All Products
Search

This Product

    Security Center:QueryAttackCount

    Document Center

    Security Center:QueryAttackCount

    Last Updated:Feb 20, 2024

    Queries the number of alert events in each attack phase.

    Debugging

    OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

    Authorization information

    There is currently no authorization information disclosed in the API.

    Request parameters

    ParameterTypeRequiredDescriptionExample
    FromstringNo

    The ID of the request source. Set the value to sas.

    		sas
    LangstringNo

    The language of the content within the request and response. Default value: zh. Valid values:

    • zh: Chinese
    • en: English
    		zh
    SourceIpstringNo

    The source IP address of the request.

    		175.0.XX.XX
    UuidsstringNo

    The UUID of the asset.

    Note You can call the DescribeCloudCenterInstances operation to query the UUIDs of assets.
    		0c1714dc-f7a3-4265-8364-7aa3fce8****,1cc45e7d-7698-4b2c-89d8-e8cba407****

    Response parameters

    ParameterTypeDescriptionExample
    object

    ListResult

    Dataobject []

    An array that consists of the numbers of alert events in different attack phases.

    TacticIdstring

    The stage ID of the ATT&CK attack.

    		TA0043
    TacticTypestring

    The type of stage of the ATT&CK attack.

    		Data collection
    EventCountinteger

    The number of times that the alert is triggered.

    		28
    Countinteger

    The number of entries returned on the current page.

    		0
    Successboolean

    Indicates whether exceptions are handled. Valid values:

    • true: yes
    • false: no
    		true
    Codestring

    The HTTP status code returned.

    		200
    Messagestring

    The error message returned.

    		successful
    RequestIdstring

    The ID of the request, which is used to locate and troubleshoot issues.

    		D4BE7D77-5B02-5126-A684-A73F6CD3XXXX

    Examples

    Sample success responses

    JSONformat

    {
  "Data": [
    {
      "TacticId": "TA0043",
      "TacticType": "Data collection\n",
      "EventCount": 28
    }
  ],
  "Count": 0,
  "Success": true,
  "Code": "200",
  "Message": "successful",
  "RequestId": "D4BE7D77-5B02-5126-A684-A73F6CD3XXXX"
}

    Error codes

    HTTP status codeError codeError messageDescription
    400NoPermissionno permission-
    400UnknownErrorUnknownError-
    403NoPermissioncaller has no permissionYou are not authorized to do this operation.
    500ServerErrorServerError-

    For a list of error codes, visit the Service error codes.

    Change history

    Change timeSummary of changesOperation
    2023-11-16The Error code has changed. The request parameters of the API has changedsee changesets
    Change itemChange content
    Error CodesThe Error code has changed.
      delete Error Codes: 400
    Input ParametersThe request parameters of the API has changed.
      Added Input Parameters: Uuids