Tencent Cloud

Prev Next

search by keyword

Recent Pages

Documentation

DescribeVirusDetail

Last updated: 2024-07-22 11:05:28

1. API Description

Domain name for API request: tcss.tencentcloudapi.com.

This API is used to query the information of a trojan file at runtime.

A maximum of 20 requests can be initiated per second for this API.

We recommend you to use API Explorer

Try it

API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.

2. Input Parameters

The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.

Parameter Name	Required	Type	Description
Action	Yes	String	Common Params. The value used for this API: DescribeVirusDetail.
Version	Yes	String	Common Params. The value used for this API: 2020-11-01.
Region	No	String	Common Params. This parameter is not required.
Id	Yes	String	Trojan file ID

3. Output Parameters

Parameter Name	Type	Description
ImageId	String	Image ID Note: This field may return null, indicating that no valid values can be obtained.
ImageName	String	Image name Note: This field may return null, indicating that no valid values can be obtained.
CreateTime	String	Creation time Note: This field may return null, indicating that no valid values can be obtained.
Size	Integer	Trojan file size Note: This field may return null, indicating that no valid values can be obtained.
FilePath	String	Trojan file path Note: This field may return null, indicating that no valid values can be obtained.
ModifyTime	String	Last generation time Note: This field may return null, indicating that no valid values can be obtained.
VirusName	String	Virus name Note: This field may return null, indicating that no valid values can be obtained.
RiskLevel	String	Risk level. Valid values: `RISK_CRITICAL`, `RISK_HIGH`, `RISK_MEDIUM`, `RISK_LOW`, `RISK_NOTICE`. Note: This field may return null, indicating that no valid values can be obtained.
ContainerName	String	Container name Note: This field may return null, indicating that no valid values can be obtained.
ContainerId	String	Container ID Note: This field may return null, indicating that no valid values can be obtained.
HostName	String	Server name Note: This field may return null, indicating that no valid values can be obtained.
HostId	String	Server ID Note: This field may return null, indicating that no valid values can be obtained.
ProcessName	String	Process name Note: This field may return null, indicating that no valid values can be obtained.
ProcessPath	String	Process path Note: This field may return null, indicating that no valid values can be obtained.
ProcessMd5	String	Process MD5 Note: This field may return null, indicating that no valid values can be obtained.
ProcessId	Integer	Process ID Note: This field may return null, indicating that no valid values can be obtained.
ProcessArgv	String	Process parameter Note: This field may return null, indicating that no valid values can be obtained.
ProcessChan	String	Process chain Note: This field may return null, indicating that no valid values can be obtained.
ProcessAccountGroup	String	Process group Note: This field may return null, indicating that no valid values can be obtained.
ProcessStartAccount	String	Process initiator Note: This field may return null, indicating that no valid values can be obtained.
ProcessFileAuthority	String	Process file permission Note: This field may return null, indicating that no valid values can be obtained.
SourceType	Integer	Source. Valid values: `0` (quick scan); `1` (scheduled scan); `2` (real-time monitoring). Note: This field may return null, indicating that no valid values can be obtained.
Tags	Array of String	Tag Note: This field may return null, indicating that no valid values can be obtained.
HarmDescribe	String	Event description Note: This field may return null, indicating that no valid values can be obtained.
SuggestScheme	String	Solution Note: This field may return null, indicating that no valid values can be obtained.
Mark	String	Remarks Note: This field may return null, indicating that no valid values can be obtained.
FileName	String	Suspicious file name Note: This field may return null, indicating that no valid values can be obtained.
FileMd5	String	MD5 checksum of the file Note: This field may return null, indicating that no valid values can be obtained.
EventType	String	Event type Note: This field may return null, indicating that no valid values can be obtained.
PodName	String	Cluster name Note: This field may return null, indicating that no valid values can be obtained.
Status	String	`DEAL_NONE`: Pending. `DEAL_IGNORE`: Ignored. `DEAL_ADD_WHITELIST`: Allowed. `DEAL_DEL`: Deleted. `DEAL_ISOLATE`: Isolated. `DEAL_ISOLATING`: Isolating. `DEAL_ISOLATE_FAILED`: Isolation failed. `DEAL_RECOVERING`: Recovering. `DEAL_RECOVER_FAILED`: Recovery failed. Note: This field may return null, indicating that no valid values can be obtained.
SubStatus	String	Sub-status of the failure: `FILE_NOT_FOUND`: The file does not exist. `FILE_ABNORMAL`: The file is abnormal. `FILE_ABNORMAL_DEAL_RECOVER`: The file is abnormal when recovered. `BACKUP_FILE_NOT_FOUND`: The backup file does not exist. `CONTAINER_NOT_FOUND_DEAL_ISOLATE`: The container does not exist during isolation. `CONTAINER_NOT_FOUND_DEAL_RECOVER`: The container does not exist during recovery. Note: This field may return null, indicating that no valid values can be obtained.
HostIP	String	Private IP Note: This field may return null, indicating that no valid values can be obtained.
ClientIP	String	Public IP Note: This field may return null, indicating that no valid values can be obtained.
PProcessStartUser	String	Parent process initiator Note: This field may return null, indicating that no valid values can be obtained.
PProcessUserGroup	String	User group of the parent process Note: This field may return null, indicating that no valid values can be obtained.
PProcessPath	String	Path of the parent process Note: This field may return null, indicating that no valid values can be obtained.
PProcessParam	String	Command line parameters of the parent process Note: This field may return null, indicating that no valid values can be obtained.
AncestorProcessStartUser	String	Ancestor process initiator Note: This field may return null, indicating that no valid values can be obtained.
AncestorProcessUserGroup	String	Ancestor process user group Note: This field may return null, indicating that no valid values can be obtained.
AncestorProcessPath	String	Ancestor process path Note: This field may return null, indicating that no valid values can be obtained.
AncestorProcessParam	String	Command line parameters of the ancestor process Note: This field may return null, indicating that no valid values can be obtained.
OperationTime	String	Last processing time of the event Note: This field may return null, indicating that no valid values can be obtained.
ContainerNetStatus	String	Container isolation status Note: This field may return null, indicating that no valid values can be obtained.
ContainerNetSubStatus	String	Sub-status of container isolation Note: This field may return null, indicating that no valid values can be obtained.
ContainerIsolateOperationSrc	String	Container isolation operation source Note: This field may return null, indicating that no valid values can be obtained.
CheckPlatform	Array of String	Check platform `1`: Tencent Cloud Security Engine. `2`: tav. `3`: binaryAi. `4`: Unusual behavior. `5`: Threat intelligence. Note: This field may return null, indicating that no valid values can be obtained.
FileAccessTime	String	File accessed time Note: This field may return null, indicating that no valid values can be obtained.
FileModifyTime	String	File modified time Note: This field may return null, indicating that no valid values can be obtained.
NodeSubNetID	String	Node subnet ID
NodeSubNetName	String	Node subnet name
NodeSubNetCIDR	String	Subnet IP range
ClusterID	String	Cluster ID
PodIP	String	Pod IP
PodStatus	String	Pod status
NodeUniqueID	String	UID of the node
NodeType	String	Node type. Values: `NORMAL` (general node), `SUPER` (super node).
NodeID	String	Node ID
ClusterName	String	Cluster name
Namespace	String
WorkloadType	String
RequestId	String	The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem.

4. Example

Example1 Querying the trojan information

This example shows you how to query the trojan information.

Input Example

POST / HTTP/1.1
Host: tcss.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeVirusDetail
<Common request parameters>

{
    "Id": "dskaldjskld"
}

Output Example

{
    "Response": {
        "ImageId": "abc",
        "ImageName": "abc",
        "CreateTime": "abc",
        "Size": 1,
        "FilePath": "abc",
        "ModifyTime": "abc",
        "VirusName": "abc",
        "RiskLevel": "abc",
        "ContainerName": "abc",
        "ContainerId": "abc",
        "HostName": "abc",
        "HostId": "abc",
        "ProcessName": "abc",
        "ProcessPath": "abc",
        "ProcessMd5": "abc",
        "ProcessId": 1,
        "ProcessArgv": "abc",
        "ProcessChan": "abc",
        "ProcessAccountGroup": "abc",
        "ProcessStartAccount": "abc",
        "ProcessFileAuthority": "abc",
        "SourceType": 0,
        "Tags": [
            "abc"
        ],
        "HarmDescribe": "abc",
        "SuggestScheme": "abc",
        "Mark": "abc",
        "FileName": "abc",
        "FileMd5": "abc",
        "EventType": "abc",
        "PodName": "abc",
        "Status": "abc",
        "SubStatus": "abc",
        "HostIP": "abc",
        "ClientIP": "abc",
        "PProcessStartUser": "abc",
        "PProcessUserGroup": "abc",
        "PProcessPath": "abc",
        "PProcessParam": "abc",
        "AncestorProcessStartUser": "abc",
        "AncestorProcessUserGroup": "abc",
        "AncestorProcessPath": "abc",
        "AncestorProcessParam": "abc",
        "OperationTime": "abc",
        "ContainerNetStatus": "abc",
        "ContainerNetSubStatus": "abc",
        "ContainerIsolateOperationSrc": "abc",
        "CheckPlatform": [
            "abc"
        ],
        "FileAccessTime": "abc",
        "FileModifyTime": "abc",
        "NodeSubNetID": "abc",
        "NodeSubNetName": "abc",
        "NodeSubNetCIDR": "abc",
        "ClusterID": "abc",
        "PodIP": "abc",
        "PodStatus": "abc",
        "NodeUniqueID": "abc",
        "NodeType": "abc",
        "NodeID": "abc",
        "ClusterName": "abc",
        "RequestId": "abc"
    }
}

5. Developer Resources

SDK

TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.

Command Line Interface

Tencent Cloud CLI 3.0

6. Error Code

The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.

Error Code	Description
InternalError	An internal error occurred.
InternalError.MainDBFail	The database operation failed.
InvalidParameter	The parameter is incorrect.
ResourceNotFound	The resource does not exist.

tencent cloud

Recent Pages

DescribeVirusDetail

1. API Description

2. Input Parameters

3. Output Parameters

4. Example

Example1 Querying the trojan information

Input Example

Output Example

5. Developer Resources

SDK

Command Line Interface

6. Error Code

Was this page helpful?

Was this page helpful?

tencent cloud

Sign Up

Log in

Recent Pages

DescribeVirusDetail

1. API Description

2. Input Parameters

3. Output Parameters

4. Example

Example1 Querying the trojan information

Input Example

Output Example

5. Developer Resources

SDK

Command Line Interface

6. Error Code

Was this page helpful?

Was this page helpful?