Domain name for API request: cwp.tencentcloudapi.com.
This API is used to obtain the high-risk command list.
A maximum of 20 requests can be initiated per second for this API.
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
Parameter Name | Required | Type | Description |
---|---|---|---|
Action | Yes | String | Common Params. The value used for this API: DescribeBashEvents. |
Version | Yes | String | Common Params. The value used for this API: 2018-02-28. |
Region | No | String | Common Params. This parameter is not required. |
Limit | No | Integer | Number of items to be returned. It is 10 by default, and the maximum value is 100. |
Filters.N | No | Array of Filter | Filter criteria |
Offset | No | Integer | Offset, which defaults to 0 |
Order | No | String | Sorting method: sort by number of requests. asc: ascending order; desc: descending order. |
By | No | String | Sorting field. CreateTime: occurrence time; ModifyTime: processing time. |
Parameter Name | Type | Description |
---|---|---|
TotalCount | Integer | Total number of entries |
List | Array of BashEvent | List of high-risk command events |
RequestId | String | The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem. |
This example shows you how to access the high-risk command list.
POST / HTTP/1.1
Host: cwp.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeBashEvents
<Common request parameters>
{}
{
"Response": {
"TotalCount": 1,
"List": [
{
"Status": 1,
"RuleLevel": 1,
"Exe": "xx",
"Uuid": "xx",
"RuleId": 1,
"RegexBashCmd": "xx",
"DetectBy": 1,
"RuleName": "xx",
"Pid": "xx",
"MachineName": "xx",
"Id": 1,
"Platform": 1,
"User": "xx",
"Hostip": "xx",
"ModifyTime": "xx",
"CreateTime": "xx",
"BashCmd": "xx",
"RuleCategory": 1,
"Quuid": "xx"
}
],
"RequestId": "xx"
}
}
POST / HTTP/1.1
Host: cwp.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeBashEvents
<Common request parameters>
{
"Limit": "1",
"Offset": "0"
}
{
"Response": {
"List": [
{
"Uuid": "02db9a21-78fe-4a4c-b96f-a11bf819a962",
"Id": 3148114,
"Quuid": "02db9a21-78fe-4a4c-b96f-a11bf819a962",
"Hostip": "192.168.111.28",
"User": "root",
"Platform": 4,
"BashCmd": "./r3hook_tool moc -var www.test123.com",
"RuleId": 0,
"RuleName": "sysrule_custom_procmon_1",
"RuleLevel": 1,
"Status": 0,
"CreateTime": "2022-09-01 17:28:39",
"MachineName": "a malicious request of v_llzlu",
"DetectBy": 0,
"Pid": "0",
"Exe": "",
"ModifyTime": "0001-01-01 00:00:00",
"RegexBashCmd": "\\./r3hook_tool moc -var www\\.test123\\.com",
"RuleCategory": 0
}
],
"RequestId": "c787b780-0a35-4fa5-aca3-db339b9a20e8",
"TotalCount": 51315
}
}
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
Error Code | Description |
---|---|
InternalError | Internal error |
InvalidParameter | Incorrect parameter. |
InvalidParameter.IllegalRequest | Invalid request. |
InvalidParameter.InvalidFormat | Incorrect parameter format. |
InvalidParameter.MissingParameter | Missing parameter. |
InvalidParameter.ParsingError | Incorrect parameter parsing. |
InvalidParameterValue | Invalid parameter value. |
MissingParameter | Missing parameter error. |
ResourceNotFound | The resource does not exist. |
本页内容是否解决了您的问题?