API overview - Security Center - Alibaba Cloud Documentation Center

API standard and pre-built SDKs in multi-language

The OpenAPI specification of this product (cloud-siem/2024-12-12) follows the RPC standard. Alibaba Cloud provides pre-built SDKs for popular programming languages to abstract low-level complexities such as request signing. This enables developers to call APIs using language-specific syntax without dealing with HTTP details directly.

Custom signature

If your specific needs, such as a customized signature, are not supported by the SDK, manually sign requests using the signature mechanism. Note that manual signing requires significant effort (usually about 5 business days). For support, join our DingTalk group (ID: 147535001692).

Before you begin

An Alibaba Cloud account has full administrative privileges. A compromised AccessKey pair exposes all associated resources to unauthorized access, posing a significant security risk. Create a Resource Access Management (RAM) user with API-only access and use RAM policies to apply the principle of least privilege (PoLP). Alibaba Cloud accounts are only used when explicitly required.

To call APIs securely, configure the following:

A RAM user account
An AccessKey pair for the account

Account Management

API	Title	Description
GetUserConfig	GetUserConfig	Retrieves user information.

Version Upgrade

API	Title	Description
CheckUpgradeItem	CheckUpgradeItem	Checks for available version upgrades.
ExecuteUpgrade	ExecuteUpgrade	Performs a version upgrade.
ListUpgradeItems	ListUpgradeItems	Retrieves a list of upgrade items.

Log Management

API	Title	Description
UpdateDataStorage	UpdateDataStorage	Changes the log storage region for Log Management.
UpdateDataStorageTtl	UpdateDataStorageTtl	Modifies the storage duration for logs.
UpdateDataStorageDelivery	UpdateDataStorageDelivery	Updates the status of log delivery.
ResetDataStorage	ResetDataStorage	Resets the log storage for a user.
GetDataStorage	GetDataStorage	Retrieves the details of user logs in Log Management.

Data Source

API	Title	Description
CreateDataSource	CreateDataSource	Creates a data source.
UpdateDataSource	UpdateDataSource	Updates a data source.
RefreshDataSource	RefreshDataSource	Refreshes a data source.
DeleteDataSource	DeleteDataSource	Deletes a data source.
ListDataSources	ListDataSources	Lists data sources.
UpdateDataSourceTemplate	UpdateDataSourceTemplate	Modifies a data source template.
ListDataSourceTemplates	ListDataSourceTemplates	Queries data source templates.
CreateLogStore	CreateLogStore	Configure client-side storage restrictions.
DeleteLogStore	DeleteLogStore	Deletes a Logstore.
ValidateLogStore	ValidateLogStore	Verify log storage.
ListLogRegions	ListLogRegions	Retrieves all regions.
ListLogProjects	ListLogProjects	Lists log projects.
ListLogStores	ListLogStores	Retrieves a list of Logstores.
GetLogTicket	GetLogTicket	Retrieves a log ticket.

Data Access

API	Title	Description
CreateProduct	CreateProduct	Creates a product.
UpdateProduct	UpdateProduct	Updates a product.
DeleteProduct	DeleteProduct	Deletes a product.
ListProducts	ListProducts	Retrieves a list of products.
CreateVendor	CreateVendor	Creates a vendor.
UpdateVendor	UpdateVendor	Updates a vendor.
DeleteVendor	DeleteVendor	Deletes a vendor.
ListVendors	ListVendors	Retrieves a list of vendors.
CreateDataIngestion	CreateDataIngestion	Creates a data ingestion policy.
EnableDataIngestion	EnableDataIngestion	Enables the data ingestion policy.
DisableDataIngestion	DisableDataIngestion	Disables a data ingestion policy.
UpdateDataIngestion	UpdateDataIngestion	Updates a data ingestion policy.
DeleteDataIngestion	DeleteDataIngestion	Deletes a data ingestion policy.
GetDataBatchIngestion	GetDataBatchIngestion	Retrieves the details of a batch data ingestion task.
UpdateDataBatchIngestion	UpdateDataBatchIngestion	Updates a batch data ingestion task.
ListDataIngestions	ListDataIngestions	Lists data ingestion policies.
UpdateDataIngestionTemplate	UpdateDataIngestionTemplate	Updates a data ingestion template.
ListDataIngestionTemplates	ListDataIngestionTemplates	Queries data ingestion templates.
ListTrafficStatistics	ListTrafficStatistics	Retrieves a list of traffic statistics.
ExecuteLogQuery	ExecuteLogQuery	Executes a data query.

Data standardization

API	Title	Description
CreateNormalizationRule	CreateNormalizationRule	Creates a normalization rule.
UpdateNormalizationRule	UpdateNormalizationRule	Updates a normalization rule.
DeleteNormalizationRule	DeleteNormalizationRule	Deletes a normalization rule.
ValidateNormalizationRule	ValidateNormalizationRule	Validates a normalization rule.
GetNormalizationRule	GetNormalizationRule	Retrieves the details of a normalization rule.
GetNormalizationSchema	GetNormalizationSchema	Retrieves a normalization schema.
GetNormalizationRuleVersion	GetNormalizationRuleVersion	Retrieves information about a normalization rule version.
DeleteNormalizationRuleVersion	DeleteNormalizationRuleVersion	Deletes a normalization rule version.
SetDefaultNormalizationRuleVersion	SetDefaultNormalizationRuleVersion	Sets the default version for a normalization rule.
ListNormalizationRuleVersions	ListNormalizationRuleVersions	Queries a list of normalization rule versions.
ListNormalizationRules	ListNormalizationRules	Retrieves a list of normalization rules.
ListNormalizationFields	ListNormalizationFields	Retrieves a list of normalization fields.
ListNormalizationCategories	ListNormalizationCategories	Lists normalization categories.
ListNormalizationRuleCapacities	ListNormalizationRuleCapacities	Lists the security capabilities of normalization rules.
ListNormalizationSchemas	ListNormalizationSchemas	Retrieves a list of normalization schemas.

Data Set

API	Title	Description
CreateDataSet	CreateDataSet	Creates a dataset.
UpdateDataSet	UpdateDataSet	Updates a dataset.
DeleteDataSet	DeleteDataSet	Deletes a dataset.
ListDataSets	ListDataSets	Retrieves a list of datasets.
UpdateDataSetRecord	UpdateDataSetRecord	Updates dataset records.
DeleteDataSetRecord	DeleteDataSetRecord	Deletes dataset records.
ListDataSetRecords	ListDataSetRecords	Retrieves a list of dataset records.

Detection Rules

API	Title	Description
CreateDetectionRule	CreateDetectionRule	Creates a detection rule.
UpdateDetectionRule	UpdateDetectionRule	Updates a detection rule.
DeleteDetectionRule	DeleteDetectionRule	Deletes a detection rule.
ListDetectionRules	ListDetectionRules	Retrieves a list of detection rules.
GetDetectionStatistic	GetDetectionStatistic	Retrieves the number of detection rules.

Event handling

API	Title	Description
GetIncident	GetIncident	Retrieves event details.
ListIncidents	ListIncidents	Lists incidents.

Export Tasks

API	Title	Description
CreateExportTask	CreateExportTask	Creates an export task.
GetExportTask	GetExportTask	Retrieves the progress of an export task.