You can call this operation to manage alerts triggered by the same rule or rules of the same type.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes HandleSimilarSecurityEvents

The operation that you want to perform.

Set the value to HandleSimilarSecurityEvents.

SourceIp String No 1.2.3.4

The source IP address of the request.

TaskId Long No 113

The ID of the task that manages multiple alerts of the same type at a time.

OperationCode String No ignore

The action that manages multiple alerts of the same type at a time.

  • deal: manages alerts (quarantine)
  • kill_and_quara: removes viruses
  • kill_virus: removes viruses and then detect viruses again.
  • block_ip: blocks the source IP addresses
  • ignore: ignores the alerts
  • mark_mis_info: marks alerts as false positives (adds sources IP addresses to the whitelist)
  • rm_mark_mis_info: cancels false positives (removes source IP addresses from the whitelist)
  • offline_handled: marks as handled
OperationParams String No {"expireTime":1578475919533}

The parameter value of the action that manages multiple alerts of the same type at a time.

Values of OperationCode include:
kill_and_quara
and
block_ip
Other values indicate that the OperationParams parameter is optional.

Response parameters

Parameter Type Example Description
RequestId String 1B080663-F4E6-4736-89B9-48FC43E160A7

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/? Action=HandleSimilarSecurityEvents
&<Common request parameters>

Sample success responses

XML format

<HandleSimilarSecurityEventsResponse>
    <requestId>1B080663-F4E6-4736-89B9-48FC43E160A7</requestId>
</HandleSimilarSecurityEventsResponse>

JSON format

{
  "requestId": "1B080663-F4E6-4736-89B9-48FC43E160A7"
}

Error codes

For a list of error codes, visit the API Error Center.