Security Baseline Related Interface
Last Updated:2020-10-22
Query List of Check Results
Description
- Query list of check results.
Request structure
GET /v{version}/hosteye/securityBaseline/overview?pageNo={pageNo}&pageSize={pageSize}&zone={zone}&itemName={itemName}&category={category}&clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization stringRequest header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | For details of idempotent Token, please see clientToken |
| pageNo | int | No | Query | Page number with default of 1 |
| pageSize | int | No | Query | Page size with default of 10 |
| zone | zone | No | Query | region, blank means global |
| itemName | String | No | Query | Risk Name |
| category | String | No | Query | Risk category |
Return status code
Successfully return to 200; for failure, please see Error Code.
Return header
There are no other special headers except the public headers.
Return parameter
| Parameter name | Type | Description |
|---|---|---|
| status | TaskStatus | Task status |
| totalCount | int | Total number of check results |
| baselineList | list<ItemCheckResultModel> | List of check results |
Request example
GET /v2/hosteye/securityBaseline/overview?pageNo=1&pageSize=10&zone=global&itemName=test&category=test&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"baselineList": [
{
"itemId": 10 //risk id
"itemName": NAME, //risk name
"itemCategory": { //risk category
"system": "windows | linux ", //operating system
"application": "APP", //application
"category": "category", //detection category
"item": "item", //detection items
},
"assetNumber": 10 //number of virtual machines affected
"itemLevel": "low"| "middle"| "high" //risk level
"updateTime": time //update time in UTC time format, such as 2018-01-01T00: 00: 00Z
}
]
"status": 0 | 1, //0 task in progress 1 task completed
"totalCount": 11 //total number of entries
}Query Risk Details
Description
- Query the risk details of the specified check items.
Request structure
GET /v{version}/hosteye/securityBaseline/item/{item_id}?zone={zone}&clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization stringRequest header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | For details of idempotent Token, please see clientToken |
| itemId | int | Yes | URL parameter | Inspection item id |
| zone | zone | No | Query | region, with default of global |
Return status code
Successfully return to 200; for failure, please see Error Code.
Return header
There are no other special headers except the public headers.
Return parameter
| Parameter name | Type | Description |
|---|---|---|
| itemName | String | Risk Name |
| itemLevel | ItemLevel | Risk level |
| updateTime | String | Update time in UTC time format |
| itemCategory | ItemCategoryDescModel | Risk category description |
| solution | String | Repair suggestions |
| assetList | list<AssertModel> | List of virtual machines |
Request example
GET /v2/hosteye/securityBaseline/item/11?zone=global&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"itemName" NAME, //risk name
"itemLevel": "low"| "middle"| "high" //risk level
"updateTime": time//update time
"itemCategory" { //risk category
"system": "Windows | linux" //operating system
"application": "APP" //application
"category": "category" //detection category
"Item": "Item" //detection items
},
"solution": "solution" //suggestions for repair
"assetList": [
{
"uuid": "BCC_ID1", //virtual machine long id
"region": "bj", //region information
"instanceId": "instanceId", //short id
"name": "name", //name
"vmStatus": "vmStatus", //virtual machine status
"cpu": "cpu", //cpu
"memory": "memory", //memory
"diskSize": "diskSize", //diskSize
"instanceType": "instanceType", //instanceType
"internalIp": "10.130.xx.xx", //Intranet iP
"publicIp": "180.xx.xx.xx", //external network ip, return to blank if there is no ip
},
], //list of virtual machines affected
}Query Configuration of the Check Time
Description
- Query configuration of the check time.
Request structure
GET/v {version}/hosteye/securityBaseline/checkTime? clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization stringRequest header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | For details of idempotent Token, please see clientToken |
Return status code
Successfully return to 200; for failure, please see Error Code.
Return header
There are no other special headers except the public headers.
Return parameter
| Parameter name | Type | Description |
|---|---|---|
| checkDate | list |
Check date |
| checkTime | int | Check time |
Request example
GET /v2/hosteye/securityBaseline/checkTime?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"checkDate": [0,1,2,3]//check date, 0 ~ 6 represents Sunday ~ Saturday
"checkTime": 5 //check time, 0 ~ 23 represents 0 ~ 23 o'clockSet Check Time
Description
- Set check time.
Request structure
PUT /v{version}/hosteye/securityBaseline/checkTime?clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization string
{
"checkDate": [0,1,2,3] //check date, 0 ~ 6 represents Sunday ~ Saturday
"checkTime": 5 //check time, 0 ~ 23 represents 0 ~ 23 o'clock
}Request header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | For details of idempotent Token, please see clientToken |
| checkDate | list |
Yes | RequestBody | Check date |
| checkTime | int | Yes | RequestBody | Check time |
Return status code
Successfully return to 200; for failure, please see Error Code.
Return header
There are no other special headers except the public headers.
Return parameter
There is no special return parameter.
Request example
PUT /v2/hosteye/securityBaseline/checkTime?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
{
"checkDate": [0,1,2,3]//check date, 0 ~ 6 represents Sunday ~ Saturday
"checkTime": 5 //check time, 0 ~ 23 represents 0 ~ 23 o'clock
}Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWSQuery List of Check Rules
Description
- Query list of check rules.
Request structure
GET /v{version}/hosteye/securityBaseline/ruleList?pageNo={pageNo}&pageSize={pageSize}&clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization stringRequest header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | For details of idempotent Token, please see clientToken |
| pageNo | int | No | Query | Page number with default of 1 |
| pageSize | int | No | Query | Page size with default of 10 |
Return status code
Successfully return to 200; for failure, please see Error Code.
Return header
There are no other special headers except the public headers.
Return parameter
| Parameter name | Type | Description |
|---|---|---|
| ruleList | list<RuleModel> | Rule list |
| totalCount | int | Total number of rules |
Request example
GET /v2/hosteye/securityBaseline/ruleList?pageNo=1&pageSize=10&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
RuleList: [
{
"ruleId": 10, //rule ID
"ruleName": NAME, //rule name
"assetNumber": 10 //check the number of virtual machines
"itemNumber": 10 //check the number of items
"checkDate": [0,1,2,3] //check date, 0 ~ 6 represents Sunday ~ Saturday
"checkTime": 5 //check time, 0 ~ 23 represents 0 ~ 23 o'clock
"asDefault": 0 | 1 //0 means non-default rule, 1 means default rule
},
]
"totalCount": 11 //total number of entries
}Query List of all Check Items
Description
- Query list of all check items.
Request structure
GET /v{version}/hosteye/securityBaseline/itemList?clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization stringRequest header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | For details of idempotent Token, please see clientToken |
Return status code
Successfully return to 200; for failure, please see Error Code.
Return header
There are no other special headers except the public headers.
Return parameter
| Parameter name | Type | Description |
|---|---|---|
| ruleName | String | Rule name |
| items | list<ItemsModel> | Rule list |
Request example
GET /v2/hosteye/securityBaseline/itemList?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"items" : [
{
"items": [
{
"items": [
{
"items": [
{
"items": null,
"name": "scheduled task file permissions"
"ItemsId": 1 //item id int
"status": 0 | 1 //0 means this risk item is not selected | 1 means this risk item is selected
},
{
"items": null,
"name": "check software packages installed"
"ItemsId": 2
"status": 0 | 1 //0 means this risk item is not selected | 1 means this risk item is selected
},
{
"items": null,
"name": "check globally writable suid, sgid files"
"ItemsId": 3
"status": 0 | 1 //0 means this risk item is not selected | 1 means this risk item is selected
}
],
"name": "file Check"
},
{
Items: [],
"name": "XX check"
}
],
"name": "linux system check"
},
{
Items: [],
"name": "Apache Tomcat"
}
],
"name": "linux"
},
{
Items: [],
"name": "windows"
}
]
}Create Check Rules
Description
- Create check rules.
Request structure
POST /v{version}/hosteye/securityBaseline/rule?clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization string
{
"ruleName": NAME, //rule name
"checkItem": [itemsId1, itemsId2, itemsId3]//list of risk ids
"assetList": [
{
"uuid": "BCC_ID1", //virtual machine long id
"region": "bj", //region information
},
], //rule contains list of virtual machines
}Request header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | For details of idempotent Token, please see clientToken |
| ruleName | String | Yes | RequestBody | Rule name |
| checkItem | list |
Yes | RequestBody | List of check item ids |
| assetList | list<AssertIdModel> | List of virtual machine ids |
Return status code
Successfully return to 200; for failure, please see Error Code.
Return header
There are no other special headers except the public headers.
Return parameter
There is no special return parameter.
Request example
POST /v2/hosteye/securityBaseline/rule?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
{
"ruleName": NAME, //rule name
"checkItem": [itemsId1, itemsId2, itemsId3]//list of risk ids
"assetList": [
{
"uuid": "BCC_ID1", //virtual machine long id
"region": "bj", //region information
},
], //rule contains list of virtual machines
}Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWSQuery Check Rules
Description
- Query check rules configuration for a specified rule id.
Request structure
GET /v{version}/hosteye/securityBaseline/rule/{rule_id}?clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization stringRequest header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | For details of idempotent Token, please see [clientToken](HOSTEYE/API Reference/General Description.md#Idempotent) |
| rule_id | int | Yes | Query | Rule id |
Return status code
Successfully return to 200; for failure, please see Error Code.
Return header
There are no other special headers except the public headers.
Return parameter
| Parameter name | Type | Description |
|---|---|---|
| ruleName | String | Rule name |
| checkItem | list<ItemConfigModel > | Rule list |
| assetList | list<AssertModel> | List of virtual machines |
Request example
GET /v2/hosteye/securityBaseline/rule/1?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"ruleName" : NAME,
"checkItem" : [
{
"items": [
{
"items": [
{
"items": [
{
"items": null,
"name": "scheduled task file permissions"
"ItemsId": 1 //item id int
"status": 0 | 1 //0 means this risk item is not selected | 1 means this risk item is selected
},
{
"items": null,
"name": "check software packages installed"
"ItemsId": 2
"status": 0 | 1 //0 means this risk item is not selected | 1 means this risk item is selected
},
{
"items": null,
"name": "check globally writable suid, sgid files"
"ItemsId": 3
"status": 0 | 1 //0 means this risk item is not selected | 1 means this risk item is selected
}
],
"name: "file Check"
},
{
"items": [],
"name": "XX check".
}
],
"name": "linux system check"
},
{
Items: [],
"name": "Apache Tomcat"
}
],
"name": "linux"
},
{
Items: [],
"name": "windows"
}
]
"assetList": [ //list of the user’s all virtual machines
{
"uuid": "BCC_ID1" //virtual machine long id
"region": "bj", //region information
"status": 0 | 1 | 2, //0 means not belonging to any rule, 1 means belonging to this rule, 2 means belonging to other rules
"instanceId": "instanceId", //short id
"name": "name", //name
"vmStatus": "vmStatus", //virtual machine status
"cpu": "cpu", //cpu
"memory": "memory", //memory
"diskSize": "diskSize", //diskSize
"instanceType": "instanceType", //instanceType
"internalIp": "10.130.xx.xx", //Intranet iP
"publicIp": "180.xx.xx.xx", //external network ip, return to blank if there is no ip
},
], //check list of virtual machines
}Update Check Rules
Description
- Update check rules configuration for a specified rule id.
Request structure
PUT /v{version}/hosteye/securityBaseline/rule/{rule_id}?clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization string
{
"ruleName": NAME, //rule name
"checkItem": [itemsId1, itemsId2, itemsId3]//list of risk ids
"assetList": [
{
"uuid": "BCC_ID1", //virtual machine long id
"region": "bj", //region information
},
], //rule contains list of virtual machines
}Request header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | For details of idempotent Token, please see clientToken |
| rule_id | int | Yes | URL parameter | Rule id |
| ruleName | String | Yes | RequestBody | Rule name |
| checkItem | list |
Yes | RequestBody | List of check item ids |
| assetList | list<AssertIdModel> | List of virtual machine ids |
Return status code
Successfully return to 200; for failure, please see Error Code.
Return header
There are no other special headers except the public headers.
Return parameter
There is no special return parameter.
Request example
PUT /v2/hosteye/securityBaseline/rule/1?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
{
"ruleName": NAME, //rule name
"checkItem": [itemsId1, itemsId2, itemsId3]//list of risk id
"assetList": [
{
"uuid": "BCC_ID1", //virtual machine long id
"region": "bj", //region information
},
], //rule contains list of virtual machines
}Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWSDelete Check Rules
Description
- Delete check rules for a specified rule id.
Request structure
DELETE /v{version}/hosteye/securityBaseline/rule/{rule_id}? clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization stringRequest header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | For details of idempotent Token, please see clientToken |
| rule_id | int | Yes | URL parameter | Rule id |
Return status code
Successfully return to 200; for failure, please see Error Code.
Return header
There are no other special headers except the public headers.
Return parameter
There is no special return parameter.
Request example
DELETE /v2/hosteye/securityBaseline/rule/1?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWSCheck Now
Description
- Check now and perform all check tasks.
Request structure
PUT /v{version}/hosteye/securityBaseline/task?clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization stringRequest header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | For details of idempotent Token, please see clientToken |
Return status code
Successfully return to 200; for failure, please see Error Code.
Return header
There are no other special headers except the public headers.
Return parameter
There is no special return parameter.
Request example
PUT /v2/hosteye/securityBaseline/task?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWSNext
Appendix 1