百度智能云

All Product Document

          Intrusion Detection System

          Statistic Analysis Query Interface

          Query the Interface of the Latest Attack Times

          Description

          • Query the latest estimates times.

          Request structure

          GET /v{version}/securityAudit/getRecentAttackNum&clientToken={clientToken} HTTP/1.1
          Host: bss.bj.baidubce.com
          Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Parameter name Type Required or not Parameter position Description
          version String Yes URL parameter API version number (the current value is 2)
          clientToken String Yes Query parameter Idempotence Token, for details, please see clientToken

          Return status code

          "200" for return successful and Error Code for return failed.

          Return header

          There are no other special headers except the public headers.

          Return parameter

          Parameter name Type Description
          status int Result status code
          description String Result description
          data RecentAttackInfoModel Description of the latest attack information

          Request example

          GET /v2/securityAudit/getRecentAttackNum&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
          HOST bss.bj.baidubce.com
          Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02

          Response example

          HTTP/1.1 200 OK
          x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
          Date: Wed, 10 Apr 2016 08:26:52 GMT
          Transfer-Encoding: chunked
          Content-Type: application/json;charset=UTF-8
          Server: BWS
          
          {
              "status": 0,
              "description": "ok",
              "data": {
                  "recentDayAttackInfo": {   
                      "attackSuccess": 2,                 
                      "attackAll": 100                   
                  }
                  "lastDayAttackInfo": {                      
                      "attackSuccess": 2,              
                      "attackAll": 100               
                  }
              }
          }

          Query the Interface of Attack Times within the Specified Time Period

          Description

          • Specify startTime and endTime to query the attack times.
          • Limit on query time: endTime - startTime < = 31 days

          Request structure

          POST /v{version}/securityAudit/getAttackStat&clientToken={clientToken} HTTP/1.1
          Host: bss.bj.baidubce.com
          Authorization: authorization string
          
          {
              "startTime": "2018-04-01T08:00:00Z",        
              "endTime": "2018-04-02T08:00:00Z",          
          }

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Parameter name Type Required or not Parameter position Description
          version String Yes URL parameter API version number (the current value is 2)
          clientToken String Yes Query parameter Idempotence Token, for details, please see clientToken
          startTime String Yes RequestBody Start time, UTC standard time format
          endTime String Yes RequestBody End time, UTC standard time format

          Return status code

          "200" for return successful and Error Code for return failed.

          Return header

          There are no other special headers except the public headers.

          Return parameter

          Parameter name Type Description
          status int Result status code
          description String Result description
          data AttackInfoModel Description of attack times

          Request example

          POST /v2/securityAudit/getAttackStat&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
          HOST bss.bj.baidubce.com
          Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
          
          {
              "startTime": "2018-04-01T08:00:00Z",        
              "endTime": "2018-04-02T08:00:00Z",          
          }

          Response example

          HTTP/1.1 200 OK
          x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
          Date: Wed, 10 Apr 2016 08:26:52 GMT
          Transfer-Encoding: chunked
          Content-Type: application/json;charset=UTF-8
          Server: BWS
          
          {
              "status": 0,
              "description": "ok",
              "data": {
                  "attackSuccess": 2,                
                  "attackAll": 100                    
              }
          }

          Description

          • Specify the most recent days and query the attack event trends.

          Request structure

          POST /v{version}/securityAudit/getAttackTrend&clientToken={clientToken} HTTP/1.1
          Host: bss.bj.baidubce.com
          Authorization: authorization string
          
          {
              "cycleDay": 7                             
          }

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Parameter name Type Required or not Parameter position Description
          version String Yes URL parameter API version number (the current value is 2)
          clientToken String Yes Query parameter Idempotence Token, for details, please see clientToken
          cycleDay int Yes RequestBody Latest days, set the range: [1,31]

          Return status code

          "200" for return successful and Error Code for return failed.

          Return header

          There are no other special headers except the public headers.

          Return parameter

          Parameter name Type Description
          status int Result status code
          description String Result description
          data list<DayAttackInfoModel> List of the attack times each day

          Request example

          POST /v2/securityAudit/getAttackTrend&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
          HOST bss.bj.baidubce.com
          Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
          
          {
              "cycleDay": 7                             
          }

          Response example

          HTTP/1.1 200 OK
          x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
          Date: Wed, 10 Apr 2016 08:26:52 GMT
          Transfer-Encoding: chunked
          Content-Type: application/json;charset=UTF-8
          Server: BWS
          
          {
              "status": 0,
              "description": "ok",
              "data": [
                  {
                      "attackDate": "2018-04-01",
                      "attackSuccess": 2,                
                      "attackAll": 100                 
                  }
                  {
          
                      "attackDate": "2018-04-02",     
                      "attackSuccess": 5,            
                      "attackAll": 200              
                  }
                  ...
              ] 
          }

          Query the IP Interface of Top Attack Source

          Description

          • Specify the days to query and topN, and query the IP of top attack source.

          Request structure

          POST /v{version}/securityAudit/getTopAttackSource&clientToken={clientToken} HTTP/1.1
          Host: bss.bj.baidubce.com
          Authorization: authorization string
          
          {
              "cycleDay": 7                               
              "topN": 5,                                
          }

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Parameter name Type Required or not Parameter position Description
          version String Yes URL parameter API version number (the current value is 2)
          clientToken String Yes Query parameter Idempotence Token, for details, please see clientToken
          cycleDay int Yes RequestBody Latest days, set the range: [1,31]
          topN int Yes RequestBody IP of several top attack sources to be queried, set the range: [1,10]

          Return status code

          "200" for return successful and Error Code for return failed.

          Return header

          There are no other special headers except the public headers.

          Return parameter

          Parameter name Type Description
          status int Result status code
          description String Result description
          data list<AttackSourceInfoModel> List of attack source

          Request example

          POST /v2/securityAudit/getTopAttackSource&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
          HOST bss.bj.baidubce.com
          Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
          
          {
              "cycleDay": 7                               
              "topN": 5,                                
          }

          Response example

          HTTP/1.1 200 OK
          x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
          Date: Wed, 10 Apr 2016 08:26:52 GMT
          Transfer-Encoding: chunked
          Content-Type: application/json;charset=UTF-8
          Server: BWS
          
          {
              "status": 0,
              "description": "ok",
              "data": [
                  {
                      "attackSource": 1.1.1.1",       
                      "attackSuccess": 50,            
                  }
                  {
                      "attackSource": 2.2.2.2",
                      "attackSuccess": 40,
                  }
                  ...
              ] 
          }

          Query the Top Attacked eip Interfaces

          Description

          • Specify the days to be queried and topN, and query the top attacked eip.

          Request structure

          POST /v{version}/securityAudit/getTopAttackTarget&clientToken={clientToken} HTTP/1.1
          Host: bss.bj.baidubce.com
          Authorization: authorization string
          
          {
              "cycleDay": 7                               
              "topN": 5,                                
          }

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Parameter name Type Required or not Parameter position Description
          version String Yes URL parameter API version number (the current value is 2)
          clientToken String Yes Query parameter Idempotence Token, for details, please see clientToken
          cycleDay int Yes RequestBody Latest days, set the range: [1,31]
          topN int Yes RequestBody Query the IP of several top attacked eips, set the range: [1,10]

          Return status code

          "200" for return successful and Error Code for return failed.

          Return header

          There are no other special headers except the public headers.

          Return parameter

          Parameter name Type Description
          status int Result status code
          description String Result description
          data list<AttackedEipInfoModel> List of attacked eip

          Request example

          POST /v2/securityAudit/getTopAttackTarget&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
          HOST bss.bj.baidubce.com
          Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
          
          {
              "cycleDay": 7                               
              "topN": 5,                                
          }

          Response example

          HTTP/1.1 200 OK
          x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
          Date: Wed, 10 Apr 2016 08:26:52 GMT
          Transfer-Encoding: chunked
          Content-Type: application/json;charset=UTF-8
          Server: BWS
          
          {
              "status": 0,
              "description": "ok",
              "data": [
                  {
                      "eip": "180.76.1.1",
                      "instanceType": "BCC",
                      "name": "eip-name",
                      "region": "bj",
                      "attackSuccess": 50,
                  },
                  {
                      "eip": "180.76.1.2",
                      "instanceType": "BCC",
                      "name": "eip-name",
                      "region": "bj",
                      "attackSuccess": 40,
          
                  },
                  ...
              ] 
          }

          Query the Top Attack Types

          Description

          • Specify the days to be queried and topN, and query the top attack type.

          Request structure

          POST /v{version}/securityAudit/getTopAttackType&clientToken={clientToken} HTTP/1.1
          Host: bss.bj.baidubce.com
          Authorization: authorization string
          
          {
              "cycleDay": 7                               
              "topN": 5,                                
          }

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Parameter name Type Required or not Parameter position Description
          version String Yes URL parameter API version number (the current value is 2)
          clientToken String Yes Query parameter Idempotence Token, for details, please see clientToken
          cycleDay int Yes RequestBody Latest days, set the range: [1,31]
          topN int Yes RequestBody Several top attack types to be queried, set the range: [1,10]

          Return status code

          "200" for return successful and Error Code for return failed.

          Return header

          There are no other special headers except the public headers.

          Return parameter

          Parameter name Type Description
          status int Result status code
          description String Result description
          data list<AttackTypeInfoModel> List of attack type

          Request example

          POST /v2/securityAudit/getTopAttackType&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
          HOST bss.bj.baidubce.com
          Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
          
          {
              "cycleDay": 7                               
              "topN": 5,                                
          }

          Response example

          HTTP/1.1 200 OK
          x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
          Date: Wed, 10 Apr 2016 08:26:52 GMT
          Transfer-Encoding: chunked
          Content-Type: application/json;charset=UTF-8
          Server: BWS
          
          {
              "status": 0,
              "description": "ok",
              "data": [
                  {
                      "attackType": "SQL Inject", 
                      "attackSuccess": 50,
                  },
                  {
                      "attackType": "webShell",
                      "attackSuccess": 30,
          
                  },
                  ...
                  {
                      "attackType": "others",
                      "attackSuccess": 10,
          
                  },
              ] 
          }
          Previous
          Intrusion Analysis Query Interface
          Next
          Set Related Interface