Queries the provenance graph of an event by using the event ID.
Debugging
Authorization information
There is currently no authorization information disclosed in the API.
Request parameters
Parameter | Type | Required | Description | Example |
---|---|---|---|---|
IncidentId | string | Yes | The ID of the event. Note
You can call the DescribeCloudSiemEvents operation to query the IDs of events.
| 184892fc5245b3ce8c3316434c94261f |
Response parameters
Examples
Sample success responses
JSON
format
{
"TracingDetail": {
"VertexList": [
{
"Id": "383044",
"Name": "auto-test-attestor",
"Type": "alidetect",
"Time": "2021-11-26",
"Timestamp": 1663048980,
"Uuid": "32e36d8a-2b5d-4f71-98a8-12775685a3b4",
"RuleId": "301425",
"Properties": "[{'PropertyValues': [{'PropertyValueId': 239, 'PropertyValue': '121'}, {'PropertyValueId': 240, 'PropertyValue': '6666'}], 'PropertyKey': '22222222', 'PropertyId': 203}]",
"Property": {
"test": "test",
"test2": 1
},
"UpdateTime": "2022-01-13 12:49:33",
"Aliuid": "1487146717137516",
"NeighborList": [
{
"Type": "2",
"Count": 0,
"HasMore": true
}
],
"DisplayInfo": [
{
"Name": "scan:ACSV-2020-111301",
"Value": "10.16.1"
}
],
"Lang": "zh"
}
],
"EdgeList": [
{
"StartId": "23003",
"StartType": "process",
"EndId": "223a185f05e5fc3c637",
"EndType": "process_test_process",
"Name": "mongod",
"Type": "elf",
"Time": "1652941117",
"Timestamp": 1636092632,
"Aliuid": "1277498600854739",
"Uuid": "678e29f4-d78f-4a7c-a2bc-38434a138538",
"Origin": "distribution",
"Properties": "{\\\"bandWidth\\\":\\\"8192\\\",\\\"internetIp\\\":\\\"8.211.13.50\\\",\\\"changeReason\\\":\\\"EIP_BIND\\\",\\\"bindInstanceId\\\":\\\"i-gw887xhzjvyjfv7vdfs3\\\",\\\"bindType\\\":\\\"EIP_ECS\\\"}",
"Property": {
"test": "test",
"test2": 1
},
"ShowType": "0",
"RuleId": "136",
"UpdateTime": "2022-01-13 12:49:33",
"TypeName": "cis"
}
],
"EntityTypeList": [
{
"Id": "1425",
"Name": "auto-test-policy-name",
"GmtCreate": "2022-10-09T10:53Z",
"GmtModified": "1585816811000",
"Namespace": "78",
"DisplayTemplate": "[]",
"DisplayColor": "#FFF",
"SyncId": 0,
"CurrentVersionId": "1768",
"DisplayIcon": "-",
"DisplayOrder": 2,
"TraceSuccessFlag": 1,
"IsVirtualNode": 1
}
],
"RelationTypeList": [
{
"Id": "1514",
"Name": "wusa",
"Directed": 1,
"GmtCreate": "2022-09-23T10:50Z",
"GmtModified": "2022-07-12T07:58:49Z",
"Namespace": "default",
"DisplayTemplate": "[]",
"DisplayColor": "#FFF",
"SyncId": 0,
"CurrentVersionId": "1487",
"ShowType": "0",
"DisplayIcon": "https://img.alicdn.com/imgextra/i2/O1CN01jpZwD31G56XYPEJv2_!!600000000****-55-tps-25-28.svg"
}
],
"Lang": "zh"
},
"Success": true,
"RequestId": "D2956025-4E5C-529D-92B4-B2591DDED067"
}
Error codes
HTTP status code | Error code | Error message | Description |
---|---|---|---|
400 | TracingDetailError | The Incident tracing detail error, please try again. | - |
403 | NoPermission | caller has no permission | You are not authorized to do this operation. |
500 | ServerError | ServerError | - |
For a list of error codes, visit the Service error codes.
Change history
Change time | Summary of changes | Operation |
---|
No change history