Domain name for API request: tcss.intl.tencentcloudapi.com.
This API is used to query the information of a trojan file at runtime.
A maximum of 20 requests can be initiated per second for this API.
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
Parameter Name | Required | Type | Description |
---|---|---|---|
Action | Yes | String | Common Params. The value used for this API: DescribeVirusDetail. |
Version | Yes | String | Common Params. The value used for this API: 2020-11-01. |
Region | No | String | Common Params. This parameter is not required. |
Id | Yes | String | Trojan file ID |
Parameter Name | Type | Description |
---|---|---|
ImageId | String | Image ID Note: This field may return null, indicating that no valid values can be obtained. |
ImageName | String | Image name Note: This field may return null, indicating that no valid values can be obtained. |
CreateTime | String | Creation time Note: This field may return null, indicating that no valid values can be obtained. |
Size | Integer | Trojan file size Note: This field may return null, indicating that no valid values can be obtained. |
FilePath | String | Trojan file path Note: This field may return null, indicating that no valid values can be obtained. |
ModifyTime | String | Last generation time Note: This field may return null, indicating that no valid values can be obtained. |
VirusName | String | Virus name Note: This field may return null, indicating that no valid values can be obtained. |
RiskLevel | String | Risk level. Valid values: RISK_CRITICAL , RISK_HIGH , RISK_MEDIUM , RISK_LOW , RISK_NOTICE .Note: This field may return null, indicating that no valid values can be obtained. |
ContainerName | String | Container name Note: This field may return null, indicating that no valid values can be obtained. |
ContainerId | String | Container ID Note: This field may return null, indicating that no valid values can be obtained. |
HostName | String | Server name Note: This field may return null, indicating that no valid values can be obtained. |
HostId | String | Server ID Note: This field may return null, indicating that no valid values can be obtained. |
ProcessName | String | Process name Note: This field may return null, indicating that no valid values can be obtained. |
ProcessPath | String | Process path Note: This field may return null, indicating that no valid values can be obtained. |
ProcessMd5 | String | Process MD5 Note: This field may return null, indicating that no valid values can be obtained. |
ProcessId | Integer | Process ID Note: This field may return null, indicating that no valid values can be obtained. |
ProcessArgv | String | Process parameter Note: This field may return null, indicating that no valid values can be obtained. |
ProcessChan | String | Process chain Note: This field may return null, indicating that no valid values can be obtained. |
ProcessAccountGroup | String | Process group Note: This field may return null, indicating that no valid values can be obtained. |
ProcessStartAccount | String | Process initiator Note: This field may return null, indicating that no valid values can be obtained. |
ProcessFileAuthority | String | Process file permission Note: This field may return null, indicating that no valid values can be obtained. |
SourceType | Integer | Source. Valid values: 0 (quick scan); 1 (scheduled scan); 2 (real-time monitoring).Note: This field may return null, indicating that no valid values can be obtained. |
Tags | Array of String | Tag Note: This field may return null, indicating that no valid values can be obtained. |
HarmDescribe | String | Event description Note: This field may return null, indicating that no valid values can be obtained. |
SuggestScheme | String | Solution Note: This field may return null, indicating that no valid values can be obtained. |
Mark | String | Remarks Note: This field may return null, indicating that no valid values can be obtained. |
FileName | String | Suspicious file name Note: This field may return null, indicating that no valid values can be obtained. |
FileMd5 | String | MD5 checksum of the file Note: This field may return null, indicating that no valid values can be obtained. |
EventType | String | Event type Note: This field may return null, indicating that no valid values can be obtained. |
PodName | String | Cluster name Note: This field may return null, indicating that no valid values can be obtained. |
Status | String | DEAL_NONE : Pending.DEAL_IGNORE : Ignored.DEAL_ADD_WHITELIST : Allowed.DEAL_DEL : Deleted.DEAL_ISOLATE : Isolated.DEAL_ISOLATING : Isolating.DEAL_ISOLATE_FAILED : Isolation failed.DEAL_RECOVERING : Recovering.DEAL_RECOVER_FAILED : Recovery failed.Note: This field may return null, indicating that no valid values can be obtained. |
SubStatus | String | Sub-status of the failure:FILE_NOT_FOUND : The file does not exist.FILE_ABNORMAL : The file is abnormal.FILE_ABNORMAL_DEAL_RECOVER : The file is abnormal when recovered.BACKUP_FILE_NOT_FOUND : The backup file does not exist.CONTAINER_NOT_FOUND_DEAL_ISOLATE : The container does not exist during isolation.CONTAINER_NOT_FOUND_DEAL_RECOVER : The container does not exist during recovery.Note: This field may return null, indicating that no valid values can be obtained. |
HostIP | String | Private IP Note: This field may return null, indicating that no valid values can be obtained. |
ClientIP | String | Public IP Note: This field may return null, indicating that no valid values can be obtained. |
PProcessStartUser | String | Parent process initiator Note: This field may return null, indicating that no valid values can be obtained. |
PProcessUserGroup | String | User group of the parent process Note: This field may return null, indicating that no valid values can be obtained. |
PProcessPath | String | Path of the parent process Note: This field may return null, indicating that no valid values can be obtained. |
PProcessParam | String | Command line parameters of the parent process Note: This field may return null, indicating that no valid values can be obtained. |
AncestorProcessStartUser | String | Ancestor process initiator Note: This field may return null, indicating that no valid values can be obtained. |
AncestorProcessUserGroup | String | Ancestor process user group Note: This field may return null, indicating that no valid values can be obtained. |
AncestorProcessPath | String | Ancestor process path Note: This field may return null, indicating that no valid values can be obtained. |
AncestorProcessParam | String | Command line parameters of the ancestor process Note: This field may return null, indicating that no valid values can be obtained. |
OperationTime | String | Last processing time of the event Note: This field may return null, indicating that no valid values can be obtained. |
ContainerNetStatus | String | Container isolation status Note: This field may return null, indicating that no valid values can be obtained. |
ContainerNetSubStatus | String | Sub-status of container isolation Note: This field may return null, indicating that no valid values can be obtained. |
ContainerIsolateOperationSrc | String | Container isolation operation source Note: This field may return null, indicating that no valid values can be obtained. |
CheckPlatform | Array of String | Check platform1 : Tencent Cloud Security Engine.2 : tav.3 : binaryAi.4 : Unusual behavior.5 : Threat intelligence.Note: This field may return null, indicating that no valid values can be obtained. |
FileAccessTime | String | File accessed time Note: This field may return null, indicating that no valid values can be obtained. |
FileModifyTime | String | File modified time Note: This field may return null, indicating that no valid values can be obtained. |
NodeSubNetID | String | Node subnet ID |
NodeSubNetName | String | Node subnet name |
NodeSubNetCIDR | String | Subnet IP range |
ClusterID | String | Cluster ID |
PodIP | String | Pod IP |
PodStatus | String | Pod status |
NodeUniqueID | String | UID of the node |
NodeType | String | Node type. Values: NORMAL (general node), SUPER (super node). |
NodeID | String | Node ID |
ClusterName | String | Cluster name |
Namespace | String | |
WorkloadType | String | |
RequestId | String | The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem. |
This example shows you how to query the trojan information.
POST / HTTP/1.1
Host: tcss.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeVirusDetail
<Common request parameters>
{
"Id": "dskaldjskld"
}
{
"Response": {
"ImageId": "abc",
"ImageName": "abc",
"CreateTime": "abc",
"Size": 1,
"FilePath": "abc",
"ModifyTime": "abc",
"VirusName": "abc",
"RiskLevel": "abc",
"ContainerName": "abc",
"ContainerId": "abc",
"HostName": "abc",
"HostId": "abc",
"ProcessName": "abc",
"ProcessPath": "abc",
"ProcessMd5": "abc",
"ProcessId": 1,
"ProcessArgv": "abc",
"ProcessChan": "abc",
"ProcessAccountGroup": "abc",
"ProcessStartAccount": "abc",
"ProcessFileAuthority": "abc",
"SourceType": 0,
"Tags": [
"abc"
],
"HarmDescribe": "abc",
"SuggestScheme": "abc",
"Mark": "abc",
"FileName": "abc",
"FileMd5": "abc",
"EventType": "abc",
"PodName": "abc",
"Status": "abc",
"SubStatus": "abc",
"HostIP": "abc",
"ClientIP": "abc",
"PProcessStartUser": "abc",
"PProcessUserGroup": "abc",
"PProcessPath": "abc",
"PProcessParam": "abc",
"AncestorProcessStartUser": "abc",
"AncestorProcessUserGroup": "abc",
"AncestorProcessPath": "abc",
"AncestorProcessParam": "abc",
"OperationTime": "abc",
"ContainerNetStatus": "abc",
"ContainerNetSubStatus": "abc",
"ContainerIsolateOperationSrc": "abc",
"CheckPlatform": [
"abc"
],
"FileAccessTime": "abc",
"FileModifyTime": "abc",
"NodeSubNetID": "abc",
"NodeSubNetName": "abc",
"NodeSubNetCIDR": "abc",
"ClusterID": "abc",
"PodIP": "abc",
"PodStatus": "abc",
"NodeUniqueID": "abc",
"NodeType": "abc",
"NodeID": "abc",
"ClusterName": "abc",
"RequestId": "abc"
}
}
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
Error Code | Description |
---|---|
InternalError | An internal error occurred. |
InternalError.MainDBFail | The database operation failed. |
InvalidParameter | The parameter is incorrect. |
ResourceNotFound | The resource does not exist. |
Was this page helpful?