The following tables list API operations available for use in Security Center.
- Log analysis
- Cloud service configuration assessment
- Security alerts
- Vulnerability management
- Baseline checks
- Asset management
- Asset fingerprints
- Notifications
Note
- For more information about how to call operations related to log analysis and request URLs, see Service endpoint.
- For more information about how to call other types of operations and request URLs, see Request method.
Log analysis
API | Description |
---|---|
Overview | Security Center logs are stored in a dedicated sas-log Logstore. You can search for
the Logstore by name in the Log Service console. The name of the Logstore is in the
following format: sas-log-your Alibaba Cloud account ID-the region.
For more information about operations related to log analysis, see Overview. |
Cloud service configuration assessment
API | Description |
---|---|
DescribeRiskItemType | Queries the types of check items in cloud service configuration assessment. |
StartBaselineSecurityCheck | Runs a baseline check. |
DescribeRiskCheckSummary | Queries the check results. |
ModifyRiskCheckStatus | Modifies the result status of a check item. |
DescribeRiskCheckResult | Queries the result of a check item. |
DescribeSecurityCheckScheduleConfig | Queries the custom check cycle and time period. |
ModifyRiskSingleResultStatus | Modifies the status of an asset affected by a check item. |
Security alerts
API | Description |
---|---|
DescribeAlarmEventDetail | Queries the details of an alert event. |
DescribeSuspEventDetail | Queries the details of an unusual event. |
DescribeAlarmEventList | Queries the list of security events. |
DescribeSuspEvents | Queries the list of unusual events. |
Vulnerability management
API | Description |
---|---|
DescribeVulList | Queries the list of vulnerabilities. |
DescribeEmgVulGroup | Queries urgent vulnerabilities by group. |
DescribeVulWhitelist | Queries the vulnerability whitelist by page. |
DescribeGroupedVul | Queries vulnerabilities by group. |
ModifyCreateVulWhitelist | Creates a vulnerability whitelist. |
DescribeAutoDelConfig | Queries the configurations of automatic vulnerability removal. |
ModifyOperateVul | Manages a detected vulnerability. For example, you can verify, ignore, or fix a vulnerability. |
Baseline checks
API | Description |
---|---|
DescribeWarningMachines | Queries information about servers where baseline checks are run. |
DescribeStrategyExecDetail | Queries the detailed results of the last baseline check. |
DescribeCheckWarnings | Queries specific risky items and check items on a specific server. |
DescribeCheckWarningDetail | Queries the details of specific check items. |
DescribeCheckWarningSummary | Queries the statistics of baseline check results. |
DescribeStratety | Queries the configurations of baseline check policies. |
Asset management
API | Description |
---|---|
DescribeFieldStatistics | Queries the list of asset instances. |
DescribeGroupedTags | Queries tag statistics. |
DescribeAllGroups | Queries information about all asset groups. |
DeleteGroup | Deletes a server group. |
CreateOrUpdateAssetGroup | Modifies the relationship between an asset and an asset group. |
ModifyTagWithUuid | Modifies the relationship between a tag and a server or a cloud service. |
DescribeInstanceStatistics | Queries risk information about an asset. |
DescribeCloudProductFieldStatistics | Queries statistics of cloud services. |
DescribeDomainCount | Queries the number of domain assets. |
DescribeDomainList | Queries the list of domain assets. |
DescribeDomainDetail | Queries the details of a domain asset. |
DescribeCloudCenterInstances | Queries the asset information on the Assets page, such as the name and region of an asset instance. |
DescribeSummaryInfo | Queries the security information about an asset, such as the security score and the numbers of protected and unprotected assets. |
Asset fingerprints
API | Description |
---|---|
DescribePropertyCount | Queries asset fingerprints. You can specify the following types of asset fingerprints: processes, ports, software, and accounts. |
DescribePropertyPortDetail | Queries the details of a specific port in the port list. |
DescribePropertyProcDetail | Queries the details of a specific process in the process list. |
DescribePropertyPortItem | Queries port information. |
DescribePropertyProcItem | Queries process information. |
DescribePropertySoftwareDetail | Queries the details of a specific software asset in the software list. |
DescribePropertySoftwareItem | Queries the list of software. |
DescribePropertyUserDetail | Queries the details of a specific account. |
DescribePropertyUserItem | Queries account information. |