All Products
Search

This Product

    Security Center:GetFileProtectRule

    Document Center

    Security Center:GetFileProtectRule

    Last Updated:Feb 20, 2024

    Queries the information about a core file monitoring rule based on the ID of the rule.

    Debugging

    OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

    Authorization information

    There is currently no authorization information disclosed in the API.

    Request parameters

    ParameterTypeRequiredDescriptionExample
    IdlongNo

    The ID of the rule.

    		245

    Response parameters

    ParameterTypeDescriptionExample
    object

    Schema of Response

    RequestIdstring

    The request ID.

    		C0DF9057-67C5-574D-A2D2-0CA9AC74C4D3
    Dataobject

    The response parameters.

    Actionstring

    The handling method of the rule. Valid values:

    1. pass: allow
    2. alert
    		pass
    RuleNamestring

    The name of the rule.

    		test-000
    SwitchIdstring

    The switch ID of the rule.

    		FILE_PROTECT_RULE_SWITCH_TYPE_0000
    Idlong

    The ID of the rule.

    		44616
    AlertLevelinteger

    The severity of alerts. Valid values:

    • 0: does not generate alerts
    • 1: sends notifications
    • 2: suspicious
    • 3: high-risk
    		0
    FileOpsarray

    The operations performed on the files.

    string

    The operation performed on the file. Valid values:

    1. WRITE
    2. READ
    3. DELETE
    4. RENAME
    5. CHMOD: change permissions
    		CHMOD
    FilePathsarray

    The paths to the monitored files.

    string

    The path to the monitored file. Wildcard characters are supported.

    		/usr/*
    ProcPathsarray

    The paths to the monitored processes.

    string

    The path to the monitored process. Wildcard characters are supported.

    		/usr/local/*
    Statusinteger

    The status of the rule. Valid values:

    1. 0: disabled
    2. 1: enabled
    		1

    Examples

    Sample success responses

    JSONformat

    {
  "RequestId": "C0DF9057-67C5-574D-A2D2-0CA9AC74C4D3",
  "Data": {
    "Action": "pass",
    "RuleName": "test-000",
    "SwitchId": "FILE_PROTECT_RULE_SWITCH_TYPE_0000",
    "Id": 44616,
    "AlertLevel": 0,
    "FileOps": [
      "CHMOD"
    ],
    "FilePaths": [
      "/usr/*"
    ],
    "ProcPaths": [
      "/usr/local/*"
    ],
    "Status": 1
  }
}

    Error codes

    HTTP status codeError codeError messageDescription
    403NoPermissioncaller has no permissionYou are not authorized to do this operation.
    500ServerErrorServerError-

    For a list of error codes, visit the Service error codes.