{"base_path":"/","components":null,"consumes":"","definitions":{"IAM5ErrorDetails":{"description":"调用下游服务的报错信息集合,IAM5鉴权错误时才会返回此信息0。","properties":{"error_code":{"description":"下游服务错误码","type":"string"},"error_msg":{"description":"下游服务报错信息","type":"string"}}},"ListEventItems":{"description":"攻击类型","properties":{"action":{"description":"防护动作","type":"string"},"attack":{"description":"攻击类型: \n - vuln:其它攻击类型 \n - sqli: sql注入攻击 \n - lfi: 本地文件包含\n - cmdi:命令注入攻击 \n - xss:XSS攻击 \n - robot:恶意爬虫 \n - rfi:远程文件包含 \n - custom_custom:精准防护 \n - webshell:网站木马 \n - custom_whiteblackip:黑白名单拦截 \n - custom_geoip:地理访问控制拦截 \n - antitamper:防篡改 \n - anticrawler:反爬虫 \n - leakage:网站信息防泄漏 \n - illegal:非法请求 \n - antiscan_high_freq_scan:高频扫描封禁 \n - antiscan_dir_traversal:目录遍历防护","type":"string"},"cookie":{"description":"请求cookie","type":"string"},"headers":{"description":"http请求header","type":"object"},"host":{"description":"域名","type":"string"},"host_id":{"description":"域名id","type":"string"},"id":{"description":"事件id","type":"string"},"payload":{"description":"命中的载荷","type":"string"},"payload_location":{"description":"命中的载荷位置","type":"string"},"policyid":{"description":"策略id","type":"string"},"process_time":{"description":"处理时长","type":"integer"},"region":{"description":"地理位置","type":"string"},"request_body":{"description":"请求体","type":"string"},"request_line":{"description":"请求方法和路径","type":"string"},"response_body":{"description":"响应体","type":"string"},"response_size":{"description":"响应体大小","type":"integer"},"response_time":{"description":"响应时长","format":"int64","type":"integer"},"rule":{"description":"命中的规则id","type":"string"},"sip":{"description":"源ip,Web访问者的IP地址(攻击者IP地址)","type":"string"},"status":{"description":"响应码状态","type":"string"},"time":{"description":"攻击发生时的时间戳(毫秒)","format":"int64","type":"integer"},"url":{"description":"攻击的url链接","type":"string"}},"type":"object"},"ListEventResponseBody":{"description":"查询攻击事件详情","properties":{"items":{"description":"攻击事件详情","items":{"$ref":"#/definitions/ListEventItems"},"type":"array"},"total":{"description":"攻击事件数量","type":"integer"}},"type":"object"},"RestErrorResponse":{"properties":{"details":{"description":"调用下游服务的报错信息集合,IAM5鉴权错误时才会返回此字段。","items":{"$ref":"#/definitions/IAM5ErrorDetails"},"type":"array"},"encoded_authorization_message":{"description":"编码 (加密) 后的详细拒绝原因,用户可以自行调用 STS 服务的decode-authorization-message接口进行解码,可参考STS5联调自验证。IAM5鉴权错误时才会返回此字段。","type":"string"},"error_code":{"description":"错误码","type":"string"},"error_msg":{"description":"错误信息","type":"string"}},"title":"RestErrorResponse","type":"object"}},"description":null,"group_id":"29975c0bd7ce463ca70ad5c074e3974b","host":"waf.cn-north-4.myhuaweicloud.com","id":"9900c90f29d24befbbc0dccbda26c94f","info_version":"v1","method":"get","name":"ListEvent","parameters":{},"paths":{"/v1/{project_id}/waf/event":{"get":{"description":"查询攻击事件列表,该API暂时不支持查询全部防护事件,pagesize参数不可设为-1,由于性能原因,数据量越大消耗的内存越大,后端最多限制查询10000条数据,例如:自定义时间段内的数据超过了10000条,就无法查出page为101,pagesize为100之后的数据,需要调整时间区间,再进行查询","operationId":"ListEvent","parameters":[{"description":"用户Token,通过调用IAM服务获取用户Token接口获取(响应消息头中X-Subject-Token的值)。","in":"header","name":"X-Auth-Token","required":true,"type":"string"},{"default":"application/json;charset=utf8","description":"内容类型","in":"header","name":"Content-Type","required":true,"type":"string"},{"description":"语言,默认值为en-us。zh-cn(中文)/en-us(英文)","in":"header","name":"X-Language","required":false,"type":"string"},{"description":"项目ID,对应华为云控制台用户名->我的凭证->项目列表->项目ID","in":"path","name":"project_id","required":true,"type":"string"},{"description":"您可以通过调用企业项目管理服务(EPS)的查询企业项目列表接口(ListEnterpriseProject)查询企业项目id","in":"query","name":"enterprise_project_id","required":false,"type":"string"},{"description":"查询日志的时间范围(不能和from、to同时使用,同时使用以recent为准),且recent参数与from、to必须使用其中一个。当同时使用recent参数与from、to时,以recent参数为准","enum":["yesterday","today","3days","1week","1month"],"in":"query","name":"recent","required":false,"type":"string"},{"description":"起始时间(13位时间戳),需要和to同时使用,不能和recent参数同时使用","format":"int64","in":"query","name":"from","required":false,"type":"integer"},{"description":"结束时间(13位时间戳),需要和from同时使用,不能和recent参数同时使用","format":"int64","in":"query","name":"to","required":false,"type":"integer"},{"collectionFormat":"multi","description":"攻击类型: \n - vuln:其它攻击类型 \n - sqli: sql注入攻击 \n - lfi: 本地文件包含\n - cmdi:命令注入攻击 \n - xss:XSS攻击 \n - robot:恶意爬虫 \n - rfi:远程文件包含 \n - custom_custom:精准防护 \n - cc: cc攻击 \n - webshell:网站木马 \n - custom_whiteblackip:黑白名单拦截 \n - custom_geoip:地理访问控制拦截 \n - antitamper:防篡改 \n - anticrawler:反爬虫 \n - leakage:网站信息防泄漏 \n - illegal:非法请求 \n - antiscan_high_freq_scan:高频扫描封禁 \n - antiscan_dir_traversal:目录遍历防护","in":"query","items":{"type":"string"},"name":"attacks","type":"array"},{"collectionFormat":"multi","description":"域名id,从获取防护网站列表(ListHost)接口获取域名id","in":"query","items":{"type":"string"},"name":"hosts","type":"array"},{"description":"分页查询时,返回第几页数据。默认值为1,表示返回第1页数据。","in":"query","name":"page","type":"integer"},{"description":"分页查询时,每页包含多少条结果。范围1-100,默认值为10,表示每页包含10条结果。","in":"query","name":"pagesize","type":"integer"}],"produces":["application/json;charset=utf-8"],"responses":{"200":{"description":"ok","examples":{"application/json":{"items":[{"action":"block","attack":"lfi","cookie":"HWWAFSESID=2a1d773f9199d40a53; HWWAFSESTIME=1650525961805","headers":{"accept":"*/*","accept-encoding":"gzip","accept-language":"en","host":"x.x.x.x","lb-id":"2f5f15ce-08f4-4df0-9899-ec0cc1fcdc52","ls-id":"xxxxx-xxxxx-xxxx-xxxx-9c302cb7c54a","user-agent":"Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2309.372 Safari/537.36"},"host":"x.x.x.x:xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx","host_id":"6fbe595e7b874dbbb1505da3e8579b54","id":"04-0000-0000-0000-21120220421152601-2f7a5ceb","payload":" file=../../../../../../../../../../etc/passwd","payload_location":"params","policyid":"25f1d179896e4e3d87ceac0598f48d00","process_time":2,"request_body":"{}","request_line":"GET /osclass/oc-admin/index.php?page=appearance&action=render&file=../../../../../../../../../../etc/passwd","response_body":"","response_size":3318,"response_time":0,"rule":"040002","sip":"x.x.x.x","status":"418","time":1650525961000,"url":"/osclass/oc-admin/index.php"}],"total":1}},"schema":{"$ref":"#/definitions/ListEventResponseBody"}},"400":{"description":"请求失败","schema":{"$ref":"#/definitions/RestErrorResponse"}},"401":{"description":"token权限不足","schema":{"$ref":"#/definitions/RestErrorResponse"}},"500":{"description":"服务器内部错误","schema":{"$ref":"#/definitions/RestErrorResponse"}}},"summary":"查询攻击事件列表","tags":["防护事件管理"],"x-hybridcloud":true,"x-is-registered":"Y","x-request-examples-description-1":" 查询今天项目id为project_id的防护事件列表","x-request-examples-url-1":"GET https://{Endpoint}/v1/{project_id}/waf/event?enterprise_project_id=0&page=1&pagesize=10&recent=today","x-support-sdk":"Y"}}},"product_short":"WAF","region_id":"cn-north-4","schemes":["HTTPS"],"security_definitions":null,"summary":"查询攻击事件列表","tags":"防护事件管理","uri":null,"version":"2.0"}