Domain name for API request: cwp.intl.tencentcloudapi.com.
This API is used to obtain the list of core file monitoring events.
A maximum of 20 requests can be initiated per second for this API.
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
Parameter Name | Required | Type | Description |
---|---|---|---|
Action | Yes | String | Common Params. The value used for this API: DescribeFileTamperEvents. |
Version | Yes | String | Common Params. The value used for this API: 2018-02-28. |
Region | No | String | Common Params. This parameter is not required. |
Filters.N | No | Array of Filters | Filter criteria |
Offset | No | Integer | Offset. Default value: 0. |
Limit | No | Integer | Number of items to be returned. It is 10 by default, and the maximum value is 100. |
Order | No | String | Sorting method: ASC, DESC |
By | No | String | Sorting field: CreateTime; ModifyTime |
Parameter Name | Type | Description |
---|---|---|
List | Array of FileTamperEvent | Core File Event List Note: This field may return null, indicating that no valid values can be obtained. |
TotalCount | Integer | Total number of data entries |
RequestId | String | The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem. |
This example shows you how to acquire it normally.
POST / HTTP/1.1
Host: cwp.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeFileTamperEvents
<Common request parameters>
{
"Offset": 1,
"Limit": 1
}
{
"Response": {
"List": [
{
"Id": 370572797,
"Uuid": "1c26308c-5493-4eaf-a817-112ec25f499e",
"Quuid": "1c26308c-5493-4eaf-a817-112ec25f499e",
"HostIp": "0.0.0.0",
"HostName": "销售许可测试机器",
"Type": 0,
"ProcessExe": "/usr/bin/crontab",
"ProcessArgv": "crontab /root/cron.tmp",
"Target": "/var/spool/cron/#tmp.VM-124-81-tencentos.2QUwZR",
"Status": 0,
"EventCount": 1,
"RuleId": 1,
"RuleName": "系统策略-篡改计划任务",
"Pstree": "[{\"pid\":980959,\"exe\":\"/usr/bin/crontab\",\"account\":\"root:root\",\"cmdline\":\"crontab /root/cron.tmp\",\"start_time\":1729557954,\"type\":1},{\"pid\":2288,\"exe\":\"/root/chaos-executor\",\"account\":\"root:root\",\"cmdline\":\"./chaos-executor d -p 29785a94e8324 -f id_rsa.pub -n Production -s Production\",\"start_time\":1729471587,\"type\":2}]",
"CreateTime": "2024-10-22 08:45:58",
"ModifyTime": "2024-10-22 08:45:58",
"Level": 1,
"RuleCategory": 0,
"MachineStatus": "ONLINE",
"Description": "检测到系统计划任务被修改",
"Suggestion": "排查是否为正常业务需要的计划任务修改",
"PrivateIp": "10.1.1.15",
"ExePermission": "-rwsr-xr-x",
"UserName": "0",
"UserGroup": "0",
"ExeMd5": "569f953571579ec4ae613cca7862930a",
"ExeSize": 0,
"ExeTime": 1669715461,
"TargetSize": 981,
"TargetPermission": "-rw-------",
"TargetModifyTime": "2024-10-22 08:45:54",
"TargetCreatTime": "2024-10-22 08:45:54",
"ExePid": 980959,
"TargetName": "#tmp.VM-124-81-tencentos.QUwZR",
"Reference": "https://",
"ExeName": "crontab",
"FileAction": "write",
"MachineExtraInfo": {
"WanIP": "0.0.0.0",
"PrivateIP": "10.1.1.15",
"NetworkType": 0,
"NetworkName": "vpc-d7f***",
"InstanceID": "ins-dsdsds",
"HostName": "hn***"
}
}
],
"TotalCount": 1,
"RequestId": "e5b4724c-49af-46ab-bd84-cdbae897e7e0"
}
}
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
Error Code | Description |
---|---|
InternalError | Internal error |
InvalidParameter | Incorrect parameter. |
InvalidParameterValue | Invalid parameter value. |
MissingParameter | Missing parameter error. |
本页内容是否解决了您的问题?