入侵分析查询接口
更新时间:2019-06-14
查询攻击源汇总记录接口
描述
- 可以指定startTime, endTime, attackResult, pageNo, pageSize查询攻击源汇总记录接口
- 查询时间限制:endTime - startTime <= 31天
请求结构
POST /v{version}/securityAudit/getAttackSource&clientToken={clientToken} HTTP/1.1
Host: bss.bj.baidubce.com
Authorization: authorization string请求头域
除公共头域外,无其他特殊头域
请求参数
| 参数名称 | 类型 | 是否必需 | 参数位置 | 描述 |
|---|---|---|---|---|
| version | String | 是 | URL参数 | API版本号,当前取值2 |
| startTime | String | 是 | RequestBody参数 | 开始时间,UTC标准时间格式 |
| endTime | String | 是 | RequestBody参数 | 结束时间,UTC标准时间格式 |
| attackResult | int | 是 | RequestBody参数 | 要查询的攻击结果,0表示失败,1表示成功,2表示全部 |
| pageNo | int | 是 | RequestBody参数 | 查询的页号 |
| pageSize | int | 是 | RequestBody参数 | 查询的页大小 |
| clientToken | String | 是 | Query参数 | 幂等性Token,详见clientToken |
返回状态码
成功返回200,失败返回见错误码
返回头域
除公共头域外,无其他特殊头域
返回参数
| 参数名称 | 类型 | 描述 |
|---|---|---|
| status | int | 结果状态码 |
| description | String | 结果描述 |
| totalpage | int | 总共页数 |
| data | list<AttackSourceSummaryModel> | 按攻击源汇总列表 |
请求示例
POST /v2/securityAudit/getAttackSource&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.bj.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
{
"startTime": "2017-12-01T08:00:02Z",
"endTime": "2017-12-02T08:00:02Z",
"attackResult": 1,
"pageSize": 10,
"pageNo": 1,
}响应示例
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"status": 0,
"description": "ok",
"totalpage": 5,
"data": [
{
"attackSource": "1.2.3.4",
"attackSourceType": "",
"eipList": [
{
"instanceType": "BCC",
"name": "eip-name",
"eip": "180.76.1.1",
"region": "bj",
},
...
]
"domainList": ["www.a.com", "www.b.com", ...],
"attackTypeList": ["SQL注入", "敏感文件访问", ...],
"attackCount": 100,
"startTime": "2017-12-01T09:00:02Z",
"endTime": "2017-12-01T15:00:02Z",
"attackResult": 1
},
{
...
}
...
]
}查询被攻击资产汇总记录接口
描述
- 可以指定startTime, endTime, attackResult, pageNo, pageSize查询攻击资产汇总记录接口
- 查询时间限制:endTime - startTime <= 31天
请求结构
POST /v{version}/securityAudit/getAttackTarget&clientToken={clientToken} HTTP/1.1
Host: bss.bj.baidubce.com
Authorization: authorization string请求头域
除公共头域外,无其他特殊头域
请求参数
| 参数名称 | 类型 | 是否必需 | 参数位置 | 描述 |
|---|---|---|---|---|
| version | String | 是 | URL参数 | API版本号,当前取值2 |
| startTime | String | 是 | RequestBody参数 | 开始时间,UTC标准时间格式 |
| endTime | String | 是 | RequestBody参数 | 结束时间,UTC标准时间格式 |
| attackResult | int | 是 | RequestBody参数 | 要查询的攻击结果,0表示失败,1表示成功,2表示全部 |
| pageNo | int | 是 | RequestBody参数 | 查询的页号 |
| pageSize | int | 是 | RequestBody参数 | 查询的页大小 |
| clientToken | String | 是 | Query参数 | 幂等性Token,详见clientToken |
返回状态码
成功返回200,失败返回见错误码
返回头域
除公共头域外,无其他特殊头域
返回参数
| 参数名称 | 类型 | 描述 |
|---|---|---|
| status | int | 结果状态码 |
| description | String | 结果描述 |
| totalpage | int | 总共页数 |
| data | list<AttackTargetSummaryModel> | 按攻击源汇总列表 |
请求示例
POST /v2/securityAudit/getAttackTarget&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.bj.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
{
"startTime": "2017-12-01T08:00:02Z",
"endTime": "2017-12-02T08:00:02Z",
"attackResult": 1,
"pageSize": 10,
"pageNo": 1,
}响应示例
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"status": 0,
"description": "ok",
"totalpage": 5,
"data": [
{
"eipInfo":
{
"instanceType": "BCC",
"name": "eip-name",
"eip": "180.76.1.1",
"region": "bj",
},
"attackSourceList": [
{
"attackSource": "1.1.1.1",
"attackSourceType": ""
},
{
"attackSource":"1.1.1.2",
"attackSourceType": "CDN"
},
...
],
"domainList": ["www.a.com", "www.b.com", ...],
"attackTypeList": ["SQL注入", "敏感文件访问", ...],
"attackCount": 100,
"startTime": "2017-12-01T09:00:02Z",
"endTime": "2017-12-01T15:00:02Z",
"attackResult": 1
},
{
...
}
...
]
}自定义查询攻击记录接口
描述
- 必须指定startTime, endTime, attackResult, pageNo, pageSize自定义查询攻击记录接口
- 可选指定attackSource, eipList, domain, attackTypeKey, request查询条件
- 查询时间限制:endTime - startTime <= 31天
请求结构
POST /v{version}/securityAudit/getCustomAttack&clientToken={clientToken} HTTP/1.1
Host: bss.bj.baidubce.com
Authorization: authorization string请求头域
除公共头域外,无其他特殊头域
请求参数
| 参数名称 | 类型 | 是否必需 | 参数位置 | 描述 |
|---|---|---|---|---|
| version | String | 是 | URL参数 | API版本号,当前取值2 |
| startTime | String | 是 | RequestBody参数 | 开始时间,UTC标准时间格式 |
| endTime | String | 是 | RequestBody参数 | 结束时间,UTC标准时间格式 |
| attackResult | int | 是 | RequestBody参数 | 要查询的攻击结果,0表示失败,1表示成功,2表示全部 |
| pageNo | int | 是 | RequestBody参数 | 查询的页号 |
| pageSize | int | 是 | RequestBody参数 | 查询的页大小 |
| attackSource | String | 否 | RequestBody参数 | 攻击源 |
| eipList | list |
否 | RequestBody参数 | 被攻击eip列表 |
| domain | String | 否 | RequestBody参数 | 被攻击域名 |
| attackTypeKey | String | 否 | RequestBody参数 | 攻击类型key |
| request | String | 否 | RequestBody参数 | 请求方法 |
| clientToken | String | 是 | Query参数 | 幂等性Token,详见clientToken |
返回状态码
成功返回200,失败返回见错误码
返回头域
除公共头域外,无其他特殊头域
返回参数
| 参数名称 | 类型 | 描述 |
|---|---|---|
| status | int | 结果状态码 |
| description | String | 结果描述 |
| totalpage | int | 总共页数 |
| data | list<AttackRecordModel> | 按攻击源汇总列表 |
请求示例
POST /v2/securityAudit/getCustomAttack&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.bj.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
{
"startTime": "2017-12-01T08:00:02Z",
"endTime": "2017-12-02T08:00:02Z",
"attackResult": 1,
"pageSize": 10,
"pageNo": 1,
"attackSource": "1.1.1.1",
"eipList": ["180.76.1.1", "182.61.1.1",...]
"domain": "www.a.com",
"attackTypeKey": "30003",
"request": "GET",
}响应示例
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"status": 0,
"description": "ok",
"totalpage": 5,
"data": [
{
"attackSource":"1.2.3.4",
"attackSourceType": "",
"eipInfo":
{
"instanceType": "BCC",
"name": "eip-name",
"eip": "180.76.1.1",
"region": "bj",
},
"domain": "www.a.com",
"attackType": "SQL注入",
"attackCount": 100,
"attackTime": "2017-12-01T09:00:02Z",
"request": "GET",
"attackResult": 1,
"headers": {
"content-length": "1504",
"accept-language": "zh-cn",
"connection": "Keep-Alive",
"accept": "*/*",
"user-agent": "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)",
"host": "tingwen.me",
"referer": "http://tingwen.me/1.php",
"content-type": "application/x-www-form-urlencoded"
},
"body": "sqzr=@eval(get_magic_quotes_gpc()?stripslashes($_POST[chr(122)",
"resheaders": {
"x-powered-by": "PHP/5.6.15",
"transfer-encoding": "chunked",
"set-cookie": "HBJnSD_think_language=zh-cn; expires=Sat, 21-Oct-2017 13:03:27",
"expires": "Thu, 19 Nov 1981 08:52:00 GMT",
"vary": "Accept-Encoding",
"server": "nginx-upupw/1.8.0",
"connection": "keep-alive",
"pragma": "no-cache",
"cache-control": "no-store, no-cache, must-revalidate, post-check=0, pre-check=0",
"date": "Sat, 21 Oct 2017 12:03:27 GMT",
"content-type": "text/html; charset=UTF-8"
},
"resbody": "4e8\r\n<!DOCTYPE html PUBLIC-//W3C//DTD XHTML 1.0 Transitional//EN",
},
{
...
}
...
]
}获取下拉框信息接口
描述
- 包括eip列表,攻击类型列表,攻击请求方法列表
请求结构
GET /v{version}/securityAudit/getDropdownList&clientToken={clientToken} HTTP/1.1
Host: bss.bj.baidubce.com
Authorization: authorization string请求头域
除公共头域外,无其他特殊头域
请求参数
| 参数名称 | 类型 | 是否必需 | 参数位置 | 描述 |
|---|---|---|---|---|
| version | String | 是 | URL参数 | API版本号,当前取值2 |
| clientToken | String | 是 | Query参数 | 幂等性Token,详见clientToken |
返回状态码
成功返回200,失败返回见错误码
返回头域
除公共头域外,无其他特殊头域
返回参数
| 参数名称 | 类型 | 描述 |
|---|---|---|
| status | int | 结果状态码 |
| description | String | 结果描述 |
| data | DropdownModel | 下拉列表描述 |
请求示例
GET /v2/securityAudit/getDropdownList&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.bj.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02响应示例
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"status": 0,
"description": "ok",
"data": {
"eipList": [
{
"instanceType": "BCC",
"name": "eip-name",
"eip": "180.76.1.1",
"region": "bj",
},
...
],
"attackResult": {
0: "攻击失败",
1: "攻击成功",
2: "所有"
},
"attackType": {
10004: "敏感文件访问",
30003: "SQL注入",
...
}
"request": {
"POST": "POST",
"GET": "GET",
"HEAD": "HEAD",
...
}
}
}