Queries the list of malicious image samples.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeGroupedMaliciousFiles

The operation that you want to perform.

Set the value to DescribeGroupedMaliciousFiles.

CurrentPage Integer Yes 1

The number of the page to return. Pages start from 1. Default value: 1.

PageSize String Yes 20

The number of entries to return on each page. Default value: 20.

Lang String  No zh

The language of the request and response. Valid values:

  • zh: Chinese
  • en: English
Levels String  No serious

The severity of the malicious image sample. You can enter multiple values. Separate values with commas. Valid values:

  • serious: high severity.
  • suspicious: medium severity.
  • remind: low severity.
FuzzyMaliciousName String No Detected webshells

Specify the name of the malicious image sample.

Note Fuzzy match is supported.
RepoRegionId String  No cn-shanghai

Specify the region ID of the image repository. Valid values:

  • cn-beijing: China (Beijing)
  • cn-zhangjiakou: China (Zhangjiakou-Beijing Winter Olympics)
  • cn-hangzhou: China (Hangzhou)
  • cn-shanghai: China (Shanghai)
  • cn-shenzhen: China (Shenzhen)
  • cn-hongkong: China (Hong Kong)
  • ap-southeast-1: Singapore (Singapore)
  • ap-southeast-5: Indonesia (Jakarta)
  • us-east-1: US (Virginia)
  • us-west-1: US (Silicon Valley)
  • eu-central-1: Germany (Frankfurt)
  • eu-west-1: UK (London)
  • ap-south-1: India (Mumbai)
RepoInstanceId String  No cri-datvailb****

Specify the ID of the container image.

Note You can call the ListRepository operation to obtain the image ID based on the returned value of the InstanceId parameter.
RepoId String  No crr-vridcl4****

The ID of the image repository.

Note You can call the ListRepository operation to obtain the repository ID based on the returned value of the RepoId parameter.
RepoName String No centos

Specify the name of the image repository.

Note Fuzzy match is supported.
RepoNamespace String  No hanghai-namespace

Specify the name of the repository namespace.

Note Fuzzy match is supported.
ImageTag String  No 0.2

The tag of the image.
ImageDigest String No 6a5e103187b31a94592a47a5858617f7****

The summary of the image.
ImageLayer String No 27213ad375b53628dd152a5ca****

The layer of the image.

Response parameters

Parameter Type Example Description
GroupedMaliciousFileResponse Array

The list of malicious samples.
FirstScanTimestamp Long 1596533942000

The timestamp of the first scan.
ImageCount Long 3

The number of affected images.
LatestScanTimestamp Long 1594630261000

The timestamp of the last scan.
Level String serious

The severity of the malicious image sample. Valid values:

  • serious: high severity.
  • suspicious: medium severity.
  • remind: low severity.
MaliciousMd5 String d836968041f7683b5459****

The MD5 hash value of the sample.
MaliciousName String Self-mutating Trojans

The name of the malicious sample.
Status Integer 1

The process state of the malicious image sample. Valid values:

  • 0: unhandled
  • 1: handled
  • 2: being verified
  • 3: added to the whitelist
PageInfo Struct

Statistics of the returned pages.
Count Integer 2

The number of malicious samples returned on the current page.
CurrentPage Integer 1

The page number of the returned page. Pages start from 1. Default value: 1.

PageSize Integer 20

The number of entries returned per page. Default value: 20.

TotalCount Integer 2

The total number of malicious samples returned.
RequestId String 9326FB58-B1A9-41B4-A547-D33BA27B6894

The ID of the request.

Examples

Sample request

http(s)://[Endpoint]/? Action=DescribeGroupedMaliciousFiles
&CurrentPage=1
&PageSize=20
&<Common request parameters>

Sample success responses

XML format 

<DescribeGroupedMaliciousFilesResponse>
      <GroupedMaliciousFileResponse>
            <Status>0</Status>
            <LatestScanTimestamp>1596533942000</LatestScanTimestamp>
            <ImageCount>3</ImageCount>
            <MaliciousName>Self-mutating Trojan</MaliciousName>
            <Level>serious</Level>
            <FirstScanTimestamp>1594907349000</FirstScanTimestamp>
            <MaliciousMd5>d836968041f7683b545900****</MaliciousMd5>
      </GroupedMaliciousFileResponse>
      <GroupedMaliciousFileResponse>
            <Status>1</Status>
            <LatestScanTimestamp>1594785387000</LatestScanTimestamp>
            <ImageCount>0</ImageCount>
            <MaliciousName>Detected webshells</MaliciousName>
            <Level>serious</Level>
            <FirstScanTimestamp>1594630261000</FirstScanTimestamp>
            <MaliciousMd5>d8b4074715b232d7d41***</MaliciousMd5>
      </GroupedMaliciousFileResponse>
      <PageInfo>
            <TotalCount>2</TotalCount>
            <PageSize>20</PageSize>
            <CurrentPage>1</CurrentPage>
            <Count>2</Count>
      </PageInfo>
      <RequestId>8045E03E-6D91-4C53-9F22-5A1B84BB29D9</RequestId>
</DescribeGroupedMaliciousFilesResponse>

JSON format 

{


	"GroupedMaliciousFileResponse": [{
		"Status": 0,
		"LatestScanTimestamp": 1596533942000,
		"ImageCount": 3,
		"MaliciousName": "Self-mutating Trojans",
		"Level": "serious",
		"FirstScanTimestamp": 1594907349000,
		"MaliciousMd5": "d836968041f7683b545900****"
	}, {
		"Status": 1,
		"LatestScanTimestamp": 1594785387000,
		"ImageCount": 0,
		"MaliciousName": "Detected webshells",
		"Level": "serious",
		"FirstScanTimestamp": 1594630261000,
		"MaliciousMd5": "d8b4074715b232d7d41***"
	}],
	"PageInfo": {
		"TotalCount": 2,
		"PageSize": 20,
		"CurrentPage": 1,
		"Count": 2
	},
	"RequestId": "8045E03E-6D91-4C53-9F22-5A1B84BB29D9"

}

Error codes

For a list of error codes, visit the API Error Center.