You can call this operation to manage alerts.


OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
SourceIp String No

The source IP address of the request.

SecurityEventIds.N RepeatList No ["909361"]

The ID of the alert.

OperationCode String No ignore

The action that is used to manage alerts. Valid values:

  • deal: Manages alerts (quarantine).
  • kill_and_quara: Removes viruses.
  • kill_virus: Removes viruses and then detects viruses again.
  • block_ip: Blocks source IP addresses.
  • ignore: Ignores alerts.
  • mark_mis_info: Marks as false positives (adds IP addresses to the whitelist).
  • rm_mark_mis_info: Cancels false positives (removes IP addresses from the whitelist).
  • offline_handled: Marks as handled.
OperationParams String No {"expireTime":1578475919533}

The parameter values of the operation that manages alerts of the same type at the same time.

Values of OperationCode include:
Other values indicate that parameter OperationParams is optional.

Response parameters

Parameter Type Example Description
RequestId String D929B6F9-EE5E-4F26-A22F-65D4088B6F24

The ID of the request.

HandleSecurityEventsResponse Struct

The response of the processing result.

TaskId Long 3187

The ID of the task that manages the alerts.


Sample requests

http(s)://[Endpoint]/? Action=HandleSecurityEvents
&<Common request parameters>

Sample success response

XML format


JSON format

    "HandleSecurityEventsResponse": {
            "TaskId": 3817
    "requestId": "D929B6F9-EE5E-4F26-A22F-65D4088B6F24"

Error codes

For a list of error codes, visit the API Error Center.