The following tables list API operations available for use in Security Center.
- Log analysis
- Cloud service configuration assessment
- Security alerts
- Vulnerability management
- Baseline checks
- Asset management
- Asset fingerprints
- Notifications
Note
- For more information about how to call operations related to log analysis and request URLs, see Service endpoint.
- For more information about how to call other types of operations and request URLs, see Request method.
Log analysis
| API | Description |
|---|---|
| Overview | Security Center logs are stored in a dedicated sas-log Logstore. You can search for the Logstore by name in the Log Service console. The name of the Logstore is in the following format: sas-log-your Alibaba Cloud account ID-the region. For more information about operations related to log analysis, see Overview. |
Cloud service configuration assessment
| API | Description |
|---|---|
| DescribeRiskItemType | Queries the types of check items in cloud service configuration assessment. |
| StartBaselineSecurityCheck | Runs a baseline check. |
| DescribeRiskCheckSummary | Queries the check results. |
| ModifyRiskCheckStatus | Modifies the result status of a check item. |
| DescribeRiskCheckResult | Queries the result of a check item. |
| DescribeSecurityCheckScheduleConfig | Queries the custom check cycle and time period. |
| ModifyRiskSingleResultStatus | Modifies the status of an asset affected by a check item. |
Security alerts
| API | Description |
|---|---|
| DescribeAlarmEventDetail | Queries the details of an alert event. |
| DescribeSuspEventDetail | Queries the details of an unusual event. |
| DescribeAlarmEventList | Queries the list of security events. |
| DescribeSuspEvents | Queries the list of unusual events. |
Vulnerability management
| API | Description |
|---|---|
| DescribeVulList | Queries the list of vulnerabilities. |
| DescribeEmgVulGroup | Queries urgent vulnerabilities by group. |
| DescribeVulWhitelist | Queries the vulnerability whitelist by page. |
| DescribeGroupedVul | Queries vulnerabilities by group. |
| ModifyCreateVulWhitelist | Creates a vulnerability whitelist. |
| DescribeAutoDelConfig | Queries the configurations of automatic vulnerability removal. |
| ModifyOperateVul | Manages a detected vulnerability. For example, you can verify, ignore, or fix a vulnerability. |
Baseline checks
| API | Description |
|---|---|
| DescribeWarningMachines | Queries information about servers where baseline checks are run. |
| DescribeStrategyExecDetail | Queries the detailed results of the last baseline check. |
| DescribeCheckWarnings | Queries specific risky items and check items on a specific server. |
| DescribeCheckWarningDetail | Queries the details of specific check items. |
| DescribeCheckWarningSummary | Queries the statistics of baseline check results. |
| DescribeStratety | Queries the configurations of baseline check policies. |
Asset management
| API | Description |
|---|---|
| DescribeFieldStatistics | Queries the list of asset instances. |
| DescribeGroupedTags | Queries tag statistics. |
| DescribeAllGroups | Queries information about all asset groups. |
| DeleteGroup | Deletes a server group. |
| CreateOrUpdateAssetGroup | Modifies the relationship between an asset and an asset group. |
| ModifyTagWithUuid | Modifies the relationship between a tag and a server or a cloud service. |
| DescribeInstanceStatistics | Queries risk information about an asset. |
| DescribeCloudProductFieldStatistics | Queries statistics of cloud services. |
| DescribeDomainCount | Queries the number of domain assets. |
| DescribeDomainList | Queries the list of domain assets. |
| DescribeDomainDetail | Queries the details of a domain asset. |
| DescribeCloudCenterInstances | Queries the asset information on the Assets page, such as the name and region of an asset instance. |
| DescribeSummaryInfo | Queries the security information about an asset, such as the security score and the numbers of protected and unprotected assets. |
Asset fingerprints
| API | Description |
|---|---|
| DescribePropertyCount | Queries asset fingerprints. You can specify the following types of asset fingerprints: processes, ports, software, and accounts. |
| DescribePropertyPortDetail | Queries the details of a specific port in the port list. |
| DescribePropertyProcDetail | Queries the details of a specific process in the process list. |
| DescribePropertyPortItem | Queries port information. |
| DescribePropertyProcItem | Queries process information. |
| DescribePropertySoftwareDetail | Queries the details of a specific software asset in the software list. |
| DescribePropertySoftwareItem | Queries the list of software. |
| DescribePropertyUserDetail | Queries the details of a specific account. |
| DescribePropertyUserItem | Queries account information. |