All Products
Search
Document Center

Elastic Desktop Service:DescribeSecurityEventOperations

Last Updated:Jan 18, 2023

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

Parameter Type Required Description Example
RegionId string Yes

The ID of the region.

cn-hangzhou
SecurityEventId long Yes

The ID of the alert.

12345

Response parameters

Parameter Type Description Example
object
RequestId string

The ID of the request.

1CBAFFAB-B697-4049-A9B1-67E1FC5F****
SecurityEventOperations array

The operations performed on the alert.

object
OperationParams string

The parameters of the operation.

qqqqq
OperationCode string

The code of the operation performed on the alert. Valid values:

  • mark_mis_info: adds the alert to the whitelist without configuring rules. This operation is triggered by adding multiple alerts to the whitelist at a time.
  • advance_mark_mis_inf: adds the alert to the whitelist by configuring advanced rules.
  • defense_mark_mis_info: adds the alert to the whitelist by configuring precise defense rules.
  • rm_mark_mis_info: removes the alert from the whitelist.
  • rm_defense_mark_mis_info: removes the alert from the whitelist configured with precise defense rules.
  • manual_handled: manually handles the alert.
  • ignore: ignores the alert.
  • quara: quarantines the source file of the malicious process.
  • block_ip: blocks access from the source IP address.
  • kill_and_quara: terminates the malicious process and quarantines the source file.
ignore
UserCanOperate boolean

Indicates whether the alert can be handled. Valid values:

  • true: The alert can be handled.
  • false: The alert cannot be handled.
true

Example

Normal return example

JSONFormat

{
  "RequestId": "1CBAFFAB-B697-4049-A9B1-67E1FC5F****",
  "SecurityEventOperations": [
    {
      "OperationParams": "qqqqq",
      "OperationCode": "ignore",
      "UserCanOperate": true
    }
  ]
}

Error codes

For a list of error codes, visit the API error center.