: ransomware

    +

    • 1015 : Web shell

      +

    • 1017: reverse shell

      +

    • 2001: Common vulnerability exploit

      +

    • 2047: redis vulnerability exploit

      +

    • 2048: Hadoop vulnerability exploit

      +

    • 2049: MySQL vulnerability exploit

      +

    • 3002: file privilege escalation

      +

    • 3003: process privilege escalation

      +

    • 3004: critical file change

      +

    • 3005: file/directory change

      +

    • 3007: abnormal process behavior

      +

    • 3015: high-risk command execution

      +

    • 3018: abnormal shell

      +

    • 3027: suspicious crontab task

      +

    • 4002: brute-force attack

      +

    • 4004: abnormal login

      +

    • 4006: Invalid system account

      +
    +
+

Minimum: 1000

+

Maximum: 30000

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+

limit

+

No

+

Integer

+

Number of records displayed on each page.

+

Minimum: 10

+

Maximum: 1000

+

Default: 10

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total number

+

event_type_list

+

Array of integers

+

Types of events that can be filtered

+

Minimum: 0

+

Maximum: 2147483647

+

Array Length: 0 - 30000

+

data_list

+

Array of AlarmWhiteListResponseInfo objects

+

Alarm whitelist details

+

Array Length: 0 - 100

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 AlarmWhiteListResponseInfo

Parameter

+

Type

+

Description

+

enterprise_project_name

+

String

+

Enterprise project name

+

hash

+

String

+

Hash value of the event whitelist description (SHA256 algorithm)

+

description

+

String

+

Description

+

event_type

+

Integer

+

Intrusion type. Its value can be:

+

  • 1001: Malware

    +

  • 1010: Rootkit

    +

  • 1011: Ransomware

    +

  • 1015: Web shell

    +

  • 1017: Reverse shell

    +

  • 2001: Common vulnerability exploit

    +

  • 3002: File privilege escalation

    +

  • 3003: Process privilege escalation

    +

  • 3004: Important file change

    +

  • 3005: File/Directory change

    +

  • 3007: Abnormal process behavior

    +

  • 3015: High-risk command execution

    +

  • 3018: Abnormal shell

    +

  • 3027: Suspicious crontab tasks

    +

  • 4002: Brute-force attack

    +

  • 4004: Abnormal login

    +

  • 4006: Invalid system account

    +
+

update_time

+

Long

+

Time when the event whitelist is updated, in milliseconds.

+

Minimum: 0

+

Maximum: 9223372036854775807

+
+
+
+

Example Requests

Query the first 10 alarm whitelists whose enterprise project is xxx.

+
GET https://{endpoint}/v5/{project_id}/event/white-list/alarm?limit=10&offset=0&enterprise_project_id=xxx
+
+

Example Responses

Status code: 200

+

Alarm whitelist

+
{
+  "data_list" : [ {
+    "enterprise_project_name" : "All projects",
+    "event_type" : 1001,
+    "hash" : "9ab079e5398cba3a368ccffbd478f54c5ec3edadf6284ec049a73c36419f1178",
+    "description" : "/opt/cloud/3rdComponent/install/jre-8u201/bin/java",
+    "update_time" : 1665715677307
+  } ],
+  "event_type_list" : [ 1001 ],
+  "total_num" : 1
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Alarm whitelist

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Intrusion Detection
+
+
+ diff --git a/docs/hss/api-ref/ListAppChangeHistories.html b/docs/hss/api-ref/ListAppChangeHistories.html new file mode 100644 index 00000000..0180ee1a --- /dev/null +++ b/docs/hss/api-ref/ListAppChangeHistories.html @@ -0,0 +1,383 @@ + + +

Asset Fingerprint - Software Information - Change History

+

Function

This API is used to check the change history of software in the asset fingerprints of a server.

+
+

URI

GET /v5/{project_id}/asset/app/change-history

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

host_id

+

No

+

String

+

Server ID

+

Minimum: 0

+

Maximum: 128

+

host_ip

+

No

+

String

+

Server IP address

+

Minimum: 0

+

Maximum: 128

+

host_name

+

No

+

String

+

Server name

+

Minimum: 0

+

Maximum: 128

+

app_name

+

No

+

String

+

Software name

+

Minimum: 0

+

Maximum: 128

+

variation_type

+

No

+

String

+

Change type. Its value can be:

+

  • add

    +

  • delete

    +

  • modify

    +
+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 256

+

sort_key

+

No

+

String

+

Sort key. Currently, sorting by recent_scan_time is supported. When data is sorted by recent_scan_time, the value of sort_dir determines whether to sort data in ascending or descending order.

+

Minimum: 1

+

Maximum: 128

+

sort_dir

+

No

+

String

+

Sorting mode. The default value is descending. When sort_key is set to recent_scan_time, the current value determines whether to sort data in ascending or descending order. When sort_key is set to other values, the default value is descending.

+

  • asc: ascending order

    +

  • desc: descending order

    +
+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 10

+

Maximum: 100

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 10000

+

Default: 0

+

start_time

+

No

+

Long

+

Start time of a change. Its value is a 13-digit timestamp.

+

Minimum: 0

+

Maximum: 9007199254740992

+

end_time

+

No

+

Long

+

End time of a change. Its value is a 13-digit timestamp.

+

Minimum: 0

+

Maximum: 9007199254740992

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Number of software changes

+

Minimum: 0

+

Maximum: 10000

+

data_list

+

Array of AppChangeResponseInfo objects

+

Account change history

+

Array Length: 0 - 10000

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 AppChangeResponseInfo

Parameter

+

Type

+

Description

+

agent_id

+

String

+

Agent ID

+

Minimum: 0

+

Maximum: 128

+

variation_type

+

String

+

Type of change.

+

  • add

    +

  • delete

    +

  • modify

    +
+

Minimum: 0

+

Maximum: 10

+

host_id

+

String

+

host_id

+

Minimum: 1

+

Maximum: 128

+

app_name

+

String

+

Software name

+

Minimum: 1

+

Maximum: 128

+

host_name

+

String

+

Host name

+

Minimum: 1

+

Maximum: 128

+

host_ip

+

String

+

Server IP address

+

Minimum: 1

+

Maximum: 256

+

version

+

String

+

Version number

+

Minimum: 1

+

Maximum: 128

+

update_time

+

Long

+

Software update time, in milliseconds.

+

Minimum: 0

+

Maximum: 4824430336000

+

recent_scan_time

+

Long

+

Last scan time, in ms.

+

Minimum: 0

+

Maximum: 4824430336000

+
+
+
+

Example Requests

The first 10 software change records whose start time is 1700446175490 and end time is 1701050975490 are queried by default.

+
GET https://{endpoint}/v5/{project_id}/asset/app/change-history?start_time=1700446175490&end_time=1701050975490
+
+

Example Responses

Status code: 200

+

App change history info list

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "agent_id" : "d83c7be8a106485a558f97446617443b87604c8116e3cf0453c2a44exxxxxxxx",
+    "variation_type" : "add",
+    "host_id" : "f4aaca51-xxxx-xxxx-xxxx-891c9e84d885",
+    "app_name" : "hostguard",
+    "host_name" : "host_name",
+    "host_ip" : "host_ip",
+    "version" : "3.2.3",
+    "update_time" : 1668246126302,
+    "recent_scan_time" : 1668246126302
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

App change history info list

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Asset Management
+
+
+ diff --git a/docs/hss/api-ref/ListAppStatistics.html b/docs/hss/api-ref/ListAppStatistics.html new file mode 100644 index 00000000..1c916528 --- /dev/null +++ b/docs/hss/api-ref/ListAppStatistics.html @@ -0,0 +1,232 @@ + + +

Asset Fingerprint - Software Information

+

Function

This API is used to check software information in asset fingerprints.

+
+

URI

GET /v5/{project_id}/asset/app/statistics

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

app_name

+

No

+

String

+

Software name

+

Minimum: 1

+

Maximum: 256

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 10

+

Maximum: 100

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 10000

+

Default: 0

+

category

+

No

+

String

+

Type. The default value is host. The options are as follows:

+

  • host

    +

  • container

    +
+

Minimum: 0

+

Maximum: 64

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total number of process statistics

+

Minimum: 0

+

Maximum: 10000

+

data_list

+

Array of AppStatisticResponseInfo objects

+

Process statistics list

+

Array Length: 0 - 10000

+
+
+ +
+ + + + + + + + + + + + + +
Table 5 AppStatisticResponseInfo

Parameter

+

Type

+

Description

+

app_name

+

String

+

Software name

+

Minimum: 1

+

Maximum: 128

+

num

+

Integer

+

Number of processes

+

Minimum: 0

+

Maximum: 100000

+
+
+
+

Example Requests

The first 10 software lists whose type is host are queried by default.

+
GET https://{endpoint}/v5/{project_id}/asset/app/statistics?category=host
+
+

Example Responses

Status code: 200

+

Number of servers having the software

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "app_name" : "kernel",
+    "num" : 13
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Number of servers having the software

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Asset Management
+
+
+ diff --git a/docs/hss/api-ref/ListApps.html b/docs/hss/api-ref/ListApps.html new file mode 100644 index 00000000..752ea10f --- /dev/null +++ b/docs/hss/api-ref/ListApps.html @@ -0,0 +1,333 @@ + + +

Asset Fingerprint of a Server - Software

+

Function

This API is used to check software information in the asset fingerprints of a server.

+
+

URI

GET /v5/{project_id}/asset/apps

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

host_id

+

Yes

+

String

+

Server ID

+

Minimum: 0

+

Maximum: 128

+

host_name

+

No

+

String

+

Server name

+

Minimum: 0

+

Maximum: 128

+

app_name

+

No

+

String

+

Software name

+

Minimum: 0

+

Maximum: 128

+

host_ip

+

No

+

String

+

Server IP address

+

Minimum: 0

+

Maximum: 128

+

version

+

No

+

String

+

Software version

+

Minimum: 0

+

Maximum: 128

+

install_dir

+

No

+

String

+

Installation directory

+

Minimum: 0

+

Maximum: 512

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 10

+

Maximum: 100

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 10000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total software

+

Minimum: 0

+

Maximum: 10000

+

data_list

+

Array of AppResponseInfo objects

+

Software list

+

Array Length: 0 - 10000

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 AppResponseInfo

Parameter

+

Type

+

Description

+

agent_id

+

String

+

Agent ID

+

Minimum: 0

+

Maximum: 128

+

host_id

+

String

+

Server ID

+

Minimum: 1

+

Maximum: 128

+

host_name

+

String

+

Server name

+

Minimum: 1

+

Maximum: 256

+

host_ip

+

String

+

Server IP address

+

Minimum: 1

+

Maximum: 256

+

app_name

+

String

+

Software name

+

Minimum: 1

+

Maximum: 128

+

version

+

String

+

Version number

+

Minimum: 1

+

Maximum: 128

+

update_time

+

Long

+

Latest update time, in milliseconds.

+

Minimum: 0

+

Maximum: 2147483647

+

recent_scan_time

+

Long

+

Last scanned, in ms.

+

Minimum: 0

+

Maximum: 2147483647

+
+
+
+

Example Requests

The first 10 servers whose software name is ACL are queried by default.

+
GET https://{endpoint}/v5/{project_id}/asset/apps?app_name=acl
+
+

Example Responses

Status code: 200

+

Applications installed on a host

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "agent_id" : "c9bed5397db449ebdfba15e85fcfc36accee125c68954daf5cab0528bab59bd8",
+    "host_id" : "55dac7fe-d81b-43bc-a4a7-4710fe673972",
+    "host_name" : "xxxx",
+    "host_ip" : "192.168.0.126",
+    "app_name" : "acl",
+    "version" : "2.2.51-14.eulerosv2r7",
+    "update_time" : 1668150671981,
+    "recent_scan_time" : 1668506044147
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Applications installed on a host

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Asset Management
+
+
+ diff --git a/docs/hss/api-ref/ListAutoLaunchChangeHistories.html b/docs/hss/api-ref/ListAutoLaunchChangeHistories.html new file mode 100644 index 00000000..4302cc7f --- /dev/null +++ b/docs/hss/api-ref/ListAutoLaunchChangeHistories.html @@ -0,0 +1,424 @@ + + +

Asset Fingerprint - Auto-started Item - Change History

+

Function

This API is used to check the change history of auto-started items in the asset fingerprints of a server.

+
+

URI

GET /v5/{project_id}/asset/auto-launch/change-history

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

host_id

+

No

+

String

+

Server ID

+

Minimum: 0

+

Maximum: 128

+

host_ip

+

No

+

String

+

Server IP address

+

Minimum: 0

+

Maximum: 128

+

host_name

+

No

+

String

+

Server name

+

Minimum: 0

+

Maximum: 128

+

auto_launch_name

+

No

+

String

+

Auto-started item name

+

Minimum: 0

+

Maximum: 128

+

type

+

No

+

Integer

+

Auto-started item type.

+

  • 0: auto-started service

    +

  • 1: scheduled task

    +

  • 2: Preload the dynamic library.

    +

  • 3: Run registry key

    +

  • 4: startup folder

    +
+

variation_type

+

No

+

String

+

Change type. Its value can be:

+

  • add

    +

  • delete

    +

  • modify

    +
+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 256

+

sort_key

+

No

+

String

+

Key value for sorting. Currently, data can be sorted only by recent_scan_time. When data is sorted by recent_scan_time, the value of sort_dir determines whether to sort the data in ascending or descending order.

+

Minimum: 0

+

Maximum: 128

+

sort_dir

+

No

+

String

+

Sorting mode. The default value is descending. When sort_key is set to recent_scan_time, the current value determines whether to sort data in ascending or descending order. When sort_key is set to other values, the default value is descending.

+

  • asc: ascending order

    +

  • desc: descending order

    +
+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 10

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+

start_time

+

No

+

Long

+

Start time of a change. Its value is a 13-digit timestamp.

+

Minimum: 0

+

Maximum: 9007199254740992

+

end_time

+

No

+

Long

+

End time of a change. Its value is a 13-digit timestamp.

+

Minimum: 0

+

Maximum: 9007199254740992

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Number of changes of auto-started items

+

Minimum: 0

+

Maximum: 10000

+

data_list

+

Array of AutoLaunchChangeResponseInfo objects

+

Account change history

+

Array Length: 0 - 10000

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 AutoLaunchChangeResponseInfo

Parameter

+

Type

+

Description

+

agent_id

+

String

+

Agent ID

+

Minimum: 0

+

Maximum: 128

+

variation_type

+

String

+

Type of change.

+

  • add

    +

  • delete

    +

  • modify

    +
+

Minimum: 0

+

Maximum: 10

+

type

+

Integer

+

Auto-started item type

+

  • 0: auto-started service

    +

  • 1: scheduled task

    +

  • 2: Preload dynamic library

    +

  • 3: Run registry key

    +

  • 4: startup folder

    +
+

Minimum: 0

+

Maximum: 11

+

host_id

+

String

+

host_id

+

Minimum: 1

+

Maximum: 128

+

host_name

+

String

+

ECS name

+

Minimum: 1

+

Maximum: 256

+

host_ip

+

String

+

Server IP address

+

Minimum: 1

+

Maximum: 256

+

path

+

String

+

Path of the auto-startup item

+

Minimum: 1

+

Maximum: 256

+

hash

+

String

+

Hash value of the file generated using the SHA256 algorithm

+

Minimum: 1

+

Maximum: 128

+

run_user

+

String

+

User who starts the execution

+

Minimum: 1

+

Maximum: 64

+

name

+

String

+

Auto-started item name

+

Minimum: 1

+

Maximum: 256

+

recent_scan_time

+

Long

+

Last update time. The value is a 13-bit timestamp.

+

Minimum: 0

+

Maximum: 4824430336000

+
+
+
+

Example Requests

The first 10 auto-startup item change records whose start time is 1693101881568 and end time is 1701050681569 are queried by default.

+
GET https://{endpoint}/v5/{project_id}/asset/auto-launch/change-history?start_time=1693101881568&end_time=1701050681569
+
+

Example Responses

Status code: 200

+

App change history info list

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "agent_id" : "d83c7be8a106485a558f97446617443b87604c8116e3cf0453c2a44exxxxxxxx",
+    "variation_type" : "add",
+    "type" : 0,
+    "host_id" : "host_id",
+    "host_name" : "host_name",
+    "host_ip" : "host_ip",
+    "path" : "/path",
+    "hash" : "xxxxxxxx227bffa0c04425ba6c8e0024046caa38dfbca6281b40109axxxxxxxx",
+    "run_user" : "SYSTEM",
+    "name" : "S12hostguard",
+    "recent_scan_time" : 1668246126302
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

App change history info list

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Asset Management
+
+
+ diff --git a/docs/hss/api-ref/ListAutoLaunchStatistics.html b/docs/hss/api-ref/ListAutoLaunchStatistics.html new file mode 100644 index 00000000..06612d78 --- /dev/null +++ b/docs/hss/api-ref/ListAutoLaunchStatistics.html @@ -0,0 +1,249 @@ + + +

Asset Fingerprint - Auto-Started Item Information

+

Function

This API is used to check auto-started items in asset fingerprints.

+
+

URI

GET /v5/{project_id}/asset/auto-launch/statistics

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

name

+

No

+

String

+

Auto-started item name

+

Minimum: 1

+

Maximum: 256

+

type

+

No

+

String

+

Auto-started item type

+

  • 0: auto-started service

    +

  • 1: scheduled task

    +

  • 2: Preload dynamic library

    +

  • 3: Run registry key

    +

  • 4: startup folder

    +
+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 10

+

Maximum: 100

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 10000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total number of auto-started items

+

Minimum: 0

+

Maximum: 10000

+

data_list

+

Array of AutoLaunchStatisticsResponseInfo objects

+

List of auto-started item statistics

+

Array Length: 0 - 10000

+
+
+ +
+ + + + + + + + + + + + + + + + + +
Table 5 AutoLaunchStatisticsResponseInfo

Parameter

+

Type

+

Description

+

name

+

String

+

Auto-started item name

+

Minimum: 1

+

Maximum: 256

+

type

+

String

+

Auto-started item type

+

  • 0: auto-started service

    +

  • 1: scheduled task

    +

  • 2: Preload dynamic library

    +

  • 3: Run registry key

    +

  • 4: startup folder

    +
+

Minimum: 1

+

Maximum: 11

+

num

+

Integer

+

Indicates the number of servers of auto-started items.

+

Minimum: 0

+

Maximum: 10000

+
+
+
+

Example Requests

The first 10 auto-startup items are queried by default.

+
GET https://{endpoint}/v5/{project_id}/asset/auto-launch/statistics
+
+

Example Responses

Status code: 200

+

Number of servers having the process

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "name" : "S12hostguard",
+    "type" : "0",
+    "num" : 5
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Number of servers having the process

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Asset Management
+
+
+ diff --git a/docs/hss/api-ref/ListAutoLaunchs.html b/docs/hss/api-ref/ListAutoLaunchs.html new file mode 100644 index 00000000..96544465 --- /dev/null +++ b/docs/hss/api-ref/ListAutoLaunchs.html @@ -0,0 +1,352 @@ + + +

Asset Fingerprint of a Server - Auto-Started Items

+

Function

This API is used to check auto-started items in the asset fingerprints of a server.

+
+

URI

GET /v5/{project_id}/asset/auto-launchs

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

host_id

+

No

+

String

+

Server ID

+

Minimum: 1

+

Maximum: 128

+

host_name

+

No

+

String

+

Server name

+

Minimum: 1

+

Maximum: 128

+

name

+

No

+

String

+

Auto-started item name

+

Minimum: 1

+

Maximum: 256

+

host_ip

+

No

+

String

+

Server IP address

+

Minimum: 1

+

Maximum: 128

+

type

+

No

+

String

+

Auto-started item type

+

  • 0: auto-started service

    +

  • 1: scheduled task

    +

  • 2: Preload dynamic library

    +

  • 3: Run registry key

    +

  • 4: startup folder

    +
+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 10

+

Maximum: 100

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 10000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total number of auto-startup items

+

Minimum: 0

+

Maximum: 10000

+

data_list

+

Array of AutoLauchResponseInfo objects

+

Auto-started item list

+

Array Length: 0 - 10000

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 AutoLauchResponseInfo

Parameter

+

Type

+

Description

+

agent_id

+

String

+

Agent ID

+

Minimum: 0

+

Maximum: 128

+

host_id

+

String

+

Server ID

+

Minimum: 1

+

Maximum: 128

+

host_name

+

String

+

Server name

+

Minimum: 1

+

Maximum: 256

+

host_ip

+

String

+

Server IP address

+

Minimum: 1

+

Maximum: 256

+

name

+

String

+

Auto-started item name

+

Minimum: 1

+

Maximum: 256

+

type

+

Integer

+

Auto-started item type

+

  • 0: auto-started service

    +

  • 1: scheduled task

    +

  • 2: Preload dynamic library

    +

  • 3: Run registry key

    +

  • 4: startup folder

    +
+

Minimum: 0

+

Maximum: 11

+

path

+

String

+

Path of the auto-startup item

+

Minimum: 1

+

Maximum: 256

+

hash

+

String

+

Hash value of the file generated using the SHA256 algorithm

+

Minimum: 1

+

Maximum: 128

+

run_user

+

String

+

User who starts the execution

+

Minimum: 1

+

Maximum: 128

+

recent_scan_time

+

Long

+

Latest scan time, in ms.

+

Minimum: 0

+

Maximum: 4824430336000

+
+
+
+

Example Requests

The first 10 services whose auto-startup item name is S50multi-queue are queried by default.

+
GET https://{endpoint}/v5/{project_id}/asset/auto-launchs?name=S50multi-queue
+
+

Example Responses

Status code: 200

+

auto launch list

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "agent_id" : "9e742932bff2894e3d0869d03989b05cefb27a6cbc201d98c4465296xxxxxxxx",
+    "host_id" : "3d0581a5-03b9-4311-9149-c026b0726a7e",
+    "host_name" : "name",
+    "host_ip" : "3d0581a5-03b9-4311-9149-c026b0726a7e",
+    "name" : "S12hostguard",
+    "type" : 0,
+    "path" : "/etc/hostguard",
+    "hash" : "xxxxxxxx227bffa0c04425ba6c8e0024046caa38dfbca6281b40109axxxxxxxx",
+    "run_user" : "user",
+    "recent_scan_time" : 1668240858425
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

auto launch list

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Asset Management
+
+
+ diff --git a/docs/hss/api-ref/ListHostGroups.html b/docs/hss/api-ref/ListHostGroups.html new file mode 100644 index 00000000..69b9b2ad --- /dev/null +++ b/docs/hss/api-ref/ListHostGroups.html @@ -0,0 +1,244 @@ + + +

Querying Server Groups

+

Function

This API is used to query server groups.

+
+

URI

GET /v5/{project_id}/host-management/groups

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+

limit

+

No

+

Integer

+

Number of records displayed on each page.

+

Minimum: 10

+

Maximum: 200

+

Default: 10

+

group_name

+

No

+

String

+

Server group name

+

Minimum: 1

+

Maximum: 64

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total number

+

data_list

+

Array of HostGroupItem objects

+

Server group list

+

Array Length: 0 - 100

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 HostGroupItem

Parameter

+

Type

+

Description

+

group_id

+

String

+

Server group ID

+

group_name

+

String

+

Server group name

+

host_num

+

Integer

+

Number of associated servers

+

risk_host_num

+

Integer

+

Number of unsafe servers

+

unprotect_host_num

+

Integer

+

Number of unprotected servers

+

host_id_list

+

Array of strings

+

Server ID list

+
+
+
+

Example Requests

Query the server group whose name is test.

+
GET https://{endpoint}/v5/{project_id}/host-management/groups?offset=0&limit=200&enterprise_project_id=all_granted_eps&&group_name=test
+
+

Example Responses

Status code: 200

+

Server group list

+
{
+  "data_list" : [ {
+    "group_id" : "36e59701-e2e7-4d56-b229-0db3bcf4e6e8",
+    "group_name" : "test",
+    "host_id_list" : [ "71a15ecc-049f-4cca-bd28-5e90aca1817f" ],
+    "host_num" : 1,
+    "risk_host_num" : 1,
+    "unprotect_host_num" : 0
+  } ],
+  "total_num" : 1
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Server group list

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Server Management
+
+
+ diff --git a/docs/hss/api-ref/ListHostProtectHistoryInfo.html b/docs/hss/api-ref/ListHostProtectHistoryInfo.html new file mode 100644 index 00000000..501b22ab --- /dev/null +++ b/docs/hss/api-ref/ListHostProtectHistoryInfo.html @@ -0,0 +1,297 @@ + + +

Querying the Status of Static WTP for a Server

+

Function

This API is used to query the status of static WTP for a server.

+
+

URI

GET /v5/{project_id}/webtamper/static/protect-history

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 0

+

Maximum: 64

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 64

+

host_id

+

No

+

String

+

Host ID. If this parameter is left empty, all the servers are queried.

+

Minimum: 0

+

Maximum: 128

+

start_time

+

Yes

+

Long

+

Start time (ms)

+

Minimum: 0

+

Maximum: 4070880000000

+

end_time

+

Yes

+

Long

+

End time (ms)

+

Minimum: 0

+

Maximum: 4070880000000

+

limit

+

Yes

+

Integer

+

Number of records displayed on each page.

+

Minimum: 0

+

Maximum: 100

+

offset

+

Yes

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 100

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

host_name

+

String

+

Server name

+

Minimum: 0

+

Maximum: 256

+

protect_status

+

String

+

Protection status. Its value can be:

+

  • close

    +

  • opened

    +
+

total_num

+

Long

+

total number of static WTPs

+

Minimum: 0

+

Maximum: 20000000

+

data_list

+

Array of HostProtectHistoryResponseInfo objects

+

data list

+

Array Length: 0 - 20000

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 HostProtectHistoryResponseInfo

Parameter

+

Type

+

Description

+

occr_time

+

Long

+

Static WTP detection time (ms)

+

Minimum: 0

+

Maximum: 4070880000000

+

file_path

+

String

+

Tampered file path

+

Minimum: 0

+

Maximum: 2000

+

process_id

+

String

+

Process ID. This parameter is returned if the OS is Windows.

+

Minimum: 0

+

Maximum: 8

+

process_name

+

String

+

Process name. This parameter is returned if the OS is Windows.

+

Minimum: 0

+

Maximum: 200

+

process_cmd

+

String

+

Process command line. This parameter is returned if the OS is Windows.

+

Minimum: 0

+

Maximum: 8191

+
+
+
+

Example Requests

Query the static WTP status of a server where target ID is caa958ad-a481-4d46-b51e-6861b8864515, start time is 1668563099000, and end time is 1668563199000.

+
GET https://{endpoint}/v5/{project_id}/webtamper/static/protect-history
+
+{
+  "host_id" : "caa958ad-a481-4d46-b51e-6861b8864515",
+  "start_time" : 1668563099000,
+  "end_time" : 1668563199000,
+  "limit" : 10,
+  "offset" : 0
+}
+
+

Example Responses

Status code: 200

+

successful response

+
{
+  "host_name" : "ecs-ubuntu",
+  "protect_status" : "opened",
+  "total_num" : 1,
+  "data_list" : [ {
+    "occr_time" : 1668156691000,
+    "file_path" : "/root/test/tamper/test.xml",
+    "process_id" : "18672",
+    "process_name" : "program1",
+    "process_cmd" : "del test.xml"
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

successful response

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Web Tamper Protection
+
+
+ diff --git a/docs/hss/api-ref/ListHostRaspProtectHistoryInfo.html b/docs/hss/api-ref/ListHostRaspProtectHistoryInfo.html new file mode 100644 index 00000000..a7b8ff2e --- /dev/null +++ b/docs/hss/api-ref/ListHostRaspProtectHistoryInfo.html @@ -0,0 +1,323 @@ + + +

Querying the Status of Dynamic WTP for a Server

+

Function

This API is used to query the status of dynamic WTP for a server.

+
+

URI

GET /v5/{project_id}/webtamper/rasp/protect-history

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 0

+

Maximum: 64

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 64

+

host_id

+

No

+

String

+

Host ID. If this parameter is left empty, all the servers are queried.

+

Minimum: 0

+

Maximum: 128

+

start_time

+

Yes

+

Long

+

Start time (ms)

+

Minimum: 0

+

Maximum: 4070880000000

+

end_time

+

Yes

+

Long

+

End time (ms)

+

Minimum: 0

+

Maximum: 4070880000000

+

limit

+

Yes

+

Integer

+

Number of records displayed on each page.

+

Minimum: 0

+

Maximum: 100

+

offset

+

Yes

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 100

+

alarm_level

+

No

+

Integer

+

Alarm severity. The options are as follows:

+

  • 1: low-risk

    +

  • 2: medium risk

    +

  • 3: high risk

    +

  • 4: major

    +
+

Minimum: 0

+

Maximum: 100

+

severity

+

No

+

String

+

Threat level. Its value can be:

+

  • Security

    +

  • Low: low risk

    +

  • Medium: medium risk

    +

  • High: high risk

    +

  • Critical

    +
+

Minimum: 0

+

Maximum: 32

+

protect_status

+

No

+

String

+

Protection status.

+

  • closed: disabled

    +

  • opened: protection enabled

    +
+

Minimum: 0

+

Maximum: 32

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Long

+

total number of dynamic WTPs

+

Minimum: 0

+

Maximum: 200000

+

data_list

+

Array of HostRaspProtectHistoryResponseInfo objects

+

data list

+

Array Length: 0 - 200000

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 HostRaspProtectHistoryResponseInfo

Parameter

+

Type

+

Description

+

alarm_time

+

Long

+

Alarm time of dynamic WTP (ms)

+

Minimum: 0

+

Maximum: 4070880000000

+

threat_type

+

String

+

Threat type

+

Minimum: 0

+

Maximum: 64

+

alarm_level

+

Integer

+

Alarm severity

+

Minimum: 0

+

Maximum: 100

+

source_ip

+

String

+

Source IP address of the attacking server

+

Minimum: 0

+

Maximum: 128

+

attacked_url

+

String

+

URL of the attack request

+

Minimum: 0

+

Maximum: 2000

+
+
+
+

Example Requests

Query the dynamic WTP status of a server where target ID is caa958ad-a481-4d46-b51e-6861b8864515, start time is 1668563099000, and end time is 1668563199000.

+
GET https://{endpoint}/v5/{project_id}/webtamper/rasp/protect-history
+
+{
+  "host_id" : "caa958ad-a481-4d46-b51e-6861b8864515",
+  "start_time" : 1668563099000,
+  "end_time" : 1668563199000,
+  "limit" : 10,
+  "offset" : 0
+}
+
+

Example Responses

Status code: 200

+

successful response

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "alarm_level" : 2,
+    "alarm_time" : 1668394634000,
+    "attacked_url" : "/vulns/001-dir-1.jsp",
+    "source_ip" : "10.100.30.200",
+    "threat_type" : "Path Traversal"
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

successful response

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Web Tamper Protection
+
+
+ diff --git a/docs/hss/api-ref/ListHostStatus.html b/docs/hss/api-ref/ListHostStatus.html new file mode 100644 index 00000000..f081f669 --- /dev/null +++ b/docs/hss/api-ref/ListHostStatus.html @@ -0,0 +1,803 @@ + + +

Querying ECSs

+

Function

This API is used to query ECSs.

+
+

URI

GET /v5/{project_id}/host-management/hosts

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+

version

+

No

+

String

+

HSS edition. Its values and their meaning are as follows:

+

  • hss.version.null: none

    +

  • hss.version.enterprise: enterprise edition

    +

  • hss.version.premium: premium edition

    +

  • hss.version.container.enterprise: container edition

    +
+

agent_status

+

No

+

String

+

Agent status. Its value can be:

+

  • not_ installed

    +

  • online

    +

  • offline

    +

  • install_failed

    +

  • installing

    +

  • not_online: All status except online, which is used only as a query condition.

    +
+

detect_result

+

No

+

String

+

Detection result. Its value can be:

+

  • undetected

    +

  • clean

    +

  • risk

    +

  • scanning

    +
+

host_name

+

No

+

String

+

Server name

+

host_id

+

No

+

String

+

Server ID

+

host_status

+

No

+

String

+

Host status. Its value can be:

+

  • ACTIVE

    +

  • SHUTOFF

    +

  • BUILDING

    +

  • ERROR

    +
+

os_type

+

No

+

String

+

OS type. Its value can be:

+

  • Linux

    +

  • Windows

    +
+

private_ip

+

No

+

String

+

Server private IP address

+

public_ip

+

No

+

String

+

Server public IP address

+

ip_addr

+

No

+

String

+

Public or private IP address

+

protect_status

+

No

+

String

+

Protection status. Its value can be:

+

  • closed

    +

  • opened

    +
+

group_id

+

No

+

String

+

Server group ID

+

group_name

+

No

+

String

+

Server group name

+

Minimum: 1

+

Maximum: 64

+

policy_group_id

+

No

+

String

+

Policy group ID

+

Minimum: 0

+

Maximum: 128

+

policy_group_name

+

No

+

String

+

Policy group name

+

Minimum: 0

+

Maximum: 256

+

charging_mode

+

No

+

String

+

on_demand: pay-per-use

+

refresh

+

No

+

Boolean

+

Whether to forcibly synchronize servers from ECSs

+

above_version

+

No

+

Boolean

+

Whether to return all the versions later than the current version

+

outside_host

+

No

+

Boolean

+

Whether a server is a non-cloud server

+

asset_value

+

No

+

String

+

Asset importance. Its value can be:

+

  • important

    +

  • common

    +

  • test

    +
+

label

+

No

+

String

+

Asset tag

+

Minimum: 1

+

Maximum: 64

+

server_group

+

No

+

String

+

Asset server group

+

Minimum: 1

+

Maximum: 64

+

limit

+

No

+

Integer

+

Number of records displayed on each page.

+

Minimum: 0

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total number of records

+

Minimum: 0

+

Maximum: 2097152

+

data_list

+

Array of Host objects

+

Query on the cloud server status and list

+

Array Length: 0 - 10241

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 Host

Parameter

+

Type

+

Description

+

host_name

+

String

+

Server name

+

Minimum: 0

+

Maximum: 128

+

host_id

+

String

+

Server ID

+

Minimum: 0

+

Maximum: 128

+

agent_id

+

String

+

Agent ID

+

Minimum: 0

+

Maximum: 128

+

private_ip

+

String

+

Private IP address

+

Minimum: 0

+

Maximum: 128

+

public_ip

+

String

+

Elastic IP address

+

Minimum: 0

+

Maximum: 128

+

enterprise_project_id

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Minimum: 0

+

Maximum: 256

+

enterprise_project_name

+

String

+

Enterprise project name

+

Minimum: 0

+

Maximum: 256

+

host_status

+

String

+

Server status. Its value can be:

+

  • ACTIVE

    +

  • SHUTOFF

    +

  • BUILDING

    +

  • ERROR

    +
+

agent_status

+

String

+

Agent status. Its value can be:

+

  • not_ installed

    +

  • online

    +

  • offline

    +

  • install_failed

    +

  • installing

    +
+

install_result_code

+

String

+

Installation result. This API is available only for agents that are installed in batches. The options are as follows:

+

  • install_succeed

    +

  • network_access_timeout: Connection timed out. Network error.

    +

  • invalid_port

    +

  • auth_failed: The authentication failed due to incorrect password.

    +

  • permission_denied: Insufficient permissions.

    +

  • no_available_vpc: There is no server with an online agent in the current VPC.

    +

  • install_exception

    +

  • invalid_param: Incorrect parameter.

    +

  • install_failed

    +

  • package_unavailable

    +

  • os_type_not_support: Incorrect OS type

    +

  • os_arch_not_support: Incorrect OS architecture

    +
+

version

+

String

+

HSS edition. Its values and their meaning are as follows:

+

  • hss.version.null: none

    +

  • hss.version.enterprise: enterprise edition

    +

  • hss.version.premium: premium edition

    +

  • hss.version.container.enterprise: container edition

    +
+

protect_status

+

String

+

Protection status. Its value can be:

+

  • closed

    +

  • opened

    +
+

os_image

+

String

+

System disk image

+

Minimum: 0

+

Maximum: 128

+

os_type

+

String

+

OS type. Its value can be:

+

  • Linux

    +

  • Windows

    +
+

os_bit

+

String

+

OS bit version

+

Minimum: 0

+

Maximum: 128

+

detect_result

+

String

+

Server scan result. Its value can be:

+

  • undetected

    +

  • clean

    +

  • risk

    +

  • scanning

    +
+

charging_mode

+

String

+

on_demand: pay-per-use

+

resource_id

+

String

+

Cloud service resource instance ID (UUID)

+

Minimum: 0

+

Maximum: 128

+

outside_host

+

Boolean

+

Whether a server is a non-cloud server

+

group_id

+

String

+

Server group ID

+

Minimum: 1

+

Maximum: 128

+

group_name

+

String

+

Server group name

+

Minimum: 1

+

Maximum: 128

+

policy_group_id

+

String

+

Policy group ID

+

Minimum: 1

+

Maximum: 128

+

policy_group_name

+

String

+

Policy group name

+

Minimum: 1

+

Maximum: 128

+

asset

+

Integer

+

Asset risk

+

Minimum: 0

+

Maximum: 2097152

+

vulnerability

+

Integer

+

Total number of vulnerabilities, including Linux, Windows, Web-CMS, and application vulnerabilities.

+

Minimum: 0

+

Maximum: 2097152

+

baseline

+

Integer

+

Total number of baseline risks, including configuration risks and weak passwords.

+

Minimum: 0

+

Maximum: 2097152

+

intrusion

+

Integer

+

Total intrusion risks

+

Minimum: 0

+

Maximum: 2097152

+

asset_value

+

String

+

Asset importance. Its value can be:

+

  • important

    +

  • common

    +

  • test

    +
+

labels

+

Array of strings

+

Tag list

+

Minimum: 0

+

Maximum: 64

+

Array Length: 0 - 100

+

agent_create_time

+

Long

+

Agent installation time, which is a timestamp. The default unit is milliseconds.

+

Minimum: 0

+

Maximum: 4824695185000

+

agent_update_time

+

Long

+

Time when the agent status is changed. This is a timestamp. The default unit is milliseconds.

+

Minimum: 0

+

Maximum: 4824695185000

+

agent_version

+

String

+

Agent version

+

Minimum: 1

+

Maximum: 32

+

upgrade_status

+

String

+

Upgrade status. Its value can be:

+

  • not_upgrade: Not upgraded. This is the default status. The customer has not delivered any upgrade command to the server.

    +

  • upgrading: The upgrade is in progress.

    +

  • upgrade_failed: The upgrade failed.

    +

  • upgrade_succeed

    +
+

upgrade_result_code

+

String

+

Upgrade failure cause. This parameter is displayed only if upgrade_status is upgrade_failed. Its value can be:

+

  • package_unavailable: The upgrade package fails to be parsed because the upgrade file is incorrect.

    +

  • network_access_timeout: Failed to download the upgrade package because the network is abnormal.

    +

  • agent_offline: The agent is offline.

    +

  • hostguard_abnormal: The agent process is abnormal.

    +

  • insufficient_disk_space

    +

  • failed_to_replace_file: Failed to replace the file.

    +
+

upgradable

+

Boolean

+

Whether the agent of the server can be upgraded

+
+
+
+

Example Requests

Query the 10 Linux servers in all enterprise projects whose agent status is online.

+
GET https://{endpoint}/v5/{project_id}/host-management/hosts?limit=10&offset=0&agent_status=online&os_type=Linux&enterprise_project_id=all_granted_eps
+
+

Example Responses

Status code: 200

+

cloud server list

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "agent_id" : "2758d2a61598fd9144cfa6b201049e7c0af8c3f1280cd24e3ec95a2f0811a2a2",
+    "agent_status" : "online",
+    "asset" : 0,
+    "asset_value" : "common",
+    "baseline" : 0,
+    "charging_mode" : "on_demand",
+    "detect_result" : "risk",
+    "enterprise_project_id" : "all_granted_eps",
+    "enterprise_project_name" : "default",
+    "group_id" : "7c659ea3-006f-4687-9f1c-6d975d955f37",
+    "group_name" : "default",
+    "host_id" : "caa958ad-a481-4d46-b51e-6861b8864515",
+    "host_name" : "ecs-r00431580-ubuntu",
+    "host_status" : "ACTIVE",
+    "intrusion" : 0,
+    "expire_time" : -1,
+    "os_bit" : "64",
+    "os_type" : "Linux",
+    "outside_host" : false,
+    "policy_group_id" : "2758d2a61598fd9144cfa6b201049e7c0af8c3f1280cd24e3ec95a2f0811a2a2",
+    "policy_group_name" : "wtp_ecs-r00431580-ubuntu(default)",
+    "private_ip" : "192.168.0.182",
+    "protect_status" : "opened",
+    "public_ip" : "100.85.123.9",
+    "resource_id" : "60f08ea4-c74e-4a45-be1c-3c057e373af2",
+    "version" : "hss.version.wtp",
+    "vulnerability" : 97,
+    "labels" : [ "" ],
+    "agent_create_time" : 0,
+    "agent_update_time" : 0
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

cloud server list

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Server Management
+
+
+ diff --git a/docs/hss/api-ref/ListPasswordComplexity.html b/docs/hss/api-ref/ListPasswordComplexity.html new file mode 100644 index 00000000..929f6d1d --- /dev/null +++ b/docs/hss/api-ref/ListPasswordComplexity.html @@ -0,0 +1,300 @@ + + +

Querying the Password Complexity Policy Detection Report

+

Function

This API is used to query the password complexity policy detection report.

+
+

URI

GET /v5/{project_id}/baseline/password-complexity

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 256

+

host_name

+

No

+

String

+

Server name

+

Minimum: 0

+

Maximum: 128

+

host_ip

+

No

+

String

+

Server IP address

+

Minimum: 0

+

Maximum: 128

+

host_id

+

No

+

String

+

Host ID. If this parameter is not specified, all hosts of a user are queried.

+

Minimum: 0

+

Maximum: 128

+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 0

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Long

+

Total number of password complexity policies

+

Minimum: 0

+

Maximum: 2147483647

+

data_list

+

Array of PwdPolicyInfoResponseInfo objects

+

List of password complexity policy detection

+

Array Length: 0 - 2147483647

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 PwdPolicyInfoResponseInfo

Parameter

+

Type

+

Description

+

host_id

+

String

+

Host ID

+

Minimum: 0

+

Maximum: 64

+

host_name

+

String

+

Server name

+

Minimum: 0

+

Maximum: 256

+

host_ip

+

String

+

Server IP address

+

Minimum: 0

+

Maximum: 256

+

min_length

+

Boolean

+

Indicates whether the minimum password length meets the requirements. If the value is true, the minimum password length meets the requirements. If the value is false, the minimum password length does not meet the requirements.

+

uppercase_letter

+

Boolean

+

Indicates whether the uppercase letters meet the requirements. If the value is true, the uppercase letters meet the requirements. If the value is false, the uppercase letters do not meet the requirements.

+

lowercase_letter

+

Boolean

+

Indicates whether the lowercase letters meet the requirements. If the value is true, the lowercase letters meet the requirements. If the value is false, the lowercase letters do not meet the requirements.

+

number

+

Boolean

+

Indicates whether the number meets the requirements. If the value is true, the number meets the requirements. If the value is false, the number does not meet the requirements.

+

special_character

+

Boolean

+

Indicates whether the special character meets the requirements. If the value is true, the special character meets the requirements. If the value is false, the special character does not meet the requirements.

+

suggestion

+

String

+

Modification suggestion

+

Minimum: 0

+

Maximum: 65534

+
+
+
+

Example Requests

Query the password complexity of the server whose enterprise project ID is xxx. Data on the first page (the first 10 records) is returned by default.

+
GET https://{endpoint}/v5/{project_id}/baseline/password-complexity?enterprise_project_id=xxx
+
+

Example Responses

Status code: 200

+

password complexity policy check report

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "host_id" : "76fa440a-5a08-43fa-ac11-d12183ab3a14",
+    "host_ip" : "192.168.0.59",
+    "host_name" : "ecs-6b96",
+    "lowercase_letter" : false,
+    "min_length" : true,
+    "number" : false,
+    "special_character" : false,
+    "suggestion" : "The password should contain at least 3 of the following character types: uppercase letters, lowercase letters, digits, and special characters. ",
+    "uppercase_letter" : false
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

password complexity policy check report

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Baseline Management
+
+
+ diff --git a/docs/hss/api-ref/ListPolicyGroup.html b/docs/hss/api-ref/ListPolicyGroup.html new file mode 100644 index 00000000..31c3be9c --- /dev/null +++ b/docs/hss/api-ref/ListPolicyGroup.html @@ -0,0 +1,311 @@ + + +

Querying the Policy Group List

+

Function

This API is used to query the policy group list.

+
+

URI

GET /v5/{project_id}/policy/groups

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+

group_name

+

No

+

String

+

Policy group name

+

Minimum: 1

+

Maximum: 256

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 100000

+

Default: 0

+

limit

+

No

+

Integer

+

Number of records displayed on each page.

+

Minimum: 10

+

Maximum: 200

+

Default: 10

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total number

+

data_list

+

Array of PolicyGroupResponseInfo objects

+

Policy group list

+

Array Length: 0 - 100

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 PolicyGroupResponseInfo

Parameter

+

Type

+

Description

+

group_name

+

String

+

Policy group name

+

group_id

+

String

+

Policy group ID

+

description

+

String

+

Description of the policy group

+

Minimum: 1

+

Maximum: 64

+

deletable

+

Boolean

+

Whether a policy group can be deleted

+

  • true: The policy group can be deleted.

    +

  • false: The policy group cannot be deleted.

    +
+

host_num

+

Integer

+

Number of associated servers

+

default_group

+

Boolean

+

Whether a policy group is the default policy group

+

  • true: The policy group is the default policy group.

    +

  • false: The policy group is not the default policy group.

    +
+

support_os

+

String

+

Supported OS. The options are as follows:

+

  • Linux

    +

  • Windows

    +
+

support_version

+

String

+

Supported versions. The options are as follows:

+

  • hss.version.enterprise: policy group of the enterprise edition

    +

  • hss.version.premium: policy group of the premium edition

    +

  • hss.version.container.enterprise: policy group of the container edition

    +
+
+
+
+

Example Requests

Query the policy group list of all enterprise projects.

+
GET https://{endpoint}/v5/{project_id}/policy/groups?offset=0&limit=100&enterprise_project_id=all_granted_eps
+
+

Example Responses

Status code: 200

+

Policy group list

+
{
+  "data_list" : [ {
+    "default_group" : true,
+    "deletable" : false,
+    "description" : "container policy group for linux",
+    "group_id" : "c831f177-226d-4b91-be0f-bcf98d04ef5d",
+    "group_name" : "tenant_linux_container_default_policy_group ",
+    "host_num" : 0,
+    "support_version" : "hss.version.container.enterprise",
+    "support_os" : "Linux"
+  }, {
+    "default_group" : true,
+    "deletable" : false,
+    "description" : "enterprise policy group for windows",
+    "group_id" : "1ff54b90-1b3e-42a9-a1da-9883a83385ce",
+    "group_name" : "tenant_windows_enterprise_default_policy_group ",
+    "host_num" : 0,
+    "support_version" : "hss.version.enterprise",
+    "support_os" : "Windows"
+  }, {
+    "default_group" : true,
+    "deletable" : false,
+    "description" : "enterprise policy group for linux",
+    "group_id" : "1069bcc0-c806-4ccd-a35d-f1f7456805e9",
+    "group_name" : "tenant_linux_enterprise_default_policy_group ",
+    "host_num" : 1,
+    "support_version" : "hss.version.enterprise",
+    "support_os" : "Linux"
+  }, {
+    "default_group" : true,
+    "deletable" : false,
+    "description" : "premium policy group for windows",
+    "group_id" : "11216d24-9e91-4a05-9212-c4c1d646ee79",
+    "group_name" : "tenant_windows_premium_default_policy_group ",
+    "host_num" : 0,
+    "support_version" : "hss.version.premium",
+    "support_os" : "Linux"
+  }, {
+    "default_group" : true,
+    "deletable" : false,
+    "description" : "premium policy group for linux",
+    "group_id" : "e6e1228a-7bb4-424f-a42b-755162234da7",
+    "group_name" : "tenant_linux_premium_default_policy_group ",
+    "host_num" : 0,
+    "support_version" : "hss.version.premium",
+    "support_os" : "Windows"
+  } ],
+  "total_num" : 5
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Policy group list

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Policy Management
+
+
+ diff --git a/docs/hss/api-ref/ListPortStatistics.html b/docs/hss/api-ref/ListPortStatistics.html new file mode 100644 index 00000000..b9e09fa1 --- /dev/null +++ b/docs/hss/api-ref/ListPortStatistics.html @@ -0,0 +1,249 @@ + + +

Asset Fingerprint - Open Port Information

+

Function

This API is used to check open port information in asset fingerprints.

+
+

URI

GET /v5/{project_id}/asset/port/statistics

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

port

+

No

+

Integer

+

Port number

+

Minimum: 1

+

Maximum: 65535

+

type

+

No

+

String

+

Port type: TCP or UDP.

+

Minimum: 1

+

Maximum: 256

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 128

+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 10

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+

category

+

No

+

String

+

Type. The default value is host. The options are as follows:

+

  • host

    +

  • container

    +
+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Number of open ports

+

Minimum: 0

+

Maximum: 10000

+

data_list

+

Array of PortStatisticResponseInfo objects

+

Open port statistics list

+

Array Length: 0 - 10000

+
+
+ +
+ + + + + + + + + + + + + + + + + +
Table 5 PortStatisticResponseInfo

Parameter

+

Type

+

Description

+

port

+

Integer

+

Port number

+

Minimum: 0

+

Maximum: 65535

+

type

+

String

+

Port type: TCP or UDP.

+

num

+

Integer

+

Number of ports

+

Minimum: 0

+

Maximum: 10000

+
+
+
+

Example Requests

The first 10 open ports whose port number is 123 and type is host are queried by default.

+
GET https://{endpoint}/v5/{project_id}/asset/port/statistics?port=123&category=host
+
+

Example Responses

Status code: 200

+

Returns the port information, including the port number, type, and quantity.

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "num" : 4,
+    "port" : 123,
+    "type" : "UDP"
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Returns the port information, including the port number, type, and quantity.

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Asset Management
+
+
+ diff --git a/docs/hss/api-ref/ListPorts.html b/docs/hss/api-ref/ListPorts.html new file mode 100644 index 00000000..b62f458f --- /dev/null +++ b/docs/hss/api-ref/ListPorts.html @@ -0,0 +1,330 @@ + + +

Asset Fingerprint of a Server - Open Port Information

+

Function

This API is used to check open port information in the asset fingerprints of a server.

+
+

URI

GET /v5/{project_id}/asset/ports

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

host_id

+

Yes

+

String

+

Server ID

+

Minimum: 0

+

Maximum: 128

+

host_name

+

No

+

String

+

Server name

+

Minimum: 0

+

Maximum: 128

+

host_ip

+

No

+

String

+

Server IP address

+

Minimum: 0

+

Maximum: 128

+

port

+

No

+

Integer

+

Port number

+

Minimum: 1

+

Maximum: 65535

+

type

+

No

+

String

+

Port type: TCP or UDP.

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 256

+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 10

+

Maximum: 100

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 10000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Number of open ports

+

Minimum: 0

+

Maximum: 10000

+

data_list

+

Array of PortResponseInfo objects

+

Port information list

+

Array Length: 0 - 10000

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 PortResponseInfo

Parameter

+

Type

+

Description

+

host_id

+

String

+

Server ID

+

Minimum: 1

+

Maximum: 128

+

laddr

+

String

+

Listening IP address

+

Minimum: 1

+

Maximum: 128

+

status

+

String

+

port status, normal, danger or unknow

+

  • normal

    +

  • danger

    +

  • unknown

    +
+

port

+

Integer

+

Port number

+

Minimum: 0

+

Maximum: 65535

+

type

+

String

+

Port type: TCP or UDP.

+

pid

+

Integer

+

Process ID

+

Minimum: 1

+

Maximum: 65535

+

path

+

String

+

Path of the process execution file.

+

Minimum: 1

+

Maximum: 256

+

agent_id

+

String

+

Agent ID

+

Minimum: 1

+

Maximum: 64

+

container_id

+

String

+

Container ID

+

Minimum: 0

+

Maximum: 128

+
+
+
+

Example Requests

The first 10 open ports whose host_id is dd91cd32-a238-4c0e-bc01-3b11653714ac are queried by default.

+
GET https://{endpoint}/v5/{project_id}/asset/ports?hlimit=10&offset=0&host_id=dd91cd32-a238-4c0e-bc01-3b11653714ac
+
+

Example Responses

Status code: 200

+

Port information list

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "host_id" : "3702fbd6-xxxx-xxxx-xxxx-6715770bxxxx",
+    "agent_id" : "eb5d03f02fffd85aaf5d0ba5c992d97713244f420e0b076dcf6ae0574c78aa4b",
+    "container_id" : "",
+    "laddr" : "0.0.0.0",
+    "path" : "/usr/sbin/",
+    "pid" : 1554,
+    "port" : 22,
+    "status" : "unknow",
+    "type" : "TCP"
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Port information list

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Asset Management
+
+
+ diff --git a/docs/hss/api-ref/ListProcessStatistics.html b/docs/hss/api-ref/ListProcessStatistics.html new file mode 100644 index 00000000..9a462dd8 --- /dev/null +++ b/docs/hss/api-ref/ListProcessStatistics.html @@ -0,0 +1,230 @@ + + +

Asset Fingerprint - Process Information

+

Function

This API is used to check process information in asset fingerprints.

+
+

URI

GET /v5/{project_id}/asset/process/statistics

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

path

+

No

+

String

+

Executable process path

+

Minimum: 1

+

Maximum: 256

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 10

+

Maximum: 100

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 10000

+

Default: 0

+

category

+

No

+

String

+

Type. The default value is host. The options are as follows:

+

  • host

    +

  • container

    +
+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total number of process statistics

+

Minimum: 0

+

Maximum: 10000

+

data_list

+

Array of ProcessStatisticResponseInfo objects

+

Process statistics list

+

Array Length: 0 - 10000

+
+
+ +
+ + + + + + + + + + + + + +
Table 5 ProcessStatisticResponseInfo

Parameter

+

Type

+

Description

+

path

+

String

+

Path of the executable files for the process

+

Minimum: 1

+

Maximum: 256

+

num

+

Integer

+

Number of processes

+

Minimum: 0

+

Maximum: 100000

+
+
+
+

Example Requests

The first 10 processes whose type is host are queried by default.

+
GET https://{endpoint}/v5/{project_id}/asset/process/statistics?category=host
+
+

Example Responses

Status code: 200

+

Number of servers having the process

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "num" : 13,
+    "path" : "/usr/lib/systemd/systemd-journald"
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Number of servers having the process

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Asset Management
+
+
+ diff --git a/docs/hss/api-ref/ListProtectionPolicy.html b/docs/hss/api-ref/ListProtectionPolicy.html new file mode 100644 index 00000000..8c2ff386 --- /dev/null +++ b/docs/hss/api-ref/ListProtectionPolicy.html @@ -0,0 +1,323 @@ + + +

Querying the Protection Policy List of Ransomware

+

Function

This API is used to query the protection policy list of ransomware.

+
+

URI

GET /v5/{project_id}/ransomware/protection/policy

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+

limit

+

No

+

Integer

+

Number of records displayed on each page.

+

Minimum: 10

+

Maximum: 200

+

Default: 10

+

policy_name

+

No

+

String

+

Policy name

+

Minimum: 0

+

Maximum: 128

+

operating_system

+

No

+

String

+

OSs supported by the policy. The options are as follows:

+

  • Windows

    +

  • Linux

    +
+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total number of policies

+

Minimum: 0

+

Maximum: 2097152

+

data_list

+

Array of ProtectionPolicyInfo objects

+

Query the list of policies.

+

Array Length: 0 - 10241

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 ProtectionPolicyInfo

Parameter

+

Type

+

Description

+

policy_id

+

String

+

Policy ID

+

Minimum: 0

+

Maximum: 128

+

policy_name

+

String

+

Policy name

+

Minimum: 0

+

Maximum: 128

+

protection_mode

+

String

+

Action. Its value can be:

+

  • alarm_and_isolation: Report an alarm and isolate.

    +

  • alarm_only: Only report alarms.

    +
+

bait_protection_status

+

String

+

Whether to enable honeypot protection. By default, the protection is enabled. Its value can be:

+

  • opened

    +

  • closed

    +
+

protection_directory

+

String

+

Protected directory

+

Minimum: 1

+

Maximum: 128

+

protection_type

+

String

+

Protected file type, for example, .docx, .txt, and .avi.

+

Minimum: 0

+

Maximum: 128

+

exclude_directory

+

String

+

(Optional) excluded directory

+

Minimum: 1

+

Maximum: 128

+

runtime_detection_status

+

String

+

Whether to perform runtime checks. The options are as follows. Currently, it can only be disabled. This field is reserved.

+

  • opened

    +

  • closed

    +
+

runtime_detection_directory

+

String

+

Directory to be checked during running. This field is reserved.

+

Minimum: 1

+

Maximum: 128

+

count_associated_server

+

Integer

+

Number of associated servers

+

Minimum: 0

+

Maximum: 2097152

+

operating_system

+

String

+

OS type. Its value can be:

+

  • Linux

    +

  • Windows

    +
+
+
+
+

Example Requests

Query the protection policy list of ransomware. If limit is not specified, 10 records are returned by default.

+
GET https://{endpoint}/v5/{project_id}/ransomware/protection/policy
+
+

Example Responses

Status code: 200

+

Linux protection policy list

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "bait_protection_status" : "opened",
+    "exclude_directory" : "/opt",
+    "count_associated_server" : 0,
+    "operating_system" : "Linux",
+    "protection_mode" : "alarm_only",
+    "policy_id" : "4117d16-074b-41ae-b7d7-9cc25ee258",
+    "policy_name" : "test",
+    "protection_directory" : "/dd",
+    "protection_type" : "docx",
+    "runtime_detection_status" : "closed"
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Linux protection policy list

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Ransomware Prevention
+
+
+ diff --git a/docs/hss/api-ref/ListQuotasDetail.html b/docs/hss/api-ref/ListQuotasDetail.html new file mode 100644 index 00000000..a9a42887 --- /dev/null +++ b/docs/hss/api-ref/ListQuotasDetail.html @@ -0,0 +1,529 @@ + + +

Querying Quota Details

+

Function

This API is used to query quota details.

+
+

URI

GET /v5/{project_id}/billing/quotas-detail

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+

version

+

No

+

String

+

HSS edition. Its values and their meaning are as follows:

+

  • hss.version.null: none

    +

  • hss.version.enterprise: enterprise edition

    +

  • hss.version.premium: premium edition

    +

  • hss.version.container.enterprise: container edition

    +
+

category

+

No

+

String

+

Type. Its value can be:

+

  • host_resource

    +

  • container_resource

    +
+

quota_status

+

No

+

String

+

Quota status. It can be:

+

  • QUOTA_STATUS_NORMAL

    +

    • QUOTA_STATUS_EXPIRED

      +

    • QUOTA_STATUS_FREEZE

      +
    +
+

used_status

+

No

+

String

+

Usage status. It can be:

+

  • USED_STATUS_IDLE

    +

  • USED_STATUS_USED

    +
+

host_name

+

No

+

String

+

Server name

+

Minimum: 0

+

Maximum: 128

+

resource_id

+

No

+

String

+

Specifies the resource ID of the HSS quota.

+

Minimum: 0

+

Maximum: 128

+

charging_mode

+

No

+

String

+

on_demand: pay-per-use

+

limit

+

No

+

Integer

+

Number of records displayed on each page.

+

Minimum: 10

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

on_demand_num

+

Integer

+

Pay-per-Use quotas

+

Minimum: 0

+

Maximum: 10000000

+

used_num

+

Integer

+

Used quotas

+

Minimum: 0

+

Maximum: 10000000

+

idle_num

+

Integer

+

Idle quotas

+

Minimum: 0

+

Maximum: 10000000

+

normal_num

+

Integer

+

Normal quotas

+

Minimum: 0

+

Maximum: 10000000

+

expired_num

+

Integer

+

Expired quotas

+

Minimum: 0

+

Maximum: 10000000

+

freeze_num

+

Integer

+

Frozen quotas

+

Minimum: 0

+

Maximum: 10000000

+

quota_statistics_list

+

Array of QuotaStatisticsResponseInfo objects

+

Quota statistics list

+

Array Length: 0 - 200

+

total_num

+

Integer

+

Total quotas

+

Minimum: 0

+

Maximum: 10000000

+

data_list

+

Array of QuotaResourcesResponseInfo objects

+

Quota list

+

Array Length: 0 - 200

+
+
+ +
+ + + + + + + + + + + + + +
Table 5 QuotaStatisticsResponseInfo

Parameter

+

Type

+

Description

+

version

+

String

+

Resource specification code. Its value can be:

+

  • hss.version.enterprise: enterprise edition

    +

  • hss.version.premium: premium edition

    +

  • hss.version.container: container edition

    +
+

total_num

+

Integer

+

Total quotas

+

Minimum: 0

+

Maximum: 10000000

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 6 QuotaResourcesResponseInfo

Parameter

+

Type

+

Description

+

resource_id

+

String

+

Resource ID of an HSS quota

+

Minimum: 0

+

Maximum: 256

+

version

+

String

+

Resource specification code. Its value can be:

+

  • hss.version.enterprise: enterprise edition

    +

  • hss.version.premium: premium edition

    +

  • hss.version.container: container edition

    +
+

quota_status

+

String

+

Quota status. It can be:

+

  • normal

    +

    • expired

      +

    • freeze

      +
    +
+

used_status

+

String

+

Usage status. Its value can be:

+

  • idle

    +

  • used

    +
+

host_id

+

String

+

Host ID

+

Minimum: 1

+

Maximum: 64

+

host_name

+

String

+

Server name

+

Minimum: 1

+

Maximum: 128

+

charging_mode

+

String

+

on_demand: pay-per-use

+

tags

+

Array of TagInfo objects

+

Tag

+

Array Length: 0 - 2097152

+

expire_time

+

Long

+

Expiration time. The value -1 indicates that the resource will not expire.

+

Minimum: 0

+

Maximum: 2147483647

+

shared_quota

+

String

+

Whether quotas are shared. Its value can be:

+

  • shared

    +

  • unshared

    +
+

enterprise_project_id

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Minimum: 0

+

Maximum: 256

+

enterprise_project_name

+

String

+

Enterprise project name

+

Minimum: 0

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + +
Table 7 TagInfo

Parameter

+

Type

+

Description

+

key

+

String

+

Key. It can contain up to 128 Unicode characters. The key cannot be left blank.

+

Minimum: 1

+

Maximum: 128

+

value

+

String

+

Value. Each tag value can contain a maximum of 255 Unicode characters.

+

Minimum: 1

+

Maximum: 255

+
+
+
+

Example Requests

This API is used to query quotas details in all enterprise projects.

+
GET https://{endpoint}/v5/{project_id}/billing/quotas-detail?offset=0&limit=100&version=hss.version.enterprise&enterprise_project_id=all_granted_eps
+
+

Example Responses

Status code: 200

+

quota details

+
{
+  "data_list" : [ {
+    "charging_mode" : "on_demand",
+    "expire_time" : -1,
+    "host_id" : "71a15ecc-049f-4cca-bd28-5e90aca1817f",
+    "host_name" : "zhangxiaodong2",
+    "quota_status" : "normal",
+    "resource_id" : "af4d08ad-2b60-4916-a5cf-8d6a23956dda",
+    "shared_quota" : "shared",
+    "tags" : [ {
+      "key" : "Service",
+      "value" : "HSS"
+    } ],
+    "used_status" : "used",
+    "version" : "hss.version.enterprise"
+  } ],
+  "expired_num" : 0,
+  "freeze_num" : 0,
+  "idle_num" : 20,
+  "normal_num" : 60,
+  "on_demand_num" : 0,
+  "quota_statistics_list" : [ {
+    "total_num" : 8,
+    "version" : "hss.version.enterprise"
+  } ],
+  "total_num" : 60,
+  "used_num" : 40
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

quota details

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Quota Management
+
+
+ diff --git a/docs/hss/api-ref/ListRiskConfigCheckRules.html b/docs/hss/api-ref/ListRiskConfigCheckRules.html new file mode 100644 index 00000000..092e5ae0 --- /dev/null +++ b/docs/hss/api-ref/ListRiskConfigCheckRules.html @@ -0,0 +1,442 @@ + + +

Querying the Checklist of a Security Configuration Item

+

Function

This API is used to query the checklist of a specified security configuration item.

+
+

URI

GET /v5/{project_id}/baseline/risk-config/{check_name}/check-rules

+ +
+ + + + + + + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 20

+

Maximum: 64

+

check_name

+

Yes

+

String

+

Name of the configuration check (baseline), for example, SSH, CentOS 7, and Windows.

+

Minimum: 0

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 64

+

standard

+

Yes

+

String

+

hw_standard: Cloud security practice standard

+

result_type

+

No

+

String

+

Result type. Its value can be:

+

  • safe: The item passed the check.

    +

  • unhandled: The item failed the check and is not ignored.

    +

  • ignored: The item failed the check but is ignored.

    +
+

Default: unhandled

+

check_rule_name

+

No

+

String

+

Check item name. Fuzzy match is supported.

+

Minimum: 0

+

Maximum: 2048

+

severity

+

No

+

String

+

Risk level. Its value can be:

+

  • Security

    +

  • Low

    +

  • Medium

    +

  • High

    +

  • Critical

    +
+

host_id

+

No

+

String

+

Server ID. If this parameter is not specified, all the servers of the user are queried.

+

Minimum: 0

+

Maximum: 64

+

limit

+

No

+

Integer

+

Number of records displayed on each page.

+

Minimum: 0

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 2097152

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Long

+

Total risks

+

Minimum: 0

+

Maximum: 9223372036854775807

+

data_list

+

Array of CheckRuleRiskInfoResponseInfo objects

+

Data list

+

Array Length: 0 - 2147483647

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 CheckRuleRiskInfoResponseInfo

Parameter

+

Type

+

Description

+

severity

+

String

+

Risk level. Its value can be:

+

  • Low

    +

  • Medium

    +

  • High

    +
+

Minimum: 0

+

Maximum: 255

+

check_name

+

String

+

Name of the configuration check (baseline), for example, SSH, CentOS 7, and Windows.

+

Minimum: 0

+

Maximum: 256

+

check_type

+

String

+

Baseline type. The values for check_type and check_name are the same for Linux servers. For example, they can both be set to SSH or CentOS 7. For Windows servers, the values for check_type and check_name are different. For example, check_type can be set to Windows Server 2019 R2 or Windows Server 2016 R2.

+

Minimum: 0

+

Maximum: 256

+

standard

+

String

+

hw_standard: Cloud security practice standard

+

check_rule_name

+

String

+

Check item name

+

Minimum: 0

+

Maximum: 2048

+

check_rule_id

+

String

+

Check item ID

+

Minimum: 0

+

Maximum: 64

+

host_num

+

Integer

+

The number of servers on which the current baseline detection is performed.

+

Minimum: 0

+

Maximum: 2147483647

+

scan_result

+

String

+

Detection result. Its value can be:

+

  • pass

    +

  • failed

    +
+

status

+

String

+

Status. Its value can be:

+

  • safe

    +

  • ignored

    +

  • unhandled

    +
+

enable_fix

+

Integer

+

Indicates whether one-click repair is supported. 1: yes; 0: no.

+

rule_params

+

Array of CheckRuleFixParamInfo objects

+

Range of parameters applicable to the check items that can be fixed by parameter transfer. This API is returned only for check items that support parameter transfer fix.

+

Array Length: 0 - 2147483647

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + +
Table 6 CheckRuleFixParamInfo

Parameter

+

Type

+

Description

+

rule_param_id

+

Integer

+

Check item parameter ID

+

Minimum: 0

+

Maximum: 10

+

rule_desc

+

String

+

Check item parameter description

+

Minimum: 0

+

Maximum: 256

+

default_value

+

Integer

+

Default values of check item parameters

+

Minimum: 0

+

Maximum: 2147483647

+

range_min

+

Integer

+

Minimum value of check item parameters

+

Minimum: 0

+

Maximum: 2147483647

+

range_max

+

Integer

+

Minimum value of check item parameters

+

Minimum: 0

+

Maximum: 2147483647

+
+
+
+

Example Requests

This API is used to query the check items whose baseline name is SSH, check standard is cloud security practice standard, and enterprise project ID is xxx.

+
GET https://{endpoint}/v5/{project_id}/baseline/risk-config/SSH/check-rules?standard=hw_standard&enterprise_project_id=xxx
+
+{
+  "standard" : "hw_standard"
+}
+
+

Example Responses

Status code: 200

+

checklist of the specified security configuration item

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "check_rule_id" : "1.1",
+    "check_rule_name" : "Rule:Ensure that permissions on /etc/ssh/sshd_config are configured.",
+    "check_type" : "SSH",
+    "host_num" : 2,
+    "scan_result" : "failed",
+    "severity" : "High",
+    "status" : "unhandled",
+    "enable_fix" : 1,
+    "enable_click" : true,
+    "rule_params" : [ {
+      "rule_param_id" : 1,
+      "rule_desc" : "Set the timeout duration.",
+      "default_value" : 5,
+      "range_min" : 1,
+      "range_max" : 10
+    }, {
+      "rule_param_id" : 2,
+      "rule_desc" : "Set the number of restarts.",
+      "default_value" : 10,
+      "range_min" : 1,
+      "range_max" : 20
+    } ]
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

checklist of the specified security configuration item

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Baseline Management
+
+
+ diff --git a/docs/hss/api-ref/ListRiskConfigHosts.html b/docs/hss/api-ref/ListRiskConfigHosts.html new file mode 100644 index 00000000..9a653c3c --- /dev/null +++ b/docs/hss/api-ref/ListRiskConfigHosts.html @@ -0,0 +1,299 @@ + + +

Querying the List of Affected Servers of a Security Configuration Item

+

Function

This API is used to query the list of affected servers of a specified security configuration item.

+
+

URI

GET /v5/{project_id}/baseline/risk-config/{check_name}/hosts

+ +
+ + + + + + + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 20

+

Maximum: 64

+

check_name

+

Yes

+

String

+

Name of the configuration check (baseline), for example, SSH, CentOS 7, and Windows.

+

Minimum: 0

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 64

+

standard

+

Yes

+

String

+

hw_standard: Cloud security practice standard

+

host_name

+

No

+

String

+

Server name

+

Minimum: 0

+

Maximum: 256

+

host_ip

+

No

+

String

+

Server IP address

+

Minimum: 0

+

Maximum: 256

+

limit

+

No

+

Integer

+

Number of items per page

+

Minimum: 0

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 2097152

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Long

+

Total amount of data affected by configuration check

+

Minimum: 0

+

Maximum: 2147483647

+

data_list

+

Array of SecurityCheckHostInfoResponseInfo objects

+

Data list

+

Array Length: 0 - 2147483647

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 SecurityCheckHostInfoResponseInfo

Parameter

+

Type

+

Description

+

host_id

+

String

+

Host ID

+

Minimum: 0

+

Maximum: 64

+

host_name

+

String

+

Server name

+

Minimum: 0

+

Maximum: 256

+

host_public_ip

+

String

+

Server public IP address

+

Minimum: 0

+

Maximum: 128

+

host_private_ip

+

String

+

Server private IP address

+

Minimum: 0

+

Maximum: 256

+

scan_time

+

Long

+

Scan time (ms)

+

Minimum: 0

+

Maximum: 9223372036854775807

+

failed_num

+

Integer

+

Number of risk items

+

Minimum: 0

+

Maximum: 2147483647

+

passed_num

+

Integer

+

Number of passed items

+

Minimum: 0

+

Maximum: 2147483647

+
+
+
+

Example Requests

This API is used to query the list of affected servers whose baseline name is SSH, check standard is cloud security practice standard, and enterprise project ID is xxx.

+
GET https://{endpoint}/v5/{project_id}/baseline/risk-config/SSH/hosts?standard=hw_standard&enterprise_project_id=xxx
+
+

Example Responses

Status code: 200

+

servers affected by the security configuration item

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "failed_num" : 6,
+    "host_id" : "71a15ecc-049f-4cca-bd28-5e90aca1817f",
+    "host_name" : "zhangxiaodong2",
+    "host_private_ip" : "192.168.0.129",
+    "host_public_ip" : "*.*.*.10",
+    "passed_num" : 10,
+    "scan_time" : 1661716860935
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

servers affected by the security configuration item

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Baseline Management
+
+
+ diff --git a/docs/hss/api-ref/ListRiskConfigs.html b/docs/hss/api-ref/ListRiskConfigs.html new file mode 100644 index 00000000..75469eac --- /dev/null +++ b/docs/hss/api-ref/ListRiskConfigs.html @@ -0,0 +1,322 @@ + + +

Querying the Result List of Server Security Configuration Check

+

Function

This API is used to query the result list of a user's server security configuration check.

+
+

URI

GET /v5/{project_id}/baseline/risk-configs

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 256

+

check_name

+

No

+

String

+

Baseline name, for example, SSH, CentOS 7, and Windows.

+

Minimum: 0

+

Maximum: 256

+

severity

+

No

+

String

+

Risk level. Its value can be:

+

  • Security

    +

  • Low

    +

  • Medium

    +

  • High

    +
+

standard

+

No

+

String

+

hw_standard: Cloud security practice standard

+

host_id

+

No

+

String

+

Host ID

+

Minimum: 0

+

Maximum: 128

+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 0

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Long

+

Total number of records

+

Minimum: 0

+

Maximum: 2147483647

+

data_list

+

Array of SecurityCheckInfoResponseInfo objects

+

Server configuration check result list

+

Array Length: 0 - 2147483647

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 SecurityCheckInfoResponseInfo

Parameter

+

Type

+

Description

+

severity

+

String

+

Risk level. Its value can be:

+

  • Low

    +

  • Medium

    +

  • High

    +
+

check_name

+

String

+

Baseline name, for example, SSH, CentOS 7, and Windows.

+

Minimum: 0

+

Maximum: 256

+

check_type

+

String

+

Baseline type. The values for check_type and check_name are the same for Linux servers. For example, they can both be set to SSH or CentOS 7. For Windows servers, the values for check_type and check_name are different. For example, check_type can be set to Windows Server 2019 R2 or Windows Server 2016 R2.

+

Minimum: 0

+

Maximum: 256

+

standard

+

String

+

hw_standard: Cloud security practice standard

+

check_rule_num

+

Integer

+

Indicates the total number of check items of the current configuration check (baseline) type. For example, if the standard type of the SSH baseline is hw_standard, server security provides 17 check items, but only five check items of the SSH baseline are detected on all servers. Therefore, the value of check_rule_num is 5. All check items are checked on a server. The value of check_rule_num is 17.

+

Minimum: 0

+

Maximum: 2097152

+

failed_rule_num

+

Integer

+

Number of failed check items. If a server fails to pass a check item in check_rule_num, the item is counted in failed_rule_num.

+

Minimum: 0

+

Maximum: 2097152

+

host_num

+

Integer

+

The number of servers on which the current baseline detection is performed.

+

Minimum: 0

+

Maximum: 2097152

+

scan_time

+

Long

+

Latest detection time (ms)

+

Minimum: 0

+

Maximum: 2097152

+

check_type_desc

+

String

+

Description of the baseline type, including the standards for the check items and the issues that can be audited.

+

Minimum: 0

+

Maximum: 65534

+
+
+
+

Example Requests

This API is used to query the server baseline configuration check list whose enterprise project ID is xxx. Data on the first page (the first 10 records) is returned by default.

+
GET https://{endpoint}/v5/{project_id}/baseline/risk-configs?enterprise_project_id=xxx
+
+

Example Responses

Status code: 200

+

server security configuration check result

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "check_name" : "Docker",
+    "check_rule_num" : 25,
+    "check_type" : "Docker",
+    "check_type_desc" : "Configuring security audit of Docker's host configurations and container-running-related contents based on Docker Container Security Specifications V1_0.",
+    "failed_rule_num" : 20,
+    "host_num" : 0,
+    "scan_time" : 1661716860935,
+    "severity" : "High",
+    "standard" : "hw_standard"
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

server security configuration check result

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Baseline Management
+
+
+ diff --git a/docs/hss/api-ref/ListSecurityEvents.html b/docs/hss/api-ref/ListSecurityEvents.html new file mode 100644 index 00000000..e677e947 --- /dev/null +++ b/docs/hss/api-ref/ListSecurityEvents.html @@ -0,0 +1,1630 @@ + + +

Querying the Detected Intrusion List

+

Function

This API is used to query the detected intrusion list.

+
+

URI

GET /v5/{project_id}/event/events

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 20

+

Maximum: 64

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

category

+

Yes

+

String

+

Event category. Its value can be:

+

  • host: host security event

    +

  • container: container security event

    +
+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 64

+

last_days

+

No

+

Integer

+

Number of days to be queried. This parameter is mutually exclusive with begin_time and end_time.

+

Minimum: 1

+

Maximum: 30

+

host_name

+

No

+

String

+

Server name

+

Minimum: 1

+

Maximum: 64

+

host_id

+

No

+

String

+

Host ID

+

Minimum: 0

+

Maximum: 64

+

private_ip

+

No

+

String

+

Server IP address

+

Minimum: 1

+

Maximum: 256

+

container_name

+

No

+

String

+

Container instance name

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+

limit

+

No

+

Integer

+

Number of records displayed on each page

+

Minimum: 10

+

Maximum: 1000

+

Default: 10

+

event_types

+

No

+

Array

+

Intrusion type. Its value can be:

+

  • 1001: Malware

    +

  • 1010: Rootkit

    +

  • 1011: Ransomware

    +

  • 1015: Web shell

    +

  • 1017: Reverse shell

    +

  • 2001: Common vulnerability exploit

    +

  • 3002: File privilege escalation

    +

  • 3003: Process privilege escalation

    +

  • 3004: Important file change

    +

  • 3005: File/Directory change

    +

  • 3007: Abnormal process behavior

    +

  • 3015: High-risk command execution

    +

  • 3018: Abnormal shell

    +

  • 3027: Suspicious crontab tasks

    +

  • 4002: Brute-force attack

    +

  • 4004: Abnormal login

    +

  • 4006: Invalid system account

    +
+

Minimum: 1000

+

Maximum: 30000

+

Array Length: 1 - 500

+

handle_status

+

No

+

String

+

Status. Its value can be:

+

  • unhandled

    +

  • handled

    +
+

severity

+

No

+

String

+

Threat level. Its value can be:

+

  • Security

    +

  • Low

    +

  • Medium

    +

  • High

    +

  • Critical

    +
+

begin_time

+

No

+

String

+

Customized start time of a segment. The timestamp is accurate to seconds. The begin_time should be no more than two days earlier than the end_time. This parameter is mutually exclusive with the queried duration.

+

Minimum: 13

+

Maximum: 13

+

end_time

+

No

+

String

+

Customized end time of a segment. The timestamp is accurate to seconds. The begin_time should be no more than two days earlier than the end_time. This parameter is mutually exclusive with the queried duration.

+

Minimum: 13

+

Maximum: 13

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total number of alarm events

+

Minimum: 0

+

Maximum: 2147483647

+

data_list

+

Array of EventManagementResponseInfo objects

+

Event list

+

Array Length: 0 - 1000

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 EventManagementResponseInfo

Parameter

+

Type

+

Description

+

event_id

+

String

+

Event ID

+

event_class_id

+

String

+

Event category. Its value can be:

+

  • container_1001: Container namespace

    +

  • container_1002: Container open port

    +

  • container_1003: Container security option

    +

  • container_1004: Container mount directory

    +

  • containerescape_0001: High-risk system call

    +

  • containerescape_0002: Shocker attack

    +

  • containerescape_0003: Dirty Cow attack

    +

  • containerescape_0004: Container file escape

    +

  • dockerfile_001: Modification of user-defined protected container file

    +

  • dockerfile_002: Modification of executable files in the container file system

    +

  • dockerproc_001: Abnormal container process

    +

  • fileprotect_0001: File privilege escalation

    +

  • fileprotect_0002: Key file change

    +

  • fileprotect_0003: AuthorizedKeysFile path change

    +

  • fileprotect_0004: File directory change

    +

  • login_0001: Brute-force attack attempt

    +

  • login_0002: Brute-force attack succeeded

    +

  • login_1001: Succeeded login

    +

  • login_1002: Remote login

    +

  • login_1003: Weak password

    +

  • malware_0001: Shell change

    +

  • malware_0002: Reverse shell

    +

  • malware_1001: Malicious program

    +

  • procdet_0001: Abnormal process behavior

    +

  • procdet_0002: Process privilege escalation

    +

  • procreport_0001: High-risk command

    +

  • user_1001: Account change

    +

  • user_1002: Unsafe account

    +

  • vmescape_0001: Sensitive command executed on VM

    +

  • vmescape_0002: Sensitive file accessed by virtualization process

    +

  • vmescape_0003: Abnormal VM port access

    +

  • webshell_0001: Web shell

    +

  • network_1001: Mining

    +

  • network_1002: DDoS attacks

    +

  • network_1003: Malicious scanning

    +

  • network_1004: Attack in sensitive areas

    +

  • crontab_1001: Suspicious crontab task

    +
+

event_type

+

Integer

+

Intrusion type. Its value can be:

+

  • 1001: Malware

    +

  • 1010: Rootkit

    +

  • 1011: Ransomware

    +

  • 1015: Web shell

    +

  • 1017: Reverse shell

    +

  • 2001: Common vulnerability exploit

    +

  • 3002: File privilege escalation

    +

  • 3003: Process privilege escalation

    +

  • 3004: Important file change

    +

  • 3005: File/Directory change

    +

  • 3007: Abnormal process behavior

    +

  • 3015: High-risk command execution

    +

  • 3018: Abnormal shell

    +

  • 3027: Suspicious crontab tasks

    +

  • 4002: Brute-force attack

    +

  • 4004: Abnormal login

    +

  • 4006: Invalid system account

    +
+

event_name

+

String

+

Event name

+

severity

+

String

+

Threat level. Its value can be:

+

  • Security

    +

  • Low

    +

  • Medium

    +

  • High

    +

  • Critical

    +
+

container_name

+

String

+

Container instance name. This API is available only for container alarms.

+

image_name

+

String

+

Image name. This API is available only for container alarms.

+

host_name

+

String

+

Server name

+

host_id

+

String

+

Host ID

+

private_ip

+

String

+

Server private IP address

+

public_ip

+

String

+

Elastic IP address

+

os_type

+

String

+

OS type. Its value can be:

+

  • Linux

    +

  • Windows

    +
+

host_status

+

String

+

Server status. The options are as follows:

+

  • ACTIVE

    +

  • SHUTOFF

    +

  • BUILDING

    +

  • ERROR

    +
+

agent_status

+

String

+

Agent status. Its value can be:

+

  • installed

    +

  • not_installed

    +

  • online

    +

  • offline

    +

  • install_failed

    +

  • installing

    +
+

protect_status

+

String

+

Protection status. Its value can be:

+

  • closed

    +

  • opened

    +
+

asset_value

+

String

+

Asset importance. The options are as follows:

+

  • important

    +

  • common

    +

  • test

    +
+

attack_phase

+

String

+

Attack phase. Its value can be:

+

  • reconnaissance

    +

  • weaponization

    +

  • delivery

    +

  • exploit

    +

  • installation

    +

  • command_and_control

    +

  • actions

    +
+

attack_tag

+

String

+

Attack tag. Its value can be:

+

  • attack_success

    +

  • attack_attempt

    +

  • attack_blocked

    +

  • abnormal_behavior

    +

  • collapsible_host

    +

  • system_vulnerability

    +
+

occur_time

+

Integer

+

Occurrence time, accurate to milliseconds.

+

handle_time

+

Integer

+

Handling time, in milliseconds. This API is available only for handled alarms.

+

handle_status

+

String

+

Processing status. Its value can be:

+

  • unhandled

    +

  • handled

    +
+

handle_method

+

String

+

Handling method. This API is available only for handled alarms. The options are as follows:

+

  • mark_as_handled

    +

  • ignore

    +

  • add_to_alarm_whitelist

    +

  • add_to_login_whitelist

    +

  • isolate_and_kill

    +
+

handler

+

String

+

Remarks. This API is available only for handled alarms.

+

operate_accept_list

+

Array of strings

+

Supported processing operation

+

operate_detail_list

+

Array of EventDetailResponseInfo objects

+

Operation details list (not displayed on the page)

+

Array Length: 0 - 100

+

forensic_info

+

Object

+

Attack information, in JSON format.

+

resource_info

+

EventResourceResponseInfo object

+

Resource information

+

geo_info

+

Object

+

Geographical location, in JSON format.

+

malware_info

+

Object

+

Malware information, in JSON format.

+

network_info

+

Object

+

Network information, in JSON format.

+

app_info

+

Object

+

Application information, in JSON format.

+

system_info

+

Object

+

System information, in JSON format.

+

extend_info

+

Object

+

Extended event information, in JSON format

+

recommendation

+

String

+

Handling suggestions

+

process_info_list

+

Array of EventProcessResponseInfo objects

+

Process information list

+

Array Length: 0 - 100

+

user_info_list

+

Array of EventUserResponseInfo objects

+

User information list

+

Array Length: 0 - 100

+

file_info_list

+

Array of EventFileResponseInfo objects

+

File information list

+

Array Length: 0 - 100

+

event_details

+

String

+

Brief description of the event.

+

Minimum: 0

+

Maximum: 204800

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 6 EventDetailResponseInfo

Parameter

+

Type

+

Description

+

agent_id

+

String

+

Agent ID

+

process_pid

+

Integer

+

Process ID

+

is_parent

+

Boolean

+

Whether a process is a parent process

+

file_hash

+

String

+

File hash

+

file_path

+

String

+

File path

+

file_attr

+

String

+

File attribute

+

private_ip

+

String

+

Server private IP address

+

login_ip

+

String

+

Login source IP address

+

login_user_name

+

String

+

Login username

+

keyword

+

String

+

Alarm event keyword, which is used only for the alarm whitelist.

+

hash

+

String

+

Alarm event hash, which is used only for the alarm whitelist.

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 7 EventResourceResponseInfo

Parameter

+

Type

+

Description

+

domain_id

+

String

+

User account ID

+

project_id

+

String

+

Project ID

+

enterprise_project_id

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

region_name

+

String

+

Region name

+

vpc_id

+

String

+

VPC ID

+

cloud_id

+

String

+

ECS ID

+

vm_name

+

String

+

VM name

+

vm_uuid

+

String

+

Specifies the VM UUID, that is, the server ID.

+

container_id

+

String

+

Container ID

+

image_id

+

String

+

Image ID

+

image_name

+

String

+

Image name

+

host_attr

+

String

+

Host attribute

+

service

+

String

+

Service

+

micro_service

+

String

+

Microservice

+

sys_arch

+

String

+

System CPU architecture

+

os_bit

+

String

+

OS bit version

+

os_type

+

String

+

OS type

+

os_name

+

String

+

OS name

+

os_version

+

String

+

OS version

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 8 EventProcessResponseInfo

Parameter

+

Type

+

Description

+

process_name

+

String

+

Process name

+

process_path

+

String

+

Process file path

+

process_pid

+

Integer

+

Process ID

+

Minimum: 0

+

Maximum: 2147483647

+

process_uid

+

Integer

+

Process user ID

+

Minimum: 0

+

Maximum: 2147483647

+

process_username

+

String

+

Process username

+

process_cmdline

+

String

+

Process file command line

+

process_filename

+

String

+

Process file name

+

process_start_time

+

Long

+

Process start time

+

Minimum: 0

+

Maximum: 9223372036854775807

+

process_gid

+

Integer

+

Process group ID

+

Minimum: 0

+

Maximum: 2147483647

+

process_egid

+

Integer

+

Valid process group ID

+

Minimum: 0

+

Maximum: 2147483647

+

process_euid

+

Integer

+

Valid process user ID

+

Minimum: 0

+

Maximum: 2147483647

+

parent_process_name

+

String

+

Parent process name

+

parent_process_path

+

String

+

Parent process file path

+

parent_process_pid

+

Integer

+

Parent process ID

+

Minimum: 0

+

Maximum: 2147483647

+

parent_process_uid

+

Integer

+

Parent process user ID

+

Minimum: 0

+

Maximum: 2147483647

+

parent_process_cmdline

+

String

+

Parent process file command line

+

parent_process_filename

+

String

+

Parent process file name

+

parent_process_start_time

+

Long

+

Parent process start time

+

Minimum: 0

+

Maximum: 9223372036854775807

+

parent_process_gid

+

Integer

+

Parent process group ID

+

Minimum: 0

+

Maximum: 2147483647

+

parent_process_egid

+

Integer

+

Valid parent process group ID

+

Minimum: 0

+

Maximum: 2147483647

+

parent_process_euid

+

Integer

+

Valid parent process user ID

+

Minimum: 0

+

Maximum: 2147483647

+

child_process_name

+

String

+

Subprocess name

+

child_process_path

+

String

+

Subprocess file path

+

child_process_pid

+

Integer

+

Subprocess ID

+

Minimum: 0

+

Maximum: 2147483647

+

child_process_uid

+

Integer

+

Subprocess user ID

+

Minimum: 0

+

Maximum: 2147483647

+

child_process_cmdline

+

String

+

Subprocess file command line

+

child_process_filename

+

String

+

Subprocess file name

+

child_process_start_time

+

Long

+

Subprocess start time

+

Minimum: 0

+

Maximum: 9223372036854775807

+

child_process_gid

+

Integer

+

Subprocess group ID

+

Minimum: 0

+

Maximum: 2147483647

+

child_process_egid

+

Integer

+

Valid subprocess group ID

+

Minimum: 0

+

Maximum: 2147483647

+

child_process_euid

+

Integer

+

Valid subprocess user ID

+

Minimum: 0

+

Maximum: 2147483647

+

virt_cmd

+

String

+

Virtualization command

+

virt_process_name

+

String

+

Virtualization process name

+

escape_mode

+

String

+

Escape mode

+

escape_cmd

+

String

+

Commands executed after escape

+

process_hash

+

String

+

Process startup file hash

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 9 EventUserResponseInfo

Parameter

+

Type

+

Description

+

user_id

+

Integer

+

User UID

+

Minimum: 0

+

Maximum: 2147483647

+

user_gid

+

Integer

+

User GID

+

Minimum: 0

+

Maximum: 2147483647

+

user_name

+

String

+

User name

+

user_group_name

+

String

+

User group name

+

user_home_dir

+

String

+

User home directory

+

login_ip

+

String

+

User login IP address

+

service_type

+

String

+

Service type. The options are as follows:

+

  • system

    +

  • mysql

    +

  • redis

    +
+

service_port

+

Integer

+

Login service port

+

Minimum: 0

+

Maximum: 2147483647

+

login_mode

+

Integer

+

Login mode

+

Minimum: 0

+

Maximum: 2147483647

+

login_last_time

+

Long

+

Last login time

+

Minimum: 0

+

Maximum: 9223372036854775807

+

login_fail_count

+

Integer

+

Number of failed login attempts

+

Minimum: 0

+

Maximum: 2147483647

+

pwd_hash

+

String

+

Password hash

+

pwd_with_fuzzing

+

String

+

Masked password

+

pwd_used_days

+

Integer

+

Password age (days)

+

Minimum: 0

+

Maximum: 2147483647

+

pwd_min_days

+

Integer

+

Minimum password validity period

+

Minimum: 0

+

Maximum: 2147483647

+

pwd_max_days

+

Integer

+

Maximum password validity period

+

Minimum: 0

+

Maximum: 2147483647

+

pwd_warn_left_days

+

Integer

+

Advance warning of password expiration (days)

+

Minimum: 0

+

Maximum: 2147483647

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 10 EventFileResponseInfo

Parameter

+

Type

+

Description

+

file_path

+

String

+

File path

+

file_alias

+

String

+

File alias

+

file_size

+

Integer

+

File size

+

Minimum: 0

+

Maximum: 2147483647

+

file_mtime

+

Long

+

Time when a file was last modified

+

Minimum: 0

+

Maximum: 9223372036854775807

+

file_atime

+

Long

+

Time when a file was last accessed

+

Minimum: 0

+

Maximum: 9223372036854775807

+

file_ctime

+

Long

+

Time when the status of a file was last changed

+

Minimum: 0

+

Maximum: 9223372036854775807

+

file_hash

+

String

+

The hash value calculated using the SHA256 algorithm.

+

file_md5

+

String

+

File MD5

+

file_sha256

+

String

+

File SHA256

+

file_type

+

String

+

File type

+

file_content

+

String

+

File content

+

file_attr

+

String

+

File attribute

+

file_operation

+

Integer

+

File operation type

+

Minimum: 0

+

Maximum: 2147483647

+

file_action

+

String

+

File action

+

file_change_attr

+

String

+

Old/New attribute

+

file_new_path

+

String

+

New file path

+

file_desc

+

String

+

File description

+

file_key_word

+

String

+

File keyword

+

is_dir

+

Boolean

+

Whether it is a directory

+

fd_info

+

String

+

File handle information

+

fd_count

+

Integer

+

Number of file handles

+

Minimum: 0

+

Maximum: 2147483647

+
+
+
+

Example Requests

Query the first 50 unprocessed server events whose enterprise project is xxx.

+
GET https://{endpoint}/v5/{project_id}/event/events?offset=0&limit=50&handle_status=unhandled&category=host&enterprise_project_id=xxx
+
+

Example Responses

Status code: 200

+

intrusion list

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "attack_phase" : "exploit",
+    "attack_tag" : "abnormal_behavior",
+    "event_class_id" : "lgin_1002",
+    "event_id" : "d8a12cf7-6a43-4cd6-92b4-aabf1e917",
+    "event_name" : "different locations",
+    "event_type" : 4004,
+    "forensic_info" : {
+      "country" : "Country/Region",
+      "city" : "State/Province",
+      "ip" : "127.0.0.1",
+      "user" : "zhangsan",
+      "sub_division" : "City",
+      "city_id" : 3110
+    },
+    "handle_status" : "unhandled",
+    "host_name" : "xxx",
+    "occur_time" : 1661593036627,
+    "operate_accept_list" : [ "ignore" ],
+    "operate_detail_list" : [ {
+      "agent_id" : "c9bed5397db449ebdfba15e85fcfc36accee125c68954daf5cab0528bab59bd8",
+      "file_hash" : "e8b50f0b91e3dce0885ccc5902846b139d28108a0a7976c9b8d43154c5dbc44d",
+      "file_path" : "/usr/test",
+      "process_pid" : 3123,
+      "file_attr" : 33261,
+      "keyword" : "file_path=/usr/test",
+      "hash" : "e8b50f0b91e3dce0885ccc5902846b139d28108a0a7976c9b8d43154c5dbc44d",
+      "login_ip" : "127.0.0.1",
+      "private_ip" : "127.0.0.2",
+      "login_user_name" : "root",
+      "is_parent" : false
+    } ],
+    "private_ip" : "127.0.0.1",
+    "resource_info" : {
+      "region_name" : "",
+      "project_id" : "",
+      "enterprise_project_id" : "0",
+      "os_type" : "Linux",
+      "os_version" : "2.5",
+      "vm_name" : "",
+      "vm_uuid" : "71a15ecc",
+      "cloud_id" : ""
+    },
+    "severity" : "Medium",
+    "extend_info" : "",
+    "os_type" : "Linux",
+    "agent_status" : "online",
+    "asset_value" : "common",
+    "protect_status" : "opened",
+    "host_status" : "ACTIVE",
+    "event_details" : "file_path:/root/test",
+    "user_info_list" : [ {
+      "login_ip" : "",
+      "service_port" : 22,
+      "service_type" : "ssh",
+      "user_name" : "zhangsan",
+      "login_mode" : 0,
+      "login_last_time" : 1661593024,
+      "login_fail_count" : 0
+    } ]
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

intrusion list

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Intrusion Detection
+
+
+ diff --git a/docs/hss/api-ref/ListUserChangeHistories.html b/docs/hss/api-ref/ListUserChangeHistories.html new file mode 100644 index 00000000..f5e85b2c --- /dev/null +++ b/docs/hss/api-ref/ListUserChangeHistories.html @@ -0,0 +1,408 @@ + + +

Obtaining the Account Change History

+

Function

This API is used to obtain the account change history.

+
+

URI

GET /v5/{project_id}/asset/user/change-history

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

user_name

+

No

+

String

+

Username

+

Minimum: 1

+

Maximum: 128

+

host_id

+

No

+

String

+

Server ID

+

Minimum: 1

+

Maximum: 128

+

root_permission

+

No

+

Boolean

+

Whether the user has root permissions

+

  • true: The user has the root permission.

    +

  • false: The user does not have the root permission.

    +
+

host_name

+

No

+

String

+

Server name

+

Minimum: 1

+

Maximum: 128

+

private_ip

+

No

+

String

+

Server private IP address

+

Minimum: 1

+

Maximum: 128

+

change_type

+

No

+

String

+

Account change type. The options are as follows:

+

  • ADD

    +

  • DELETE

    +

  • MODIFY

    +
+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 10

+

Maximum: 100

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 10000

+

Default: 0

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+

start_time

+

No

+

Long

+

Start time of a change. Its value is a 13-digit timestamp.

+

Minimum: 0

+

Maximum: 4070880000000

+

end_time

+

No

+

Long

+

End time of a change. Its value is a 13-digit timestamp.

+

Minimum: 0

+

Maximum: 4070880000000

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total number of changed accounts

+

Minimum: 0

+

Maximum: 10000000

+

data_list

+

Array of UserChangeHistoryResponseInfo objects

+

Account change history

+

Array Length: 0 - 200

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 UserChangeHistoryResponseInfo

Parameter

+

Type

+

Description

+

agent_id

+

String

+

Agent ID

+

Minimum: 1

+

Maximum: 128

+

change_type

+

String

+

Change type. Its value can be:

+

  • ADD

    +

  • DELETE

    +

  • MODIFY

    +
+

Minimum: 1

+

Maximum: 128

+

host_id

+

String

+

Host ID

+

Minimum: 1

+

Maximum: 128

+

host_name

+

String

+

Server name

+

Minimum: 1

+

Maximum: 128

+

private_ip

+

String

+

Server private IP address

+

Minimum: 1

+

Maximum: 128

+

login_permission

+

Boolean

+

Whether the user has the login permission

+

root_permission

+

Boolean

+

Whether the user has root permissions

+

user_group_name

+

String

+

User group name

+

Minimum: 1

+

Maximum: 128

+

user_home_dir

+

String

+

User home directory

+

Minimum: 1

+

Maximum: 128

+

shell

+

String

+

User startup shell

+

Minimum: 1

+

Maximum: 128

+

user_name

+

String

+

Account name

+

Minimum: 1

+

Maximum: 128

+

expire_time

+

Long

+

Expiration time, which is a timestamp. The default unit is millisecond.

+

Minimum: 0

+

Maximum: 4070880000000

+

recent_scan_time

+

Long

+

Time when an account is added, modified, or deleted.

+

Minimum: 0

+

Maximum: 4070880000000

+
+
+
+

Example Requests

The first 10 account change records whose start time is 1700446129130 and end time is 1701050929130 are queried by default.

+
GET https://{endpoint}/v5/{project_id}/asset/user/change-history?start_time=1700446129130&end_time=1701050929130
+
+

Example Responses

Status code: 200

+

account change history

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "agent_id" : "0bf792d910xxxxxxxxxxx52cb7e63exxx",
+    "host_id" : "13xxxxxxxece69",
+    "private_ip" : "192.168.0.1",
+    "host_name" : "test",
+    "user_home_dir" : "/test",
+    "login_permission" : false,
+    "recent_scan_time" : 1667039707730,
+    "expire_time" : 1667039707730,
+    "root_permission" : false,
+    "shell" : "/sbin/nologin",
+    "user_group_name" : "bin",
+    "user_name" : "bin",
+    "change_type" : "ADD"
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

account change history

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Asset Management
+
+
+ diff --git a/docs/hss/api-ref/ListUserStatistics.html b/docs/hss/api-ref/ListUserStatistics.html new file mode 100644 index 00000000..da326150 --- /dev/null +++ b/docs/hss/api-ref/ListUserStatistics.html @@ -0,0 +1,218 @@ + + +

Asset Fingerprint - Account Information

+

Function

This API is used to check account information in asset fingerprints.

+
+

URI

GET /v5/{project_id}/asset/user/statistics

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

user_name

+

No

+

String

+

Account name. It must comply with the Windows file naming rules. The value can contain letters, digits, underscores (_), and the following special characters: !@.-.

+

Minimum: 1

+

Maximum: 128

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 128

+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 10

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total number of accounts

+

Minimum: 0

+

Maximum: 10000

+

data_list

+

Array of UserStatisticInfoResponseInfo objects

+

Account statistics list

+

Array Length: 0 - 10000

+
+
+ +
+ + + + + + + + + + + + + +
Table 5 UserStatisticInfoResponseInfo

Parameter

+

Type

+

Description

+

user_name

+

String

+

Account name. It must comply with the Windows file naming rules. The value can contain letters, digits, underscores (_), and the following special characters: !@.-.

+

Minimum: 1

+

Maximum: 128

+

num

+

Integer

+

Number of servers of the account

+

Minimum: 0

+

Maximum: 10000

+
+
+
+

Example Requests

The first 10 accounts are queried by default.

+
GET https://{endpoint}/v5/{project_id}/asset/user/statistics
+
+

Example Responses

Status code: 200

+

Number of servers having the account

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "user_name" : "bin",
+    "num" : 5
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Number of servers having the account

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Asset Management
+
+
+ diff --git a/docs/hss/api-ref/ListUsers.html b/docs/hss/api-ref/ListUsers.html new file mode 100644 index 00000000..666e9c3c --- /dev/null +++ b/docs/hss/api-ref/ListUsers.html @@ -0,0 +1,372 @@ + + +

Querying the Server List of an Account

+

Function

This API is used to query the server list of an account.

+
+

URI

GET /v5/{project_id}/asset/users

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 128

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

host_id

+

No

+

String

+

Host ID

+

Minimum: 0

+

Maximum: 128

+

user_name

+

No

+

String

+

Account name

+

Minimum: 0

+

Maximum: 32

+

host_name

+

No

+

String

+

Host name

+

Minimum: 0

+

Maximum: 128

+

private_ip

+

No

+

String

+

Server private IP address

+

Minimum: 0

+

Maximum: 128

+

login_permission

+

No

+

Boolean

+

Whether login is allowed.

+

  • true: Login is allowed.

    +

  • false: Login is not allowed.

    +
+

root_permission

+

No

+

Boolean

+

Whether the user has root permissions

+

  • true: The user has the root permission.

    +

  • false: The user does not have the root permission.

    +
+

user_group

+

No

+

String

+

Server user group

+

Minimum: 0

+

Maximum: 128

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 128

+

limit

+

No

+

Integer

+

Number of records on each page.

+

Minimum: 10

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Total number of accounts

+

Minimum: 0

+

Maximum: 10000

+

data_list

+

Array of UserResponseInfo objects

+

Account information list

+

Array Length: 0 - 10000

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 UserResponseInfo

Parameter

+

Type

+

Description

+

agent_id

+

String

+

Agent ID

+

Minimum: 1

+

Maximum: 128

+

host_id

+

String

+

Host ID

+

Minimum: 1

+

Maximum: 128

+

host_name

+

String

+

Server name

+

Minimum: 1

+

Maximum: 128

+

host_ip

+

String

+

Server IP address

+

Minimum: 1

+

Maximum: 128

+

user_name

+

String

+

Username

+

Minimum: 1

+

Maximum: 128

+

login_permission

+

Boolean

+

Whether the user has the login permission

+

root_permission

+

Boolean

+

Whether the user has root permissions

+

user_group_name

+

String

+

User group name

+

Minimum: 1

+

Maximum: 128

+

user_home_dir

+

String

+

User home directory

+

Minimum: 1

+

Maximum: 256

+

shell

+

String

+

User startup shell

+

Minimum: 1

+

Maximum: 128

+

recent_scan_time

+

Long

+

Latest scan time, in ms.

+

Minimum: 0

+

Maximum: 4070880000000

+
+
+
+

Example Requests

Query servers list whose account is daemon by default.

+
GET https://{endpoint}/v5/{project_id}/asset/users?user_name=daemon
+
+

Example Responses

Status code: 200

+

account information list

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "agent_id" : "0bf792d910xxxxxxxxxxx52cb7e63exxx",
+    "host_id" : "13xxxxxxxece69",
+    "host_ip" : "192.168.0.1",
+    "host_name" : "test",
+    "login_permission" : false,
+    "recent_scan_time" : 1667039707730,
+    "root_permission" : false,
+    "shell" : "/sbin/nologin",
+    "user_group_name" : "bin",
+    "user_home_dir" : "/bin",
+    "user_name" : "bin"
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

account information list

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Asset Management
+
+
+ diff --git a/docs/hss/api-ref/ListVulHosts.html b/docs/hss/api-ref/ListVulHosts.html new file mode 100644 index 00000000..1b436acf --- /dev/null +++ b/docs/hss/api-ref/ListVulHosts.html @@ -0,0 +1,342 @@ + + +

Querying the Servers Affected by a Vulnerability

+

Function

This API is used to query the servers affected by a vulnerability.

+
+

URI

GET /v5/{project_id}/vulnerability/hosts

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 128

+

vul_id

+

Yes

+

String

+

Vulnerability ID

+

Minimum: 0

+

Maximum: 64

+

type

+

Yes

+

String

+

Vulnerability type. Its value can be:

+

  • linux_vul: Linux vulnerability

    +

  • windows_vul: Windows vulnerability

    +
+

host_name

+

No

+

String

+

Affected server name

+

Minimum: 0

+

Maximum: 256

+

host_ip

+

No

+

String

+

IP address of the affected server

+

Minimum: 0

+

Maximum: 128

+

status

+

No

+

String

+

Vulnerability status.

+

  • vul_status_unfix: not fixed

    +

  • vul_status_ignored: ignored

    +

    • vul_status_verified: verification in progress

      +

    • vul_status_fixing: The fix is in progress.

      +

    • vul_status_fixed: The fix succeeded.

      +

    • vul_status_reboot: The issue is fixed and waiting for restart.

      +

    • vul_status_failed: The issue failed to be fixed.

      +

    • vul_status_fix_after_reboot: Restart the server and try again.

      +
    +
+

limit

+

No

+

Integer

+

Number of records displayed on each page.

+

Minimum: 10

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Integer

+

Number of affected servers

+

Minimum: 0

+

Maximum: 10000

+

data_list

+

Array of VulHostInfo objects

+

List of affected ECSs

+

Array Length: 1 - 10000

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 VulHostInfo

Parameter

+

Type

+

Description

+

host_id

+

String

+

ID of the server affected by the vulnerability

+

Minimum: 1

+

Maximum: 128

+

severity_level

+

String

+

Risk level.

+

  • Critical: The CVSS score of the vulnerability is greater than or equal to 9, corresponding to the high risk level on the console.

    +

  • High: The CVSS score of the vulnerability is greater than or equal to 7 and less than 9, corresponding to the medium risk level on the console.

    +

  • Medium: The CVSS score of the vulnerability is greater than or equal to 4 and less than 7, corresponding to the medium risk level on the console.

    +

  • Low: The CVSS score of the vulnerability is less than 4, corresponding to the low risk level on the console.

    +
+

host_name

+

String

+

Affected server name

+

Minimum: 1

+

Maximum: 256

+

host_ip

+

String

+

IP address of the affected server

+

Minimum: 1

+

Maximum: 256

+

cve_num

+

Integer

+

Vulnerability CVEs

+

Minimum: 0

+

Maximum: 10000

+

cve_id_list

+

Array of strings

+

The CVE ID list corresponding to the vulnerability

+

Minimum: 1

+

Maximum: 64

+

Array Length: 1 - 10000

+

status

+

String

+

Vulnerability status.

+

  • vul_status_unfix: not fixed

    +

  • vul_status_ignored: ignored

    +

  • vul_status_verified: verification in progress

    +

  • vul_status_fixing: The fix is in progress.

    +

  • vul_status_fixed: The fix succeeded.

    +

  • vul_status_reboot : The issue is fixed and waiting for restart.

    +

  • vul_status_failed: The issue failed to be fixed.

    +

  • vul_status_fix_after_reboot: Restart the server and try again.

    +
+

repair_cmd

+

String

+

Command line to be executed to fix the vulnerability (This field is available only for Linux vulnerabilities.)

+

Minimum: 1

+

Maximum: 256

+
+
+
+

Example Requests

Query the first 10 records in the list of servers with EulerOS-SA-2021-1894 vulnerability.

+
GET https://{endpoint}/v5/2b31ed520xxxxxxebedb6e57xxxxxxxx/vulnerability/hosts?vul_id=EulerOS-SA-2021-1894&offset=0&limit=10
+
+

Example Responses

Status code: 200

+

Vul host info list

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "host_id" : "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
+    "severity_level" : "Low",
+    "host_name" : "ecs",
+    "host_ip" : "xxx.xxx.xxx.xxx",
+    "cve_num" : 1,
+    "cve_id_list" : [ "CVE-2022-1664" ],
+    "status" : "vul_status_ignored",
+    "repair_cmd" : "zypper update update-alternatives"
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Vul host info list

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Vulnerability Management
+
+
+ diff --git a/docs/hss/api-ref/ListVulnerabilities.html b/docs/hss/api-ref/ListVulnerabilities.html new file mode 100644 index 00000000..cfb2ba87 --- /dev/null +++ b/docs/hss/api-ref/ListVulnerabilities.html @@ -0,0 +1,401 @@ + + +

Querying the Vulnerability List

+

Function

This API is used to query the list of detected vulnerabilities.

+
+

URI

GET /v5/{project_id}/vulnerability/vulnerabilities

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 256

+

type

+

No

+

String

+

Vulnerability type. Its value can be: -linux_vul -windows_vul -web_cms

+

Minimum: 0

+

Maximum: 32

+

vul_id

+

No

+

String

+

Vulnerability ID

+

Minimum: 0

+

Maximum: 256

+

vul_name

+

No

+

String

+

Vulnerability name

+

Minimum: 0

+

Maximum: 256

+

limit

+

No

+

Integer

+

Number of records displayed on each page

+

Minimum: 0

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Long

+

Total number of vulnerabilities

+

Minimum: 0

+

Maximum: 2147483647

+

data_list

+

Array of VulInfo objects

+

Software vulnerability list

+

Array Length: 0 - 2147483647

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 VulInfo

Parameter

+

Type

+

Description

+

vul_name

+

String

+

Vulnerability name

+

Minimum: 0

+

Maximum: 256

+

vul_id

+

String

+

Vulnerability ID

+

Minimum: 0

+

Maximum: 64

+

label_list

+

Array of strings

+

Vulnerability tag

+

Minimum: 0

+

Maximum: 65534

+

Array Length: 0 - 2147483647

+

repair_necessity

+

String

+

Repair necessity

+

  • Critical: The CVSS score of the vulnerability is greater than or equal to 9, corresponding to the high risk level on the console.

    +

  • High: The CVSS score of the vulnerability is greater than or equal to 7 and less than 9, corresponding to the medium risk level on the console.

    +

  • Medium: The CVSS score of the vulnerability is greater than or equal to 4 and less than 7, corresponding to the medium risk level on the console.

    +

  • Low: The CVSS score of the vulnerability is less than 4, corresponding to the low risk level on the console.

    +
+

severity_level

+

String

+

Severity

+

  • Critical: The CVSS score of the vulnerability is greater than or equal to 9, corresponding to the high risk level on the console.

    +

  • High: The CVSS score of the vulnerability is greater than or equal to 7 and less than 9, corresponding to the medium risk level on the console.

    +

  • Medium: The CVSS score of the vulnerability is greater than or equal to 4 and less than 7, corresponding to the medium risk level on the console.

    +

  • Low: The CVSS score of the vulnerability is less than 4, corresponding to the low risk level on the console.

    +
+

host_num

+

Integer

+

Number of affected servers

+

Minimum: 0

+

Maximum: 2147483647

+

unhandle_host_num

+

Integer

+

Number of unprocessed servers, excluding ignored and fixed servers.

+

Minimum: 0

+

Maximum: 2147483647

+

scan_time

+

Long

+

Last scanned, in ms.

+

Minimum: 0

+

Maximum: 9223372036854775807

+

solution_detail

+

String

+

Vulnerability fixing guide

+

Minimum: 0

+

Maximum: 65534

+

url

+

String

+

Vulnerability URL

+

Minimum: 0

+

Maximum: 2083

+

description

+

String

+

Vulnerability description

+

Minimum: 0

+

Maximum: 65534

+

type

+

String

+

Vulnerability type. Its value can be:-linux_vul -windows_vul -web_cms

+

host_id_list

+

Array of strings

+

List of servers that can handle the vulnerability

+

Minimum: 0

+

Maximum: 128

+

Array Length: 0 - 2147483647

+

hosts_num

+

VulnerabilityHostNumberInfo object

+

Number of affected servers

+
+
+ +
+ + + + + + + + + + + + + + + + + +
Table 6 VulnerabilityHostNumberInfo

Parameter

+

Type

+

Description

+

important

+

Integer

+

Number of important servers

+

Minimum: 0

+

Maximum: 10000

+

common

+

Integer

+

Number of common servers

+

Minimum: 0

+

Maximum: 10000

+

test

+

Integer

+

Number of test servers

+

Minimum: 0

+

Maximum: 10000

+
+
+
+

Example Requests

Query the first 10 records in the vulnerability list whose project_id is 2b31ed520xxxxxxebedb6e57xxxxxxxx.

+
GET https://{endpoint}/v5/2b31ed520xxxxxxebedb6e57xxxxxxxx/vulnerability/vulnerabilities?offset=0&limit=10
+
+

Example Responses

Status code: 200

+

vulnerability list

+
{
+  "total_num" : 1,
+  "data_list" : [ {
+    "description" : "It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, or possibly execute arbitrary code.",
+    "host_id_list" : [ "caa958ad-a481-4d46-b51e-6861b8864515" ],
+    "host_num" : 1,
+    "scan_time" : 1661752185836,
+    "severity_level" : "Critical",
+    "repair_necessity" : "Critical",
+    "solution_detail" : "To upgrade the affected software",
+    "type" : "linux_vul",
+    "unhandle_host_num" : 0,
+    "url" : "https://ubuntu.com/security/CVE-2022-27405",
+    "vul_id" : "USN-5528-1",
+    "vul_name" : "USN-5528-1: FreeType vulnerabilities"
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

vulnerability list

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Vulnerability Management
+
+
+ diff --git a/docs/hss/api-ref/ListWeakPasswordUsers.html b/docs/hss/api-ref/ListWeakPasswordUsers.html new file mode 100644 index 00000000..b0047968 --- /dev/null +++ b/docs/hss/api-ref/ListWeakPasswordUsers.html @@ -0,0 +1,324 @@ + + +

Querying the Weak Password Detection Result List

+

Function

This API is used to query the list of weak password detection results.

+
+

URI

GET /v5/{project_id}/baseline/weak-password-users

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 20

+

Maximum: 64

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 64

+

host_name

+

No

+

String

+

Server name

+

Minimum: 0

+

Maximum: 256

+

host_ip

+

No

+

String

+

Server IP address

+

Minimum: 0

+

Maximum: 256

+

user_name

+

No

+

String

+

Name of the account using a weak password

+

Minimum: 0

+

Maximum: 32

+

host_id

+

No

+

String

+

Host ID. If this parameter is not specified, all hosts of a user are queried.

+

Minimum: 0

+

Maximum: 64

+

limit

+

No

+

Integer

+

Number of records displayed on each page.

+

Minimum: 0

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 2097152

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

total_num

+

Long

+

Total number of weak passwords

+

Minimum: 0

+

Maximum: 2147483647

+

data_list

+

Array of WeakPwdListInfoResponseInfo objects

+

Weak password list

+

Array Length: 0 - 2147483647

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + +
Table 5 WeakPwdListInfoResponseInfo

Parameter

+

Type

+

Description

+

host_id

+

String

+

Host ID

+

Minimum: 0

+

Maximum: 64

+

host_name

+

String

+

Server name

+

Minimum: 0

+

Maximum: 256

+

host_ip

+

String

+

Server IP address (private IP address)

+

Minimum: 0

+

Maximum: 256

+

weak_pwd_accounts

+

Array of WeakPwdAccountInfoResponseInfo objects

+

List of accounts with weak passwords

+

Array Length: 0 - 2147483647

+
+
+ +
+ + + + + + + + + + + + + + + + + +
Table 6 WeakPwdAccountInfoResponseInfo

Parameter

+

Type

+

Description

+

user_name

+

String

+

Name of accounts with weak passwords

+

Minimum: 0

+

Maximum: 32

+

service_type

+

String

+

Account type. The options are as follows:

+

  • system

    +

  • mysql

    +

  • redis

    +
+

duration

+

Integer

+

Validity period of a weak password, in days.

+

Minimum: 0

+

Maximum: 2147483647

+
+
+
+

Example Requests

Query the weak password of servers whose enterprise project ID is xxx. Data on the first page (the first 10 records) is returned by default.

+
GET https://{endpoint}/v5/{project_id}/baseline/weak-password-users?enterprise_project_id=xxx
+
+

Example Responses

Status code: 200

+

weak password check result

+
{
+  "total_num" : 2,
+  "data_list" : [ {
+    "host_id" : "caa958adxxxxxxa481",
+    "host_name" : "ubuntu1",
+    "host_ip" : "192.168.0.8",
+    "weak_pwd_accounts" : [ {
+      "user_name" : "localhost1",
+      "service_type" : "system",
+      "duration" : 2147483647
+    } ]
+  }, {
+    "host_id" : "caa958adxxxxxxa482",
+    "host_name" : "ubuntu2",
+    "host_ip" : "192.168.0.9",
+    "weak_pwd_accounts" : [ {
+      "user_name" : "localhost2",
+      "service_type" : "system",
+      "duration" : 2147483647
+    } ]
+  } ]
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

weak password check result

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Baseline Management
+
+
+ diff --git a/docs/hss/api-ref/PARAMETERS.txt b/docs/hss/api-ref/PARAMETERS.txt new file mode 100644 index 00000000..6da8d5f0 --- /dev/null +++ b/docs/hss/api-ref/PARAMETERS.txt @@ -0,0 +1,3 @@ +version="" +language="en-us" +type="" \ No newline at end of file diff --git a/docs/hss/api-ref/SetRaspSwitch.html b/docs/hss/api-ref/SetRaspSwitch.html new file mode 100644 index 00000000..e5af8496 --- /dev/null +++ b/docs/hss/api-ref/SetRaspSwitch.html @@ -0,0 +1,167 @@ + + +

Enabling or Disabling Dynamic WTP

+

Function

This API is used to enable or disable dynamic WTP.

+
+

URI

POST /v5/{project_id}/webtamper/rasp/status

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 0

+

Maximum: 64

+
+
+ +
+ + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 64

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+

Content-Type

+

No

+

String

+

Default value: application/json; charset=utf-8

+

Minimum: 0

+

Maximum: 128

+
+
+ +
+ + + + + + + + + + + + + + + + +
Table 4 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

host_id_list

+

No

+

Array of strings

+

HostId list

+

Minimum: 0

+

Maximum: 128

+

Array Length: 0 - 20000

+

status

+

No

+

Boolean

+

Dynamic WTP status

+
+
+
+

Response Parameters

None

+
+

Example Requests

Enable dynamic WTP for servers a and b.

+
POST https://{endpoint}/v5/{project_id}/webtamper/rasp/status
+
+{
+  "host_id_list" : [ "a", "b" ],
+  "status" : true
+}
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

successful response

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Web Tamper Protection
+
+
+ diff --git a/docs/hss/api-ref/SetWtpProtectionStatusInfo.html b/docs/hss/api-ref/SetWtpProtectionStatusInfo.html new file mode 100644 index 00000000..64d22620 --- /dev/null +++ b/docs/hss/api-ref/SetWtpProtectionStatusInfo.html @@ -0,0 +1,180 @@ + + +

Enabling or Disabling WTP

+

Function

This API is used to enable or disable WTP.

+
+

URI

POST /v5/{project_id}/webtamper/static/status

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 0

+

Maximum: 64

+
+
+ +
+ + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 64

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+

Content-Type

+

No

+

String

+

Default value: application/json; charset=utf-8

+

Minimum: 0

+

Maximum: 128

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + +
Table 4 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

status

+

Yes

+

Boolean

+

Whether to enable the function. true: The function is enabled. false: The function is disabled.

+

host_id_list

+

Yes

+

Array of strings

+

The value in the array is server ID and the server ID cannot be empty.

+

Minimum: 0

+

Maximum: 128

+

Array Length: 1 - 20000

+

resource_id

+

No

+

String

+

Resource ID

+

Minimum: 0

+

Maximum: 64

+
+
+
+

Response Parameters

None

+
+

Example Requests

Enable WTP, set the target server IDs to a and b, and pay for the yearly/monthly billing mode.

+
POST https://{endpoint}/v5/{project_id}/webtamper/static/status
+
+{
+  "status" : true,
+  "host_id_list" : [ "a", "b" ],
+  "resource_id" : "aaxxx",
+  "charging_mode" : "on_demand"
+}
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

successful response

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Web Tamper Protection
+
+
+ diff --git a/docs/hss/api-ref/ShowAssetStatistic.html b/docs/hss/api-ref/ShowAssetStatistic.html new file mode 100644 index 00000000..b1106419 --- /dev/null +++ b/docs/hss/api-ref/ShowAssetStatistic.html @@ -0,0 +1,274 @@ + + +

Collecting Asset Statistics, Including Accounts, Ports, and Processes

+

Function

This API is used to collect statistics on assets, such as accounts, ports, and processes.

+
+

URI

GET /v5/{project_id}/asset/statistics

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 128

+

host_id

+

No

+

String

+

Host ID

+

Minimum: 1

+

Maximum: 128

+

category

+

No

+

String

+

Type. The default value is host. The options are as follows:

+

  • host

    +

  • container

    +
+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 4096

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

account_num

+

Long

+

Number of server accounts

+

Minimum: 0

+

Maximum: 2147483647

+

port_num

+

Long

+

Number of open ports

+

Minimum: 0

+

Maximum: 2147483647

+

process_num

+

Long

+

Number of processes

+

Minimum: 0

+

Maximum: 2147483647

+

app_num

+

Long

+

Pieces of software

+

Minimum: 0

+

Maximum: 2147483647

+

auto_launch_num

+

Long

+

Number of auto-startup processes

+

Minimum: 0

+

Maximum: 2147483647

+

web_framework_num

+

Long

+

Number of web frameworks

+

Minimum: 0

+

Maximum: 2147483647

+

web_site_num

+

Long

+

Number of websites

+

Minimum: 0

+

Maximum: 2147483647

+

jar_package_num

+

Long

+

Number of JAR packages

+

Minimum: 0

+

Maximum: 2147483647

+

kernel_module_num

+

Long

+

Number of kernel modules

+

Minimum: 0

+

Maximum: 2147483647

+

web_service_num

+

Long

+

Number of web services

+

Minimum: 0

+

Maximum: 2147483647

+

web_app_num

+

Long

+

Number of web applications

+

Minimum: 0

+

Maximum: 2147483647

+

database_num

+

Long

+

Number of databases

+

Minimum: 0

+

Maximum: 2147483647

+
+
+
+

Example Requests

This API is used to query the fingerprint information, accounts, ports, and processes of a server.

+
GET https://{endpoint}/v5/{project_id}/asset/statistics?category=host
+
+

Example Responses

Status code: 200

+

Asset statistic info

+
{
+  "account_num" : 5,
+  "port_num" : 5,
+  "process_num" : 5,
+  "app_num" : 5,
+  "auto_launch_num" : 5,
+  "web_framework_num" : 5,
+  "web_site_num" : 5,
+  "jar_package_num" : 5,
+  "kernel_module_num" : 5,
+  "database_num" : 1,
+  "web_app_num" : 8,
+  "web_service_num" : 2
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Asset statistic info

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Asset Management
+
+
+ diff --git a/docs/hss/api-ref/ShowCheckRuleDetail.html b/docs/hss/api-ref/ShowCheckRuleDetail.html new file mode 100644 index 00000000..0508fc3a --- /dev/null +++ b/docs/hss/api-ref/ShowCheckRuleDetail.html @@ -0,0 +1,271 @@ + + +

Querying the Report of a Check Item in a Security Configuration Check

+

Function

This API is used to query the report of a check item in a security configuration check.

+
+

URI

GET /v5/{project_id}/baseline/check-rule/detail

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 20

+

Maximum: 64

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 64

+

check_name

+

Yes

+

String

+

Name of the configuration check (baseline), for example, SSH, CentOS 7, and Windows.

+

Minimum: 0

+

Maximum: 255

+

check_type

+

Yes

+

String

+

Baseline type. You can obtain the value by calling API /v5/{project_id}/baseline/risk-configs. Note that the values for check_type and check_name are the same for Linux servers. For example, they can both be set to SSH or CentOS 7. For Windows servers, the values for check_type and check_name are different. For example, check_type can be set to Windows Server 2019 R2 or Windows Server 2016 R2, while check_name can be set to Windows.

+

Minimum: 0

+

Maximum: 255

+

check_rule_id

+

Yes

+

String

+

Check item ID, which can be obtained from the return data of this API: /v5/{project_id}/baseline/risk-config/{check_name}/check-rules

+

Minimum: 0

+

Maximum: 255

+

standard

+

Yes

+

String

+

hw_standard: Cloud security practice standard

+

host_id

+

No

+

String

+

Host ID

+

Minimum: 0

+

Maximum: 64

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 2097152

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

description

+

String

+

Description of the current check item (detection rule).

+

Minimum: 0

+

Maximum: 2048

+

reference

+

String

+

Basis for the check item (rule) setting

+

Minimum: 0

+

Maximum: 255

+

audit

+

String

+

Audit description of the check item (rule)

+

Minimum: 0

+

Maximum: 65534

+

remediation

+

String

+

Modification suggestions for the check item (rule)

+

Minimum: 0

+

Maximum: 65534

+

check_info_list

+

Array of CheckRuleCheckCaseResponseInfo objects

+

Test cases

+

Array Length: 0 - 2147483647

+
+
+ +
+ + + + + + + + + + + + + + + + + +
Table 5 CheckRuleCheckCaseResponseInfo

Parameter

+

Type

+

Description

+

check_description

+

String

+

Test case description

+

Minimum: 0

+

Maximum: 65534

+

current_value

+

String

+

Current result

+

Minimum: 0

+

Maximum: 65534

+

suggest_value

+

String

+

Expected result

+

Minimum: 0

+

Maximum: 65534

+
+
+
+

Example Requests

This API is used to query the report of the configuration check items whose baseline name is SSH, check item ID is 1.12, check standard is cloud security practice standard, and enterprise project ID is xxx.

+
GET https://{endpoint}/v5/{project_id}/baseline/check-rule/detail?standard=hw_standard&enterprise_project_id=xxx&check_name=SSH&check_type=SSH&check_rule_id=1.12
+
+

Example Responses

Status code: 200

+

configuration item check report

+
{
+  "audit" : "Run the following commands and verify that ClientAliveInterval is smaller than 300 and ClientAliveCountMax is 3 or less: \n#grep '^ClientAliveInterval' /etc/ssh/sshd_config\nClientAliveInterval 300(default is 0) \n#grep '^ClientAliveCountMax' /etc/ssh/sshd_config\nClientAliveCountMax 0(default is 3)",
+  "description" : "The two options ClientAliveInterval and ClientAliveCountMax control the timeout of SSH sessions. The ClientAliveInterval parameter sets a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The ClientAliveCountMax parameter sets the number of client alive messages which may be sent without sshd receiving any messages back from the client. For example, if the ClientAliveInterval is set to 15s and the ClientAliveCountMax is set to 3, unresponsive SSH clients will be disconnected after approximately 45s.",
+  "reference" : "",
+  "remediation" : "Edit the /etc/ssh/sshd_config file to set the parameter as follows: \nClientAliveInterval 300 \nClientAliveCountMax 0"
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

configuration item check report

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Baseline Management
+
+
+ diff --git a/docs/hss/api-ref/ShowRiskConfigDetail.html b/docs/hss/api-ref/ShowRiskConfigDetail.html new file mode 100644 index 00000000..bfbe855b --- /dev/null +++ b/docs/hss/api-ref/ShowRiskConfigDetail.html @@ -0,0 +1,267 @@ + + +

Querying the Check Result of a Security Configuration Item

+

Function

This API is used to query the check result of a specified security configuration item.

+
+

URI

GET /v5/{project_id}/baseline/risk-config/{check_name}/detail

+ +
+ + + + + + + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 20

+

Maximum: 64

+

check_name

+

Yes

+

String

+

Name of the configuration check (baseline), for example, SSH, CentOS 7, and Windows.

+

Minimum: 0

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 0

+

Maximum: 64

+

standard

+

Yes

+

String

+

hw_standard: Cloud security practice standard

+

host_id

+

No

+

String

+

Server ID. If this parameter is not specified, all the servers of the user are queried.

+

Minimum: 0

+

Maximum: 64

+

limit

+

No

+

Integer

+

Number of records displayed on each page.

+

Minimum: 0

+

Maximum: 200

+

Default: 10

+

offset

+

No

+

Integer

+

Offset, which specifies the start position of the record to be returned.

+

Minimum: 0

+

Maximum: 2000000

+

Default: 0

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 32

+

Maximum: 2097152

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

severity

+

String

+

Risk level. Its value can be:

+

  • Low

    +

  • Medium

    +

  • High

    +
+

check_type

+

String

+

Configuration check (baseline) type, for example, SSH, CentOS 7, Windows Server 2019 R2, Windows Server 2016 R2 and MySQL5-Windows.

+

Minimum: 0

+

Maximum: 256

+

check_type_desc

+

String

+

Description of the baseline type, including the standards for the check items and the issues that can be audited.

+

Minimum: 0

+

Maximum: 65534

+

check_rule_num

+

Integer

+

Indicates the total number of check items of the current configuration check (baseline) type. For example, if the standard type of the SSH baseline is hw_standard, server security provides 17 check items, but only five check items of the SSH baseline are detected on all servers. Therefore, the value of check_rule_num is 5. All check items are checked on a server. The value of check_rule_num is 17.

+

Minimum: 0

+

Maximum: 2147483647

+

failed_rule_num

+

Integer

+

Number of failed check items. If a server fails to pass a check item in check_rule_num, the item is counted in failed_rule_num.

+

Minimum: 0

+

Maximum: 2147483647

+

passed_rule_num

+

Integer

+

Number of passed check items. If a server passes a check item in check_rule_num, the check item is counted in passed_rule_num.

+

Minimum: 0

+

Maximum: 2147483647

+

ignored_rule_num

+

Integer

+

Number of ignored check items. If a server ignores a check item in check_rule_num, the check item is counted in ignored_rule_num.

+

Minimum: 0

+

Maximum: 2147483647

+

host_num

+

Long

+

The number of servers on which the current baseline detection is performed.

+

Minimum: 0

+

Maximum: 2147483647

+
+
+
+

Example Requests

This API is used to query the configuration check list whose baseline name is SSH, check standard is cloud security practice standard, and enterprise project ID is xxx.

+
GET https://{endpoint}/v5/{project_id}/baseline/risk-config/SSH/detail?standard=hw_standard&enterprise_project_id=xxx
+
+

Example Responses

Status code: 200

+

security configuration item check result

+
{
+  "check_rule_num" : 17,
+  "check_type_desc" : "This policy checks the basic security configuration items of the SSH service to improve the security of the SSH service.",
+  "failed_rule_num" : 15,
+  "host_num" : 2,
+  "ignored_rule_num" : 1,
+  "passed_rule_num" : 14,
+  "severity" : "Medium"
+}
+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

security configuration item check result

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Baseline Management
+
+
+ diff --git a/docs/hss/api-ref/StopProtection.html b/docs/hss/api-ref/StopProtection.html new file mode 100644 index 00000000..5dc4f616 --- /dev/null +++ b/docs/hss/api-ref/StopProtection.html @@ -0,0 +1,171 @@ + + +

Disabling Ransomware Prevention

+

Function

This API is used to disable ransomware prevention.

+
+

URI

POST /v5/{project_id}/ransomware/protection/close

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + +
Table 4 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

host_id_list

+

Yes

+

Array of strings

+

IDs of servers where ransomware protection needs to be disabled

+

Minimum: 0

+

Maximum: 64

+

Array Length: 0 - 20

+

agent_id_list

+

Yes

+

Array of strings

+

IDs of agents where ransomware prevention needs to be disabled

+

Minimum: 0

+

Maximum: 64

+

Array Length: 0 - 20

+

close_protection_type

+

Yes

+

String

+

Type of disabled protection. The options are as follows:

+

  • close_anti: Disable ransomware protection. Currently, backup protection cannot be disabled. Go to the CBR service to unbind a vault.

    +
+
+
+
+

Response Parameters

None

+
+

Example Requests

Disable ransomware protection for the server. The target server ID is 71a15ecc-049f-4cca-bd28-5e90aca1817f, and the agent ID of the target server is c9bed5397db449ebdfba15e85fcfc36accee954daf5cab0528bab59bd8.

+
POST https://{endpoint}/v5/{project_id}/ransomware/protection/close
+
+{
+  "close_protection_type" : "close_anti",
+  "host_id_list" : [ "71a15ecc-049f-4cca-bd28-5e90aca1817f" ],
+  "agent_id_list" : [ "c9bed5397db449ebdfba15e85fcfc36accee954daf5cab0528bab59bd8" ]
+}
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Ransomware protection disabled.

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Ransomware Prevention
+
+
+ diff --git a/docs/hss/api-ref/SwitchHostsProtectStatus.html b/docs/hss/api-ref/SwitchHostsProtectStatus.html new file mode 100644 index 00000000..da539f1c --- /dev/null +++ b/docs/hss/api-ref/SwitchHostsProtectStatus.html @@ -0,0 +1,230 @@ + + +

Changing the Protection Status

+

Function

This API is used to change the protection status.

+
+

URI

POST /v5/{project_id}/host-management/protection

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 4 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

version

+

No

+

String

+

HSS edition. Its value can be:

+

  • hss.version.null: protection disabled

    +

  • hss.version.enterprise: enterprise edition

    +

  • hss.version.premium: premium edition

    +
+

charging_mode

+

No

+

String

+

on_demand: pay-per-use

+

resource_id

+

No

+

String

+

Instance ID

+

Minimum: 1

+

Maximum: 128

+

host_id_list

+

No

+

Array of strings

+

Server list

+

Minimum: 1

+

Maximum: 128

+

Array Length: 0 - 2097152

+

tags

+

No

+

Array of TagInfo objects

+

Resource tag

+

Array Length: 0 - 2097152

+
+
+ +
+ + + + + + + + + + + + + + + + +
Table 5 TagInfo

Parameter

+

Mandatory

+

Type

+

Description

+

key

+

No

+

String

+

Key. It can contain up to 128 Unicode characters. The key cannot be left blank.

+

Minimum: 1

+

Maximum: 128

+

value

+

No

+

String

+

Value. Each tag value can contain a maximum of 255 Unicode characters.

+

Minimum: 1

+

Maximum: 255

+
+
+
+

Response Parameters

None

+
+

Example Requests

Switch the protection edition of the server whose ID is 71a15ecc-049f-4cca-bd28-5e90aca1817f to the enterprise edition.

+
{
+  "version" : "hss.version.enterprise",
+  "charging_mode" : "on_demand",
+  "resource_id" : "af4d08ad-2b60-4916-a5cf-8d6a23956dda",
+  "host_id_list" : [ "71a15ecc-049f-4cca-bd28-5e90aca1817f" ],
+  "tags" : [ {
+    "key" : "Service",
+    "value" : "hss"
+  } ]
+}
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

successful response

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Server Management
+
+
+ diff --git a/docs/hss/api-ref/UpdateBackupPolicyInfo.html b/docs/hss/api-ref/UpdateBackupPolicyInfo.html new file mode 100644 index 00000000..8b751c4d --- /dev/null +++ b/docs/hss/api-ref/UpdateBackupPolicyInfo.html @@ -0,0 +1,327 @@ + + +

Modifying the Backup Policy Bound to HSS Protection Vault

+

Function

This API is used to modify the backup policy associated with the vault

+
+

URI

PUT /v5/{project_id}/backup/policy

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 4 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enabled

+

No

+

Boolean

+

Whether the policy is enabled. The default value is true.

+

policy_id

+

Yes

+

String

+

Backup policy ID

+

Minimum: 1

+

Maximum: 256

+

operation_definition

+

No

+

OperationDefinitionRequestInfo object

+

Scheduling parameter.

+

trigger

+

No

+

BackupTriggerRequestInfo object

+

Time scheduling rule for the policy

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 OperationDefinitionRequestInfo

Parameter

+

Mandatory

+

Type

+

Description

+

day_backups

+

No

+

Integer

+

Maximum number of retained daily backups. The latest backup of each day is saved in the long term. This parameter is not affected by the maximum number of retained backup. The value ranges from 0 to 100. If this parameter is specified, timezone must be configured. Minimum value: 0. Maximum value: 100

+

Minimum: 0

+

Maximum: 100

+

max_backups

+

No

+

Integer

+

Maximum number of automated backups that can be retained for an object. The value can be -1 or ranges from 0 to 99999. If the value is set to -1, the backups will not be cleared even though the configured retained backup quantity limit is exceeded. If this parameter and retention_duration_days are left blank at the same time, the backups will be retained permanently. Minimum value: 1. Maximum value: 99999. Default value: -1

+

Minimum: -1

+

Maximum: 99999

+

month_backups

+

No

+

Integer

+

Maximum number of retained monthly backups. The latest backup of each month is saved in the long term. This parameter is not affected by the maximum number of retained backup. The value ranges from 0 to 100. If this parameter is specified, timezone must be configured. Minimum value: 0. Maximum value: 100

+

Minimum: 0

+

Maximum: 100

+

retention_duration_days

+

No

+

Integer

+

Duration of retaining a backup, in days. The maximum value is 99999. If the value is set to -1, backups will not be cleared even though the configured retention duration is exceeded. If this parameter and max_backups are left blank at the same time, the backups will be retained permanently. Minimum value: 1. Maximum value: 99999. Default value: -1

+

Minimum: -1

+

Maximum: 99999

+

timezone

+

No

+

String

+

Time zone where the user is located, for example, UTC+08:00. Set this parameter only after you have configured any of the parameters day_backups, week_backups, month_backups, and year_backups.

+

Minimum: 0

+

Maximum: 256

+

week_backups

+

No

+

Integer

+

Maximum number of retained weekly backups. The latest backup of each week is saved in the long term. This parameter can be effective together with the maximum number of retained backups specified by max_backups. The value ranges from 0 to 100. If this parameter is specified, timezone must be configured.

+

Minimum: 0

+

Maximum: 100

+

year_backups

+

No

+

Integer

+

Maximum number of retained yearly backups. The latest backup of each year is saved in the long term. This parameter can be effective together with the maximum number of retained backups specified by max_backups. The value ranges from 0 to 100. If this parameter is specified, timezone must be configured. Minimum value: 0. Maximum value: 100

+

Minimum: 0

+

Maximum: 100

+
+
+ +
+ + + + + + + + + + + +
Table 6 BackupTriggerRequestInfo

Parameter

+

Mandatory

+

Type

+

Description

+

properties

+

Yes

+

BackupTriggerPropertiesRequestInfo object

+

Time rule for the policy execution.

+
+
+ +
+ + + + + + + + + + + +
Table 7 BackupTriggerPropertiesRequestInfo

Parameter

+

Mandatory

+

Type

+

Description

+

pattern

+

Yes

+

Array of strings

+

Scheduling rule A maximum of 24 rules can be configured. The scheduling rule complies with iCalendar RFC 2445, but it supports only parameters FREQ, BYDAY, BYHOUR, BYMINUTE, and INTERVAL. FREQ can be set only to WEEKLY or DAILY. BYDAY can be set to MO, TU, WE, TH, FR, SA, or SU (seven days of a week). BYHOUR ranges from 0 to 23 hours. BYMINUTE ranges from 0 minutes to 59 minutes. The scheduling interval must not be less than 1 hour. A maximum of 24 time points are allowed in a day. For example, if the scheduling time is 14:00 from Monday to Sunday, set the scheduling rule as follows: FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR,SA,SU;BYHOUR=14;BYMINUTE=00. To start scheduling at 14:00 every day, the rule is as follows: FREQ=DAILY;INTERVAL=1;BYHOUR=14;BYMINUTE=00'.

+

Minimum: 1

+

Maximum: 256

+

Array Length: 0 - 24

+
+
+
+

Response Parameters

None

+
+

Example Requests

Modify the backup policy. The target backup policy ID is af4d08ad-2b60-4916-a5cf-8d6a23956dda.

+
PUT https://{endpoint}/v5/{project_id}/backup/policy
+
+{
+  "enabled" : true,
+  "policy_id" : "af4d08ad-2b60-4916-a5cf-8d6a23956dda",
+  "operation_definition" : {
+    "day_backups" : 0,
+    "max_backups" : -1,
+    "month_backups" : 0,
+    "retention_duration_days" : 5,
+    "timezone" : "UTC+08:00",
+    "week_backups" : 0,
+    "year_backups" : 0
+  },
+  "trigger" : {
+    "properties" : {
+      "pattern" : [ "FREQ=DAILY;INTERVAL=2;BYHOUR=14;BYMINUTE=00" ]
+    }
+  }
+}
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

Modify a backup policy.

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Ransomware Prevention
+
+
+ diff --git a/docs/hss/api-ref/UpdateProtectionPolicy.html b/docs/hss/api-ref/UpdateProtectionPolicy.html new file mode 100644 index 00000000..3874659e --- /dev/null +++ b/docs/hss/api-ref/UpdateProtectionPolicy.html @@ -0,0 +1,257 @@ + + +

Modifying Ransomware Protection Policies

+

Function

This API is used to modify ransomware protection policies.

+
+

URI

PUT /v5/{project_id}/ransomware/protection/policy

+ +
+ + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID

+

Minimum: 1

+

Maximum: 256

+
+
+ +
+ + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

+

Default: 0

+

Minimum: 1

+

Maximum: 256

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token.

+

Minimum: 1

+

Maximum: 32768

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 4 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

policy_id

+

Yes

+

String

+

Policy ID

+

Minimum: 0

+

Maximum: 128

+

policy_name

+

Yes

+

String

+

Policy name

+

Minimum: 0

+

Maximum: 128

+

protection_mode

+

Yes

+

String

+

Action. Its value can be:

+

  • alarm_and_isolation: Report an alarm and isolate.

    +

  • alarm_only: Only report alarms.

    +
+

bait_protection_status

+

Yes

+

String

+

Whether to enable honeypot protection. By default, the protection is enabled. Its value can be:

+

  • opened

    +

  • closed

    +
+

protection_directory

+

Yes

+

String

+

Protected directory. Separate multiple directories with semicolons (;). You can configure up to 20 directories.

+

Minimum: 1

+

Maximum: 128

+

protection_type

+

Yes

+

String

+

Protected file type, for example, .docx, .txt, and .avi.

+

Minimum: 1

+

Maximum: 128

+

exclude_directory

+

No

+

String

+

(Optional) Excluded directory. Separate multiple directories with semicolons (;). You can configure up to 20 directories.

+

Minimum: 1

+

Maximum: 128

+

agent_id_list

+

No

+

Array of strings

+

Specifies the IDs of agents for which the ransomware protection policy is enabled.

+

Minimum: 1

+

Maximum: 128

+

Array Length: 0 - 10000

+

operating_system

+

Yes

+

String

+

OSs supported by the policy. The options are as follows:

+

  • Windows

    +

  • Linux

    +
+

runtime_detection_status

+

No

+

String

+

Whether to perform runtime checks. The options are as follows. Currently, it can only be disabled. This field is reserved.

+

  • opened

    +

  • closed

    +
+
+
+
+

Response Parameters

None

+
+

Example Requests

Modify the ransomware protection policy. Set the OS type to Linux, protection policy ID to 0253edfd-30e7-439d-8f3f-17c54c997064, and protection action to alert only.

+
PUT https://{endpoint}/v5/{project_id}/ransomware/protection/policy
+
+{
+  "bait_protection_status" : "opened",
+  "exclude_directory" : "",
+  "operating_system" : "Linux",
+  "policy_id" : "0253edfd-30e7-439d-8f3f-17c54c997064",
+  "policy_name" : "aaa",
+  "protection_mode" : "alarm_only",
+  "protection_directory" : "/root",
+  "runtime_detection_status" : "closed",
+  "agent_id_list" : [ "" ]
+}
+
+

Example Responses

None

+
+

Status Codes

+
+ + + + + + + +

Status Code

+

Description

+

200

+

success

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Ransomware Prevention
+
+
+ diff --git a/docs/hss/api-ref/hss_02_0001.html b/docs/hss/api-ref/hss_02_0001.html new file mode 100644 index 00000000..5119a7c3 --- /dev/null +++ b/docs/hss/api-ref/hss_02_0001.html @@ -0,0 +1,9 @@ + + +

API Usage Guidelines

+

Public cloud APIs comply with the RESTful API design principles. REST-based Web services are organized into resources. Each resource is identified by one or more Uniform Resource Identifiers (URIs). An application accesses a resource based on the resource's Unified Resource Locator (URL). A URL is usually in the following format: https://Endpoint/uri. In the URL, uri indicates the resource path, that is, the API access path.

+

Public cloud APIs use HTTPS as the transmission protocol. Requests/Responses are transmitted by using JSON messages, with media type represented by Application/json.

+

For details about how to use APIs, see API Usage Guidelines.

+

An endpoint is the request address for calling an API. Endpoints vary depending on services and regions. For the endpoints of all services, see Regions and Endpoints.

+
+ diff --git a/docs/hss/api-ref/hss_02_0011.html b/docs/hss/api-ref/hss_02_0011.html new file mode 100644 index 00000000..7d61e7ed --- /dev/null +++ b/docs/hss/api-ref/hss_02_0011.html @@ -0,0 +1,29 @@ + + +

API Description

+
+
+ +
+ diff --git a/docs/hss/api-ref/hss_02_0015.html b/docs/hss/api-ref/hss_02_0015.html new file mode 100644 index 00000000..ca997194 --- /dev/null +++ b/docs/hss/api-ref/hss_02_0015.html @@ -0,0 +1,13 @@ + + +

Appendixes

+
+
+ +
+ diff --git a/docs/hss/api-ref/hss_02_0016.html b/docs/hss/api-ref/hss_02_0016.html new file mode 100644 index 00000000..45a6c593 --- /dev/null +++ b/docs/hss/api-ref/hss_02_0016.html @@ -0,0 +1,43 @@ + + +

Status Codes

+
+
+ + + + + + + + + + + + + + + + + +

Status Code

+

Status

+

Description

+

200

+

OK

+

Request processing succeeded.

+

400

+

Bad Request

+

Invalid request parameters.

+

500

+

Internal Server Error

+

Internal service error.

+
+
+
+
+
+
Parent topic: Appendixes
+
+
+ diff --git a/docs/hss/api-ref/hss_02_0017.html b/docs/hss/api-ref/hss_02_0017.html new file mode 100644 index 00000000..fddddeda --- /dev/null +++ b/docs/hss/api-ref/hss_02_0017.html @@ -0,0 +1,62 @@ + + +

Change History

+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + +

Date

+

Description

+

2024-5-24

+

This issue is the seventh official release.

+

Deleted the API for Querying the Protection List.

+

2024-5-17

+

This is the sixth official release.

+

Added the following content:

+

The default value of the enterprise_project_id is added.

+

Modified:

+
  • The description of the user token is modified.
  • The value range of enumerated attributes is deleted.
+

2024-4-11

+

This issue is the fifth official release.

+

Deleted the region parameter.

+

2024-4-3

+

This issue is the fourth official release.

+

Modified the following content:

+
  • Optimized the description of X-Auth-Token as user token.
  • Added the description of the category parameter.
  • Optimized the description of the default value of parameters.
+

2024-1-10

+

This issue is the third official release.

+

Modified the following content:

+
  • Deleted the description about billing-related APIs.
  • Deleted the description about the basic edition.
+

2023-12-8

+

This issue is the second official release.

+

Modified the following content:

+
  • Added request examples for all APIs.
  • Deleted the description about the yearly/monthly billing mode.
  • Changed the description of some host_id to mandatory.
  • Added the status code of some APIs.
  • Changed the description of user token to IAM token.
+

2023-9-30

+

This issue is the first official release.

+
+
+
+ diff --git a/docs/hss/api-ref/public_sys-resources/caution_3.0-en-us.png b/docs/hss/api-ref/public_sys-resources/caution_3.0-en-us.png new file mode 100644 index 00000000..60f60762 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/caution_3.0-en-us.png differ diff --git a/docs/hss/api-ref/public_sys-resources/danger_3.0-en-us.png b/docs/hss/api-ref/public_sys-resources/danger_3.0-en-us.png new file mode 100644 index 00000000..47a9c723 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/danger_3.0-en-us.png differ diff --git a/docs/hss/api-ref/public_sys-resources/delta.gif b/docs/hss/api-ref/public_sys-resources/delta.gif new file mode 100644 index 00000000..0d1b1f67 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/delta.gif differ diff --git a/docs/hss/api-ref/public_sys-resources/deltaend.gif b/docs/hss/api-ref/public_sys-resources/deltaend.gif new file mode 100644 index 00000000..cc7da0fc Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/deltaend.gif differ diff --git a/docs/hss/api-ref/public_sys-resources/icon-arrowdn.gif b/docs/hss/api-ref/public_sys-resources/icon-arrowdn.gif new file mode 100644 index 00000000..37942803 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/icon-arrowdn.gif differ diff --git a/docs/hss/api-ref/public_sys-resources/icon-arrowrt.gif b/docs/hss/api-ref/public_sys-resources/icon-arrowrt.gif new file mode 100644 index 00000000..6aaaa11c Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/icon-arrowrt.gif differ diff --git a/docs/hss/api-ref/public_sys-resources/icon-caution.gif b/docs/hss/api-ref/public_sys-resources/icon-caution.gif new file mode 100644 index 00000000..079c79b2 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/icon-caution.gif differ diff --git a/docs/hss/api-ref/public_sys-resources/icon-danger.gif b/docs/hss/api-ref/public_sys-resources/icon-danger.gif new file mode 100644 index 00000000..079c79b2 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/icon-danger.gif differ diff --git a/docs/hss/api-ref/public_sys-resources/icon-huawei.gif b/docs/hss/api-ref/public_sys-resources/icon-huawei.gif new file mode 100644 index 00000000..a31d60f8 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/icon-huawei.gif differ diff --git a/docs/hss/api-ref/public_sys-resources/icon-note.gif b/docs/hss/api-ref/public_sys-resources/icon-note.gif new file mode 100644 index 00000000..31be2b03 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/icon-note.gif differ diff --git a/docs/hss/api-ref/public_sys-resources/icon-notice.gif b/docs/hss/api-ref/public_sys-resources/icon-notice.gif new file mode 100644 index 00000000..40907065 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/icon-notice.gif differ diff --git a/docs/hss/api-ref/public_sys-resources/icon-tip.gif b/docs/hss/api-ref/public_sys-resources/icon-tip.gif new file mode 100644 index 00000000..c47bae05 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/icon-tip.gif differ diff --git a/docs/hss/api-ref/public_sys-resources/icon-warning.gif b/docs/hss/api-ref/public_sys-resources/icon-warning.gif new file mode 100644 index 00000000..079c79b2 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/icon-warning.gif differ diff --git a/docs/hss/api-ref/public_sys-resources/note_3.0-en-us.png b/docs/hss/api-ref/public_sys-resources/note_3.0-en-us.png new file mode 100644 index 00000000..57a0e1f5 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/note_3.0-en-us.png differ diff --git a/docs/hss/api-ref/public_sys-resources/notice_3.0-en-us.png b/docs/hss/api-ref/public_sys-resources/notice_3.0-en-us.png new file mode 100644 index 00000000..fa4b6499 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/notice_3.0-en-us.png differ diff --git a/docs/hss/api-ref/public_sys-resources/warning_3.0-en-us.png b/docs/hss/api-ref/public_sys-resources/warning_3.0-en-us.png new file mode 100644 index 00000000..def5c356 Binary files /dev/null and b/docs/hss/api-ref/public_sys-resources/warning_3.0-en-us.png differ diff --git a/docs/hss/api-ref/topic_300000000.html b/docs/hss/api-ref/topic_300000000.html new file mode 100644 index 00000000..037b6ac3 --- /dev/null +++ b/docs/hss/api-ref/topic_300000000.html @@ -0,0 +1,40 @@ + + +

Asset Management

+

+
+
+ + +
+
Parent topic: API Description
+
+
+ diff --git a/docs/hss/api-ref/topic_300000001.html b/docs/hss/api-ref/topic_300000001.html new file mode 100644 index 00000000..1f3c1658 --- /dev/null +++ b/docs/hss/api-ref/topic_300000001.html @@ -0,0 +1,22 @@ + + +

Ransomware Prevention

+

+
+
+ + +
+
Parent topic: API Description
+
+
+ diff --git a/docs/hss/api-ref/topic_300000002.html b/docs/hss/api-ref/topic_300000002.html new file mode 100644 index 00000000..ba2915f2 --- /dev/null +++ b/docs/hss/api-ref/topic_300000002.html @@ -0,0 +1,28 @@ + + +

Baseline Management

+

+
+
+ + +
+
Parent topic: API Description
+
+
+ diff --git a/docs/hss/api-ref/topic_300000003.html b/docs/hss/api-ref/topic_300000003.html new file mode 100644 index 00000000..ed347a57 --- /dev/null +++ b/docs/hss/api-ref/topic_300000003.html @@ -0,0 +1,16 @@ + + +

Quota Management

+

+
+
+ + +
+
Parent topic: API Description
+
+
+ diff --git a/docs/hss/api-ref/topic_300000004.html b/docs/hss/api-ref/topic_300000004.html new file mode 100644 index 00000000..894dc78e --- /dev/null +++ b/docs/hss/api-ref/topic_300000004.html @@ -0,0 +1,20 @@ + + +

Intrusion Detection

+

+
+
+ + +
+
Parent topic: API Description
+
+
+ diff --git a/docs/hss/api-ref/topic_300000005.html b/docs/hss/api-ref/topic_300000005.html new file mode 100644 index 00000000..cac1e57c --- /dev/null +++ b/docs/hss/api-ref/topic_300000005.html @@ -0,0 +1,26 @@ + + +

Server Management

+

+
+
+ + +
+
Parent topic: API Description
+
+
+ diff --git a/docs/hss/api-ref/topic_300000006.html b/docs/hss/api-ref/topic_300000006.html new file mode 100644 index 00000000..c5f81faa --- /dev/null +++ b/docs/hss/api-ref/topic_300000006.html @@ -0,0 +1,18 @@ + + +

Policy Management

+

+
+
+ + +
+
Parent topic: API Description
+
+
+ diff --git a/docs/hss/api-ref/topic_300000007.html b/docs/hss/api-ref/topic_300000007.html new file mode 100644 index 00000000..b714b4c1 --- /dev/null +++ b/docs/hss/api-ref/topic_300000007.html @@ -0,0 +1,20 @@ + + +

Vulnerability Management

+

+
+
+ + +
+
Parent topic: API Description
+
+
+ diff --git a/docs/hss/api-ref/topic_300000008.html b/docs/hss/api-ref/topic_300000008.html new file mode 100644 index 00000000..88a414e5 --- /dev/null +++ b/docs/hss/api-ref/topic_300000008.html @@ -0,0 +1,22 @@ + + +

Web Tamper Protection

+

+
+
+ + +
+
Parent topic: API Description
+
+
+ diff --git a/docs/hss/api-ref/topic_300000009.html b/docs/hss/api-ref/topic_300000009.html new file mode 100644 index 00000000..fb66867c --- /dev/null +++ b/docs/hss/api-ref/topic_300000009.html @@ -0,0 +1,18 @@ + + +

Tag Management

+

+
+
+ + +
+
Parent topic: API Description
+
+
+