Handles multiple exceptions at a time.
Debugging
Request parameters
Parameter | Type | Required | Example | Description |
---|---|---|---|---|
Action | String | Yes | OperationSuspEvents |
The operation that you want to perform. Set the value to OperationSuspEvents. If operation-specific request parameters contain only this parameter, Security Center does not handle exceptions. |
SourceIp | String | No | 1.2.XX.XX |
The source IP address of the request. |
SuspiciousEventIds | String | No | 290852 |
The IDs of alerts. Note You can call the DescribeAlarmEventList operation and obtain the IDs of alerts from the SecurityEventIds response parameter.
|
Operation | String | No | deal |
The operation that you want to perform on alerts. Valid values:
|
SubOperation | String | No | killAndQuaraFileByPidAndMd5andPath |
The suboperation that you want to perform when you quarantine the source file of the malicious process. Valid values:
|
From | String | No | sas |
The ID of the request. Set the value to sas, which indicates that the request is sent from Security Center. |
WarnType | String | No | alarm |
The type of the event that you want to handle. Valid values:
|
Response parameters
Parameter | Type | Example | Description |
---|---|---|---|
RequestId | String | 7E0618A9-D5EF-4220-9471-C42B5E92719F |
The ID of the request, which is used to locate and troubleshoot issues. |
AccessCode | String | pass |
Indicates whether you have access permissions. Valid values:
|
Success | Boolean | true |
The result of handling exceptions. Valid values:
|
Examples
Sample requests
http(s)://[Endpoint]/?Action=OperationSuspEvents
&SourceIp=1.2.XX.XX
&SuspiciousEventIds=290852
&Operation=deal
&SubOperation=killAndQuaraFileByPidAndMd5andPath
&From=sas
&WarnType=alarm
&Common request parameters
Sample success responses
XML
format
HTTP/1.1 200 OK
Content-Type:application/xml
<OperationSuspEventsResponse>
<RequestId>7E0618A9-D5EF-4220-9471-C42B5E92719F</RequestId>
<AccessCode>pass</AccessCode>
<Success>true</Success>
</OperationSuspEventsResponse>
JSON
format
HTTP/1.1 200 OK
Content-Type:application/json
{
"RequestId" : "7E0618A9-D5EF-4220-9471-C42B5E92719F",
"AccessCode" : "pass",
"Success" : true
}
Error codes
HTTP status code | Error code | Error message | Description |
---|---|---|---|
400 | ClientOffline | Client offline | The error message returned because the Security Center agent is offline. |
400 | UnknownError | UnknownError | The error message returned because an unknown error occurred. |
400 | IllegalParam | Illegal param | The error message returned because the specified parameters are invalid. |
500 | ServerError | ServerError | The error message returned because a server error occurred. |
For a list of error codes, visit the API Error Center.