The following tables list API operations available for use in Security Center.

  • Log analysis
  • Cloud service configuration assessment
  • Security alerts
  • Vulnerability management
  • Baseline checks
  • Asset management
  • Asset fingerprints
  • Notifications
  • For more information about how to call operations related to log analysis and request URLs, see Endpoints.
  • For more information about how to call other types of operations and request URLs, see Make API requests.

Log analysis

API Description
Overview Security Center logs are stored in a dedicated sas-log Logstore. You can search for the Logstore by name in the Log Service console. The name of the Logstore is in the following format: sas-log-your Alibaba Cloud account ID-the region.

For more information about operations related to log analysis, see Overview.

Cloud service configuration assessment

API Description
DescribeRiskItemType Queries the types of check items in cloud service configuration assessment.
StartBaselineSecurityCheck Runs a baseline check.
DescribeRiskCheckSummary Queries the check results.
ModifyRiskCheckStatus Modifies the result status of a check item.
DescribeRiskCheckResult Queries the result of a check item.
DescribeSecurityCheckScheduleConfig Queries the custom check cycle and time period.
ModifyRiskSingleResultStatus Modifies the status of an asset affected by a check item.

Security alerts

API Description
DescribeAlarmEventDetail Queries the details of an alert event.
DescribeSuspEventDetail Queries the details of an unusual event.
DescribeAlarmEventList Queries the list of security events.
DescribeSuspEvents Queries the list of unusual events.

Vulnerability management

API Description
DescribeVulList Queries the list of vulnerabilities.
DescribeVulWhitelist Queries the vulnerability whitelist by page.
DescribeGroupedVul Queries vulnerabilities by group.
ModifyCreateVulWhitelist Creates a vulnerability whitelist.
DescribeAutoDelConfig Queries the configurations of automatic vulnerability removal.
ModifyOperateVul Manages a detected vulnerability. For example, you can verify, ignore, or fix a vulnerability.

Baseline checks

API Description
DescribeWarningMachines Queries information about servers where baseline checks are run.
DescribeStrategyExecDetail Queries the detailed results of the last baseline check.
DescribeCheckWarnings Queries specific risky items and check items on a specific server.
DescribeCheckWarningDetail Queries the details of specific check items.
DescribeCheckWarningSummary Queries the statistics of baseline check results.
DescribeStratety Queries the configurations of baseline check policies.

Asset management

API Description
DescribeFieldStatistics Queries the list of asset instances.
DescribeGroupedTags Queries tag statistics.
DescribeAllGroups Queries information about all asset groups.
DeleteGroup Deletes a server group.
CreateOrUpdateAssetGroup Modifies the relationship between an asset and an asset group.
ModifyTagWithUuid Modifies the relationship between a tag and a server or a cloud service.
DescribeInstanceStatistics Queries risk information about an asset.
DescribeCloudProductFieldStatistics Queries statistics of cloud services.
DescribeDomainCount Queries the number of domain assets.
DescribeDomainList Queries the list of domain assets.
DescribeDomainDetail Queries the details of a domain asset.
DescribeCloudCenterInstances Queries the asset information on the Assets page, such as the name and region of an asset instance.
DescribeSummaryInfo Queries the security information about an asset, such as the security score and the numbers of protected and unprotected assets.

Asset fingerprints

API Description
DescribePropertyCount Queries asset fingerprints. You can specify the following types of asset fingerprints: processes, ports, software, and accounts.
DescribePropertyPortDetail Queries the details of a specific port in the port list.
DescribePropertyProcDetail Queries the details of a specific process in the process list.
DescribePropertyPortItem Queries port information.
DescribePropertyProcItem Queries process information.
DescribePropertySoftwareDetail Queries the details of a specific software asset in the software list.
DescribePropertySoftwareItem Queries the list of software.
DescribePropertyUserDetail Queries the details of a specific account.
DescribePropertyUserItem Queries account information.