9AAA9ED9-78F4-5021-86DC-D51C7511*示例 正常返回示例 JSON 格式 {"Data":[{"FieldName":"activity_name","FieldDesc":"sas.cloudsiem.prod.activity_name","LogCode":"cloud_siem_aegis_sas_alert","ActivityName":"HTTP_ACTIVITY",...
LogType":"ALERT_ACTIVITY","LogTypeMds":"${sas.cloudsiem.prod.alert_activity}","LogSource":"cloud_siem_aegis_sas_alert","LogSourceMds":"${sas.cloudsiem.prod.cloud_siem_aegis_sas_alert}","RuleCondition":"[[{"not":false,...
Retrieves the alert data sources associated with...[{"SourceName":"sas","Source":"aliyun.siem.alert_datasource.sas"}],"Success":true,"Code":200,"Message":"success","RequestId":"9AAA9ED9-78F4-5021-86DC-D51C7511*"} Error codes ...
sas:AddDataSourceLog create*All Resource*None None Request parameters Parameter Type Required Description Example LogCode string No The code of the log.cloud_siem_waf_xxxxx DataSourceInstanceId string Yes The ID of the ...
Retrieves a list of alert data sources.Try it ...[{"SourceName":"sas","Source":"aliyun.siem.alert_datasource.sas"}],"Success":true,"Code":200,"Message":"success","RequestId":"9AAA9ED9-78F4-5021-86DC-D51C7511*"} Error codes ...
host_uuid":"efed2cf7-0b77-45d9-a97b-d2cf246b*","malware_type":"${aliyun.siem.sas.alert_tag.webshell}","host_name":"launch-advisor-2023*"} SubUserId integer The ID of the account that is associated with the entity....
无 返回值 Fn:GetAtt 无 示例 YAML ROSTemplateFormatVersion:'2015-09-01' Parameters:SourceLogCode:Description:en:The source log code.For all available log codes of a product,query the Cloud Siem ListImportedLogsByProd API ...
Checks whether an Alibaba Cloud account has granted permissions to Cloud SIEM and the AliyunServiceRoleForSasCloudSiem role has been created.Try it now Try this API in OpenAPI Explorer,no manual signing needed.Successful ...
in a JSON array format.[{"LogCode":"cloud_siem_qcloud_waf_alert_log","LogParas":"[{\"ParaCode\":\"api_name\",\"ParaValue\":\"GetAttackDownloadRecords\"}]"}]LogInstanceId string Yes The ID of the log.The threat analysis ...
true Type:Json ProdCode:Description:en:The product code.For all available product codes,query the Cloud Siem ListAllProds API.Required:true Type:String Resources:ImportLogTasksSubmission:Properties:Accounts:Ref:Accounts ...
500 Siem.Delivery.ErrorProductCode ProductCode is error for this action.当前请求的产品Code存在问题,不能威胁分析支持的产品列表中。500 SLS.Ship.Error The Simple Log Service about data shipping is unavailable.阿里云日志服务...
D76B-5064-8B3B-0900DEF7*"} Error codes HTTP status code Error code Error message Description 500 InternalError The request processing has failed due to some unknown error. 500 Siem.Storage.Exception The request timed out,...
71e24437d2797ce8fc59692905a4*MainUserId string The ID of the main Alibaba Cloud account for Security Information and Event Management(SIEM)that is associated with the alert.127608589417*SubUserId string The ID of the ...
larger than or equal to","SupportDataType":"varchar","SupportTag":["[AGGREGATE]"],"Index":3 }],"RightValueEnums":[{"Value":"serious","ValueMds":"aliyun.siem.automate.feature.alert_level.serious"}]}],"Success":true,"Code":...
Sets user settings,such as the storage duration and storage region.Try it now Try this API in OpenAPI Explorer,no manual signing needed.Successful calls auto-generate SDK code matching your ...74D413F7*"} Error codes ...
4684-a876-65d4f0c3*MessageTitle string The title of the message.siem event dealed message Receiver string The contact information of the recipient.138xxxxxx Channel string The channel to send the notification.Valid values:...
siem_qcloud_cfw_alert_log"]Accounts string No The list of accounts for log ingestion.The value must be a JSON array.Valid values:AccountId:The ID of the account.Imported:Specifies whether to enable or disable log ingestion...
The task is in progress.success Progress integer The progress of the export task.66 GmtCreate string The time when the task was created.1605076118000 Link string The download link for the exported Excel file.https://cloud-siem...
Retrieves the list of users in the ...Assets are in regions outside China....SIEM).123456789*UserName string The username.test001 UserId string The multicloud user ID.123456789*CloudCode string The cloud code.Valid values...
API standard and pre-built SDKs in multi-language The OpenAPI specification of this product(cloud-siem/2022-06-16)follows the RPC standard.Alibaba Cloud provides pre-built SDKs for popular programming languages to abstract...
Simple Log Service provides ...see Use Logstash to consume log data.QRadar Security information and event management(SIEM)systems,such as IBM QRadar,can consume data that is collected by Simple Log Service in real time over ...
net_connect_dir: "in",malware_type:"${aliyun.siem.sas.alert_tag.login_unusual_account}"} TipInfo object The threat intelligence information.{"Ip":{"queryHot":"0","country":"China","province":"shanxi","ip":"221.11.XX.XXX",...
name":"N/A"},"malware_type":"${aliyun.siem.sas.alert_tag.webshell}"},"_sys_siem":{"cloudCode":"aliyun","alertId":"89416745494*"},"scope":[{"aliUid":1766185894104*}]} ErrorMessage string 任务的失败摘要信息。DisposalEntity ...
SIEM:SIEM。HOST 返回参数 名称 类型 描述 示例值 object RequestId string 唯一请求 ID。4539D402-F7A4-5915-9580-EC227BF*示例 正常返回示例 JSON 格式 {"RequestId":"4539D402-F7A4-5915-9580-EC227BF*"} 错误码 HTTP status code 错误...
9AAA9ED9-78F4-5021-86DC-D51C7511*示例 正常返回示例 JSON 格式 {"Data":[{"AlertType":"WEBSHELL","AlertTypeMds":"siem_rule_type_process_abnormal_command"}],"Success":true,"Code":200,"Message":"success","RequestId":"9AAA9ED9-...
premises business logs are centrally managed on self-built Security Information and Event Management(SIEM)and Security Operations Center(SOC)platforms.However,they lack an effective way to perform comprehensive threat ...
monitoring precision,SIEM link processing capabilities,and various operation and maintenance operations.Scalability:Elastic scaling is a key topic when talking about performance architecture,and the scale and speed of ...
host_uuid","Value":"441862da-a539-4cc0-a00d-473955826881","Values":["441862da-a539-4cc0-a00d-473955826881"],"Name":"${aliyun.siem.entity.host_uuid}"}]object Type string The field of the entity that can be added to the ...
["siem"]RelateUserIds any 事件关联用户 ID 列表。["176618589410*","1130916744888*"]IncidentStatus integer 事件状态。取值:0:未处理。1:处理中。5:处理失败。10:已处理。0 示例 正常返回示例 JSON 格式 {"RequestId":"9AAA9ED9-...