Queries DDoS attack events.
Usage notes
You can call the DescribeDDosAllEventList operation to query DDoS attack events within a specific time range by page. The information about a DDoS attack event includes the start time and end time of the attack, attack event type, attacked object, peak bandwidth of attack traffic, and peak packet forwarding rate.
Limits
You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
Debugging
Request parameters
Parameter | Type | Required | Example | Description |
---|---|---|---|---|
Action | String | Yes | DescribeDDosAllEventList |
The operation that you want to perform. Set the value to DescribeDDosAllEventList. |
EventType | String | No | defense |
The type of the DDoS attack events you want to query. Valid values:
If you want to query multiple types of DDoS attack events, separate them with commas (,). If you do not configure this parameter, DDoS attack events of all types are queried. |
StartTime | Long | Yes | 1609430400 |
The beginning of the time range to query. The DDoS attack events occur after StartTime are queried. This value is a UNIX timestamp. Unit: seconds. |
EndTime | Long | Yes | 1640966399 |
The end of the time range to query. The DDoS attack events occur before EndTime are queried. This value is a UNIX timestamp. Unit: seconds. |
PageNumber | Integer | Yes | 1 |
The number of the page to return. |
PageSize | Integer | Yes | 10 |
The number of entries to return on each page. |
All Alibaba Cloud API operations must include common request parameters. For more information about common request parameters, see Common parameters.
For more information about sample requests, see the "Examples" section of this topic.
Response parameters
Parameter | Type | Example | Description |
---|---|---|---|
Total | Long | 1 |
The total number of DDoS attack events. |
RequestId | String | 25D83ED5-28CB-5683-9CF7-AECE521F3005 |
The ID of the request. |
AttackEvents | Array of AttackEvent |
The DDoS attack events. |
|
EndTime | Long | 1634546030 |
The time when the DDoS attack stopped. This value is a UNIX timestamp. Unit: seconds. |
StartTime | Long | 1634543764 |
The time when the DDoS attack started. This value is a UNIX timestamp. Unit: seconds. |
EventType | String | cc |
The type of the DDoS attack event. Valid values:
|
Mbps | Long | 101899 |
The peak bandwidth of the attack traffic. Unit: Mbit/s. |
Ip | String | 203.107.XX.XX |
The attacked object. The attacked object varies based on the attack event type. The following list describes different attacked objects of different attack event types:
|
Area | String | cn |
The source location or region from which the attack was initiated. Valid values:
|
Port | String | 80 |
The attacked port. Note If EventType is set to web-cc, this parameter is not returned.
|
Pps | Long | 9664270 |
The peak packet forwarding rate of attack traffic. Unit: pps. |
Examples
Sample requests
http(s)://[Endpoint]/?Action=DescribeDDosAllEventList
&StartTime=1609430400
&EndTime=1640966399
&PageNumber=1
&PageSize=10
&<Common request parameters>
Sample success responses
XML
format
HTTP/1.1 200 OK
Content-Type:application/xml
<DescribeDDosAllEventListResponse>
<Total>1</Total>
<RequestId>25D83ED5-28CB-5683-9CF7-AECE521F3005</RequestId>
<AttackEvents>
<EndTime>1634546030</EndTime>
<StartTime>1634543764</StartTime>
<EventType>cc</EventType>
<Mbps>101899</Mbps>
<Ip>203.107.XX.XX</Ip>
<Area>cn</Area>
<Port>80</Port>
<Pps>9664270</Pps>
</AttackEvents>
</DescribeDDosAllEventListResponse>
JSON
format
HTTP/1.1 200 OK
Content-Type:application/json
{
"Total" : 1,
"RequestId" : "25D83ED5-28CB-5683-9CF7-AECE521F3005",
"AttackEvents" : [ {
"EndTime" : 1634546030,
"StartTime" : 1634543764,
"EventType" : "cc",
"Mbps" : 101899,
"Ip" : "203.107.XX.XX",
"Area" : "cn",
"Port" : "80",
"Pps" : 9664270
} ]
}
Error codes
For a list of error codes, visit the Error Center.