DescribeGroupedMaliciousFiles - Security Center - Alibaba Cloud Documentation Center

Queries malicious image samples.

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

Parameter	Type	Required	Description	Example
Lang	string	No	The language of the content within the request and response. Default value: zh. Valid values: zh: Chinese en: English	zh
Levels	string	No	The severity of the malicious image sample that you want to query. You can enter multiple severities. Separate the severities with commas (,). Valid values: serious suspicious remind	serious
FuzzyMaliciousName	string	No	The name of the malicious image sample that you want to query. NoteFuzzy match is supported.	Mining
CurrentPage	integer	Yes	The number of the page to return. Pages start from page 1. Default value: 1.	1
PageSize	string	Yes	The number of entries to return on each page. Default value: 20.	20
RepoRegionId	string	No	The region ID of the image repository. Valid values: cn-beijing: China (Beijing) cn-zhangjiakou: China (Zhangjiakou) cn-hangzhou: China (Hangzhou) cn-shanghai: China (Shanghai) cn-shenzhen: China (Shenzhen) cn-hongkong: China (Hong Kong) ap-southeast-1: Singapore ap-southeast-5: Indonesia (Jakarta) us-east-1: US (Virginia) us-west-1: US (Silicon Valley) eu-central-1: Germany (Frankfurt) eu-west-1: UK (London) ap-south-1: India (Mumbai)	cn-shanghai
RepoInstanceId	string	No	The ID of the container image. NoteYou can call the ListRepository operation to query the IDs of container images from the value of the InstanceId response parameter.	cri-datvailb****
RepoId	string	No	The ID of the image repository. NoteYou can call the ListRepository operation to query the IDs of image repositories from the value of the RepoId response parameter.	crr-vridcl4****
RepoName	string	No	The name of the image repository. NoteFuzzy match is supported.	centos
RepoNamespace	string	No	The namespace to which the image repository belongs. NoteFuzzy match is supported.	hanghai-namespace
ImageTag	string	No	The image tag.	0.2
ImageDigest	string	No	The image digest.	6a5e103187b31a94592a47a5858617f7****
ImageLayer	string	No	The image layer.	27213ad375b53628dd152a5ca****
ClusterId	string	No	The cluster ID of the container on which the malicious image sample is detected.	c556c8133b5ad4378b7fc533ddbda****
ScanRange	array	No	The types of the assets that you want to scan.
	string	No	The type of the asset that you want to scan. Valid values: container image	container

Response parameters

Parameter	Type	Description	Example
	object
RequestId	string	The ID of the request, which is used to locate and troubleshoot issues.	8045E03E-6D91-4C53-9F22-5A1B84BB29D9
PageInfo	object	The pagination information.
CurrentPage	integer	The page number of the returned page.	1
PageSize	integer	The number of entries returned per page. Default value: 20.	20
TotalCount	integer	The total number of entries returned.	2
Count	integer	The number of entries returned on the current page.	2
GroupedMaliciousFileResponse	array	An array that consists of the malicious image samples.
	object	The information about the malicious image sample.
Status	integer	The handling status of the malicious image sample. Valid values: 0: unhandled 1: handled 2: verifying 3: added to the whitelist	0
ImageCount	long	The number of affected images.	3
LatestScanTimestamp	long	The timestamp when the last scan was performed. Unit: milliseconds.	1596533942000
MaliciousName	string	The name of the malicious image sample.	testFile
MaliciousMd5	string	The MD5 hash value of the malicious image sample.	d836968041f7683b5459****
FirstScanTimestamp	long	The timestamp when the first scan was performed. Unit: milliseconds.	1594907349000
Level	string	The severity of the malicious image sample. Valid values: serious suspicious remind	serious

Examples

Sample success responses

JSONformat

{
  "RequestId": "8045E03E-6D91-4C53-9F22-5A1B84BB29D9",
  "PageInfo": {
    "CurrentPage": 1,
    "PageSize": 20,
    "TotalCount": 2,
    "Count": 2
  },
  "GroupedMaliciousFileResponse": [
    {
      "Status": 0,
      "ImageCount": 3,
      "LatestScanTimestamp": 1596533942000,
      "MaliciousName": "testFile",
      "MaliciousMd5": "d836968041f7683b5459****",
      "FirstScanTimestamp": 1594907349000,
      "Level": "serious"
    }
  ]
}

Error codes

HTTP status code	Error code	Error message	Description
403	NoPermission	caller has no permission	You are not authorized to do this operation.
500	ServerError	ServerError	-

For a list of error codes, visit the Service error codes.

Change history

Change time

Summary of changes

Operation

2022-09-16

The input parameters of the API operation change.

Change item	Change content
Input Parameters	The input parameters of the API operation change.
	Added Input Parameters: ScanRange

2022-09-16

The input parameters of the API operation change.

Change item	Change content
Input Parameters	The input parameters of the API operation change.
	Added Input Parameters: ScanRange