tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Documentation

DescribeRiskDnsEventList

Last updated: 2024-08-27 11:41:56

1. API Description

Domain name for API request: cwp.tencentcloudapi.com.

This API is used to obtain the list of malicious request events.

A maximum of 20 requests can be initiated per second for this API.

We recommend you to use API Explorer
Try it
API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.

2. Input Parameters

The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.

Parameter Name Required Type Description
Action Yes String Common Params. The value used for this API: DescribeRiskDnsEventList.
Version Yes String Common Params. The value used for this API: 2018-02-28.
Region No String Common Params. This parameter is not required.
Filters.N No Array of Filter
  • IpOrName - String - required: no - filter by host IP or alias
  • HostId - String - required: no - host ID
  • AgentId - String - required: no - client ID
  • PolicyType - String - required: no - policy type: 0 - system policy; 1 - user-defined policy
  • Domain - String - required: no - domain name (First convert the domain name into the urlencode format, and then encode it using base64.)
  • HandleStatus - String - required: no - filter by status: 0 - pending; 2 - trusted; 3 - untrusted
  • BeginTime - String - required: no - start time of last access
  • EndTime - String - required: no - end time of last access
    		•
    Limit No Integer Number of items to be returned. It is 10 by default, and the maximum value is 100.
    Offset No Integer Offset, which defaults to 0
    Order No String Sorting method: sort by number of requests [asc: ascending order|desc: descending order]
    By No String Sorting field: [AccessCount: number of requests|LastTime: last request time]

    3. Output Parameters

    Parameter Name Type Description
    List Array of RiskDnsEvent Malicious Request Event List
    Note: This field may return null, indicating that no valid values can be obtained.
    TotalCount Integer Total number
    RequestId String The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem.

    4. Example

    Example1 Obtaining the Malicious Request Event List

    Input Example

    POST / HTTP/1.1
Host: cwp.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeRiskDnsEventList
<Common request parameters>

{}

    Output Example

    {
    "Response": {
        "List": [
            {
                "Id": 10368,
                "PolicyId": 5000179,
                "PolicyType": 1,
                "PolicyName": "v_llzlu interception",
                "ProtectLevel": 2,
                "HostId": "02db9a21-78fe-4a4c-b96f-a11bf819a962",
                "HostName": "v_llzlu malicious request",
                "HostIp": "192.168.111.28",
                "WanIp": "43.138.255.181",
                "HostStatus": "OFFLINE",
                "AgentId": "02db9a21-78fe-4a4c-b96f-a11bf819a962",
                "Domain": "183.60.95.201",
                "Tags": [],
                "AccessCount": 1,
                "ThreatDesc": "Detected access to malicious IPs/domains on your host. Your host may have been compromised.\nMalicious IPs/domain names could be the hacker's remote control servers, source of malware downloads, mining pool address,and so on.",
                "SuggestSolution": "1. Check for malicious processes and invalid ports, remove suspicious startup items and scheduled tasks;\n2. Isolate or delete related Trojan files;\n3. Conduct a risk detection on the system and reinforce the security. For details, refer to the following link: \n[Linux]https://www.tencentcloud.com/document/product/296/9604?from_cn_redirect=1\n[Windows]https://www.tencentcloud.com/document/product/296/9605?from_cn_redirect=1",
                "ReferenceLink": "",
                "HandleStatus": 6,
                "Pid": 1387042,
                "ProcessName": "/usr/bin/ping",
                "ProcessMd5": "7f42e35e3065eaa9a58b89e249e8cbc7",
                "CmdLine": "ping 183.60.95.201 ",
                "FirstTime": "2022-09-19 14:57:23",
                "LastTime": "2022-09-19 14:57:23"
            }
        ],
        "RequestId": "130e109f-a922-4d16-827d-b17a366125a2",
        "TotalCount": 9989
    }
}

    5. Developer Resources

    SDK

    TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.

    Command Line Interface

    6. Error Code

    The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.

    Error Code Description
    AuthFailure CAM signature/authentication error.
    InternalError Internal error
    InvalidParameter Incorrect parameter.
    Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
    Privacy PolicyLegalCookie Policy