Intrusion Analysis Query Interface
Query the Interface of Attack Source Summary Record
Description
- Specify startTime, endTime, attackResult, pageNo and pageSize to query the interface of attack source summary record
- Limit on query time: endTime - startTime < = 31 days
Request structure
POST /v{version}/securityAudit/getAttackSource&clientToken={clientToken} HTTP/1.1
Host: bss.bj.baidubce.com
Authorization: authorization string
Request header
There are no other special headers except the public headers.
Request parameter
Parameter name | Type | Required or not | Parameter position | Description |
---|---|---|---|---|
version | String | Yes | URL parameter | API version number (the current value is 2) |
startTime | String | Yes | RequestBody parameter | Start time, UTC standard time format |
endTime | String | Yes | RequestBody parameter | End time, UTC standard time format |
attackResult | int | Yes | RequestBody parameter | For the attack results to query, 0 indicates failure, 1 indicates success and 2 indicate all |
pageNo | int | Yes | RequestBody parameter | Page number to be queried |
pageSize | int | Yes | RequestBody parameter | Page size to be queried |
clientToken | String | Yes | Query parameter | Idempotence Token, for details, please see clientToken |
Return status code
"200" for return successful and Error Code for return failed.
Return header
There are no other special headers except the public headers.
Return parameter
Parameter name | Type | Description |
---|---|---|
status | int | Result status code |
description | String | Result description |
totalpage | int | Total page |
data | list<AttackSourceSummaryModel> | Summary list by attack source |
Request example
POST /v2/securityAudit/getAttackSource&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.bj.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
{
"startTime": "2017-12-01T08:00:02Z",
"endTime": "2017-12-02T08:00:02Z",
"attackResult": 1,
"pageSize": 10,
"pageNo": 1,
}
Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"status": 0,
"description": "ok",
"totalpage": 5,
"data": [
{
"attackSource": "1.2.3.4",
"attackSourceType": "",
"eipList": [
{
"instanceType": "BCC",
"name": "eip-name",
"eip": "180.76.1.1",
"region": "bj",
},
...
]
"domainList": ["www.a.com", "www.b.com", ...],
"attackTypeList": ["SQL Inject", "Access to Sensitive Files", ...],
"attackCount": 100,
"startTime": "2017-12-01T09:00:02Z",
"endTime": "2017-12-01T15:00:02Z",
"attackResult": 1
}£¬
{
...
}
...
]
}
Query the Interface of the Summary Records on Attacked Assets
Description
- Specify startTime, endTime, attackResult, pageNo and pageSize to query the interface of attack interface summary record
- Limit on query time: endTime - startTime <= 31 days
Request structure
POST /v{version}/securityAudit/getAttackTarget&clientToken={clientToken} HTTP/1.1
Host: bss.bj.baidubce.com
Authorization: authorization string
Request header
There are no other special headers except the public headers.
Request parameter
Parameter name | Type | Required or not | Parameter position | Description |
---|---|---|---|---|
version | String | Yes | URL parameter | API version number (the current value is 2) |
startTime | String | Yes | RequestBody parameter | Start time, UTC standard time format |
endTime | String | Yes | RequestBody parameter | End time, UTC standard time format |
attackResult | int | Yes | RequestBody parameter | For the attack results to query, 0 indicates failure, 1 indicates success and 2 indicate all |
pageNo | int | Yes | RequestBody parameter | Page number to be queried |
pageSize | int | Yes | RequestBody parameter | Page size to be queried |
clientToken | String | Yes | Query parameter | Idempotence Token, for details, please see clientToken |
Return status code
"200" for return successful and Error Code for return failed.
Return header
There are no other special headers except the public headers.
Return parameter
Parameter name | Type | Description |
---|---|---|
status | int | Result status code |
description | String | Result description |
totalpage | int | Total page |
data | list<AttackTargetSummaryModel> | Summary list by attack source |
Request example
POST /v2/securityAudit/getAttackTarget&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.bj.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
{
"startTime": "2017-12-01T08:00:02Z",
"endTime": "2017-12-02T08:00:02Z",
"attackResult": 1,
"pageSize": 10,
"pageNo": 1,
}
Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"status": 0,
"description": "ok",
"totalpage": 5,
"data": [
{
"eipInfo":
{
"instanceType": "BCC",
"name": "eip-name",
"eip": "180.76.1.1",
"region": "bj",
},
"attackSourceList": [
{
"attackSource": "1.1.1.1",
"attackSourceType": ""
},
{
"attackSource":"1.1.1.2",
"attackSourceType": "CDN"
},
...
],
"domainList": ["www.a.com", "www.b.com", ...],
"attackTypeList": ["SQL Inject", "Access to Sensitive Files", ...],
"attackCount": 100,
"startTime": "2017-12-01T09:00:02Z",
"endTime": "2017-12-01T15:00:02Z",
"attackResult": 1
}£¬
{
...
}
...
]
}
Customized Query of Attack Record Interface
Description
- The startTime, endTime, attackResult, pageNo and pageSize must be specified for customized query of the interface of attack source summary record
- Optionally specify the query conditions for attackSource, eipList, domain, attackTypeKey and request
- Limit on query time: endTime - startTime <= 31 days
Request structure
POST /v{version}/securityAudit/getCustomAttack&clientToken={clientToken} HTTP/1.1
Host: bss.bj.baidubce.com
Authorization: authorization string
Request header
There are no other special headers except the public headers.
Request parameter
Parameter name | Type | Required or not | Parameter position | Description |
---|---|---|---|---|
version | String | Yes | URL parameter | API version number (the current value is 2) |
startTime | String | Yes | RequestBody parameter | Start time, UTC standard time format |
endTime | String | Yes | RequestBody parameter | End time, UTC standard time format |
attackResult | int | Yes | RequestBody parameter | For the attack results to query, 0 indicates failure, 1 indicates success and 2 indicate all |
pageNo | int | Yes | RequestBody parameter | Page number to be queried |
pageSize | int | Yes | RequestBody parameter | Page size to be queried |
attackSource | String | No | RequestBody parameter | Attack source |
eipList | list |
No | RequestBody parameter | List of attacked eip |
domain | String | No | RequestBody parameter | Domain name attacked |
attackTypeKey | String | No | RequestBody parameter | Attack type key |
request | String | No | RequestBody parameter | Request method |
clientToken | String | Yes | Query parameter | Idempotence Token, for details, please see clientToken |
Return status code
"200" for return successful and Error Code for return failed.
Return header
There are no other special headers except the public headers.
Return parameter
Parameter name | Type | Description |
---|---|---|
status | int | Result status code |
description | String | Result description |
totalpage | int | Total page |
data | list<AttackRecordModel> | Summary list by attack source |
Request example
POST /v2/securityAudit/getCustomAttack&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.bj.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
{
"startTime": "2017-12-01T08:00:02Z",
"endTime": "2017-12-02T08:00:02Z",
"attackResult": 1,
"pageSize": 10,
"pageNo": 1,
"attackSource": "1.1.1.1",
"eipList": ["180.76.1.1", "182.61.1.1",...]
"domain": "www.a.com",
"attackTypeKey": "30003",
"request": "GET",
}
Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"status": 0,
"description": "ok",
"totalpage": 5,
"data": [
{
"attackSource":"1.2.3.4",
"attackSourceType": "",
"eipInfo":
{
"instanceType": "BCC",
"name": "eip-name",
"eip": "180.76.1.1",
"region": "bj",
},
"domain": "www.a.com",
"attackType": "SQL Inject",
"attackCount": 100,
"attackTime": "2017-12-01T09:00:02Z",
"request": "GET",
"attackResult": 1,
"headers": {
"content-length": "1504",
"accept-language": "zh-cn",
"connection": "Keep-Alive",
"accept": "*/*",
"user-agent": "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)",
"host": "tingwen.me",
"referer": "http://tingwen.me/1.php",
"content-type": "application/x-www-form-urlencoded"
},
"body": "sqzr=@eval(get_magic_quotes_gpc()?stripslashes($_POST[chr(122)",
"resheaders": {
"x-powered-by": "PHP/5.6.15",
"transfer-encoding": "chunked",
"set-cookie": "HBJnSD_think_language=zh-cn; expires=Sat, 21-Oct-2017 13:03:27",
"expires": "Thu, 19 Nov 1981 08:52:00 GMT",
"vary": "Accept-Encoding",
"server": "nginx-upupw/1.8.0",
"connection": "keep-alive",
"pragma": "no-cache",
"cache-control": "no-store, no-cache, must-revalidate, post-check=0, pre-check=0",
"date": "Sat, 21 Oct 2017 12:03:27 GMT",
"content-type": "text/html; charset=UTF-8"
},
"resbody": "4e8\r\n<!DOCTYPE html PUBLIC-//W3C//DTD XHTML 1.0 Transitional//EN",
},
{
...
}
...
]
}
Access the Drop-down Information Interface
Description
- Including eip list, attack type list and attack request method list.
Request structure
GET /v{version}/securityAudit/getDropdownList&clientToken={clientToken} HTTP/1.1
Host: bss.bj.baidubce.com
Authorization: authorization string
Request header
There are no other special headers except the public headers.
Request parameter
Parameter name | Type | Required or not | Parameter position | Description |
---|---|---|---|---|
version | String | Yes | URL parameter | API version number (the current value is 2) |
clientToken | String | Yes | Query parameter | Idempotence Token, for details, please see clientToken |
Return status code
"200" for return successful and Error Code for return failed.
Return header
There are no other special headers except the public headers.
Return parameter
Parameter name | Type | Description |
---|---|---|
status | int | Result status code |
description | String | Result description |
data | DropdownModel | Description of drop-down list |
Request example
GET /v2/securityAudit/getDropdownList&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.bj.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"status": 0,
"description": "ok",
"data": {
"eipList": [
{
"instanceType": "BCC",
"name": "eip-name",
"eip": "180.76.1.1",
"region": "bj",
},
...
],
"attackResult": {
0:"Attack Failed",
1:"Attack Succeeded",
2:"All"
},
"attackType": {
10004: "Access to Sensitive Files",
30003: "SQL Inject",
...
}
"request": {
"POST": "POST",
"GET": "GET",
"HEAD": "HEAD",
...
}
}
}